Compare commits
1 commit
89f8ca298c
...
80b9849efd
Author | SHA1 | Date | |
---|---|---|---|
80b9849efd |
63 changed files with 192 additions and 458 deletions
|
@ -1,21 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: matter-server-gatus-ep
|
|
||||||
labels:
|
|
||||||
gatus.io/enabled: "true"
|
|
||||||
data:
|
|
||||||
config.yaml: |
|
|
||||||
endpoints:
|
|
||||||
- name: matter-server
|
|
||||||
group: infrastructure
|
|
||||||
url: ws://matter-server.default.svc.cluster.local:5580
|
|
||||||
interval: 1m
|
|
||||||
ui:
|
|
||||||
hide-url: true
|
|
||||||
hide-hostname: true
|
|
||||||
conditions:
|
|
||||||
- "[CONNECTED] == true"
|
|
||||||
alerts:
|
|
||||||
- type: pushover
|
|
|
@ -1,80 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
||||||
kind: HelmRelease
|
|
||||||
metadata:
|
|
||||||
name: &app matter-server
|
|
||||||
spec:
|
|
||||||
interval: 30m
|
|
||||||
chart:
|
|
||||||
spec:
|
|
||||||
chart: app-template
|
|
||||||
version: 3.5.1
|
|
||||||
sourceRef:
|
|
||||||
kind: HelmRepository
|
|
||||||
name: bjw-s
|
|
||||||
namespace: flux-system
|
|
||||||
install:
|
|
||||||
remediation:
|
|
||||||
retries: 3
|
|
||||||
upgrade:
|
|
||||||
cleanupOnFail: true
|
|
||||||
remediation:
|
|
||||||
retries: 3
|
|
||||||
strategy: rollback
|
|
||||||
values:
|
|
||||||
controllers:
|
|
||||||
matter-server:
|
|
||||||
annotations:
|
|
||||||
reloader.stakater.com/auto: "true"
|
|
||||||
containers:
|
|
||||||
app:
|
|
||||||
image:
|
|
||||||
repository: ghcr.io/home-assistant-libs/python-matter-server
|
|
||||||
tag: 6.6.1
|
|
||||||
pullPolicy: IfNotPresent
|
|
||||||
env:
|
|
||||||
TZ: "America/Chicago"
|
|
||||||
MATTER_SERVER__INSTANCE_NAME: *app
|
|
||||||
MATTER_SERVER__PORT: &port 5580
|
|
||||||
MATTER_SERVER__APPLICATION_URL: &host matter.jahanson.tech
|
|
||||||
MATTER_SERVER__LOG_LEVEL: debug
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
memory: "100Mi"
|
|
||||||
limits:
|
|
||||||
memory: "300Mi"
|
|
||||||
defaultPodOptions:
|
|
||||||
securityContext:
|
|
||||||
runAsNonRoot: true
|
|
||||||
runAsUser: 568
|
|
||||||
runAsGroup: 568
|
|
||||||
fsGroup: 568
|
|
||||||
fsGroupChangePolicy: OnRootMismatch
|
|
||||||
seccompProfile: { type: RuntimeDefault }
|
|
||||||
service:
|
|
||||||
app:
|
|
||||||
controller: matter-server
|
|
||||||
type: LoadBalancer
|
|
||||||
annotations:
|
|
||||||
external-dns.alpha.kubernetes.io/hostname: *host
|
|
||||||
io.cilium/lb-ipam-ips: 10.1.1.40
|
|
||||||
ports:
|
|
||||||
http:
|
|
||||||
port: *port
|
|
||||||
ingress:
|
|
||||||
app:
|
|
||||||
className: internal-nginx
|
|
||||||
hosts:
|
|
||||||
- host: *host
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
service:
|
|
||||||
identifier: app
|
|
||||||
port: *port
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- *host
|
|
||||||
persistence:
|
|
||||||
data:
|
|
||||||
existingClaim: *app
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
|
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
||||||
kind: Kustomization
|
|
||||||
resources:
|
|
||||||
- ./gatus.yaml
|
|
||||||
- ./helmrelease.yaml
|
|
||||||
- ../../../../templates/volsync
|
|
|
@ -1,24 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
|
||||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
|
||||||
kind: Kustomization
|
|
||||||
metadata:
|
|
||||||
name: &app matter-server
|
|
||||||
namespace: flux-system
|
|
||||||
spec:
|
|
||||||
targetNamespace: default
|
|
||||||
commonMetadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: *app
|
|
||||||
path: ./kubernetes/apps/default/matter-server/app
|
|
||||||
prune: true
|
|
||||||
sourceRef:
|
|
||||||
kind: GitRepository
|
|
||||||
name: theshire
|
|
||||||
wait: false # no flux ks dependents
|
|
||||||
interval: 30m
|
|
||||||
timeout: 5m
|
|
||||||
postBuild:
|
|
||||||
substitute:
|
|
||||||
APP: *app
|
|
||||||
VOLSYNC_CAPACITY: 1Gi
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
; https://editorconfig.org/
|
||||||
|
|
||||||
root = true
|
root = true
|
||||||
|
|
||||||
[*]
|
[*]
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
{
|
{
|
||||||
"description": ["Loose versioning for non-semver packages"],
|
"description": ["Loose versioning for non-semver packages"],
|
||||||
"matchDatasources": ["docker"],
|
"matchDatasources": ["docker"],
|
||||||
"matchPackagePatterns": ["plex"],
|
"matchPackagePatterns": ["cross-seed", "plex"],
|
||||||
"versioning": "loose"
|
"versioning": "loose"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
|
@ -18,20 +18,6 @@ tasks:
|
||||||
| xargs -P 4 -L 1 bash -c \
|
| xargs -P 4 -L 1 bash -c \
|
||||||
'kubectl -n $0 annotate kustomization/$1 reconcile.fluxcd.io/requestedAt="$(date +%s)" --field-manager=flux-client-side-apply --overwrite'
|
'kubectl -n $0 annotate kustomization/$1 reconcile.fluxcd.io/requestedAt="$(date +%s)" --field-manager=flux-client-side-apply --overwrite'
|
||||||
|
|
||||||
ks-suspend:
|
|
||||||
desc: Suspend all Flux Kustomizations
|
|
||||||
cmds:
|
|
||||||
- |
|
|
||||||
flux get kustomizations --all-namespaces --no-header | awk '{print $1, $2}' \
|
|
||||||
| xargs -L 1 bash -c 'flux -n $0 suspend kustomization $1'
|
|
||||||
|
|
||||||
ks-resume:
|
|
||||||
desc: Resume all Flux Kustomizations
|
|
||||||
cmds:
|
|
||||||
- |
|
|
||||||
flux get kustomizations --all-namespaces --no-header | awk '{print $1, $2}' \
|
|
||||||
| xargs -L 1 bash -c 'flux -n $0 resume kustomization $1'
|
|
||||||
|
|
||||||
hr-sync:
|
hr-sync:
|
||||||
desc: Sync all Flux HelmReleases
|
desc: Sync all Flux HelmReleases
|
||||||
cmds:
|
cmds:
|
||||||
|
|
1
.vscode/settings.json
vendored
1
.vscode/settings.json
vendored
|
@ -15,6 +15,7 @@
|
||||||
"hack": "scripts",
|
"hack": "scripts",
|
||||||
"repositories": "database",
|
"repositories": "database",
|
||||||
"vars": "other",
|
"vars": "other",
|
||||||
|
// namespaces
|
||||||
"cert-manager": "guard",
|
"cert-manager": "guard",
|
||||||
"external-secrets": "keys",
|
"external-secrets": "keys",
|
||||||
"kube-system": "kubernetes",
|
"kube-system": "kubernetes",
|
||||||
|
|
|
@ -14,6 +14,8 @@ spec:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: bjw-s
|
name: bjw-s
|
||||||
namespace: flux-system
|
namespace: flux-system
|
||||||
|
dependsOn:
|
||||||
|
- name: ollama
|
||||||
install:
|
install:
|
||||||
remediation:
|
remediation:
|
||||||
retries: 3
|
retries: 3
|
||||||
|
@ -31,7 +33,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/open-webui/open-webui
|
repository: ghcr.io/open-webui/open-webui
|
||||||
tag: v0.4.8
|
tag: v0.4.5
|
||||||
env:
|
env:
|
||||||
- name: OLLAMA_BASE_URL
|
- name: OLLAMA_BASE_URL
|
||||||
value: http://10.1.1.61:11434
|
value: http://10.1.1.61:11434
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/radarr-develop
|
repository: ghcr.io/onedr0p/radarr-develop
|
||||||
tag: 5.16.1.9508
|
tag: 5.15.1.9463
|
||||||
env:
|
env:
|
||||||
RADARR__APP__INSTANCENAME: Radarr-Anime
|
RADARR__APP__INSTANCENAME: Radarr-Anime
|
||||||
RADARR__APP__THEME: dark
|
RADARR__APP__THEME: dark
|
||||||
|
@ -66,6 +66,11 @@ spec:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
readOnlyRootFilesystem: true
|
readOnlyRootFilesystem: true
|
||||||
capabilities: { drop: ["ALL"] }
|
capabilities: { drop: ["ALL"] }
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 10m
|
||||||
|
limits:
|
||||||
|
memory: 6Gi
|
||||||
pod:
|
pod:
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 568
|
runAsUser: 568
|
||||||
|
@ -102,7 +107,7 @@ spec:
|
||||||
type: emptyDir
|
type: emptyDir
|
||||||
media:
|
media:
|
||||||
type: nfs
|
type: nfs
|
||||||
server: 10.1.1.61
|
server: 10.1.1.13
|
||||||
path: /eru/media
|
path: /eru/media
|
||||||
globalMounts:
|
globalMounts:
|
||||||
- path: /data/nas-media
|
- path: /data/nas-media
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/sonarr-develop
|
repository: ghcr.io/onedr0p/sonarr-develop
|
||||||
tag: 4.0.11.2743
|
tag: 4.0.11.2697
|
||||||
env:
|
env:
|
||||||
SONARR__APP__INSTANCENAME: Sonarr-Anime
|
SONARR__APP__INSTANCENAME: Sonarr-Anime
|
||||||
SONARR__APP__THEME: dark
|
SONARR__APP__THEME: dark
|
||||||
|
@ -66,6 +66,11 @@ spec:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
readOnlyRootFilesystem: true
|
readOnlyRootFilesystem: true
|
||||||
capabilities: { drop: ["ALL"] }
|
capabilities: { drop: ["ALL"] }
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 10m
|
||||||
|
limits:
|
||||||
|
memory: 6Gi
|
||||||
pod:
|
pod:
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 568
|
runAsUser: 568
|
||||||
|
@ -102,7 +107,7 @@ spec:
|
||||||
type: emptyDir
|
type: emptyDir
|
||||||
media:
|
media:
|
||||||
type: nfs
|
type: nfs
|
||||||
server: 10.1.1.61
|
server: 10.1.1.13
|
||||||
path: /eru/media
|
path: /eru/media
|
||||||
globalMounts:
|
globalMounts:
|
||||||
- path: /data/nas-media
|
- path: /data/nas-media
|
||||||
|
@ -112,14 +117,3 @@ spec:
|
||||||
path: /moria/media/
|
path: /moria/media/
|
||||||
globalMounts:
|
globalMounts:
|
||||||
- path: /data/moria-media
|
- path: /data/moria-media
|
||||||
scripts:
|
|
||||||
type: configMap
|
|
||||||
name: sonarr-configmap
|
|
||||||
defaultMode: 0775
|
|
||||||
globalMounts:
|
|
||||||
- path: /scripts/pushover-notify.sh
|
|
||||||
subPath: pushover-notify.sh
|
|
||||||
readOnly: true
|
|
||||||
- path: /scripts/refresh-series.sh
|
|
||||||
subPath: refresh-series.sh
|
|
||||||
readOnly: true
|
|
||||||
|
|
|
@ -6,12 +6,3 @@ resources:
|
||||||
- ./externalsecret.yaml
|
- ./externalsecret.yaml
|
||||||
- ./helmrelease.yaml
|
- ./helmrelease.yaml
|
||||||
- ../../../../templates/volsync
|
- ../../../../templates/volsync
|
||||||
configMapGenerator:
|
|
||||||
- name: sonarr-configmap
|
|
||||||
files:
|
|
||||||
- pushover-notify.sh=./resources/pushover-notify.sh
|
|
||||||
- refresh-series.sh=./resources/refresh-series.sh
|
|
||||||
generatorOptions:
|
|
||||||
disableNameSuffixHash: true
|
|
||||||
annotations:
|
|
||||||
kustomize.toolkit.fluxcd.io/substitute: disabled
|
|
||||||
|
|
|
@ -1,85 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
# shellcheck disable=SC2154
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
# User defined variables for pushover
|
|
||||||
PUSHOVER_USER_KEY="${PUSHOVER_USER_KEY:-required}"
|
|
||||||
PUSHOVER_TOKEN="${PUSHOVER_TOKEN:-required}"
|
|
||||||
PUSHOVER_PRIORITY="${PUSHOVER_PRIORITY:-"-2"}"
|
|
||||||
|
|
||||||
if [[ "${sonarr_eventtype:-}" == "Test" ]]; then
|
|
||||||
PUSHOVER_PRIORITY="1"
|
|
||||||
printf -v PUSHOVER_TITLE \
|
|
||||||
"Test Notification"
|
|
||||||
printf -v PUSHOVER_MESSAGE \
|
|
||||||
"Howdy this is a test notification from %s" \
|
|
||||||
"${sonarr_instancename:-Sonarr}"
|
|
||||||
printf -v PUSHOVER_URL \
|
|
||||||
"%s" \
|
|
||||||
"${sonarr_applicationurl:-localhost}"
|
|
||||||
printf -v PUSHOVER_URL_TITLE \
|
|
||||||
"Open %s" \
|
|
||||||
"${sonarr_instancename:-Sonarr}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ "${sonarr_eventtype:-}" == "Download" ]]; then
|
|
||||||
printf -v PUSHOVER_TITLE \
|
|
||||||
"Episode %s" \
|
|
||||||
"$( [[ "${sonarr_isupgrade}" == "True" ]] && echo "Upgraded" || echo "Downloaded" )"
|
|
||||||
printf -v PUSHOVER_MESSAGE \
|
|
||||||
"<b>%s (S%02dE%02d)</b><small>\n%s</small><small>\n\n<b>Quality:</b> %s</small><small>\n<b>Client:</b> %s</small>" \
|
|
||||||
"${sonarr_series_title}" \
|
|
||||||
"${sonarr_episodefile_seasonnumber}" \
|
|
||||||
"${sonarr_episodefile_episodenumbers}" \
|
|
||||||
"${sonarr_episodefile_episodetitles}" \
|
|
||||||
"${sonarr_episodefile_quality:-Unknown}" \
|
|
||||||
"${sonarr_download_client:-Unknown}"
|
|
||||||
printf -v PUSHOVER_URL \
|
|
||||||
"%s/series/%s" \
|
|
||||||
"${sonarr_applicationurl:-localhost}" \
|
|
||||||
"${sonarr_series_titleslug}"
|
|
||||||
printf -v PUSHOVER_URL_TITLE \
|
|
||||||
"View series in %s" \
|
|
||||||
"${sonarr_instancename:-Sonarr}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ "${sonarr_eventtype:-}" == "ManualInteractionRequired" ]]; then
|
|
||||||
PUSHOVER_PRIORITY="1"
|
|
||||||
printf -v PUSHOVER_TITLE \
|
|
||||||
"Episode import requires intervention"
|
|
||||||
printf -v PUSHOVER_MESSAGE \
|
|
||||||
"<b>%s</b><small>\n<b>Client:</b> %s</small>" \
|
|
||||||
"${sonarr_series_title}" \
|
|
||||||
"${sonarr_download_client:-Unknown}"
|
|
||||||
printf -v PUSHOVER_URL \
|
|
||||||
"%s/activity/queue" \
|
|
||||||
"${sonarr_applicationurl:-localhost}"
|
|
||||||
printf -v PUSHOVER_URL_TITLE \
|
|
||||||
"View queue in %s" \
|
|
||||||
"${sonarr_instancename:-Sonarr}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
json_data=$(jo \
|
|
||||||
token="${PUSHOVER_TOKEN}" \
|
|
||||||
user="${PUSHOVER_USER_KEY}" \
|
|
||||||
title="${PUSHOVER_TITLE}" \
|
|
||||||
message="${PUSHOVER_MESSAGE}" \
|
|
||||||
url="${PUSHOVER_URL}" \
|
|
||||||
url_title="${PUSHOVER_URL_TITLE}" \
|
|
||||||
priority="${PUSHOVER_PRIORITY}" \
|
|
||||||
html="1"
|
|
||||||
)
|
|
||||||
|
|
||||||
status_code=$(curl \
|
|
||||||
--silent \
|
|
||||||
--write-out "%{http_code}" \
|
|
||||||
--output /dev/null \
|
|
||||||
--request POST \
|
|
||||||
--header "Content-Type: application/json" \
|
|
||||||
--data-binary "${json_data}" \
|
|
||||||
"https://api.pushover.net/1/messages.json" \
|
|
||||||
)
|
|
||||||
|
|
||||||
printf "pushover notification returned with HTTP status code %s and payload: %s\n" \
|
|
||||||
"${status_code}" \
|
|
||||||
"$(echo "${json_data}" | jq --compact-output)" >&2
|
|
|
@ -1,21 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
# shellcheck disable=SC2154
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
CURL_CMD=(curl -fsSL --header "X-Api-Key: ${SONARR__AUTH__APIKEY:-}")
|
|
||||||
SONARR_API_URL="http://localhost:${SONARR__SERVER__PORT:-}/api/v3"
|
|
||||||
|
|
||||||
if [[ "${sonarr_eventtype:-}" == "Grab" ]]; then
|
|
||||||
tba=$("${CURL_CMD[@]}" "${SONARR_API_URL}/episode?seriesId=${sonarr_series_id:-}" | jq --raw-output '
|
|
||||||
[.[] | select((.title == "TBA") or (.title == "TBD"))] | length
|
|
||||||
')
|
|
||||||
|
|
||||||
if (( tba > 0 )); then
|
|
||||||
echo "INFO: Refreshing series ${sonarr_series_id:-} due to TBA/TBD episodes found"
|
|
||||||
"${CURL_CMD[@]}" \
|
|
||||||
--request POST \
|
|
||||||
--header "Content-Type: application/json" \
|
|
||||||
--data-binary '{"name": "RefreshSeries", "seriesId": '"${sonarr_series_id:-}"'}' \
|
|
||||||
"${SONARR_API_URL}/command" &>/dev/null
|
|
||||||
fi
|
|
||||||
fi
|
|
|
@ -30,7 +30,7 @@ spec:
|
||||||
runner-register:
|
runner-register:
|
||||||
image:
|
image:
|
||||||
repository: code.forgejo.org/forgejo/runner
|
repository: code.forgejo.org/forgejo/runner
|
||||||
tag: 5.0.3
|
tag: 5.0.2
|
||||||
command:
|
command:
|
||||||
- "forgejo-runner"
|
- "forgejo-runner"
|
||||||
- "register"
|
- "register"
|
||||||
|
@ -63,7 +63,7 @@ spec:
|
||||||
daemon:
|
daemon:
|
||||||
image:
|
image:
|
||||||
repository: docker
|
repository: docker
|
||||||
tag: 27.4.0-dind
|
tag: 27.3.1-dind
|
||||||
securityContext:
|
securityContext:
|
||||||
privileged: true
|
privileged: true
|
||||||
env:
|
env:
|
||||||
|
@ -72,7 +72,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: code.forgejo.org/forgejo/runner
|
repository: code.forgejo.org/forgejo/runner
|
||||||
tag: 5.0.3
|
tag: 5.0.2
|
||||||
command:
|
command:
|
||||||
- "sh"
|
- "sh"
|
||||||
- "-c"
|
- "-c"
|
||||||
|
|
|
@ -9,7 +9,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: coder
|
chart: coder
|
||||||
version: 2.18.0
|
version: 2.16.1
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: coder
|
name: coder
|
||||||
|
@ -29,6 +29,8 @@ spec:
|
||||||
env:
|
env:
|
||||||
- name: CODER_ACCESS_URL
|
- name: CODER_ACCESS_URL
|
||||||
value: https://coder.hsn.dev
|
value: https://coder.hsn.dev
|
||||||
|
- name: CODER_WILDCARD_ACCESS_URL
|
||||||
|
value: "*.coder.hsn.dev"
|
||||||
- name: CODER_PROMETHEUS_ENABLE
|
- name: CODER_PROMETHEUS_ENABLE
|
||||||
value: "true"
|
value: "true"
|
||||||
envFrom:
|
envFrom:
|
||||||
|
@ -42,3 +44,4 @@ spec:
|
||||||
external-dns.alpha.kubernetes.io/target: external.hsn.dev
|
external-dns.alpha.kubernetes.io/target: external.hsn.dev
|
||||||
|
|
||||||
host: "coder.hsn.dev"
|
host: "coder.hsn.dev"
|
||||||
|
wildcardHost: "*.coder.hsn.dev"
|
||||||
|
|
|
@ -5,7 +5,7 @@ kind: EMQX
|
||||||
metadata:
|
metadata:
|
||||||
name: emqx
|
name: emqx
|
||||||
spec:
|
spec:
|
||||||
image: public.ecr.aws/emqx/emqx:5.8.3
|
image: public.ecr.aws/emqx/emqx:5.8.2
|
||||||
config:
|
config:
|
||||||
mode: Merge
|
mode: Merge
|
||||||
coreTemplate:
|
coreTemplate:
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: docker.io/influxdb
|
repository: docker.io/influxdb
|
||||||
tag: 2.7.11-alpine
|
tag: 2.7.10-alpine
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
INFLUXDB_ADMIN_USER_PASSWORD: "admin"
|
INFLUXDB_ADMIN_USER_PASSWORD: "admin"
|
||||||
|
|
|
@ -10,4 +10,4 @@ resources:
|
||||||
- ./dragonfly/ks.yaml
|
- ./dragonfly/ks.yaml
|
||||||
- ./emqx/ks.yaml
|
- ./emqx/ks.yaml
|
||||||
- ./influxdb/ks.yaml
|
- ./influxdb/ks.yaml
|
||||||
# - ./mariadb/ks.yaml
|
- ./mariadb/ks.yaml
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/autobrr/autobrr
|
repository: ghcr.io/autobrr/autobrr
|
||||||
tag: v1.53.0@sha256:0c3f93c653cfc8a20e722bd26a5d597a496c9ba714300ba7974a5aeb19bd6e31
|
tag: v1.51.1@sha256:747c682d8d59e72a202ee4239bafbd7cfa10b0fc3a6220b61446de73dbd0c956
|
||||||
env:
|
env:
|
||||||
AUTOBRR__CHECK_FOR_UPDATES: "false"
|
AUTOBRR__CHECK_FOR_UPDATES: "false"
|
||||||
AUTOBRR__HOST: 0.0.0.0
|
AUTOBRR__HOST: 0.0.0.0
|
||||||
|
|
|
@ -9,6 +9,7 @@ resources:
|
||||||
- ./atuin/ks.yaml
|
- ./atuin/ks.yaml
|
||||||
- ./autobrr/ks.yaml
|
- ./autobrr/ks.yaml
|
||||||
- ./excalidraw/ks.yaml
|
- ./excalidraw/ks.yaml
|
||||||
|
- ./home-assistant/ks.yaml
|
||||||
- ./it-tools/ks.yaml
|
- ./it-tools/ks.yaml
|
||||||
- ./linkwarden/ks.yaml
|
- ./linkwarden/ks.yaml
|
||||||
- ./maintainerr/ks.yaml
|
- ./maintainerr/ks.yaml
|
||||||
|
@ -17,7 +18,7 @@ resources:
|
||||||
- ./overseerr/ks.yaml
|
- ./overseerr/ks.yaml
|
||||||
- ./plex/ks.yaml
|
- ./plex/ks.yaml
|
||||||
- ./prowlarr/ks.yaml
|
- ./prowlarr/ks.yaml
|
||||||
# - ./pterodactyl/ks.yaml
|
- ./pterodactyl/ks.yaml
|
||||||
- ./radarr/ks.yaml
|
- ./radarr/ks.yaml
|
||||||
- ./recyclarr/ks.yaml
|
- ./recyclarr/ks.yaml
|
||||||
- ./redlib/ks.yaml
|
- ./redlib/ks.yaml
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linkwarden/linkwarden
|
repository: ghcr.io/linkwarden/linkwarden
|
||||||
tag: v2.8.4@sha256:8a8e6323508f97ddaa863281b9ff52949fc153eea1ec07cb84539436371caf28
|
tag: v2.8.3@sha256:7f80a03d688c3e5d9ec6b34f5b65cd861ff8c9eb08d12932dc8fc7482991f238
|
||||||
env:
|
env:
|
||||||
TIMEZONE: "America/Chicago"
|
TIMEZONE: "America/Chicago"
|
||||||
NEXTAUTH_URL: "https://{{ .Release.Name }}.jahanson.tech/api/v1/auth"
|
NEXTAUTH_URL: "https://{{ .Release.Name }}.jahanson.tech/api/v1/auth"
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/prowlarr-develop
|
repository: ghcr.io/onedr0p/prowlarr-develop
|
||||||
tag: 1.28.0.4862@sha256:ff83bcd009f4556e5ee9a40e596dfaa3dd8313fe40246c1244416ffd8fc03ab5
|
tag: 1.27.0.4852@sha256:6e1041a558cceee6356efe74cc9a9138909f4a8bac5eb714a420a37e4b478c77
|
||||||
env:
|
env:
|
||||||
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
||||||
# Ref: https://github.com/dotnet/runtime/issues/9336
|
# Ref: https://github.com/dotnet/runtime/issues/9336
|
||||||
|
|
|
@ -4,7 +4,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- ../../../../templates/volsync
|
- ../../../../templates/volsync
|
||||||
# - ../../../../templates/gatus/external
|
- ../../../../templates/gatus/external
|
||||||
- ./externalsecret.yaml
|
- ./externalsecret.yaml
|
||||||
# - ./helmrelease.yaml
|
# - ./helmrelease.yaml
|
||||||
- ./mariadb.yaml
|
- ./mariadb.yaml
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/radarr-develop
|
repository: ghcr.io/onedr0p/radarr-develop
|
||||||
tag: 5.16.1.9508
|
tag: 5.15.1.9463
|
||||||
env:
|
env:
|
||||||
RADARR__APP__INSTANCENAME: Radarr
|
RADARR__APP__INSTANCENAME: Radarr
|
||||||
RADARR__APP__THEME: dark
|
RADARR__APP__THEME: dark
|
||||||
|
@ -64,6 +64,11 @@ spec:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
readOnlyRootFilesystem: true
|
readOnlyRootFilesystem: true
|
||||||
capabilities: { drop: ["ALL"] }
|
capabilities: { drop: ["ALL"] }
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 10m
|
||||||
|
limits:
|
||||||
|
memory: 16Gi
|
||||||
pod:
|
pod:
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 568
|
runAsUser: 568
|
||||||
|
@ -100,7 +105,7 @@ spec:
|
||||||
type: emptyDir
|
type: emptyDir
|
||||||
media:
|
media:
|
||||||
type: nfs
|
type: nfs
|
||||||
server: 10.1.1.61
|
server: 10.1.1.13
|
||||||
path: /eru/media
|
path: /eru/media
|
||||||
globalMounts:
|
globalMounts:
|
||||||
- path: /data/nas-media
|
- path: /data/nas-media
|
||||||
|
|
|
@ -38,7 +38,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: quay.io/redlib/redlib
|
repository: quay.io/redlib/redlib
|
||||||
tag: latest@sha256:d04e722091fe17424425499882a548507a70654f37aaf8cbc71081ef29b7b341
|
tag: latest@sha256:1f120c85fc33bdac67c97d5d1a6c84a920be40742fbf311c970ab2749a435778
|
||||||
env:
|
env:
|
||||||
REDLIB_DEFAULT_SHOW_NSFW: on
|
REDLIB_DEFAULT_SHOW_NSFW: on
|
||||||
REDLIB_DEFAULT_WIDE: on
|
REDLIB_DEFAULT_WIDE: on
|
||||||
|
|
|
@ -36,7 +36,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/sabnzbd
|
repository: ghcr.io/onedr0p/sabnzbd
|
||||||
tag: 4.4.0@sha256:d2dbde184900504bf3636d2df74e466e223d6b2474b4d21a58c72eadfffa7e99
|
tag: 4.3.3@sha256:86c645db93affcbf01cc2bce2560082bfde791009e1506dba68269b9c50bc341
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
SABNZBD__PORT: &port 80
|
SABNZBD__PORT: &port 80
|
||||||
|
@ -76,6 +76,8 @@ spec:
|
||||||
readOnlyRootFilesystem: true
|
readOnlyRootFilesystem: true
|
||||||
capabilities: { drop: ["ALL"] }
|
capabilities: { drop: ["ALL"] }
|
||||||
defaultPodOptions:
|
defaultPodOptions:
|
||||||
|
nodeSelector: # ~~testing~~
|
||||||
|
kubernetes.io/hostname: gandalf-01
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
runAsUser: 568
|
runAsUser: 568
|
||||||
|
@ -118,7 +120,7 @@ spec:
|
||||||
- readOnly: true
|
- readOnly: true
|
||||||
media:
|
media:
|
||||||
type: nfs
|
type: nfs
|
||||||
server: 10.1.1.61
|
server: 10.1.1.13
|
||||||
path: /eru/media
|
path: /eru/media
|
||||||
globalMounts:
|
globalMounts:
|
||||||
- path: /data/nas-media
|
- path: /data/nas-media
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/sonarr-develop
|
repository: ghcr.io/onedr0p/sonarr-develop
|
||||||
tag: 4.0.11.2743
|
tag: 4.0.11.2697
|
||||||
env:
|
env:
|
||||||
SONARR__APP__INSTANCENAME: Sonarr
|
SONARR__APP__INSTANCENAME: Sonarr
|
||||||
SONARR__APP__THEME: dark
|
SONARR__APP__THEME: dark
|
||||||
|
@ -64,6 +64,11 @@ spec:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
readOnlyRootFilesystem: true
|
readOnlyRootFilesystem: true
|
||||||
capabilities: { drop: ["ALL"] }
|
capabilities: { drop: ["ALL"] }
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 10m
|
||||||
|
limits:
|
||||||
|
memory: 16Gi
|
||||||
pod:
|
pod:
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 568
|
runAsUser: 568
|
||||||
|
@ -100,7 +105,7 @@ spec:
|
||||||
type: emptyDir
|
type: emptyDir
|
||||||
media:
|
media:
|
||||||
type: nfs
|
type: nfs
|
||||||
server: 10.1.1.61
|
server: 10.1.1.13
|
||||||
path: /eru/media
|
path: /eru/media
|
||||||
globalMounts:
|
globalMounts:
|
||||||
- path: /data/nas-media
|
- path: /data/nas-media
|
||||||
|
@ -110,14 +115,3 @@ spec:
|
||||||
path: /moria/media/
|
path: /moria/media/
|
||||||
globalMounts:
|
globalMounts:
|
||||||
- path: /data/moria-media
|
- path: /data/moria-media
|
||||||
scripts:
|
|
||||||
type: configMap
|
|
||||||
name: sonarr-configmap
|
|
||||||
defaultMode: 0775
|
|
||||||
globalMounts:
|
|
||||||
- path: /scripts/pushover-notify.sh
|
|
||||||
subPath: pushover-notify.sh
|
|
||||||
readOnly: true
|
|
||||||
- path: /scripts/refresh-series.sh
|
|
||||||
subPath: refresh-series.sh
|
|
||||||
readOnly: true
|
|
||||||
|
|
|
@ -6,12 +6,3 @@ resources:
|
||||||
- ./externalsecret.yaml
|
- ./externalsecret.yaml
|
||||||
- ./helmrelease.yaml
|
- ./helmrelease.yaml
|
||||||
- ../../../../templates/volsync
|
- ../../../../templates/volsync
|
||||||
configMapGenerator:
|
|
||||||
- name: sonarr-configmap
|
|
||||||
files:
|
|
||||||
- pushover-notify.sh=./resources/pushover-notify.sh
|
|
||||||
- refresh-series.sh=./resources/refresh-series.sh
|
|
||||||
generatorOptions:
|
|
||||||
disableNameSuffixHash: true
|
|
||||||
annotations:
|
|
||||||
kustomize.toolkit.fluxcd.io/substitute: disabled
|
|
||||||
|
|
|
@ -1,85 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
# shellcheck disable=SC2154
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
# User defined variables for pushover
|
|
||||||
PUSHOVER_USER_KEY="${PUSHOVER_USER_KEY:-required}"
|
|
||||||
PUSHOVER_TOKEN="${PUSHOVER_TOKEN:-required}"
|
|
||||||
PUSHOVER_PRIORITY="${PUSHOVER_PRIORITY:-"-2"}"
|
|
||||||
|
|
||||||
if [[ "${sonarr_eventtype:-}" == "Test" ]]; then
|
|
||||||
PUSHOVER_PRIORITY="1"
|
|
||||||
printf -v PUSHOVER_TITLE \
|
|
||||||
"Test Notification"
|
|
||||||
printf -v PUSHOVER_MESSAGE \
|
|
||||||
"Howdy this is a test notification from %s" \
|
|
||||||
"${sonarr_instancename:-Sonarr}"
|
|
||||||
printf -v PUSHOVER_URL \
|
|
||||||
"%s" \
|
|
||||||
"${sonarr_applicationurl:-localhost}"
|
|
||||||
printf -v PUSHOVER_URL_TITLE \
|
|
||||||
"Open %s" \
|
|
||||||
"${sonarr_instancename:-Sonarr}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ "${sonarr_eventtype:-}" == "Download" ]]; then
|
|
||||||
printf -v PUSHOVER_TITLE \
|
|
||||||
"Episode %s" \
|
|
||||||
"$( [[ "${sonarr_isupgrade}" == "True" ]] && echo "Upgraded" || echo "Downloaded" )"
|
|
||||||
printf -v PUSHOVER_MESSAGE \
|
|
||||||
"<b>%s (S%02dE%02d)</b><small>\n%s</small><small>\n\n<b>Quality:</b> %s</small><small>\n<b>Client:</b> %s</small>" \
|
|
||||||
"${sonarr_series_title}" \
|
|
||||||
"${sonarr_episodefile_seasonnumber}" \
|
|
||||||
"${sonarr_episodefile_episodenumbers}" \
|
|
||||||
"${sonarr_episodefile_episodetitles}" \
|
|
||||||
"${sonarr_episodefile_quality:-Unknown}" \
|
|
||||||
"${sonarr_download_client:-Unknown}"
|
|
||||||
printf -v PUSHOVER_URL \
|
|
||||||
"%s/series/%s" \
|
|
||||||
"${sonarr_applicationurl:-localhost}" \
|
|
||||||
"${sonarr_series_titleslug}"
|
|
||||||
printf -v PUSHOVER_URL_TITLE \
|
|
||||||
"View series in %s" \
|
|
||||||
"${sonarr_instancename:-Sonarr}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ "${sonarr_eventtype:-}" == "ManualInteractionRequired" ]]; then
|
|
||||||
PUSHOVER_PRIORITY="1"
|
|
||||||
printf -v PUSHOVER_TITLE \
|
|
||||||
"Episode import requires intervention"
|
|
||||||
printf -v PUSHOVER_MESSAGE \
|
|
||||||
"<b>%s</b><small>\n<b>Client:</b> %s</small>" \
|
|
||||||
"${sonarr_series_title}" \
|
|
||||||
"${sonarr_download_client:-Unknown}"
|
|
||||||
printf -v PUSHOVER_URL \
|
|
||||||
"%s/activity/queue" \
|
|
||||||
"${sonarr_applicationurl:-localhost}"
|
|
||||||
printf -v PUSHOVER_URL_TITLE \
|
|
||||||
"View queue in %s" \
|
|
||||||
"${sonarr_instancename:-Sonarr}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
json_data=$(jo \
|
|
||||||
token="${PUSHOVER_TOKEN}" \
|
|
||||||
user="${PUSHOVER_USER_KEY}" \
|
|
||||||
title="${PUSHOVER_TITLE}" \
|
|
||||||
message="${PUSHOVER_MESSAGE}" \
|
|
||||||
url="${PUSHOVER_URL}" \
|
|
||||||
url_title="${PUSHOVER_URL_TITLE}" \
|
|
||||||
priority="${PUSHOVER_PRIORITY}" \
|
|
||||||
html="1"
|
|
||||||
)
|
|
||||||
|
|
||||||
status_code=$(curl \
|
|
||||||
--silent \
|
|
||||||
--write-out "%{http_code}" \
|
|
||||||
--output /dev/null \
|
|
||||||
--request POST \
|
|
||||||
--header "Content-Type: application/json" \
|
|
||||||
--data-binary "${json_data}" \
|
|
||||||
"https://api.pushover.net/1/messages.json" \
|
|
||||||
)
|
|
||||||
|
|
||||||
printf "pushover notification returned with HTTP status code %s and payload: %s\n" \
|
|
||||||
"${status_code}" \
|
|
||||||
"$(echo "${json_data}" | jq --compact-output)" >&2
|
|
|
@ -1,21 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
# shellcheck disable=SC2154
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
CURL_CMD=(curl -fsSL --header "X-Api-Key: ${SONARR__AUTH__APIKEY:-}")
|
|
||||||
SONARR_API_URL="http://localhost:${SONARR__SERVER__PORT:-}/api/v3"
|
|
||||||
|
|
||||||
if [[ "${sonarr_eventtype:-}" == "Grab" ]]; then
|
|
||||||
tba=$("${CURL_CMD[@]}" "${SONARR_API_URL}/episode?seriesId=${sonarr_series_id:-}" | jq --raw-output '
|
|
||||||
[.[] | select((.title == "TBA") or (.title == "TBD"))] | length
|
|
||||||
')
|
|
||||||
|
|
||||||
if (( tba > 0 )); then
|
|
||||||
echo "INFO: Refreshing series ${sonarr_series_id:-} due to TBA/TBD episodes found"
|
|
||||||
"${CURL_CMD[@]}" \
|
|
||||||
--request POST \
|
|
||||||
--header "Content-Type: application/json" \
|
|
||||||
--data-binary '{"name": "RefreshSeries", "seriesId": '"${sonarr_series_id:-}"'}' \
|
|
||||||
"${SONARR_API_URL}/command" &>/dev/null
|
|
||||||
fi
|
|
||||||
fi
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/stirling-tools/s-pdf
|
repository: ghcr.io/stirling-tools/s-pdf
|
||||||
tag: 0.36.0@sha256:56a2a83fda76eb6a4fa21a03484d9cea9b2af25cce2c3bfdca45fcd1dafd6533
|
tag: 0.34.0@sha256:42ceaa84712f9271ca4af1c4d892899996424cbc5378f7dd168828091657c0f0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
|
|
|
@ -76,7 +76,7 @@ spec:
|
||||||
persistence:
|
persistence:
|
||||||
media:
|
media:
|
||||||
type: nfs
|
type: nfs
|
||||||
server: 10.1.1.61
|
server: 10.1.1.13
|
||||||
path: /eru/media
|
path: /eru/media
|
||||||
advancedMounts:
|
advancedMounts:
|
||||||
unpackerr:
|
unpackerr:
|
||||||
|
|
|
@ -36,7 +36,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/zwave-js/zwave-js-ui
|
repository: ghcr.io/zwave-js/zwave-js-ui
|
||||||
tag: 9.27.8@sha256:2299383f92f62bda3887d28375cb392d502326628cd2c8212b79cbe18788f019
|
tag: 9.27.7@sha256:b7327c74e9cb228af9fc2817330319d4e57e041767dc40e550fd6577a436ad7d
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
PORT: &port 80
|
PORT: &port 80
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: cilium
|
chart: cilium
|
||||||
version: 1.16.4
|
version: 1.16.3
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: cilium
|
name: cilium
|
||||||
|
|
|
@ -9,7 +9,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: coredns
|
chart: coredns
|
||||||
version: 1.37.0
|
version: 1.36.1
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: coredns
|
name: coredns
|
||||||
|
|
|
@ -7,7 +7,7 @@ spec:
|
||||||
# nodeName: nenya
|
# nodeName: nenya
|
||||||
containers:
|
containers:
|
||||||
- name: fstrim
|
- name: fstrim
|
||||||
image: ghcr.io/onedr0p/kubanetics:2024.12.0
|
image: ghcr.io/onedr0p/kubanetics:2024.11.1
|
||||||
securityContext:
|
securityContext:
|
||||||
privileged: true
|
privileged: true
|
||||||
command: ["/bin/bash", "-c", "while true; do sleep 10; done"]
|
command: ["/bin/bash", "-c", "while true; do sleep 10; done"]
|
||||||
|
|
|
@ -33,7 +33,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/kubanetics
|
repository: ghcr.io/onedr0p/kubanetics
|
||||||
tag: 2024.12.0@sha256:3766252a7011d870a4c24bb107c9aa505dde35f4baf8101466c623b052bdbb4f
|
tag: 2024.11.1@sha256:875b7c22fbb046958ae0116b4a7e9ea81062cf60f54d5b27e53ebf29078bdcc4
|
||||||
env:
|
env:
|
||||||
SCRIPT_NAME: fstrim.sh
|
SCRIPT_NAME: fstrim.sh
|
||||||
probes:
|
probes:
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
---
|
---
|
||||||
providerRegex: ^bilbo|^frodo|^sam|^merry|^pippin|^rosie$
|
providerRegex: ^bilbo|^frodo|^sam|^merry|^pippin|^rosie|^gandalf-01$
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: reloader
|
chart: reloader
|
||||||
version: 1.2.0
|
version: 1.1.0
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: stakater
|
name: stakater
|
||||||
|
|
|
@ -35,7 +35,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/kubanetics
|
repository: ghcr.io/onedr0p/kubanetics
|
||||||
tag: 2024.12.0
|
tag: 2024.11.1
|
||||||
env:
|
env:
|
||||||
SCRIPT_NAME: alertmanager-silencer.sh
|
SCRIPT_NAME: alertmanager-silencer.sh
|
||||||
ALERTMANAGER_URL: http://alertmanager.observability.svc.cluster.local:9093
|
ALERTMANAGER_URL: http://alertmanager.observability.svc.cluster.local:9093
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
init-config:
|
init-config:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/kiwigrid/k8s-sidecar
|
repository: ghcr.io/kiwigrid/k8s-sidecar
|
||||||
tag: 1.28.1@sha256:707875abfd38af450ff420c6f271e883fc28e9ce4d3742741af993b25ae93f85
|
tag: 1.28.0@sha256:4166a019eeafd1f0fef4d867dc5f224f18d84ec8681dbb31f3ca258ecf07bcf2
|
||||||
env:
|
env:
|
||||||
FOLDER: /config
|
FOLDER: /config
|
||||||
LABEL: gatus.io/enabled
|
LABEL: gatus.io/enabled
|
||||||
|
|
|
@ -239,7 +239,7 @@ spec:
|
||||||
prometheus:
|
prometheus:
|
||||||
# renovate: depName="Prometheus"
|
# renovate: depName="Prometheus"
|
||||||
gnetId: 19105
|
gnetId: 19105
|
||||||
revision: 6
|
revision: 5
|
||||||
datasource: Prometheus
|
datasource: Prometheus
|
||||||
victoria-agent:
|
victoria-agent:
|
||||||
# renovate: depName="VictoriaMetrics - vmagent"
|
# renovate: depName="VictoriaMetrics - vmagent"
|
||||||
|
|
|
@ -18,6 +18,17 @@ spec:
|
||||||
controllers:
|
controllers:
|
||||||
smartctl-exporter:
|
smartctl-exporter:
|
||||||
type: daemonset
|
type: daemonset
|
||||||
|
pod:
|
||||||
|
affinity:
|
||||||
|
nodeAffinity:
|
||||||
|
requiredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
nodeSelectorTerms:
|
||||||
|
- matchExpressions:
|
||||||
|
- key: kubernetes.io/hostname
|
||||||
|
operator: NotIn
|
||||||
|
values:
|
||||||
|
- gandalf-01
|
||||||
|
- shadowfax-01
|
||||||
containers:
|
containers:
|
||||||
app:
|
app:
|
||||||
image: &image
|
image: &image
|
||||||
|
@ -40,12 +51,43 @@ spec:
|
||||||
port: &port 9633
|
port: &port 9633
|
||||||
path: /
|
path: /
|
||||||
readiness: *probes
|
readiness: *probes
|
||||||
|
smartctl-exporter-vms:
|
||||||
|
type: daemonset
|
||||||
|
pod:
|
||||||
|
affinity:
|
||||||
|
nodeAffinity:
|
||||||
|
requiredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
nodeSelectorTerms:
|
||||||
|
- matchExpressions:
|
||||||
|
- key: kubernetes.io/hostname
|
||||||
|
operator: In
|
||||||
|
values:
|
||||||
|
- gandalf-01
|
||||||
|
- shadowfax-01
|
||||||
|
containers:
|
||||||
|
app:
|
||||||
|
image: *image
|
||||||
|
args:
|
||||||
|
- --smartctl.path=/usr/sbin/smartctl
|
||||||
|
- --smartctl.interval=120s
|
||||||
|
- --web.listen-address=0.0.0.0:9633
|
||||||
|
- --web.telemetry-path=/metrics
|
||||||
|
- --smartctl.device=/dev/nvme0
|
||||||
|
securityContext: *securityContext
|
||||||
|
probes:
|
||||||
|
liveness: *probes
|
||||||
|
readiness: *probes
|
||||||
service:
|
service:
|
||||||
smartctl-exporter:
|
smartctl-exporter:
|
||||||
controller: smartctl-exporter
|
controller: smartctl-exporter
|
||||||
ports:
|
ports:
|
||||||
exporter:
|
exporter:
|
||||||
port: *port
|
port: *port
|
||||||
|
smartctl-exporter-vms:
|
||||||
|
controller: smartctl-exporter-vms
|
||||||
|
ports:
|
||||||
|
exporter:
|
||||||
|
port: *port
|
||||||
persistence:
|
persistence:
|
||||||
dev:
|
dev:
|
||||||
type: hostPath
|
type: hostPath
|
||||||
|
@ -63,3 +105,15 @@ spec:
|
||||||
path: /metrics
|
path: /metrics
|
||||||
interval: 1m
|
interval: 1m
|
||||||
scrapeTimeout: 10s
|
scrapeTimeout: 10s
|
||||||
|
smartctl-exporter-vms:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/instance: smartctl-exporter
|
||||||
|
app.kubernetes.io/name: smartctl-exporter
|
||||||
|
app.kubernetes.io/service: smartctl-exporter-smartctl-exporter-vms
|
||||||
|
endpoints:
|
||||||
|
- port: exporter
|
||||||
|
scheme: http
|
||||||
|
path: /metrics
|
||||||
|
interval: 1m
|
||||||
|
scrapeTimeout: 10s
|
||||||
|
|
|
@ -9,7 +9,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: vector
|
chart: vector
|
||||||
version: 0.38.0
|
version: 0.37.0
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: vector
|
name: vector
|
||||||
|
|
|
@ -9,7 +9,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: vector
|
chart: vector
|
||||||
version: 0.38.0
|
version: 0.37.0
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: vector
|
name: vector
|
||||||
|
|
|
@ -5,4 +5,5 @@ kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- vmagent.yaml
|
- vmagent.yaml
|
||||||
- vmalert.yaml
|
- vmalert.yaml
|
||||||
|
- vmscrapeconfig.yaml
|
||||||
- vmsingle.yaml
|
- vmsingle.yaml
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
---
|
||||||
|
# yaml-language-server: $schema=https://ks.hsn.dev/operator.victoriametrics.com/vmscrapeconfig_v1beta1.json
|
||||||
|
apiVersion: operator.victoriametrics.com/v1beta1
|
||||||
|
kind: VMScrapeConfig
|
||||||
|
metadata:
|
||||||
|
name: &name zfs-exporter
|
||||||
|
spec:
|
||||||
|
staticConfigs:
|
||||||
|
- targets:
|
||||||
|
- "shadowfax.jahanson.tech:9134"
|
||||||
|
- "gandalf.jahanson.tech:9134"
|
||||||
|
path: /metrics
|
||||||
|
relabelConfigs:
|
||||||
|
- action: replace
|
||||||
|
targetLabel: job
|
||||||
|
replacement: *name
|
|
@ -35,7 +35,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/cross-seed/cross-seed
|
repository: ghcr.io/cross-seed/cross-seed
|
||||||
tag: 6.1.1@sha256:5cb54b46a614f362c0332a91e5754d6998d45ae27ccc2c77b04b1a3493816331
|
tag: 6.1.0@sha256:91fbb2a6a411b7d63cccabffb5f623e6931579d2fd652512b6a3df0a9ba97066
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
args: ["daemon"]
|
args: ["daemon"]
|
||||||
|
@ -86,7 +86,7 @@ spec:
|
||||||
readOnly: true
|
readOnly: true
|
||||||
media:
|
media:
|
||||||
type: nfs
|
type: nfs
|
||||||
server: 10.1.1.61
|
server: 10.1.1.13
|
||||||
path: /eru/media
|
path: /eru/media
|
||||||
globalMounts:
|
globalMounts:
|
||||||
- path: /data/nas-media
|
- path: /data/nas-media
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: jesec/flood
|
repository: jesec/flood
|
||||||
tag: master@sha256:db3f3fb70d7ffb034183a78d0bfbfae270ae507202c2bad9e73af070440a61e4
|
tag: master@sha256:04196de98223a193e4913c00e0ab1b48a27a370ef159989e52c29864afc2b2e4
|
||||||
envFrom:
|
envFrom:
|
||||||
- secretRef:
|
- secretRef:
|
||||||
name: flood-secret
|
name: flood-secret
|
||||||
|
|
|
@ -34,7 +34,7 @@ spec:
|
||||||
nameOverride: qbittorrent
|
nameOverride: qbittorrent
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/qbittorrent-beta
|
repository: ghcr.io/onedr0p/qbittorrent-beta
|
||||||
tag: 5.0.2@sha256:2dab641cd7399c896db120f8f4b8c0e9fce2744810a391e89591c6ab546c922a
|
tag: 5.0.2@sha256:adfd625f9cc7226eabad8aa117a551d42d5818c914850ef7fa3be60111383107
|
||||||
env:
|
env:
|
||||||
UMASK: "022"
|
UMASK: "022"
|
||||||
QBT_WEBUI_PORT: &port 80
|
QBT_WEBUI_PORT: &port 80
|
||||||
|
@ -67,6 +67,8 @@ spec:
|
||||||
drop:
|
drop:
|
||||||
- ALL
|
- ALL
|
||||||
defaultPodOptions:
|
defaultPodOptions:
|
||||||
|
nodeSelector: # ~~testing~~
|
||||||
|
kubernetes.io/hostname: gandalf-01
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
runAsUser: 568
|
runAsUser: 568
|
||||||
|
@ -120,7 +122,7 @@ spec:
|
||||||
- path: /tmp
|
- path: /tmp
|
||||||
media:
|
media:
|
||||||
type: nfs
|
type: nfs
|
||||||
server: 10.1.1.61
|
server: gandalf.jahanson.tech
|
||||||
path: /eru/media
|
path: /eru/media
|
||||||
advancedMounts:
|
advancedMounts:
|
||||||
qbittorrent:
|
qbittorrent:
|
||||||
|
|
|
@ -39,7 +39,7 @@ spec:
|
||||||
tagging: &container
|
tagging: &container
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/buroa/qbtools
|
repository: ghcr.io/buroa/qbtools
|
||||||
tag: v0.19.11@sha256:a133bd7f02ecb9ea0111a4016724f33404136c41295217f163991910e1d2784c
|
tag: v0.19.9@sha256:f5405e3c00256d7911d2abb839084a5147c108586adb281e97587cf93729c89b
|
||||||
env:
|
env:
|
||||||
TZ: *timeZone
|
TZ: *timeZone
|
||||||
POD_NAMESPACE:
|
POD_NAMESPACE:
|
||||||
|
@ -136,7 +136,7 @@ spec:
|
||||||
readOnly: true
|
readOnly: true
|
||||||
media:
|
media:
|
||||||
type: nfs
|
type: nfs
|
||||||
server: 10.1.1.61
|
server: 10.1.1.13
|
||||||
path: /eru/media
|
path: /eru/media
|
||||||
advancedMounts:
|
advancedMounts:
|
||||||
orphaned:
|
orphaned:
|
||||||
|
|
|
@ -67,7 +67,7 @@ spec:
|
||||||
storage:
|
storage:
|
||||||
useAllNodes: true
|
useAllNodes: true
|
||||||
useAllDevices: false
|
useAllDevices: false
|
||||||
deviceFilter: "nvme[0-9]+n1"
|
deviceFilter: "nvme0n1"
|
||||||
resources:
|
resources:
|
||||||
mgr:
|
mgr:
|
||||||
requests:
|
requests:
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: external-secrets
|
chart: external-secrets
|
||||||
version: 0.11.0
|
version: 0.10.7
|
||||||
interval: 30m
|
interval: 30m
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
|
|
|
@ -23,7 +23,7 @@ releases:
|
||||||
- name: cilium
|
- name: cilium
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
chart: cilium/cilium
|
chart: cilium/cilium
|
||||||
version: 1.16.4
|
version: 1.16.3
|
||||||
values:
|
values:
|
||||||
- ../apps/kube-system/cilium/app/helm-values.yml
|
- ../apps/kube-system/cilium/app/helm-values.yml
|
||||||
needs:
|
needs:
|
||||||
|
@ -31,7 +31,7 @@ releases:
|
||||||
- name: coredns
|
- name: coredns
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
chart: coredns/coredns
|
chart: coredns/coredns
|
||||||
version: 1.37.0
|
version: 1.36.1
|
||||||
values:
|
values:
|
||||||
- ../apps/kube-system/coredns/app/helm-values.yml
|
- ../apps/kube-system/coredns/app/helm-values.yml
|
||||||
needs:
|
needs:
|
||||||
|
|
|
@ -5,7 +5,7 @@ clusterName: theshire
|
||||||
# renovate: datasource=github-releases depName=siderolabs/talos
|
# renovate: datasource=github-releases depName=siderolabs/talos
|
||||||
talosVersion: v1.8.3
|
talosVersion: v1.8.3
|
||||||
# renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet
|
# renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet
|
||||||
kubernetesVersion: 1.31.4
|
kubernetesVersion: 1.31.3
|
||||||
endpoint: "https://10.1.1.57:6444"
|
endpoint: "https://10.1.1.57:6444"
|
||||||
|
|
||||||
additionalApiServerCertSans:
|
additionalApiServerCertSans:
|
||||||
|
@ -74,6 +74,42 @@ nodes:
|
||||||
networkInterfaces:
|
networkInterfaces:
|
||||||
- interface: eno1
|
- interface: eno1
|
||||||
dhcp: true
|
dhcp: true
|
||||||
|
- hostname: gandalf-01
|
||||||
|
disableSearchDomain: true
|
||||||
|
ipAddress: 10.1.1.68
|
||||||
|
controlPlane: false
|
||||||
|
installDisk: /dev/sda
|
||||||
|
networkInterfaces:
|
||||||
|
- interface: enp5s0
|
||||||
|
dhcp: true
|
||||||
|
|
||||||
|
- hostname: shadowfax-01
|
||||||
|
disableSearchDomain: true
|
||||||
|
ipAddress: 10.1.1.69
|
||||||
|
controlPlane: false
|
||||||
|
installDiskSelector:
|
||||||
|
busPath: /pci0000:00/0000:00:01.1/0000:02:00.0/virtio6/host0/target0:0:0/0:0:0:1/
|
||||||
|
networkInterfaces:
|
||||||
|
- interface: enp5s0
|
||||||
|
dhcp: true
|
||||||
|
patches:
|
||||||
|
- |-
|
||||||
|
machine:
|
||||||
|
sysctls:
|
||||||
|
net.core.bpf_jit_harden: 1
|
||||||
|
|
||||||
|
kernelModules:
|
||||||
|
- name: nvidia
|
||||||
|
- name: nvidia_uvm
|
||||||
|
- name: nvidia_drm
|
||||||
|
- name: nvidia_modeset
|
||||||
|
schematic:
|
||||||
|
customization:
|
||||||
|
systemExtensions:
|
||||||
|
officialExtensions:
|
||||||
|
- siderolabs/amd-ucode
|
||||||
|
- siderolabs/nonfree-kmod-nvidia-production
|
||||||
|
- siderolabs/nvidia-container-toolkit-production
|
||||||
|
|
||||||
worker:
|
worker:
|
||||||
schematic:
|
schematic:
|
||||||
|
|
|
@ -12,4 +12,4 @@ spec:
|
||||||
operation: copy
|
operation: copy
|
||||||
url: oci://ghcr.io/grafana/helm-charts/grafana
|
url: oci://ghcr.io/grafana/helm-charts/grafana
|
||||||
ref:
|
ref:
|
||||||
tag: 8.6.4
|
tag: 8.6.3
|
||||||
|
|
|
@ -2,12 +2,6 @@
|
||||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||||
"extends": [
|
"extends": [
|
||||||
"config:recommended",
|
"config:recommended",
|
||||||
":automergeBranch",
|
|
||||||
":dependencyDashboard",
|
|
||||||
":disableRateLimiting",
|
|
||||||
":skipStatusChecks",
|
|
||||||
":timezone(America/Chicago)",
|
|
||||||
"docker:enableMajor",
|
|
||||||
"local>jahanson/theshire//.renovate/autoMerge.json5",
|
"local>jahanson/theshire//.renovate/autoMerge.json5",
|
||||||
"local>jahanson/theshire//.renovate/commitMessage.json5",
|
"local>jahanson/theshire//.renovate/commitMessage.json5",
|
||||||
"local>jahanson/theshire//.renovate/customManagers.json5",
|
"local>jahanson/theshire//.renovate/customManagers.json5",
|
||||||
|
|
|
@ -24,6 +24,5 @@ pkgs.mkShell {
|
||||||
kustomize
|
kustomize
|
||||||
yq-go
|
yq-go
|
||||||
go-task
|
go-task
|
||||||
kubectl
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
Reference in a new issue