Compare commits
1 commit
main
...
shokoserve
Author | SHA1 | Date | |
---|---|---|---|
bb56038f7c |
90 changed files with 342 additions and 255 deletions
|
@ -1,55 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
|
||||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
|
||||||
kind: Kustomization
|
|
||||||
metadata:
|
|
||||||
name: &app plex
|
|
||||||
namespace: flux-system
|
|
||||||
spec:
|
|
||||||
targetNamespace: default
|
|
||||||
commonMetadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: *app
|
|
||||||
path: ./kubernetes/apps/default/plex/app
|
|
||||||
prune: true
|
|
||||||
sourceRef:
|
|
||||||
kind: GitRepository
|
|
||||||
name: theshire
|
|
||||||
wait: true
|
|
||||||
dependsOn:
|
|
||||||
- name: rook-ceph-cluster
|
|
||||||
- name: volsync
|
|
||||||
- name: external-secrets-stores
|
|
||||||
interval: 30m
|
|
||||||
timeout: 5m
|
|
||||||
postBuild:
|
|
||||||
substitute:
|
|
||||||
APP: *app
|
|
||||||
GATUS_PATH: /web/index.html
|
|
||||||
VOLSYNC_CAPACITY: 30Gi
|
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
|
||||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
|
||||||
kind: Kustomization
|
|
||||||
metadata:
|
|
||||||
name: &app kometa-image-maid
|
|
||||||
namespace: flux-system
|
|
||||||
spec:
|
|
||||||
targetNamespace: default
|
|
||||||
commonMetadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: *app
|
|
||||||
interval: 30m
|
|
||||||
timeout: 5m
|
|
||||||
path: "./kubernetes/apps/default/plex/kometa-image-maid"
|
|
||||||
prune: true
|
|
||||||
sourceRef:
|
|
||||||
kind: GitRepository
|
|
||||||
name: theshire
|
|
||||||
wait: false
|
|
||||||
dependsOn:
|
|
||||||
- name: external-secrets-stores
|
|
||||||
- name: plex
|
|
||||||
postBuild:
|
|
||||||
substitute:
|
|
||||||
APP: *app
|
|
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -24,6 +24,3 @@ omniconfig.yaml
|
||||||
*.pem
|
*.pem
|
||||||
*.secrets
|
*.secrets
|
||||||
config.xml
|
config.xml
|
||||||
|
|
||||||
# syncthing
|
|
||||||
**/*sync-conflict*
|
|
||||||
|
|
51
.vscode/settings.json
vendored
51
.vscode/settings.json
vendored
|
@ -1,41 +1,32 @@
|
||||||
{
|
{
|
||||||
"ansible.validation.lint.arguments": "-c .ansible-lint",
|
"ansible.validation.lint.arguments": "-c .ansible-lint",
|
||||||
"files.associations": {
|
"files.associations": {
|
||||||
"*.json5": "jsonc",
|
"*.json5": "jsonc",
|
||||||
"**/ansible/**/*.yaml": "ansible",
|
"**/ansible/**/*.yaml": "ansible",
|
||||||
"**/ansible/**/*.sops.yaml": "yaml",
|
"**/ansible/**/*.sops.yaml": "yaml",
|
||||||
"**/ansible/**/inventory/**/*.yaml": "yaml",
|
"**/ansible/**/inventory/**/*.yaml": "yaml",
|
||||||
"**/kubernetes/**/*.sops.toml": "plaintext",
|
"**/kubernetes/**/*.sops.toml": "plaintext"
|
||||||
"*.hujson": "jsonc"
|
|
||||||
},
|
},
|
||||||
"material-icon-theme.folders.associations": {
|
"material-icon-theme.folders.associations": {
|
||||||
".taskfiles": "utils",
|
".taskfiles": "utils",
|
||||||
"bootstrap": "import",
|
"bootstrap": "import",
|
||||||
"charts": "kubernetes",
|
"charts": "kubernetes",
|
||||||
"hack": "scripts",
|
"hack": "scripts",
|
||||||
"repositories": "database",
|
"repositories": "database",
|
||||||
"vars": "other",
|
"vars": "other",
|
||||||
// namespaces
|
// namespaces
|
||||||
"cert-manager": "guard",
|
"cert-manager": "guard",
|
||||||
"external-secrets": "keys",
|
"external-secrets": "keys",
|
||||||
"kube-system": "kubernetes",
|
"kube-system": "kubernetes",
|
||||||
"monitoring": "event",
|
"monitoring": "event",
|
||||||
"networking": "connection",
|
"networking": "connection",
|
||||||
"rook-ceph": "dump"
|
"rook-ceph": "dump",
|
||||||
},
|
},
|
||||||
"yaml.schemaStore.enable": true,
|
"yaml.schemaStore.enable": true,
|
||||||
"yaml.schemas": {
|
"yaml.schemas": {
|
||||||
"ansible": "ansible/**/*.yaml",
|
"ansible": "ansible/**/*.yaml",
|
||||||
"kubernetes": "kubernetes/**/*.yaml"
|
"kubernetes": "kubernetes/**/*.yaml"
|
||||||
},
|
},
|
||||||
"json.schemas": [
|
|
||||||
{
|
|
||||||
"fileMatch": ["*.hujson"],
|
|
||||||
"schema": {
|
|
||||||
"allowTrailingCommas": true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"editor.fontFamily": "FiraCode Nerd Font",
|
"editor.fontFamily": "FiraCode Nerd Font",
|
||||||
"editor.fontLigatures": true,
|
"editor.fontLigatures": true,
|
||||||
"editor.bracketPairColorization.enabled": true,
|
"editor.bracketPairColorization.enabled": true,
|
||||||
|
@ -44,7 +35,9 @@
|
||||||
"editor.guides.highlightActiveBracketPair": true,
|
"editor.guides.highlightActiveBracketPair": true,
|
||||||
"editor.hover.delay": 1500,
|
"editor.hover.delay": 1500,
|
||||||
"editor.stickyScroll.enabled": false,
|
"editor.stickyScroll.enabled": false,
|
||||||
"editor.rulers": [100],
|
"editor.rulers": [
|
||||||
|
100
|
||||||
|
],
|
||||||
"explorer.autoReveal": false,
|
"explorer.autoReveal": false,
|
||||||
"files.trimTrailingWhitespace": true,
|
"files.trimTrailingWhitespace": true,
|
||||||
"ansible.python.interpreterPath": "/usr/bin/python3",
|
"ansible.python.interpreterPath": "/usr/bin/python3",
|
||||||
|
@ -53,5 +46,5 @@
|
||||||
"prettier.quoteProps": "preserve",
|
"prettier.quoteProps": "preserve",
|
||||||
"[jsonc]": {
|
"[jsonc]": {
|
||||||
"editor.defaultFormatter": "esbenp.prettier-vscode"
|
"editor.defaultFormatter": "esbenp.prettier-vscode"
|
||||||
}
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,4 +6,5 @@ resources:
|
||||||
# Pre Flux-Kustomizations
|
# Pre Flux-Kustomizations
|
||||||
- ./namespace.yaml
|
- ./namespace.yaml
|
||||||
# Flux-Kustomizations
|
# Flux-Kustomizations
|
||||||
|
- ./ollama/ks.yaml
|
||||||
- ./open-webui/ks.yaml
|
- ./open-webui/ks.yaml
|
||||||
|
|
|
@ -35,7 +35,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: docker.io/ollama/ollama
|
repository: docker.io/ollama/ollama
|
||||||
tag: 0.4.2
|
tag: 0.4.0
|
||||||
env:
|
env:
|
||||||
- name: OLLAMA_HOST
|
- name: OLLAMA_HOST
|
||||||
value: 0.0.0.0
|
value: 0.0.0.0
|
|
@ -33,10 +33,10 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/open-webui/open-webui
|
repository: ghcr.io/open-webui/open-webui
|
||||||
tag: v0.4.4
|
tag: 0.3.35
|
||||||
env:
|
env:
|
||||||
- name: OLLAMA_BASE_URL
|
- name: OLLAMA_BASE_URL
|
||||||
value: http://10.1.1.61:11434
|
value: http://ollama.ai.svc.cluster.local:11434
|
||||||
- name: ENABLE_RAG_WEB_SEARCH
|
- name: ENABLE_RAG_WEB_SEARCH
|
||||||
value: true
|
value: true
|
||||||
- name: RAG_WEB_SEARCH_ENGINE
|
- name: RAG_WEB_SEARCH_ENGINE
|
||||||
|
|
|
@ -12,6 +12,7 @@ spec:
|
||||||
app.kubernetes.io/name: *app
|
app.kubernetes.io/name: *app
|
||||||
dependsOn:
|
dependsOn:
|
||||||
- name: volsync
|
- name: volsync
|
||||||
|
- name: ollama
|
||||||
path: ./kubernetes/apps/ai/open-webui/app
|
path: ./kubernetes/apps/ai/open-webui/app
|
||||||
prune: true
|
prune: true
|
||||||
sourceRef:
|
sourceRef:
|
||||||
|
|
|
@ -40,7 +40,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/jellyfin/jellyfin
|
repository: ghcr.io/jellyfin/jellyfin
|
||||||
tag: 10.10.3@sha256:17c3a8d9dddb97789b5f37112840ebf96566442c14d4754193a6c2eb154bc221
|
tag: 10.10.1@sha256:12b7aa2c8086e5566badc35370fab41b8cc8774dc3a80b07a1d6eb14f282b816
|
||||||
env:
|
env:
|
||||||
DOTNET_SYSTEM_IO_DISABLEFILELOCKING: "true"
|
DOTNET_SYSTEM_IO_DISABLEFILELOCKING: "true"
|
||||||
JELLYFIN_FFmpeg__probesize: 50000000
|
JELLYFIN_FFmpeg__probesize: 50000000
|
|
@ -36,7 +36,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: fallenbagel/jellyseerr
|
repository: fallenbagel/jellyseerr
|
||||||
tag: 2.1.0
|
tag: 2.0.1
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
LOG_LEVEL: "info"
|
LOG_LEVEL: "info"
|
||||||
|
|
|
@ -6,6 +6,8 @@ resources:
|
||||||
# Pre Flux-Kustomizations
|
# Pre Flux-Kustomizations
|
||||||
- ./namespace.yaml
|
- ./namespace.yaml
|
||||||
# Flux-Kustomizations
|
# Flux-Kustomizations
|
||||||
|
- ./jellyfin/ks.yaml # sqlite
|
||||||
- ./jellyseerr/ks.yaml # sqlite
|
- ./jellyseerr/ks.yaml # sqlite
|
||||||
- ./radarr/ks.yaml # postgres
|
- ./radarr/ks.yaml # postgres
|
||||||
|
- ./shoko/ks.yaml # sqlite
|
||||||
- ./sonarr/ks.yaml # postgres
|
- ./sonarr/ks.yaml # postgres
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/radarr-develop
|
repository: ghcr.io/onedr0p/radarr-develop
|
||||||
tag: 5.15.1.9463
|
tag: 5.15.0.9412
|
||||||
env:
|
env:
|
||||||
RADARR__APP__INSTANCENAME: Radarr-Anime
|
RADARR__APP__INSTANCENAME: Radarr-Anime
|
||||||
RADARR__APP__THEME: dark
|
RADARR__APP__THEME: dark
|
||||||
|
|
31
kubernetes/apps/anime/shoko/app/externalsecret.yaml
Normal file
31
kubernetes/apps/anime/shoko/app/externalsecret.yaml
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
---
|
||||||
|
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
|
||||||
|
apiVersion: external-secrets.io/v1beta1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: shokoserver
|
||||||
|
spec:
|
||||||
|
refreshInterval: 5m
|
||||||
|
secretStoreRef:
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
name: onepassword-connect
|
||||||
|
target:
|
||||||
|
name: shokoserver-secret
|
||||||
|
creationPolicy: Owner
|
||||||
|
data:
|
||||||
|
- secretKey: WIREGUARD_ENDPOINT_IP
|
||||||
|
remoteRef:
|
||||||
|
key: ProtonVPN
|
||||||
|
property: shokoserver_vpn_endpoint_ip
|
||||||
|
- secretKey: WIREGUARD_PUBLIC_KEY
|
||||||
|
remoteRef:
|
||||||
|
key: ProtonVPN
|
||||||
|
property: shokoserver_wireguard_public_key
|
||||||
|
- secretKey: WIREGUARD_PRIVATE_KEY
|
||||||
|
remoteRef:
|
||||||
|
key: ProtonVPN
|
||||||
|
property: shokoserver_wireguard_private_key
|
||||||
|
- secretKey: WIREGUARD_ADDRESSES
|
||||||
|
remoteRef:
|
||||||
|
key: ProtonVPN
|
||||||
|
property: wireguard_addresses
|
125
kubernetes/apps/anime/shoko/app/helmrelease.yaml
Normal file
125
kubernetes/apps/anime/shoko/app/helmrelease.yaml
Normal file
|
@ -0,0 +1,125 @@
|
||||||
|
---
|
||||||
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
||||||
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
|
kind: HelmRelease
|
||||||
|
metadata:
|
||||||
|
name: &app shokoserver
|
||||||
|
spec:
|
||||||
|
interval: 30m
|
||||||
|
chart:
|
||||||
|
spec:
|
||||||
|
chart: app-template
|
||||||
|
version: 3.5.1
|
||||||
|
sourceRef:
|
||||||
|
kind: HelmRepository
|
||||||
|
name: bjw-s
|
||||||
|
namespace: flux-system
|
||||||
|
install:
|
||||||
|
remediation:
|
||||||
|
retries: 3
|
||||||
|
upgrade:
|
||||||
|
cleanupOnFail: true
|
||||||
|
remediation:
|
||||||
|
strategy: rollback
|
||||||
|
retries: 3
|
||||||
|
dependsOn:
|
||||||
|
- name: rook-ceph-cluster
|
||||||
|
namespace: rook-ceph
|
||||||
|
- name: volsync
|
||||||
|
namespace: volsync-system
|
||||||
|
values:
|
||||||
|
controllers:
|
||||||
|
shokoserver:
|
||||||
|
annotations:
|
||||||
|
reloader.stakater.com/auto: "true"
|
||||||
|
initContainers:
|
||||||
|
gluetun:
|
||||||
|
image:
|
||||||
|
repository: ghcr.io/qdm12/gluetun
|
||||||
|
tag: v3.39.1
|
||||||
|
env:
|
||||||
|
DOT: "off"
|
||||||
|
VPN_SERVICE_PROVIDER: protonvpn
|
||||||
|
VPN_TYPE: wireguard
|
||||||
|
VPN_INTERFACE: wg0
|
||||||
|
FIREWALL_INPUT_PORTS: "80"
|
||||||
|
envFrom:
|
||||||
|
- secretRef:
|
||||||
|
name: shokoserver-secret
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
kernel.org/tun: 1
|
||||||
|
restartPolicy: Always
|
||||||
|
securityContext:
|
||||||
|
capabilities:
|
||||||
|
add: ["NET_ADMIN"]
|
||||||
|
allowPrivilegeEscalation: false
|
||||||
|
containers:
|
||||||
|
app:
|
||||||
|
image:
|
||||||
|
repository: ghcr.io/jahanson/shokoserver
|
||||||
|
tag: v5.0.0@sha256:193aedf3e3f2d7031a76274d5bae0004c3d920c24831d688d991f85d4bb24ce2
|
||||||
|
env:
|
||||||
|
TZ: America/Chicago
|
||||||
|
PORT: &port 80
|
||||||
|
# probes:
|
||||||
|
# liveness: &probes
|
||||||
|
# enabled: true
|
||||||
|
# custom: true
|
||||||
|
# spec:
|
||||||
|
# httpGet:
|
||||||
|
# path: /status
|
||||||
|
# port: *port
|
||||||
|
# initialDelaySeconds: 0
|
||||||
|
# periodSeconds: 10
|
||||||
|
# timeoutSeconds: 1
|
||||||
|
# failureThreshold: 3
|
||||||
|
# readiness: *probes
|
||||||
|
# startup:
|
||||||
|
# enabled: false
|
||||||
|
securityContext:
|
||||||
|
allowPrivilegeEscalation: false
|
||||||
|
readOnlyRootFilesystem: true
|
||||||
|
capabilities: { drop: ["ALL"] }
|
||||||
|
defaultPodOptions:
|
||||||
|
securityContext:
|
||||||
|
runAsNonRoot: true
|
||||||
|
runAsUser: 568
|
||||||
|
runAsGroup: 568
|
||||||
|
fsGroup: 568
|
||||||
|
fsGroupChangePolicy: OnRootMismatch
|
||||||
|
seccompProfile: { type: RuntimeDefault }
|
||||||
|
service:
|
||||||
|
app:
|
||||||
|
controller: shokoserver
|
||||||
|
ports:
|
||||||
|
http:
|
||||||
|
port: *port
|
||||||
|
targetPort: 8111
|
||||||
|
ingress:
|
||||||
|
app:
|
||||||
|
className: internal-nginx
|
||||||
|
hosts:
|
||||||
|
- host: "${APP}.jahanson.tech"
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
service:
|
||||||
|
identifier: app
|
||||||
|
port: http
|
||||||
|
persistence:
|
||||||
|
config:
|
||||||
|
existingClaim: "${APP}"
|
||||||
|
globalMounts:
|
||||||
|
- path: /.shoko
|
||||||
|
media:
|
||||||
|
type: nfs
|
||||||
|
server: 10.1.1.61
|
||||||
|
path: /moria/media/
|
||||||
|
globalMounts:
|
||||||
|
- path: /data/moria-media
|
||||||
|
# logs:
|
||||||
|
# type: emptyDir
|
||||||
|
# globalMounts:
|
||||||
|
# - path: /app/config/logs
|
||||||
|
tmp:
|
||||||
|
type: emptyDir
|
|
@ -3,10 +3,7 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
|
- ./externalsecret.yaml
|
||||||
- ./helmrelease.yaml
|
- ./helmrelease.yaml
|
||||||
configMapGenerator:
|
- ../../../../templates/gatus/internal
|
||||||
- name: generic-device-plugin-configmap
|
- ../../../../templates/volsync
|
||||||
files:
|
|
||||||
- ./resources/config.yml
|
|
||||||
generatorOptions:
|
|
||||||
disableNameSuffixHash: true
|
|
|
@ -3,18 +3,22 @@
|
||||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
metadata:
|
metadata:
|
||||||
name: &app generic-device-plugin
|
name: &app shoko
|
||||||
namespace: flux-system
|
namespace: flux-system
|
||||||
spec:
|
spec:
|
||||||
targetNamespace: kube-system
|
targetNamespace: anime
|
||||||
commonMetadata:
|
commonMetadata:
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: *app
|
app.kubernetes.io/name: *app
|
||||||
path: "./kubernetes/apps/kube-system/generic-device-plugin/app"
|
path: ./kubernetes/apps/anime/shoko/app
|
||||||
prune: true
|
prune: true
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: GitRepository
|
kind: GitRepository
|
||||||
name: theshire
|
name: theshire
|
||||||
wait: true
|
wait: false
|
||||||
interval: 30m
|
interval: 30m
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
|
postBuild:
|
||||||
|
substitute:
|
||||||
|
APP: *app
|
||||||
|
VOLSYNC_CAPACITY: 5Gi
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/sonarr-develop
|
repository: ghcr.io/onedr0p/sonarr-develop
|
||||||
tag: 4.0.10.2656
|
tag: 4.0.10.2624
|
||||||
env:
|
env:
|
||||||
SONARR__APP__INSTANCENAME: Sonarr-Anime
|
SONARR__APP__INSTANCENAME: Sonarr-Anime
|
||||||
SONARR__APP__THEME: dark
|
SONARR__APP__THEME: dark
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: cert-manager
|
chart: cert-manager
|
||||||
version: v1.16.2
|
version: v1.16.1
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: jetstack
|
name: jetstack
|
||||||
|
|
|
@ -30,7 +30,7 @@ spec:
|
||||||
runner-register:
|
runner-register:
|
||||||
image:
|
image:
|
||||||
repository: code.forgejo.org/forgejo/runner
|
repository: code.forgejo.org/forgejo/runner
|
||||||
tag: 5.0.2
|
tag: 4.0.1
|
||||||
command:
|
command:
|
||||||
- "forgejo-runner"
|
- "forgejo-runner"
|
||||||
- "register"
|
- "register"
|
||||||
|
@ -72,7 +72,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: code.forgejo.org/forgejo/runner
|
repository: code.forgejo.org/forgejo/runner
|
||||||
tag: 5.0.2
|
tag: 4.0.1
|
||||||
command:
|
command:
|
||||||
- "sh"
|
- "sh"
|
||||||
- "-c"
|
- "-c"
|
||||||
|
|
|
@ -30,7 +30,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/dragonflydb/operator
|
repository: ghcr.io/dragonflydb/operator
|
||||||
tag: v1.1.8
|
tag: v1.1.7
|
||||||
command: ["/manager"]
|
command: ["/manager"]
|
||||||
args:
|
args:
|
||||||
- --health-probe-bind-address=:8081
|
- --health-probe-bind-address=:8081
|
||||||
|
|
|
@ -4,6 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
# renovate: datasource=github-releases depName=dragonflydb/dragonfly-operator
|
# renovate: datasource=github-releases depName=dragonflydb/dragonfly-operator
|
||||||
- https://raw.githubusercontent.com/dragonflydb/dragonfly-operator/v1.1.8/manifests/crd.yaml
|
- https://raw.githubusercontent.com/dragonflydb/dragonfly-operator/v1.1.7/manifests/crd.yaml
|
||||||
- ./helmrelease.yaml
|
- ./helmrelease.yaml
|
||||||
- ./rbac.yaml
|
- ./rbac.yaml
|
||||||
|
|
|
@ -5,7 +5,7 @@ kind: Dragonfly
|
||||||
metadata:
|
metadata:
|
||||||
name: dragonfly
|
name: dragonfly
|
||||||
spec:
|
spec:
|
||||||
image: ghcr.io/dragonflydb/dragonfly:v1.25.2
|
image: ghcr.io/dragonflydb/dragonfly:v1.24.0
|
||||||
replicas: 3
|
replicas: 3
|
||||||
env:
|
env:
|
||||||
- name: MAX_MEMORY
|
- name: MAX_MEMORY
|
||||||
|
|
|
@ -5,7 +5,7 @@ kind: EMQX
|
||||||
metadata:
|
metadata:
|
||||||
name: emqx
|
name: emqx
|
||||||
spec:
|
spec:
|
||||||
image: public.ecr.aws/emqx/emqx:5.8.2
|
image: public.ecr.aws/emqx/emqx:5.8.1
|
||||||
config:
|
config:
|
||||||
mode: Merge
|
mode: Merge
|
||||||
coreTemplate:
|
coreTemplate:
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/autobrr/autobrr
|
repository: ghcr.io/autobrr/autobrr
|
||||||
tag: v1.50.0@sha256:6a6f23570ab6b418318ab12bf2558712714e2f243cf18b139afa414f8417e97d
|
tag: v1.48.0@sha256:0ae19e3beedf491396e450b024c23e9e24df4d692286c0442a81fa699493def0
|
||||||
env:
|
env:
|
||||||
AUTOBRR__CHECK_FOR_UPDATES: "false"
|
AUTOBRR__CHECK_FOR_UPDATES: "false"
|
||||||
AUTOBRR__HOST: 0.0.0.0
|
AUTOBRR__HOST: 0.0.0.0
|
||||||
|
|
|
@ -36,7 +36,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/home-assistant
|
repository: ghcr.io/onedr0p/home-assistant
|
||||||
tag: 2024.11.3@sha256:f45f502b1738e46eb435fbc8947cdcc2574f3713b156c6738129ea2ea9b49018
|
tag: 2024.11.0@sha256:23a1ba70e7d5518527e6324d28ccb07f1cbf7c334dbb6326a0b413ef8fe5fafd
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
envFrom:
|
envFrom:
|
||||||
|
@ -54,7 +54,7 @@ spec:
|
||||||
code-server:
|
code-server:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/coder/code-server
|
repository: ghcr.io/coder/code-server
|
||||||
tag: 4.95.3@sha256:6d74583d68179cbb6ddadc2518b450d2ac3eaec2d342474fe1941e03371cd2cf
|
tag: 4.93.1@sha256:c69e398d1b64589b3b77a7becfd03f4ec524982def20e6bffbb51b1b839e72ba
|
||||||
args: [
|
args: [
|
||||||
"--auth", "none",
|
"--auth", "none",
|
||||||
"--user-data-dir", "/config/.vscode",
|
"--user-data-dir", "/config/.vscode",
|
||||||
|
|
|
@ -16,12 +16,14 @@ resources:
|
||||||
- ./morphos/ks.yaml
|
- ./morphos/ks.yaml
|
||||||
- ./omegabrr/ks.yaml
|
- ./omegabrr/ks.yaml
|
||||||
- ./overseerr/ks.yaml
|
- ./overseerr/ks.yaml
|
||||||
|
- ./piped/ks.yaml
|
||||||
- ./plex/ks.yaml
|
- ./plex/ks.yaml
|
||||||
- ./prowlarr/ks.yaml
|
- ./prowlarr/ks.yaml
|
||||||
- ./radarr/ks.yaml
|
- ./radarr/ks.yaml
|
||||||
- ./recyclarr/ks.yaml
|
- ./recyclarr/ks.yaml
|
||||||
- ./redlib/ks.yaml
|
- ./redlib/ks.yaml
|
||||||
- ./sabnzbd/ks.yaml
|
- ./sabnzbd/ks.yaml
|
||||||
|
- ./scrypted/ks.yaml
|
||||||
- ./searxng/ks.yaml
|
- ./searxng/ks.yaml
|
||||||
- ./sonarr/ks.yaml
|
- ./sonarr/ks.yaml
|
||||||
- ./stirling-pdf/ks.yaml
|
- ./stirling-pdf/ks.yaml
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/linkwarden/linkwarden
|
repository: ghcr.io/linkwarden/linkwarden
|
||||||
tag: v2.8.3@sha256:7f80a03d688c3e5d9ec6b34f5b65cd861ff8c9eb08d12932dc8fc7482991f238
|
tag: v2.7.1@sha256:bbd22798ee726184d4571ea4f4d831d57475c86c4965c2bb1c3c2d3de88c728a
|
||||||
env:
|
env:
|
||||||
TIMEZONE: "America/Chicago"
|
TIMEZONE: "America/Chicago"
|
||||||
NEXTAUTH_URL: "https://{{ .Release.Name }}.jahanson.tech/api/v1/auth"
|
NEXTAUTH_URL: "https://{{ .Release.Name }}.jahanson.tech/api/v1/auth"
|
||||||
|
|
|
@ -32,7 +32,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/jorenn92/maintainerr
|
repository: ghcr.io/jorenn92/maintainerr
|
||||||
tag: 2.2.1@sha256:13121a8292ef6db7560a931bf19b601cf3cc12df0a9dea9086b757798eea5b6d
|
tag: 2.2.0@sha256:fbb2c0341b8af502e4488f3664e34992f24947708c7dac10dcbee592f99a946c
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
resources:
|
resources:
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/autobrr/omegabrr
|
repository: ghcr.io/autobrr/omegabrr
|
||||||
tag: v1.15.0@sha256:4f6099a76ff9d248e9f032e29c04a92b483f21456e46f3b01eb20399f4732ad0
|
tag: v1.14.0@sha256:6f65c7967609746662815933ecc8168c8c25a3b82d909f49833fcce2b47ee052
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
securityContext:
|
securityContext:
|
||||||
|
|
|
@ -38,7 +38,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/plex
|
repository: ghcr.io/onedr0p/plex
|
||||||
tag: 1.41.2.9200-c6bbc1b53@sha256:47c6f3d85f4e739210860934a0bb24126170fa2f6a602fb909467f17a035c311
|
tag: 1.41.1.9057-af5eaea7a@sha256:5926b77196bb7c9f75b52f431d0483abea0fef1f576b7201592b385449201456
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
PLEX_ADVERTISE_URL: https://plex.hsn.dev:443,http://10.1.1.39:32400
|
PLEX_ADVERTISE_URL: https://plex.hsn.dev:443,http://10.1.1.39:32400
|
|
@ -2,6 +2,35 @@
|
||||||
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
|
metadata:
|
||||||
|
name: &app plex
|
||||||
|
namespace: flux-system
|
||||||
|
spec:
|
||||||
|
targetNamespace: default
|
||||||
|
commonMetadata:
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: *app
|
||||||
|
path: ./kubernetes/apps/default/plex/app
|
||||||
|
prune: true
|
||||||
|
sourceRef:
|
||||||
|
kind: GitRepository
|
||||||
|
name: theshire
|
||||||
|
wait: true
|
||||||
|
dependsOn:
|
||||||
|
- name: rook-ceph-cluster
|
||||||
|
- name: volsync
|
||||||
|
- name: external-secrets-stores
|
||||||
|
interval: 30m
|
||||||
|
timeout: 5m
|
||||||
|
postBuild:
|
||||||
|
substitute:
|
||||||
|
APP: *app
|
||||||
|
GATUS_PATH: /web/index.html
|
||||||
|
VOLSYNC_CAPACITY: 30Gi
|
||||||
|
---
|
||||||
|
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||||
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||||
|
kind: Kustomization
|
||||||
metadata:
|
metadata:
|
||||||
name: &app plex-trakt-sync
|
name: &app plex-trakt-sync
|
||||||
namespace: flux-system
|
namespace: flux-system
|
||||||
|
@ -22,7 +51,34 @@ spec:
|
||||||
- name: rook-ceph-cluster
|
- name: rook-ceph-cluster
|
||||||
- name: volsync
|
- name: volsync
|
||||||
- name: external-secrets-stores
|
- name: external-secrets-stores
|
||||||
|
- name: plex
|
||||||
postBuild:
|
postBuild:
|
||||||
substitute:
|
substitute:
|
||||||
APP: *app
|
APP: *app
|
||||||
VOLSYNC_CAPACITY: 1Gi
|
VOLSYNC_CAPACITY: 1Gi
|
||||||
|
---
|
||||||
|
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||||
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||||
|
kind: Kustomization
|
||||||
|
metadata:
|
||||||
|
name: &app kometa-image-maid
|
||||||
|
namespace: flux-system
|
||||||
|
spec:
|
||||||
|
targetNamespace: default
|
||||||
|
commonMetadata:
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: *app
|
||||||
|
interval: 30m
|
||||||
|
timeout: 5m
|
||||||
|
path: "./kubernetes/apps/default/plex/kometa-image-maid"
|
||||||
|
prune: true
|
||||||
|
sourceRef:
|
||||||
|
kind: GitRepository
|
||||||
|
name: theshire
|
||||||
|
wait: false
|
||||||
|
dependsOn:
|
||||||
|
- name: external-secrets-stores
|
||||||
|
- name: plex
|
||||||
|
postBuild:
|
||||||
|
substitute:
|
||||||
|
APP: *app
|
||||||
|
|
|
@ -33,12 +33,12 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/taxel/plextraktsync
|
repository: ghcr.io/taxel/plextraktsync
|
||||||
tag: 0.32.2
|
tag: 0.32.0
|
||||||
args:
|
args:
|
||||||
- sync
|
- sync
|
||||||
env:
|
env:
|
||||||
PLEX_BASEURL: http://10.1.1.61:32400
|
PLEX_BASEURL: http://plex.default.svc.cluster.local:32400
|
||||||
PLEX_LOCALURL: http://10.1.1.61:32400
|
PLEX_LOCALURL: http://plex.default.svc.cluster.local:32400
|
||||||
PLEX_USERNAME: veriwind
|
PLEX_USERNAME: veriwind
|
||||||
TRAKT_USERNAME: jahanson
|
TRAKT_USERNAME: jahanson
|
||||||
probes:
|
probes:
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/prowlarr-develop
|
repository: ghcr.io/onedr0p/prowlarr-develop
|
||||||
tag: 1.26.1.4844@sha256:dd6ab1a0c8f2d780b990f1034f2da6ffb0b4d3e3ca6042b656f691f06d4c9397
|
tag: 1.26.0.4833@sha256:face4aa669a4eb68b041dcf73ed4848cfe8f673826ef3032398a5e267eb1eac0
|
||||||
env:
|
env:
|
||||||
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
||||||
# Ref: https://github.com/dotnet/runtime/issues/9336
|
# Ref: https://github.com/dotnet/runtime/issues/9336
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/radarr-develop
|
repository: ghcr.io/onedr0p/radarr-develop
|
||||||
tag: 5.15.1.9463
|
tag: 5.15.0.9412
|
||||||
env:
|
env:
|
||||||
RADARR__APP__INSTANCENAME: Radarr
|
RADARR__APP__INSTANCENAME: Radarr
|
||||||
RADARR__APP__THEME: dark
|
RADARR__APP__THEME: dark
|
||||||
|
|
|
@ -34,7 +34,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/recyclarr/recyclarr
|
repository: ghcr.io/recyclarr/recyclarr
|
||||||
tag: 7.4.0@sha256:619c3b8920a179f2c578acd0f54e9a068f57c049aff840469eed66e93a4be2cf
|
tag: 7.3.0@sha256:2aaa0205a93171b93a159e4665004ccee1a5aacd60359fb8d7683db0ae7e774b
|
||||||
env:
|
env:
|
||||||
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
||||||
# Ref: https://github.com/dotnet/runtime/issues/9336
|
# Ref: https://github.com/dotnet/runtime/issues/9336
|
||||||
|
|
|
@ -38,7 +38,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: quay.io/redlib/redlib
|
repository: quay.io/redlib/redlib
|
||||||
tag: latest@sha256:d350eebf055527e2f2189aa0ef3a1e5a178a427ff6ae65a9d3ecbe7f43e83f71
|
tag: latest@sha256:42db7afd24d3e55ceccb38f6e91ecfd44d78f381a04848bb4de67dae1836a3e4
|
||||||
env:
|
env:
|
||||||
REDLIB_DEFAULT_SHOW_NSFW: on
|
REDLIB_DEFAULT_SHOW_NSFW: on
|
||||||
REDLIB_DEFAULT_WIDE: on
|
REDLIB_DEFAULT_WIDE: on
|
||||||
|
|
|
@ -75,9 +75,12 @@ spec:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
readOnlyRootFilesystem: true
|
readOnlyRootFilesystem: true
|
||||||
capabilities: { drop: ["ALL"] }
|
capabilities: { drop: ["ALL"] }
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
limits:
|
||||||
|
memory: 16Gi
|
||||||
defaultPodOptions:
|
defaultPodOptions:
|
||||||
nodeSelector: # ~~testing~~
|
|
||||||
kubernetes.io/hostname: gandalf-01
|
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
runAsUser: 568
|
runAsUser: 568
|
||||||
|
|
|
@ -32,7 +32,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/koush/scrypted
|
repository: ghcr.io/koush/scrypted
|
||||||
tag: v0.123.31-jammy-nvidia
|
tag: v0.123.0-jammy-nvidia
|
||||||
probes:
|
probes:
|
||||||
liveness:
|
liveness:
|
||||||
enabled: true
|
enabled: true
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/sonarr-develop
|
repository: ghcr.io/onedr0p/sonarr-develop
|
||||||
tag: 4.0.10.2656
|
tag: 4.0.10.2624
|
||||||
env:
|
env:
|
||||||
SONARR__APP__INSTANCENAME: Sonarr
|
SONARR__APP__INSTANCENAME: Sonarr
|
||||||
SONARR__APP__THEME: dark
|
SONARR__APP__THEME: dark
|
||||||
|
|
|
@ -31,7 +31,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/stirling-tools/s-pdf
|
repository: ghcr.io/stirling-tools/s-pdf
|
||||||
tag: 0.33.1@sha256:d30bf0b2826f0e71cf6fe1b806d918db6d90121ac70b3384569e3b49edf51b3f
|
tag: 0.31.1@sha256:fefbcbdc851bfdb29e172df03d8ac280efdd3eada92b16c46b0fc15932152c6c
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
|
|
|
@ -36,7 +36,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/zwave-js/zwave-js-ui
|
repository: ghcr.io/zwave-js/zwave-js-ui
|
||||||
tag: 9.27.7@sha256:b7327c74e9cb228af9fc2817330319d4e57e041767dc40e550fd6577a436ad7d
|
tag: 9.26.0@sha256:dd945bf63aca8c31763d90addf36db1f0d809c232b806d193173c329c03a183f
|
||||||
env:
|
env:
|
||||||
TZ: America/Chicago
|
TZ: America/Chicago
|
||||||
PORT: &port 80
|
PORT: &port 80
|
||||||
|
|
|
@ -7,7 +7,7 @@ spec:
|
||||||
# nodeName: nenya
|
# nodeName: nenya
|
||||||
containers:
|
containers:
|
||||||
- name: fstrim
|
- name: fstrim
|
||||||
image: ghcr.io/onedr0p/kubanetics:2024.11.1
|
image: ghcr.io/onedr0p/kubanetics:2024.10.7
|
||||||
securityContext:
|
securityContext:
|
||||||
privileged: true
|
privileged: true
|
||||||
command: ["/bin/bash", "-c", "while true; do sleep 10; done"]
|
command: ["/bin/bash", "-c", "while true; do sleep 10; done"]
|
||||||
|
|
|
@ -33,7 +33,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/kubanetics
|
repository: ghcr.io/onedr0p/kubanetics
|
||||||
tag: 2024.11.1@sha256:875b7c22fbb046958ae0116b4a7e9ea81062cf60f54d5b27e53ebf29078bdcc4
|
tag: 2024.10.7@sha256:f1abb7d38bb45b2eeace4eba1c44763134d6e88c377deb9928f93c5d042ea9af
|
||||||
env:
|
env:
|
||||||
SCRIPT_NAME: fstrim.sh
|
SCRIPT_NAME: fstrim.sh
|
||||||
probes:
|
probes:
|
||||||
|
|
|
@ -1,67 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
||||||
kind: HelmRelease
|
|
||||||
metadata:
|
|
||||||
name: generic-device-plugin
|
|
||||||
spec:
|
|
||||||
interval: 30m
|
|
||||||
chart:
|
|
||||||
spec:
|
|
||||||
chart: app-template
|
|
||||||
version: 3.5.1
|
|
||||||
sourceRef:
|
|
||||||
kind: HelmRepository
|
|
||||||
name: bjw-s
|
|
||||||
namespace: flux-system
|
|
||||||
driftDetection:
|
|
||||||
mode: enabled
|
|
||||||
install:
|
|
||||||
remediation:
|
|
||||||
retries: 3
|
|
||||||
upgrade:
|
|
||||||
cleanupOnFail: true
|
|
||||||
remediation:
|
|
||||||
strategy: rollback
|
|
||||||
retries: 3
|
|
||||||
values:
|
|
||||||
defaultPodOptions:
|
|
||||||
priorityClassName: system-node-critical
|
|
||||||
controllers:
|
|
||||||
generic-device-plugin:
|
|
||||||
type: daemonset
|
|
||||||
strategy: RollingUpdate
|
|
||||||
annotations:
|
|
||||||
reloader.stakater.com/auto: "true"
|
|
||||||
containers:
|
|
||||||
generic-device-plugin:
|
|
||||||
image:
|
|
||||||
repository: ghcr.io/squat/generic-device-plugin
|
|
||||||
tag: latest@sha256:ba6f0b4cf6c858d6ad29ba4d32e4da11638abbc7d96436bf04f582a97b2b8821
|
|
||||||
args:
|
|
||||||
- --config=/config/config.yml
|
|
||||||
ports:
|
|
||||||
- containerPort: 8080
|
|
||||||
name: http
|
|
||||||
securityContext:
|
|
||||||
allowPrivilegeEscalation: false
|
|
||||||
readOnlyRootFilesystem: true
|
|
||||||
capabilities: { drop: ["ALL"] }
|
|
||||||
persistence:
|
|
||||||
config:
|
|
||||||
type: configMap
|
|
||||||
name: generic-device-plugin-configmap
|
|
||||||
globalMounts:
|
|
||||||
- path: /config/config.yml
|
|
||||||
subPath: config.yml
|
|
||||||
readOnly: true
|
|
||||||
dev:
|
|
||||||
type: hostPath
|
|
||||||
hostPath: /dev
|
|
||||||
globalMounts:
|
|
||||||
- path: /dev
|
|
||||||
device-plugin:
|
|
||||||
type: hostPath
|
|
||||||
hostPath: /var/lib/kubelet/device-plugins
|
|
||||||
globalMounts:
|
|
||||||
- path: /var/lib/kubelet/device-plugins
|
|
|
@ -1,9 +0,0 @@
|
||||||
---
|
|
||||||
log-level: info
|
|
||||||
domain: kernel.org
|
|
||||||
devices:
|
|
||||||
- name: tun
|
|
||||||
groups:
|
|
||||||
- count: 1000
|
|
||||||
paths:
|
|
||||||
- path: /dev/net/tun
|
|
|
@ -1,2 +1,2 @@
|
||||||
---
|
---
|
||||||
providerRegex: ^bilbo|^frodo|^sam|^merry|^pippin|^rosie|^gandalf-01$
|
providerRegex: ^bilbo|^frodo|^sam|^merry|^pippin|^rosie|^shadowfax-01|^gandalf-01$
|
||||||
|
|
|
@ -12,7 +12,6 @@ resources:
|
||||||
- ./descheduler/ks.yaml
|
- ./descheduler/ks.yaml
|
||||||
- ./dnsimple-webhook-rbac.yaml
|
- ./dnsimple-webhook-rbac.yaml
|
||||||
- ./fstrim/ks.yaml
|
- ./fstrim/ks.yaml
|
||||||
- ./generic-device-plugin/ks.yaml
|
|
||||||
- ./kubelet-csr-approver/ks.yaml
|
- ./kubelet-csr-approver/ks.yaml
|
||||||
- ./metrics-server/ks.yaml
|
- ./metrics-server/ks.yaml
|
||||||
- ./node-feature-discovery/ks.yaml
|
- ./node-feature-discovery/ks.yaml
|
||||||
|
|
|
@ -36,7 +36,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: docker.io/cloudflare/cloudflared
|
repository: docker.io/cloudflare/cloudflared
|
||||||
tag: 2024.11.1@sha256:665dda65335e35a782ed9319aa63e8404f88b34d2644d30adf3e91253604ffa0
|
tag: 2024.11.0@sha256:2c78df02e1f23ab19d4c636921f05b9ebec163b887e946f98e22e56254a5540f
|
||||||
env:
|
env:
|
||||||
NO_AUTOUPDATE: "true"
|
NO_AUTOUPDATE: "true"
|
||||||
TUNNEL_CRED_FILE: /etc/cloudflared/creds/credentials.json
|
TUNNEL_CRED_FILE: /etc/cloudflared/creds/credentials.json
|
||||||
|
|
|
@ -35,7 +35,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/kubanetics
|
repository: ghcr.io/onedr0p/kubanetics
|
||||||
tag: 2024.11.1
|
tag: 2024.10.7
|
||||||
env:
|
env:
|
||||||
SCRIPT_NAME: alertmanager-silencer.sh
|
SCRIPT_NAME: alertmanager-silencer.sh
|
||||||
ALERTMANAGER_URL: http://alertmanager.observability.svc.cluster.local:9093
|
ALERTMANAGER_URL: http://alertmanager.observability.svc.cluster.local:9093
|
||||||
|
|
|
@ -196,6 +196,9 @@ spec:
|
||||||
cert-manager:
|
cert-manager:
|
||||||
url: https://gitlab.com/uneeq-oss/cert-manager-mixin/-/raw/master/dashboards/cert-manager.json?ref_type=heads
|
url: https://gitlab.com/uneeq-oss/cert-manager-mixin/-/raw/master/dashboards/cert-manager.json?ref_type=heads
|
||||||
datasource: Prometheus
|
datasource: Prometheus
|
||||||
|
dcgm-exporter:
|
||||||
|
url: https://raw.githubusercontent.com/NVIDIA/dcgm-exporter/main/grafana/dcgm-exporter-dashboard.json
|
||||||
|
datasource: Prometheus
|
||||||
external-secrets:
|
external-secrets:
|
||||||
url: https://raw.githubusercontent.com/external-secrets/external-secrets/main/docs/snippets/dashboard.json
|
url: https://raw.githubusercontent.com/external-secrets/external-secrets/main/docs/snippets/dashboard.json
|
||||||
datasource: Prometheus
|
datasource: Prometheus
|
||||||
|
@ -249,7 +252,7 @@ spec:
|
||||||
victoria-alert:
|
victoria-alert:
|
||||||
# renovate: depName="VictoriaMetrics - vmalert"
|
# renovate: depName="VictoriaMetrics - vmalert"
|
||||||
gnetId: 14950
|
gnetId: 14950
|
||||||
revision: 13
|
revision: 12
|
||||||
datasource: Prometheus
|
datasource: Prometheus
|
||||||
victoria-operator:
|
victoria-operator:
|
||||||
# renovate: depName="VictoriaMetrics - operator"
|
# renovate: depName="VictoriaMetrics - operator"
|
||||||
|
|
|
@ -9,7 +9,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: prometheus-operator-crds
|
chart: prometheus-operator-crds
|
||||||
version: 16.0.0
|
version: 15.0.0
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: prometheus-community
|
name: prometheus-community
|
||||||
|
|
|
@ -35,8 +35,8 @@ spec:
|
||||||
skipRecheck: true,
|
skipRecheck: true,
|
||||||
sonarr: ["http://sonarr.default.svc.cluster.local/?apikey={{ .SONARR_API_KEY }}"],
|
sonarr: ["http://sonarr.default.svc.cluster.local/?apikey={{ .SONARR_API_KEY }}"],
|
||||||
torrentDir: "/qbittorrent/qBittorrent/BT_backup",
|
torrentDir: "/qbittorrent/qBittorrent/BT_backup",
|
||||||
torznab: []
|
// torznab: []
|
||||||
/* torznab: [
|
torznab: [
|
||||||
6, // ANT
|
6, // ANT
|
||||||
8, // BLU
|
8, // BLU
|
||||||
9, // TL
|
9, // TL
|
||||||
|
@ -44,7 +44,6 @@ spec:
|
||||||
12, // FNP
|
12, // FNP
|
||||||
14, // TD
|
14, // TD
|
||||||
].map(i => `http://prowlarr.default.svc.cluster.local/$${i}/api?apikey={{ .PROWLARR_API_KEY }}`),
|
].map(i => `http://prowlarr.default.svc.cluster.local/$${i}/api?apikey={{ .PROWLARR_API_KEY }}`),
|
||||||
*/
|
|
||||||
};
|
};
|
||||||
dataFrom:
|
dataFrom:
|
||||||
- extract:
|
- extract:
|
||||||
|
|
|
@ -43,7 +43,7 @@ spec:
|
||||||
app:
|
app:
|
||||||
image:
|
image:
|
||||||
repository: jesec/flood
|
repository: jesec/flood
|
||||||
tag: master@sha256:7b0f2b863434946260621b037d293130acb9f5d9248071408c641b858ffacccf
|
tag: master@sha256:8d04ec24abcc879f14e744e809520f7a7ec3c66395e1f6efa4179c9399803fbe
|
||||||
envFrom:
|
envFrom:
|
||||||
- secretRef:
|
- secretRef:
|
||||||
name: flood-secret
|
name: flood-secret
|
||||||
|
|
|
@ -34,7 +34,7 @@ spec:
|
||||||
nameOverride: qbittorrent
|
nameOverride: qbittorrent
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/onedr0p/qbittorrent-beta
|
repository: ghcr.io/onedr0p/qbittorrent-beta
|
||||||
tag: 5.0.2@sha256:adfd625f9cc7226eabad8aa117a551d42d5818c914850ef7fa3be60111383107
|
tag: 5.0.1@sha256:684422cab9fe3cba04812cf4207398bb72aa0f0283c92fddecd833648ac3f7bf
|
||||||
env:
|
env:
|
||||||
UMASK: "022"
|
UMASK: "022"
|
||||||
QBT_WEBUI_PORT: &port 80
|
QBT_WEBUI_PORT: &port 80
|
||||||
|
@ -66,9 +66,15 @@ spec:
|
||||||
capabilities:
|
capabilities:
|
||||||
drop:
|
drop:
|
||||||
- ALL
|
- ALL
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 100m
|
||||||
|
memory: 1024Mi
|
||||||
|
limits:
|
||||||
|
memory: 8Gi
|
||||||
defaultPodOptions:
|
defaultPodOptions:
|
||||||
nodeSelector: # ~~testing~~
|
nodeSelector: # ~~testing~~
|
||||||
kubernetes.io/hostname: gandalf-01
|
kubernetes.io/hostname: shadowfax-01
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
runAsUser: 568
|
runAsUser: 568
|
||||||
|
|
|
@ -39,7 +39,7 @@ spec:
|
||||||
tagging: &container
|
tagging: &container
|
||||||
image:
|
image:
|
||||||
repository: ghcr.io/buroa/qbtools
|
repository: ghcr.io/buroa/qbtools
|
||||||
tag: v0.19.9@sha256:f5405e3c00256d7911d2abb839084a5147c108586adb281e97587cf93729c89b
|
tag: v0.19.7@sha256:ceb38f6794b10a8f1147dbc8a4df24857e0dae72341eaf2d435796937d77ba3a
|
||||||
env:
|
env:
|
||||||
TZ: *timeZone
|
TZ: *timeZone
|
||||||
POD_NAMESPACE:
|
POD_NAMESPACE:
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: rook-ceph
|
chart: rook-ceph
|
||||||
version: v1.15.6
|
version: v1.15.5
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: rook-ceph
|
name: rook-ceph
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: rook-ceph-cluster
|
chart: rook-ceph-cluster
|
||||||
version: v1.15.6
|
version: v1.15.5
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: rook-ceph
|
name: rook-ceph
|
||||||
|
|
|
@ -10,7 +10,7 @@ spec:
|
||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: external-secrets
|
chart: external-secrets
|
||||||
version: 0.10.7
|
version: 0.10.5
|
||||||
interval: 30m
|
interval: 30m
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
|
|
|
@ -22,6 +22,8 @@ spec:
|
||||||
strategy: rollback
|
strategy: rollback
|
||||||
retries: 3
|
retries: 3
|
||||||
dependsOn:
|
dependsOn:
|
||||||
|
- name: kyverno
|
||||||
|
namespace: kyverno
|
||||||
- name: snapshot-controller
|
- name: snapshot-controller
|
||||||
namespace: volsync-system
|
namespace: volsync-system
|
||||||
values:
|
values:
|
||||||
|
|
|
@ -10,6 +10,8 @@ spec:
|
||||||
commonMetadata:
|
commonMetadata:
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: *app
|
app.kubernetes.io/name: *app
|
||||||
|
dependsOn:
|
||||||
|
- name: cluster-policies
|
||||||
path: ./kubernetes/apps/volsync-system/volsync/app
|
path: ./kubernetes/apps/volsync-system/volsync/app
|
||||||
prune: true
|
prune: true
|
||||||
sourceRef:
|
sourceRef:
|
||||||
|
|
|
@ -19,7 +19,7 @@ releases:
|
||||||
- name: prometheus-operator-crds
|
- name: prometheus-operator-crds
|
||||||
namespace: observability
|
namespace: observability
|
||||||
chart: oci://ghcr.io/prometheus-community/charts/prometheus-operator-crds
|
chart: oci://ghcr.io/prometheus-community/charts/prometheus-operator-crds
|
||||||
version: 16.0.0
|
version: 15.0.0
|
||||||
- name: cilium
|
- name: cilium
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
chart: cilium/cilium
|
chart: cilium/cilium
|
||||||
|
|
|
@ -1,11 +1,9 @@
|
||||||
---
|
---
|
||||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/budimanjojo/talhelper/master/pkg/config/schemas/talconfig.json
|
# yaml-language-server: $schema=https://ks.hsn.dev/talconfig.json
|
||||||
clusterName: theshire
|
clusterName: theshire
|
||||||
|
|
||||||
# renovate: datasource=github-releases depName=siderolabs/talos
|
talosVersion: v1.8.2
|
||||||
talosVersion: v1.8.3
|
kubernetesVersion: 1.31.1
|
||||||
# renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet
|
|
||||||
kubernetesVersion: 1.31.2
|
|
||||||
endpoint: "https://10.1.1.57:6444"
|
endpoint: "https://10.1.1.57:6444"
|
||||||
|
|
||||||
additionalApiServerCertSans:
|
additionalApiServerCertSans:
|
||||||
|
|
|
@ -12,4 +12,4 @@ spec:
|
||||||
operation: copy
|
operation: copy
|
||||||
url: oci://ghcr.io/grafana/helm-charts/grafana
|
url: oci://ghcr.io/grafana/helm-charts/grafana
|
||||||
ref:
|
ref:
|
||||||
tag: 8.6.1
|
tag: 8.5.12
|
||||||
|
|
|
@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- ./claim.yaml
|
- ./claim.yaml
|
||||||
- ./minio.yaml
|
- ./nfs.yaml
|
||||||
- ./r2.yaml
|
- ./r2.yaml
|
||||||
|
|
|
@ -23,9 +23,8 @@
|
||||||
"(^|/)\\.taskfiles/.+\\.ya?ml(?:\\.j2)?$"
|
"(^|/)\\.taskfiles/.+\\.ya?ml(?:\\.j2)?$"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"customManagers": [
|
"regexManagers": [
|
||||||
{
|
{
|
||||||
"customType": "regex",
|
|
||||||
"description": [
|
"description": [
|
||||||
"Process CRD dependencies - Chart and Github Release are the same version"
|
"Process CRD dependencies - Chart and Github Release are the same version"
|
||||||
],
|
],
|
||||||
|
@ -36,17 +35,15 @@
|
||||||
"datasourceTemplate": "helm"
|
"datasourceTemplate": "helm"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"customType": "regex",
|
|
||||||
"description": ["Generic Docker image Regex manager"],
|
"description": ["Generic Docker image Regex manager"],
|
||||||
"fileMatch": ["infrastructure/.+\\.ya?ml$", "infrastructure/.+\\.tf$"],
|
"fileMatch": ["infrastructure/.+\\.ya?ml$", "infrastructure/.+\\.tf$"],
|
||||||
"matchStrings": [
|
"matchStrings": [
|
||||||
"# renovate: docker-image( versioning=(?<versioning>.*=?))?\\\n .*[:|=] \"?(?<depName>.*?):(?<currentValue>[^\"\\n]*=?)\"?"
|
"# renovate: docker-image( versioning=(?<versioning>.*=?))?\n .*[:|=] \"?(?<depName>.*?):(?<currentValue>[^\"\n]*=?)\"?"
|
||||||
],
|
],
|
||||||
"datasourceTemplate": "docker",
|
"datasourceTemplate": "docker",
|
||||||
"versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}"
|
"versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"customType": "regex",
|
|
||||||
"description": ["Raw GitHub URL Regex manager"],
|
"description": ["Raw GitHub URL Regex manager"],
|
||||||
"fileMatch": ["infrastructure/.+\\.ya?ml$", "kubernetes/.+\\.ya?ml$"],
|
"fileMatch": ["infrastructure/.+\\.ya?ml$", "kubernetes/.+\\.ya?ml$"],
|
||||||
"matchStrings": [
|
"matchStrings": [
|
||||||
|
@ -72,24 +69,24 @@
|
||||||
{
|
{
|
||||||
"description": "Flux Group",
|
"description": "Flux Group",
|
||||||
"groupName": "Flux",
|
"groupName": "Flux",
|
||||||
|
"matchPackagePatterns": ["^flux", "^ghcr.io/fluxcd/"],
|
||||||
"matchDatasources": ["docker", "github-tags"],
|
"matchDatasources": ["docker", "github-tags"],
|
||||||
"versioning": "semver",
|
"versioning": "semver",
|
||||||
"group": {
|
"group": {
|
||||||
"commitMessageTopic": "{{{groupName}}} group"
|
"commitMessageTopic": "{{{groupName}}} group"
|
||||||
},
|
},
|
||||||
"separateMinorPatch": true,
|
"separateMinorPatch": true
|
||||||
"matchPackageNames": ["/^flux/", "/^ghcr.io/fluxcd//"]
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"description": "Mastodon images",
|
"description": "Mastodon images",
|
||||||
"groupName": "Mastodon",
|
"groupName": "Mastodon",
|
||||||
|
"matchPackagePatterns": ["mastodon", "^ghcr.io/mastodon/"],
|
||||||
"matchDatasources": ["docker", "github-tags"],
|
"matchDatasources": ["docker", "github-tags"],
|
||||||
"versioning": "semver",
|
"versioning": "semver",
|
||||||
"group": {
|
"group": {
|
||||||
"commitMessageTopic": "{{{groupName}}} group"
|
"commitMessageTopic": "{{{groupName}}} group"
|
||||||
},
|
},
|
||||||
"separateMinorPatch": true,
|
"separateMinorPatch": true
|
||||||
"matchPackageNames": ["/mastodon/", "/^ghcr.io/mastodon//"]
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"description": "1Password Connect images",
|
"description": "1Password Connect images",
|
||||||
|
@ -107,12 +104,12 @@
|
||||||
{
|
{
|
||||||
"description": "Rook-Ceph image and chart",
|
"description": "Rook-Ceph image and chart",
|
||||||
"groupName": "Rook Ceph",
|
"groupName": "Rook Ceph",
|
||||||
|
"matchPackagePatterns": ["rook.ceph"],
|
||||||
"matchDatasources": ["docker", "helm"],
|
"matchDatasources": ["docker", "helm"],
|
||||||
"group": {
|
"group": {
|
||||||
"commitMessageTopic": "{{{groupName}}} group"
|
"commitMessageTopic": "{{{groupName}}} group"
|
||||||
},
|
},
|
||||||
"separateMinorPatch": true,
|
"separateMinorPatch": true
|
||||||
"matchPackageNames": ["/rook.ceph/"]
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"description": "Cilium image and chart",
|
"description": "Cilium image and chart",
|
||||||
|
@ -131,7 +128,10 @@
|
||||||
{
|
{
|
||||||
"description": "External Snapshotter charts",
|
"description": "External Snapshotter charts",
|
||||||
"groupName": "External Snapshotter",
|
"groupName": "External Snapshotter",
|
||||||
"matchPackageNames": ["snapshot-controller", "snapshot-validation-webhook"],
|
"matchPackageNames": [
|
||||||
|
"snapshot-controller",
|
||||||
|
"snapshot-validation-webhook"
|
||||||
|
],
|
||||||
"matchDatasources": ["helm"],
|
"matchDatasources": ["helm"],
|
||||||
"group": {
|
"group": {
|
||||||
"commitMessageTopic": "{{{groupName}}} group"
|
"commitMessageTopic": "{{{groupName}}} group"
|
||||||
|
@ -141,22 +141,23 @@
|
||||||
{
|
{
|
||||||
"description": "Thanos image and chart - versions do not match",
|
"description": "Thanos image and chart - versions do not match",
|
||||||
"groupName": "Thanos",
|
"groupName": "Thanos",
|
||||||
|
"matchPackagePatterns": ["quay.io/thanos/thanos", "thanos"],
|
||||||
"matchDatasources": ["docker", "github-releases", "helm"],
|
"matchDatasources": ["docker", "github-releases", "helm"],
|
||||||
"matchUpdateTypes": ["minor", "patch"],
|
"matchUpdateTypes": ["minor", "patch"],
|
||||||
"group": {
|
"group": {
|
||||||
"commitMessageTopic": "{{{groupName}}} group"
|
"commitMessageTopic": "{{{groupName}}} group"
|
||||||
},
|
}
|
||||||
"matchPackageNames": ["/quay.io/thanos/thanos/", "/thanos/"]
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"description": "Vector image and chart - versions do not match",
|
"description": "Vector image and chart - versions do not match",
|
||||||
"groupName": "Vector",
|
"groupName": "Vector",
|
||||||
|
"matchPackagePatterns": ["vector"],
|
||||||
"matchDatasources": ["docker", "github-releases", "helm"],
|
"matchDatasources": ["docker", "github-releases", "helm"],
|
||||||
"matchUpdateTypes": ["minor", "patch"],
|
"matchUpdateTypes": ["minor", "patch"],
|
||||||
"group": {
|
"group": {
|
||||||
"commitMessageTopic": "{{{groupName}}} group"
|
"commitMessageTopic": "{{{groupName}}} group"
|
||||||
},
|
}
|
||||||
"matchPackageNames": ["/vector/"]
|
|
||||||
}
|
}
|
||||||
|
// Version strategies
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,11 +3,6 @@
|
||||||
pkgs.mkShell {
|
pkgs.mkShell {
|
||||||
# Enable experimental features without having to specify the argument
|
# Enable experimental features without having to specify the argument
|
||||||
NIX_CONFIG = "experimental-features = nix-command flakes";
|
NIX_CONFIG = "experimental-features = nix-command flakes";
|
||||||
shellHook = ''
|
|
||||||
export TMP=$(mktemp -d "/tmp/nix-shell-XXXXXX")
|
|
||||||
export TEMP=$TMP
|
|
||||||
export TMPDIR=$TMP
|
|
||||||
'';
|
|
||||||
|
|
||||||
nativeBuildInputs = with pkgs; [
|
nativeBuildInputs = with pkgs; [
|
||||||
fluxcd
|
fluxcd
|
||||||
|
@ -15,6 +10,8 @@ pkgs.mkShell {
|
||||||
gitleaks
|
gitleaks
|
||||||
helmfile
|
helmfile
|
||||||
k9s
|
k9s
|
||||||
|
krew
|
||||||
|
kubectl
|
||||||
kubevirt
|
kubevirt
|
||||||
kubernetes-helm
|
kubernetes-helm
|
||||||
pre-commit
|
pre-commit
|
||||||
|
@ -23,6 +20,5 @@ pkgs.mkShell {
|
||||||
mqttui
|
mqttui
|
||||||
kustomize
|
kustomize
|
||||||
yq-go
|
yq-go
|
||||||
go-task
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue