Compare commits
1 commit
main
...
renovate/g
Author | SHA1 | Date | |
---|---|---|---|
c0568711d5 |
101 changed files with 194 additions and 445 deletions
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -20,6 +20,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
"automerge": true,
|
"automerge": true,
|
||||||
"automergeType": "branch",
|
"automergeType": "branch",
|
||||||
"matchUpdateTypes": ["digest"],
|
"matchUpdateTypes": ["digest"],
|
||||||
"matchPackagePrefixes": ["ghcr.io/onedr0p", "ghcr.io/bjw-s", "ghcr.io/bjw-s-labs"],
|
"matchPackagePrefixes": ["ghcr.io/onedr0p", "ghcr.io/bjw-s"],
|
||||||
"ignoreTests": true
|
"ignoreTests": true
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
@ -35,7 +35,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: docker.io/ollama/ollama
|
repository: docker.io/ollama/ollama
|
||||||
tag: 0.3.13
|
tag: 0.3.12
|
||||||
env:
|
env:
|
||||||
- name: OLLAMA_HOST
|
- name: OLLAMA_HOST
|
||||||
value: 0.0.0.0
|
value: 0.0.0.0
|
||||||
|
|
|
@ -22,6 +22,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -20,6 +20,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -20,4 +20,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: true
|
wait: true
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -39,7 +39,7 @@ spec:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: crunchy-postgres
|
app.kubernetes.io/name: crunchy-postgres
|
||||||
replicas: &replica 2
|
replicas: &replica 1
|
||||||
dataVolumeClaimSpec:
|
dataVolumeClaimSpec:
|
||||||
storageClassName: openebs-hostpath
|
storageClassName: openebs-hostpath
|
||||||
accessModes:
|
accessModes:
|
||||||
|
|
|
@ -9,7 +9,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: pgo
|
chart: pgo
|
||||||
version: 5.7.0
|
version: 5.6.1
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: crunchydata
|
name: crunchydata
|
||||||
|
|
|
@ -5,7 +5,7 @@ kind: Dragonfly
|
||||||
metadata:
|
metadata:
|
||||||
name: dragonfly
|
name: dragonfly
|
||||||
spec:
|
spec:
|
||||||
image: ghcr.io/dragonflydb/dragonfly:v1.24.0
|
image: ghcr.io/dragonflydb/dragonfly:v1.23.2
|
||||||
replicas: 3
|
replicas: 3
|
||||||
env:
|
env:
|
||||||
- name: MAX_MEMORY
|
- name: MAX_MEMORY
|
||||||
|
|
|
@ -19,6 +19,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: true
|
wait: true
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||||
|
@ -41,4 +42,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: true
|
wait: true
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -44,17 +44,17 @@ spec:
|
||||||
{
|
{
|
||||||
"user_id": "tasmota",
|
"user_id": "tasmota",
|
||||||
"password": "{{ .x_emqx_tasmota_password }}",
|
"password": "{{ .x_emqx_tasmota_password }}",
|
||||||
"is_superuser": true
|
"is_superuser": true # Until I can figure out authorization in emqx
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"user_id": "zwave",
|
"user_id": "zwave",
|
||||||
"password": "{{ .x_emqx_homeassistant_password }}",
|
"password": "{{ .x_emqx_homeassistant_password }}",
|
||||||
"is_superuser": true
|
"is_superuser": true # Until I can figure out authorization in emqx
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"user_id": "zwave",
|
"user_id": "zwave",
|
||||||
"password": "{{ .x_emqx_zwave_password }}",
|
"password": "{{ .x_emqx_zwave_password }}",
|
||||||
"is_superuser": true
|
"is_superuser": true # Until I can figure out authorization in emqx
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: emqx-operator
|
chart: emqx-operator
|
||||||
version: 2.2.25
|
version: 2.2.24
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: emqx
|
name: emqx
|
||||||
|
|
|
@ -5,7 +5,7 @@ kind: EMQX
|
||||||
metadata:
|
metadata:
|
||||||
name: emqx
|
name: emqx
|
||||||
spec:
|
spec:
|
||||||
image: public.ecr.aws/emqx/emqx:5.8.1
|
image: public.ecr.aws/emqx/emqx:5.8.0
|
||||||
config:
|
config:
|
||||||
mode: Merge
|
mode: Merge
|
||||||
coreTemplate:
|
coreTemplate:
|
||||||
|
|
|
@ -19,6 +19,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: true
|
wait: true
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||||
|
@ -41,4 +42,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: true
|
wait: true
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -20,6 +20,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -20,6 +20,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -17,6 +17,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -36,7 +36,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/home-assistant
|
repository: ghcr.io/onedr0p/home-assistant
|
||||||
tag: 2024.10.2@sha256:65cdf4722e85785a67842810e1c747e42aca4650262a3eb9649ccab3246fc5d3
|
tag: 2024.10.1@sha256:04614835418d2bdacd64685b516e58e7c5446f72485d446e7635282ba1a06c43
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
envFrom:
|
envFrom:
|
||||||
|
|
|
@ -19,6 +19,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -17,6 +17,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false # no flux ks dependents
|
wait: false # no flux ks dependents
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -22,7 +22,6 @@ resources:
|
||||||
- ./recyclarr/ks.yaml
|
- ./recyclarr/ks.yaml
|
||||||
- ./redlib/ks.yaml
|
- ./redlib/ks.yaml
|
||||||
- ./sabnzbd/ks.yaml
|
- ./sabnzbd/ks.yaml
|
||||||
- ./scrypted/ks.yaml
|
|
||||||
- ./searxng/ks.yaml
|
- ./searxng/ks.yaml
|
||||||
- ./sonarr/ks.yaml
|
- ./sonarr/ks.yaml
|
||||||
- ./tautulli/ks.yaml
|
- ./tautulli/ks.yaml
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- ./externalsecret.yaml
|
|
||||||
- ./helmrelease.yaml
|
|
||||||
- ../../../../templates/gatus/internal
|
- ../../../../templates/gatus/internal
|
||||||
- ../../../../templates/volsync
|
- ../../../../templates/volsync
|
||||||
|
- ./externalsecret.yaml
|
||||||
|
- ./helmrelease.yaml
|
||||||
|
|
|
@ -22,6 +22,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false # no flux ks dependents
|
wait: false # no flux ks dependents
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -5,4 +5,4 @@ kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- ./helmrelease.yaml
|
- ./helmrelease.yaml
|
||||||
- ../../../../templates/volsync
|
- ../../../../templates/volsync
|
||||||
- ../../../../templates/gatus/internal
|
# - ../../../../templates/gatus/internal
|
||||||
|
|
|
@ -19,6 +19,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -20,6 +20,7 @@ spec:
|
||||||
- name: volsync
|
- name: volsync
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -18,11 +18,6 @@ spec:
|
||||||
values:
|
values:
|
||||||
defaultPodOptions:
|
defaultPodOptions:
|
||||||
automountServiceAccountToken: false
|
automountServiceAccountToken: false
|
||||||
securityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
runAsGroup: 1000
|
|
||||||
fsGroup: 1000
|
|
||||||
fsGroupChangePolicy: "OnRootMismatch"
|
|
||||||
|
|
||||||
controllers:
|
controllers:
|
||||||
backend:
|
backend:
|
||||||
|
@ -30,6 +25,13 @@ spec:
|
||||||
annotations:
|
annotations:
|
||||||
secret.reloader.stakater.com/reload: piped-secret
|
secret.reloader.stakater.com/reload: piped-secret
|
||||||
|
|
||||||
|
pod:
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsGroup: 1000
|
||||||
|
fsGroup: 1000
|
||||||
|
fsGroupChangePolicy: "OnRootMismatch"
|
||||||
|
|
||||||
containers:
|
containers:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
|
@ -56,13 +58,21 @@ spec:
|
||||||
|
|
||||||
frontend:
|
frontend:
|
||||||
strategy: RollingUpdate
|
strategy: RollingUpdate
|
||||||
|
pod:
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 101
|
||||||
|
runAsGroup: 101
|
||||||
|
fsGroup: 101
|
||||||
|
fsGroupChangePolicy: "OnRootMismatch"
|
||||||
|
|
||||||
containers:
|
containers:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/bjw-s-labs/piped-frontend
|
repository: ghcr.io/bjw-s-labs/piped-frontend
|
||||||
tag: 2024.10.17@sha256:2d11886aef42a280e6ee924126882f7bb3593d87f0b27f8d035067cbc29c8edb
|
tag: latest@sha256:c4cb0cfbdf149cdb738fb9e41a5cc748a7ea53053f4c5e036b9f7578d9273328
|
||||||
env:
|
env:
|
||||||
|
HTTP_PORT: 8080
|
||||||
|
HTTP_WORKERS: 4
|
||||||
BACKEND_HOSTNAME: piped-api.hsn.dev
|
BACKEND_HOSTNAME: piped-api.hsn.dev
|
||||||
probes:
|
probes:
|
||||||
liveness:
|
liveness:
|
||||||
|
@ -77,19 +87,21 @@ spec:
|
||||||
memory: 256Mi
|
memory: 256Mi
|
||||||
securityContext:
|
securityContext:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
capabilities:
|
|
||||||
drop:
|
|
||||||
- ALL
|
|
||||||
readOnlyRootFilesystem: true
|
|
||||||
|
|
||||||
ytproxy:
|
ytproxy:
|
||||||
strategy: RollingUpdate
|
strategy: RollingUpdate
|
||||||
|
pod:
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsGroup: 1000
|
||||||
|
fsGroup: 1000
|
||||||
|
fsGroupChangePolicy: "OnRootMismatch"
|
||||||
|
|
||||||
containers:
|
containers:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: 1337kavin/piped-proxy
|
repository: 1337kavin/piped-proxy
|
||||||
tag: latest@sha256:5d069df4b959eb544eb62d966d11eb2a1e785abcb7e1716a8143e9f02ddfcba7
|
tag: latest@sha256:9872edd2c47c9c33dfa44c334e4cef4e2c6ec91638eb2dcf6ca36b7b3037fd59
|
||||||
command:
|
command:
|
||||||
- /app/piped-proxy
|
- /app/piped-proxy
|
||||||
probes:
|
probes:
|
||||||
|
|
|
@ -19,6 +19,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/prowlarr-develop
|
repository: ghcr.io/onedr0p/prowlarr-develop
|
||||||
tag: 1.25.2.4794@sha256:4ff88b9911a9d8232bc1a0065b9423ea631c591c5fe0959effb3b1c093ef4930
|
tag: 1.25.1.4770@sha256:8b59eb7f9e5321b702bdacae3468b63d71720091ba3b0e9dfaca686a7705d2b8
|
||||||
env:
|
env:
|
||||||
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
||||||
# Ref: https://github.com/dotnet/runtime/issues/9336
|
# Ref: https://github.com/dotnet/runtime/issues/9336
|
||||||
|
|
|
@ -20,6 +20,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/radarr-develop
|
repository: ghcr.io/onedr0p/radarr-develop
|
||||||
tag: 5.12.2.9335
|
tag: 5.12.0.9255
|
||||||
env:
|
env:
|
||||||
RADARR__APP__INSTANCENAME: Radarr
|
RADARR__APP__INSTANCENAME: Radarr
|
||||||
RADARR__APP__THEME: dark
|
RADARR__APP__THEME: dark
|
||||||
|
|
|
@ -22,6 +22,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -20,6 +20,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -38,7 +38,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: quay.io/redlib/redlib
|
repository: quay.io/redlib/redlib
|
||||||
tag: latest@sha256:f07a1531d520121e1260bfd9d4b3dbadb26a8ad20a8a7b8639723907160839e4
|
tag: latest@sha256:e61e2535518e0b574f92642612f33f6fbee1aa22b2ff36ee740e26a025bb0039
|
||||||
env:
|
env:
|
||||||
REDLIB_DEFAULT_SHOW_NSFW: on
|
REDLIB_DEFAULT_SHOW_NSFW: on
|
||||||
REDLIB_DEFAULT_WIDE: on
|
REDLIB_DEFAULT_WIDE: on
|
||||||
|
|
|
@ -19,6 +19,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -21,6 +21,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,120 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
||||||
kind: HelmRelease
|
|
||||||
metadata:
|
|
||||||
name: &app scrypted
|
|
||||||
spec:
|
|
||||||
interval: 30m
|
|
||||||
chart:
|
|
||||||
spec:
|
|
||||||
chart: app-template
|
|
||||||
version: 3.5.1
|
|
||||||
interval: 30m
|
|
||||||
sourceRef:
|
|
||||||
kind: HelmRepository
|
|
||||||
name: bjw-s
|
|
||||||
namespace: flux-system
|
|
||||||
|
|
||||||
values:
|
|
||||||
controllers:
|
|
||||||
scrypted:
|
|
||||||
annotations:
|
|
||||||
reloader.stakater.com/auto: "true"
|
|
||||||
pod:
|
|
||||||
nodeSelector:
|
|
||||||
google.feature.node.kubernetes.io/coral: "true"
|
|
||||||
nvidia.com/gpu.present: "true"
|
|
||||||
securityContext:
|
|
||||||
supplementalGroups:
|
|
||||||
- 568
|
|
||||||
containers:
|
|
||||||
app:
|
|
||||||
image:
|
|
||||||
repository: ghcr.io/koush/scrypted
|
|
||||||
tag: v0.121.0-jammy-nvidia
|
|
||||||
probes:
|
|
||||||
liveness:
|
|
||||||
enabled: true
|
|
||||||
readiness:
|
|
||||||
enabled: true
|
|
||||||
startup:
|
|
||||||
enabled: true
|
|
||||||
spec:
|
|
||||||
failureThreshold: 30
|
|
||||||
periodSeconds: 5
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 136m
|
|
||||||
memory: 1024Mi
|
|
||||||
limits:
|
|
||||||
nvidia.com/gpu: 1
|
|
||||||
memory: 8192Mi
|
|
||||||
securityContext:
|
|
||||||
privileged: true
|
|
||||||
service:
|
|
||||||
app:
|
|
||||||
controller: *app
|
|
||||||
type: LoadBalancer
|
|
||||||
annotations:
|
|
||||||
io.cilium/lb-ipam-ips: 10.1.1.33
|
|
||||||
nameOverride: *app
|
|
||||||
ports:
|
|
||||||
http:
|
|
||||||
port: 11080
|
|
||||||
primary: true
|
|
||||||
rebroadcast1: # driveway
|
|
||||||
port: 39655
|
|
||||||
rebroadcast2: # sideyard
|
|
||||||
port: 46561
|
|
||||||
rebroadcast3: # doorbell
|
|
||||||
port: 44759
|
|
||||||
homekit: # homekit
|
|
||||||
port: 42010
|
|
||||||
homekit-bridge: # bridge
|
|
||||||
port: 33961
|
|
||||||
|
|
||||||
|
|
||||||
ingress:
|
|
||||||
app:
|
|
||||||
className: "internal-nginx"
|
|
||||||
annotations:
|
|
||||||
hosts:
|
|
||||||
- host: &host scrypted.jahanson.tech
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
service:
|
|
||||||
identifier: app
|
|
||||||
port: http
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- *host
|
|
||||||
persistence:
|
|
||||||
config:
|
|
||||||
existingClaim: scrypted
|
|
||||||
advancedMounts:
|
|
||||||
scrypted:
|
|
||||||
app:
|
|
||||||
- path: /server/volume
|
|
||||||
cache:
|
|
||||||
type: emptyDir
|
|
||||||
globalMounts:
|
|
||||||
- path: /.cache
|
|
||||||
cache-npm:
|
|
||||||
type: emptyDir
|
|
||||||
globalMounts:
|
|
||||||
- path: /.npm
|
|
||||||
dev-bus-usb:
|
|
||||||
type: hostPath
|
|
||||||
hostPath: /dev/bus/usb
|
|
||||||
hostPathType: Directory
|
|
||||||
sys-bus-usb:
|
|
||||||
type: hostPath
|
|
||||||
hostPath: /sys/bus/usb
|
|
||||||
hostPathType: Directory
|
|
||||||
recordings:
|
|
||||||
type: nfs
|
|
||||||
server: shadowfax.jahanson.tech
|
|
||||||
path: /nahar/scrypted
|
|
||||||
globalMounts:
|
|
||||||
- path: /recordings
|
|
|
@ -1,7 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
|
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
||||||
kind: Kustomization
|
|
||||||
resources:
|
|
||||||
- ./helmrelease.yaml
|
|
||||||
- ../../../../templates/volsync
|
|
|
@ -1,30 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
|
||||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
|
||||||
kind: Kustomization
|
|
||||||
metadata:
|
|
||||||
name: &appname scrypted
|
|
||||||
namespace: flux-system
|
|
||||||
spec:
|
|
||||||
targetNamespace: default
|
|
||||||
commonMetadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: *appname
|
|
||||||
interval: 30m
|
|
||||||
timeout: 5m
|
|
||||||
path: "./kubernetes/apps/default/scrypted/app"
|
|
||||||
prune: true
|
|
||||||
sourceRef:
|
|
||||||
kind: GitRepository
|
|
||||||
name: theshire
|
|
||||||
wait: false
|
|
||||||
dependsOn:
|
|
||||||
- name: rook-ceph-cluster
|
|
||||||
- name: volsync
|
|
||||||
- name: external-secrets-stores
|
|
||||||
postBuild:
|
|
||||||
substitute:
|
|
||||||
APP: *appname
|
|
||||||
APP_UID: "0"
|
|
||||||
APP_GID: "0"
|
|
||||||
VOLSYNC_CAPACITY: 5Gi
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -20,6 +20,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -22,6 +22,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/tautulli/tautulli
|
repository: ghcr.io/tautulli/tautulli
|
||||||
tag: v2.14.6@sha256:f54d2d3a78780c765cd7a10b882474909f50247b5d2d118badaa9c035421effd
|
tag: v2.14.5@sha256:6017b491d8e9100a97391b639fff5824ad36a315c69aae3c9ed78407994a626e
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
command: ["/usr/local/bin/python", "Tautulli.py"]
|
command: ["/usr/local/bin/python", "Tautulli.py"]
|
||||||
|
|
|
@ -20,6 +20,7 @@ spec:
|
||||||
- name: volsync
|
- name: volsync
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -19,4 +19,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -36,7 +36,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/zwave-js/zwave-js-ui
|
repository: ghcr.io/zwave-js/zwave-js-ui
|
||||||
tag: 9.24.0@sha256:ed648be6b058c6aa74abca1868c3ac48cb82b06b22ef0ef4f7ba66dd9d331bfc
|
tag: 9.21.1@sha256:a28eaf01060dbe2fa30045d6b2ac6a31bc34efbebb7aa7d19787929929aea16a
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
PORT: &port 80
|
PORT: &port 80
|
||||||
|
|
|
@ -17,6 +17,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: cilium
|
chart: cilium
|
||||||
version: 1.16.3
|
version: 1.16.2
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: cilium
|
name: cilium
|
||||||
|
|
|
@ -7,8 +7,7 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
loadBalancerIPs: true
|
loadBalancerIPs: true
|
||||||
# interfaces: ["^enp.*|^eth.*|^ens.*|^eno.*"]
|
# interfaces: ["^enp.*|^eth.*|^ens.*|^eno.*"]
|
||||||
interfaces: ["^eno+|^enp+|^bond+"]
|
interfaces: ["^eno+|^enp+"]
|
||||||
# interfaces: ["^bond+"]
|
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
kubernetes.io/os: linux
|
kubernetes.io/os: linux
|
||||||
|
|
|
@ -17,6 +17,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: true
|
wait: true
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||||
|
@ -39,4 +40,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -17,4 +17,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -17,4 +17,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -9,7 +9,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: kubelet-csr-approver
|
chart: kubelet-csr-approver
|
||||||
version: 1.2.3
|
version: 1.2.2
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: postfinance
|
name: postfinance
|
||||||
|
|
|
@ -17,4 +17,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: node-feature-discovery
|
chart: node-feature-discovery
|
||||||
version: 0.16.5
|
version: 0.16.4
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: kubernetes-sigs-nfd
|
name: kubernetes-sigs-nfd
|
||||||
|
|
|
@ -1,16 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/nfd.k8s-sigs.io/nodefeaturerule_v1alpha1.json
|
|
||||||
apiVersion: nfd.k8s-sigs.io/v1alpha1
|
|
||||||
kind: NodeFeatureRule
|
|
||||||
metadata:
|
|
||||||
name: google-coral-device
|
|
||||||
spec:
|
|
||||||
rules:
|
|
||||||
- # Google Coral USB Accelerator
|
|
||||||
name: google.coral
|
|
||||||
labels:
|
|
||||||
google.feature.node.kubernetes.io/coral: "true"
|
|
||||||
matchFeatures:
|
|
||||||
- feature: usb.device
|
|
||||||
matchExpressions:
|
|
||||||
vendor: {op: In, value: ["1a6e", "18d1"]}
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/nfd.k8s-sigs.io/nodefeaturerule_v1alpha1.json
|
# yaml-language-server: $schema=https://ks.hsn.dev/nfd.k8s-sigs.io/nodefeaturerule_v1alpha1.json
|
||||||
|
---
|
||||||
apiVersion: nfd.k8s-sigs.io/v1alpha1
|
apiVersion: nfd.k8s-sigs.io/v1alpha1
|
||||||
kind: NodeFeatureRule
|
kind: NodeFeatureRule
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -4,13 +4,13 @@ metadata:
|
||||||
name: rocky-nenya
|
name: rocky-nenya
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
spec:
|
spec:
|
||||||
nodeName: shadowfax-01
|
# nodeName: nenya
|
||||||
containers:
|
containers:
|
||||||
- name: rocky
|
- name: rocky
|
||||||
image: rockylinux:9
|
image: rockylinux:9
|
||||||
securityContext:
|
securityContext:
|
||||||
privileged: true
|
privileged: true
|
||||||
command: ["/bin/bash", "-c", "dnf install -y iputils dnsutils && while true; do sleep 10; done"]
|
command: ["/bin/bash", "-c", "while true; do sleep 10; done"]
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 100m
|
cpu: 100m
|
||||||
|
|
|
@ -9,7 +9,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: spegel
|
chart: spegel
|
||||||
version: v0.0.27
|
version: v0.0.26
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: spegel-org
|
name: spegel-org
|
||||||
|
|
|
@ -17,4 +17,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -66,7 +66,6 @@ spec:
|
||||||
- ""
|
- ""
|
||||||
resources:
|
resources:
|
||||||
- pods
|
- pods
|
||||||
- nodes
|
|
||||||
verbs:
|
verbs:
|
||||||
- create
|
- create
|
||||||
- update
|
- update
|
||||||
|
@ -79,114 +78,3 @@ spec:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app.kubernetes.io/instance: kyverno
|
app.kubernetes.io/instance: kyverno
|
||||||
app.kubernetes.io/component: kyverno
|
app.kubernetes.io/component: kyverno
|
||||||
config:
|
|
||||||
# -- Resource types to be skipped by the Kyverno policy engine.
|
|
||||||
# Make sure to surround each entry in quotes so that it doesn't get parsed as a nested YAML list.
|
|
||||||
# These are joined together without spaces, run through `tpl`, and the result is set in the config map.
|
|
||||||
# @default -- See [values.yaml](https://github.com/kyverno/kyverno/blob/ed1906a0dc281c2aeb9b7046b843708825310330/charts/kyverno/values.yaml#L207C3-L316C1)
|
|
||||||
resourceFilters:
|
|
||||||
- '[Event,*,*]'
|
|
||||||
- '[*/*,kube-system,*]'
|
|
||||||
- '[*/*,kube-public,*]'
|
|
||||||
- '[*/*,kube-node-lease,*]'
|
|
||||||
- '[Node,*,*]'
|
|
||||||
- '[Node/*,*,*]'
|
|
||||||
- '[APIService,*,*]'
|
|
||||||
- '[APIService/*,*,*]'
|
|
||||||
- '[TokenReview,*,*]'
|
|
||||||
- '[SubjectAccessReview,*,*]'
|
|
||||||
- '[SelfSubjectAccessReview,*,*]'
|
|
||||||
# remove the following to allow for schematic-to-pod.yaml to work
|
|
||||||
# - '[Binding,*,*]'
|
|
||||||
# - '[Pod/binding,*,*]'
|
|
||||||
- '[ReplicaSet,*,*]'
|
|
||||||
- '[ReplicaSet/*,*,*]'
|
|
||||||
- '[EphemeralReport,*,*]'
|
|
||||||
- '[ClusterEphemeralReport,*,*]'
|
|
||||||
# exclude resources from the chart
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.admission-controller.roleName" . }}]'
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.admission-controller.roleName" . }}:core]'
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.admission-controller.roleName" . }}:additional]'
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.background-controller.roleName" . }}]'
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.background-controller.roleName" . }}:core]'
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.background-controller.roleName" . }}:additional]'
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.cleanup-controller.roleName" . }}]'
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.cleanup-controller.roleName" . }}:core]'
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.cleanup-controller.roleName" . }}:additional]'
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.reports-controller.roleName" . }}]'
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.reports-controller.roleName" . }}:core]'
|
|
||||||
- '[ClusterRole,*,{{ template "kyverno.reports-controller.roleName" . }}:additional]'
|
|
||||||
- '[ClusterRoleBinding,*,{{ template "kyverno.admission-controller.roleName" . }}]'
|
|
||||||
- '[ClusterRoleBinding,*,{{ template "kyverno.background-controller.roleName" . }}]'
|
|
||||||
- '[ClusterRoleBinding,*,{{ template "kyverno.cleanup-controller.roleName" . }}]'
|
|
||||||
- '[ClusterRoleBinding,*,{{ template "kyverno.reports-controller.roleName" . }}]'
|
|
||||||
- '[ServiceAccount,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.serviceAccountName" . }}]'
|
|
||||||
- '[ServiceAccount/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.serviceAccountName" . }}]'
|
|
||||||
- '[ServiceAccount,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.serviceAccountName" . }}]'
|
|
||||||
- '[ServiceAccount/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.serviceAccountName" . }}]'
|
|
||||||
- '[ServiceAccount,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.serviceAccountName" . }}]'
|
|
||||||
- '[ServiceAccount/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.serviceAccountName" . }}]'
|
|
||||||
- '[ServiceAccount,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.serviceAccountName" . }}]'
|
|
||||||
- '[ServiceAccount/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.serviceAccountName" . }}]'
|
|
||||||
- '[Role,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.roleName" . }}]'
|
|
||||||
- '[Role,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.roleName" . }}]'
|
|
||||||
- '[Role,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.roleName" . }}]'
|
|
||||||
- '[Role,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.roleName" . }}]'
|
|
||||||
- '[RoleBinding,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.roleName" . }}]'
|
|
||||||
- '[RoleBinding,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.roleName" . }}]'
|
|
||||||
- '[RoleBinding,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.roleName" . }}]'
|
|
||||||
- '[RoleBinding,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.roleName" . }}]'
|
|
||||||
- '[ConfigMap,{{ include "kyverno.namespace" . }},{{ template "kyverno.config.configMapName" . }}]'
|
|
||||||
- '[ConfigMap,{{ include "kyverno.namespace" . }},{{ template "kyverno.config.metricsConfigMapName" . }}]'
|
|
||||||
- '[Deployment,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.name" . }}]'
|
|
||||||
- '[Deployment/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.name" . }}]'
|
|
||||||
- '[Deployment,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.name" . }}]'
|
|
||||||
- '[Deployment/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.name" . }}]'
|
|
||||||
- '[Deployment,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}]'
|
|
||||||
- '[Deployment/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}]'
|
|
||||||
- '[Deployment,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.name" . }}]'
|
|
||||||
- '[Deployment/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.name" . }}]'
|
|
||||||
- '[Pod,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.name" . }}-*]'
|
|
||||||
- '[Pod/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.name" . }}-*]'
|
|
||||||
- '[Pod,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.name" . }}-*]'
|
|
||||||
- '[Pod/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.name" . }}-*]'
|
|
||||||
- '[Pod,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}-*]'
|
|
||||||
- '[Pod/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}-*]'
|
|
||||||
- '[Pod,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.name" . }}-*]'
|
|
||||||
- '[Pod/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.name" . }}-*]'
|
|
||||||
- '[Job,{{ include "kyverno.namespace" . }},{{ template "kyverno.fullname" . }}-hook-pre-delete]'
|
|
||||||
- '[Job/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.fullname" . }}-hook-pre-delete]'
|
|
||||||
- '[NetworkPolicy,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.name" . }}]'
|
|
||||||
- '[NetworkPolicy/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.name" . }}]'
|
|
||||||
- '[NetworkPolicy,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.name" . }}]'
|
|
||||||
- '[NetworkPolicy/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.name" . }}]'
|
|
||||||
- '[NetworkPolicy,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}]'
|
|
||||||
- '[NetworkPolicy/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}]'
|
|
||||||
- '[NetworkPolicy,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.name" . }}]'
|
|
||||||
- '[NetworkPolicy/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.name" . }}]'
|
|
||||||
- '[PodDisruptionBudget,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.name" . }}]'
|
|
||||||
- '[PodDisruptionBudget/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.name" . }}]'
|
|
||||||
- '[PodDisruptionBudget,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.name" . }}]'
|
|
||||||
- '[PodDisruptionBudget/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.name" . }}]'
|
|
||||||
- '[PodDisruptionBudget,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}]'
|
|
||||||
- '[PodDisruptionBudget/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}]'
|
|
||||||
- '[PodDisruptionBudget,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.name" . }}]'
|
|
||||||
- '[PodDisruptionBudget/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.name" . }}]'
|
|
||||||
- '[Service,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.serviceName" . }}]'
|
|
||||||
- '[Service/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.serviceName" . }}]'
|
|
||||||
- '[Service,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.serviceName" . }}-metrics]'
|
|
||||||
- '[Service/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.serviceName" . }}-metrics]'
|
|
||||||
- '[Service,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.name" . }}-metrics]'
|
|
||||||
- '[Service/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.background-controller.name" . }}-metrics]'
|
|
||||||
- '[Service,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}]'
|
|
||||||
- '[Service/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}]'
|
|
||||||
- '[Service,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}-metrics]'
|
|
||||||
- '[Service/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}-metrics]'
|
|
||||||
- '[Service,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.name" . }}-metrics]'
|
|
||||||
- '[Service/*,{{ include "kyverno.namespace" . }},{{ template "kyverno.reports-controller.name" . }}-metrics]'
|
|
||||||
- '[ServiceMonitor,{{ if .Values.admissionController.serviceMonitor.namespace }}{{ .Values.admissionController.serviceMonitor.namespace }}{{ else }}{{ template "kyverno.namespace" . }}{{ end }},{{ template "kyverno.admission-controller.name" . }}]'
|
|
||||||
- '[ServiceMonitor,{{ if .Values.admissionController.serviceMonitor.namespace }}{{ .Values.admissionController.serviceMonitor.namespace }}{{ else }}{{ template "kyverno.namespace" . }}{{ end }},{{ template "kyverno.background-controller.name" . }}]'
|
|
||||||
- '[ServiceMonitor,{{ if .Values.admissionController.serviceMonitor.namespace }}{{ .Values.admissionController.serviceMonitor.namespace }}{{ else }}{{ template "kyverno.namespace" . }}{{ end }},{{ template "kyverno.cleanup-controller.name" . }}]'
|
|
||||||
- '[ServiceMonitor,{{ if .Values.admissionController.serviceMonitor.namespace }}{{ .Values.admissionController.serviceMonitor.namespace }}{{ else }}{{ template "kyverno.namespace" . }}{{ end }},{{ template "kyverno.reports-controller.name" . }}]'
|
|
||||||
- '[Secret,{{ include "kyverno.namespace" . }},{{ template "kyverno.admission-controller.serviceName" . }}.{{ template "kyverno.namespace" . }}.svc.*]'
|
|
||||||
- '[Secret,{{ include "kyverno.namespace" . }},{{ template "kyverno.cleanup-controller.name" . }}.{{ template "kyverno.namespace" . }}.svc.*]'
|
|
||||||
|
|
|
@ -13,6 +13,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: true
|
wait: true
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
|
||||||
|
@ -31,4 +32,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
@ -36,7 +36,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: docker.io/cloudflare/cloudflared
|
repository: docker.io/cloudflare/cloudflared
|
||||||
tag: 2024.10.0@sha256:060f16531b1ed6dcb382cd2b35d1a845f8dbcb445003b9ec48eef0078cb08bf4
|
tag: 2024.9.1@sha256:0b88e00d8f93f9d18197f11506f0f6bf0d9266b5a0361c068930a3fe45b68b72
|
||||||
env:
|
env:
|
||||||
NO_AUTOUPDATE: "true"
|
NO_AUTOUPDATE: "true"
|
||||||
TUNNEL_CRED_FILE: /etc/cloudflared/creds/credentials.json
|
TUNNEL_CRED_FILE: /etc/cloudflared/creds/credentials.json
|
||||||
|
|
|
@ -22,4 +22,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: true
|
wait: true
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -9,7 +9,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: ingress-nginx
|
chart: ingress-nginx
|
||||||
version: 4.11.3
|
version: 4.11.2
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: ingress-nginx
|
name: ingress-nginx
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: ingress-nginx
|
chart: ingress-nginx
|
||||||
version: 4.11.3
|
version: 4.11.2
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: ingress-nginx
|
name: ingress-nginx
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
|
||||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
metadata:
|
metadata:
|
||||||
|
@ -21,24 +21,3 @@ spec:
|
||||||
dependsOn:
|
dependsOn:
|
||||||
- name: external-secrets-stores
|
- name: external-secrets-stores
|
||||||
- name: rook-ceph-cluster
|
- name: rook-ceph-cluster
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
|
||||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
|
||||||
kind: Kustomization
|
|
||||||
metadata:
|
|
||||||
name: &app alertmanager-silencer
|
|
||||||
namespace: flux-system
|
|
||||||
spec:
|
|
||||||
targetNamespace: observability
|
|
||||||
commonMetadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: *app
|
|
||||||
path: "./kubernetes/apps/observability/alertmanager/silencer"
|
|
||||||
prune: true
|
|
||||||
sourceRef:
|
|
||||||
kind: GitRepository
|
|
||||||
name: theshire
|
|
||||||
wait: false
|
|
||||||
interval: 30m
|
|
||||||
retryInterval: 1m
|
|
||||||
timeout: 5m
|
|
||||||
|
|
|
@ -1,57 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
||||||
kind: HelmRelease
|
|
||||||
metadata:
|
|
||||||
name: alertmanager-silencer
|
|
||||||
spec:
|
|
||||||
interval: 30m
|
|
||||||
chart:
|
|
||||||
spec:
|
|
||||||
chart: app-template
|
|
||||||
version: 3.5.1
|
|
||||||
sourceRef:
|
|
||||||
kind: HelmRepository
|
|
||||||
name: bjw-s
|
|
||||||
namespace: flux-system
|
|
||||||
install:
|
|
||||||
remediation:
|
|
||||||
retries: 3
|
|
||||||
upgrade:
|
|
||||||
cleanupOnFail: true
|
|
||||||
remediation:
|
|
||||||
retries: 3
|
|
||||||
strategy: rollback
|
|
||||||
dependsOn:
|
|
||||||
- name: alertmanager
|
|
||||||
namespace: observability
|
|
||||||
values:
|
|
||||||
controllers:
|
|
||||||
alertmanager-silencer:
|
|
||||||
type: cronjob
|
|
||||||
cronjob:
|
|
||||||
schedule: "@daily"
|
|
||||||
containers:
|
|
||||||
app:
|
|
||||||
image:
|
|
||||||
repository: ghcr.io/onedr0p/kubanetics
|
|
||||||
tag: 2024.10.6
|
|
||||||
env:
|
|
||||||
SCRIPT_NAME: alertmanager-silencer.sh
|
|
||||||
ALERTMANAGER_URL: http://alertmanager.observability.svc.cluster.local:9093
|
|
||||||
MATCHERS_0: alertname=CephPGImbalance job=rook-ceph-exporter
|
|
||||||
MATCHERS_1: alertname=CephMonClockSkew job=rook-ceph-mgr
|
|
||||||
securityContext:
|
|
||||||
allowPrivilegeEscalation: false
|
|
||||||
readOnlyRootFilesystem: true
|
|
||||||
capabilities: { drop: ["ALL"] }
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 25m
|
|
||||||
limits:
|
|
||||||
memory: 128Mi
|
|
||||||
pod:
|
|
||||||
securityContext:
|
|
||||||
runAsUser: 568
|
|
||||||
runAsGroup: 568
|
|
||||||
runAsNonRoot: true
|
|
|
@ -1,6 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
|
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
||||||
kind: Kustomization
|
|
||||||
resources:
|
|
||||||
- ./helmrelease.yaml
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -35,6 +35,16 @@ endpoints:
|
||||||
- "[STATUS] == 200"
|
- "[STATUS] == 200"
|
||||||
alerts:
|
alerts:
|
||||||
- type: pushover
|
- type: pushover
|
||||||
|
# - name: Umami
|
||||||
|
# group: external
|
||||||
|
# url: https://umi.hsn.dev/script.js
|
||||||
|
# interval: 1m
|
||||||
|
# client:
|
||||||
|
# dns-resolver: tcp://1.1.1.1:53
|
||||||
|
# conditions:
|
||||||
|
# - "[STATUS] == 200"
|
||||||
|
# alerts:
|
||||||
|
# - type: pushover
|
||||||
- name: Nextcloud External
|
- name: Nextcloud External
|
||||||
group: external
|
group: external
|
||||||
url: https://nc.hsn.dev
|
url: https://nc.hsn.dev
|
||||||
|
@ -68,6 +78,16 @@ endpoints:
|
||||||
- "[STATUS] == 200"
|
- "[STATUS] == 200"
|
||||||
alerts:
|
alerts:
|
||||||
- type: pushover
|
- type: pushover
|
||||||
|
- name: Gollum
|
||||||
|
group: internal
|
||||||
|
url: http://gollum.jahanson.tech
|
||||||
|
interval: 1m
|
||||||
|
client:
|
||||||
|
dns-resolver: tcp://10.1.1.1:53
|
||||||
|
conditions:
|
||||||
|
- "[STATUS] == 200"
|
||||||
|
alerts:
|
||||||
|
- type: pushover
|
||||||
- name: Nextcloud Internal
|
- name: Nextcloud Internal
|
||||||
group: internal
|
group: internal
|
||||||
url: https://nc.hsn.dev
|
url: https://nc.hsn.dev
|
||||||
|
@ -81,3 +101,34 @@ endpoints:
|
||||||
- "[STATUS] == 200"
|
- "[STATUS] == 200"
|
||||||
alerts:
|
alerts:
|
||||||
- type: pushover
|
- type: pushover
|
||||||
|
### No clue why icmp is not working.
|
||||||
|
# - name: Shadowfax
|
||||||
|
# group: internal
|
||||||
|
# url: icmp://shadowfax.jahanson.tech
|
||||||
|
# interval: 1m
|
||||||
|
# client:
|
||||||
|
# dns-resolver: tcp://10.1.1.1:53
|
||||||
|
# conditions:
|
||||||
|
# - "[CONNECTED] == true"
|
||||||
|
# alerts:
|
||||||
|
# - type: pushover
|
||||||
|
# - name: Gandalf
|
||||||
|
# group: internal
|
||||||
|
# url: icmp://gandalf.jahanson.tech
|
||||||
|
# interval: 1m
|
||||||
|
# client:
|
||||||
|
# dns-resolver: tcp://10.1.1.1:53
|
||||||
|
# conditions:
|
||||||
|
# - "[CONNECTED] == true"
|
||||||
|
# alerts:
|
||||||
|
# - type: pushover
|
||||||
|
# - name: Home Assistant
|
||||||
|
# group: internal
|
||||||
|
# url: icmp://hass.jahanson.tech
|
||||||
|
# interval: 1m
|
||||||
|
# client:
|
||||||
|
# dns-resolver: tcp://10.1.1.1:53
|
||||||
|
# conditions:
|
||||||
|
# - "[CONNECTED] == true"
|
||||||
|
# alerts:
|
||||||
|
# - type: pushover
|
||||||
|
|
|
@ -20,6 +20,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -17,4 +17,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -17,6 +17,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: true
|
wait: true
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||||
|
@ -39,3 +40,4 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
|
|
|
@ -17,4 +17,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
@ -35,7 +35,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/cross-seed/cross-seed
|
repository: ghcr.io/cross-seed/cross-seed
|
||||||
tag: 6.0.0-42@sha256:d8828453010135f7b38e30bdda2965b3399c07d6e78efa22cbdaf7d3c6f6d43d
|
tag: 6.0.0-39@sha256:d871f4204840cb67fec4d417bd4cc5b3fe42abd98aa0f3304b309e410c02f40b
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
args: ["daemon"]
|
args: ["daemon"]
|
||||||
|
|
|
@ -19,6 +19,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -22,6 +22,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
kind: HelmRelease
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -47,4 +47,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -39,7 +39,7 @@ spec:
|
||||||
tagging: &container
|
tagging: &container
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/buroa/qbtools
|
repository: ghcr.io/buroa/qbtools
|
||||||
tag: v0.19.3@sha256:ac16aa76a78d3ece395f3e037defaf48328f73f4f83afc9c772bf814b9ded56e
|
tag: v0.19.2@sha256:98b84b4b0e1e5f4fcff3cd2e6b5c5fe2168d415bccd38169dc80b161139c955f
|
||||||
env:
|
env:
|
||||||
TZ: *timeZone
|
TZ: *timeZone
|
||||||
POD_NAMESPACE:
|
POD_NAMESPACE:
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: rook-ceph
|
chart: rook-ceph
|
||||||
version: v1.15.4
|
version: v1.15.3
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: rook-ceph
|
name: rook-ceph
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: rook-ceph-cluster
|
chart: rook-ceph-cluster
|
||||||
version: v1.15.4
|
version: v1.15.3
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: rook-ceph
|
name: rook-ceph
|
||||||
|
|
|
@ -17,6 +17,7 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||||
|
@ -37,4 +38,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 15m
|
timeout: 15m
|
||||||
|
|
|
@ -47,4 +47,4 @@ spec:
|
||||||
# renovate: datasource=docker depName=ghcr.io/siderolabs/installer
|
# renovate: datasource=docker depName=ghcr.io/siderolabs/installer
|
||||||
TALOS_VERSION: v1.8.1
|
TALOS_VERSION: v1.8.1
|
||||||
# renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet
|
# renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet
|
||||||
KUBERNETES_VERSION: v1.30.2
|
KUBERNETES_VERSION: v1.31.1
|
||||||
|
|
|
@ -21,6 +21,15 @@ spec:
|
||||||
- key: feature.node.kubernetes.io/system-os_release.VERSION_ID
|
- key: feature.node.kubernetes.io/system-os_release.VERSION_ID
|
||||||
operator: NotIn
|
operator: NotIn
|
||||||
values: ["${TALOS_VERSION}"]
|
values: ["${TALOS_VERSION}"]
|
||||||
|
- key: kubernetes.io/hostname
|
||||||
|
operator: NotIn
|
||||||
|
values: ["gandalf-01", "shadowfax-01"]
|
||||||
|
# - key: factory.talos.dev/schematic-id.part-0
|
||||||
|
# operator: In
|
||||||
|
# values: ["${TALOS_SCHEMATIC_ID:0:32}"]
|
||||||
|
# - key: factory.talos.dev/schematic-id.part-1
|
||||||
|
# operator: In
|
||||||
|
# values: ["${TALOS_SCHEMATIC_ID:32}"]
|
||||||
tolerations:
|
tolerations:
|
||||||
- key: CriticalAddonsOnly
|
- key: CriticalAddonsOnly
|
||||||
operator: Exists
|
operator: Exists
|
||||||
|
@ -47,5 +56,5 @@ spec:
|
||||||
args:
|
args:
|
||||||
- --nodes=$(NODE_IP)
|
- --nodes=$(NODE_IP)
|
||||||
- upgrade
|
- upgrade
|
||||||
- --image=factory.talos.dev/installer/$(TALOS_SCHEMATIC_ID):$(SYSTEM_UPGRADE_PLAN_LATEST_VERSION)
|
- --image=factory.talos.dev/installer/${TALOS_SCHEMATIC_ID}:$(SYSTEM_UPGRADE_PLAN_LATEST_VERSION)
|
||||||
- --wait=false
|
- --wait=false
|
||||||
|
|
|
@ -17,4 +17,5 @@ spec:
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: false
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
|
retryInterval: 1m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
|
|
@ -23,7 +23,7 @@ releases:
|
||||||
- name: cilium
|
- name: cilium
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
chart: cilium/cilium
|
chart: cilium/cilium
|
||||||
version: 1.16.3
|
version: 1.16.2
|
||||||
values:
|
values:
|
||||||
- ../apps/kube-system/cilium/app/helm-values.yml
|
- ../apps/kube-system/cilium/app/helm-values.yml
|
||||||
needs:
|
needs:
|
||||||
|
@ -40,7 +40,7 @@ releases:
|
||||||
- name: kubelet-csr-approver
|
- name: kubelet-csr-approver
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
chart: postfinance/kubelet-csr-approver
|
chart: postfinance/kubelet-csr-approver
|
||||||
version: 1.2.3
|
version: 1.2.2
|
||||||
values:
|
values:
|
||||||
- ../apps/kube-system/kubelet-csr-approver/app/helm-values.yml
|
- ../apps/kube-system/kubelet-csr-approver/app/helm-values.yml
|
||||||
needs:
|
needs:
|
||||||
|
@ -50,7 +50,7 @@ releases:
|
||||||
- name: spegel
|
- name: spegel
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
chart: oci://ghcr.io/spegel-org/helm-charts/spegel
|
chart: oci://ghcr.io/spegel-org/helm-charts/spegel
|
||||||
version: v0.0.27
|
version: v0.0.26
|
||||||
values:
|
values:
|
||||||
- ../apps/kube-system/spegel/app/helm-values.yml
|
- ../apps/kube-system/spegel/app/helm-values.yml
|
||||||
needs:
|
needs:
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue