jahanson/theshire
1
0
Fork 0
Code Issues 1 Pull requests 10 Projects Releases Packages Wiki Activity Actions

Compare commits

base: jahanson:shokoserver
Branches Tags
jahanson:main
jahanson:renovate/quay.io-redlib-redlib-latest
jahanson:renovate/siderolabs-talos-1.x
jahanson:renovate/coder-2.x
jahanson:renovate/ghcr.io-dragonflydb-dragonfly-1.x
jahanson:renovate/patch-dragonfly-operator
jahanson:renovate/ghcr.io-recyclarr-recyclarr-7.x
jahanson:renovate/grafana-monorepo
jahanson:renovate/ghcr.io-stirling-tools-s-pdf-0.x
jahanson:renovate/ghcr.io-autobrr-autobrr-1.x
jahanson:renovate/victoriametrics-vmalert-13.x
jahanson:shokoserver
jahanson:kasm-wip
jahanson:multus-app-template-style
jahanson:renovate/configure
jahanson:bgp->l2
jahanson:swap-to-zfs
..
compare: jahanson:main
Branches Tags
jahanson:renovate/quay.io-redlib-redlib-latest
jahanson:renovate/siderolabs-talos-1.x
jahanson:renovate/coder-2.x
jahanson:renovate/ghcr.io-dragonflydb-dragonfly-1.x
jahanson:renovate/patch-dragonfly-operator
jahanson:renovate/ghcr.io-recyclarr-recyclarr-7.x
jahanson:renovate/grafana-monorepo
jahanson:renovate/ghcr.io-stirling-tools-s-pdf-0.x
jahanson:renovate/ghcr.io-autobrr-autobrr-1.x
jahanson:renovate/victoriametrics-vmalert-13.x
jahanson:main
jahanson:shokoserver
jahanson:kasm-wip
jahanson:multus-app-template-style
jahanson:renovate/configure
jahanson:bgp->l2
jahanson:swap-to-zfs

26 commits
shokoserve ... main

Author SHA1 Message Date
Joseph Hanson
761690ba5e Merge pull request 'Update image ghcr.io/siderolabs/kubelet to v1.31.2' (#838) from renovate/ghcr.io-siderolabs-kubelet-1.x into main 
Reviewed-on: #838
 2024-11-08 19:40:40 -06:00
Joseph Hanson
cb2e0d24c8 Merge pull request 'Update image ghcr.io/onedr0p/home-assistant to v2024.11.1' (#841) from renovate/ghcr.io-onedr0p-home-assistant-2024.x into main 
Reviewed-on: #841
 2024-11-08 19:08:54 -06:00
Joseph Hanson
bc687b28fd Merge pull request 'Update image docker.io/ollama/ollama to v0.4.1' (#840) from renovate/docker.io-ollama-ollama-0.x into main 
Reviewed-on: #840
 2024-11-08 19:07:48 -06:00
Joseph Hanson
6c6ea27957 Merge pull request 'Update image ghcr.io/autobrr/autobrr to v1.49.0' (#834) from renovate/ghcr.io-autobrr-autobrr-1.x into main 
Reviewed-on: #834
 2024-11-08 19:07:33 -06:00
Renovate Bot
1166d4d687 Update image ghcr.io/onedr0p/home-assistant to v2024.11.1 2024-11-09 01:06:18 +00:00
Renovate Bot
ec4f619367 Update image docker.io/ollama/ollama to v0.4.1 2024-11-09 01:06:15 +00:00
Joseph Hanson
d870c79589 Merge pull request 'Update image jesec/flood to 8a18a35' (#824) from renovate/jesec-flood-master into main 
Reviewed-on: #824
 2024-11-08 18:56:08 -06:00
Joseph Hanson
96179f13a2 Merge pull request 'Update image ghcr.io/autobrr/omegabrr to v1.15.0' (#825) from renovate/ghcr.io-autobrr-omegabrr-1.x into main 
Reviewed-on: #825
 2024-11-08 18:55:33 -06:00
Joseph Hanson
2c348267c5 Merge pull request 'Update image ghcr.io/coder/code-server to v4.95.1' (#835) from renovate/ghcr.io-coder-code-server-4.x into main 
Reviewed-on: #835
 2024-11-08 18:55:07 -06:00
Joseph Hanson
8222c32fe0 Merge pull request 'Update image prometheus-operator-crds to v16' (#836) from renovate/prometheus-operator-crds-16.x into main 
Reviewed-on: #836
 2024-11-08 18:54:44 -06:00
Joseph Hanson
01f3eaa9fa Merge pull request 'Update image ghcr.io/koush/scrypted to v0.123.1' (#837) from renovate/ghcr.io-koush-scrypted-0.x into main 
Reviewed-on: #837
 2024-11-08 18:54:28 -06:00
Joseph Hanson
c51bd020bd Merge pull request 'Update image ghcr.io/taxel/plextraktsync to v0.32.1' (#839) from renovate/ghcr.io-taxel-plextraktsync-0.x into main 
Reviewed-on: #839
 2024-11-08 18:53:48 -06:00
Renovate Bot
1f87e3c3db Update image ghcr.io/taxel/plextraktsync to v0.32.1 2024-11-08 19:06:35 +00:00
Renovate Bot
20a2e63b30 Update image prometheus-operator-crds to v16 2024-11-08 18:21:08 +00:00
Renovate Bot
8ed33b3671 Update image ghcr.io/siderolabs/kubelet to v1.31.2 2024-11-08 18:20:42 +00:00
Joseph Hanson
2de07ac885
renovate test 2024-11-08 12:13:27 -06:00
Renovate Bot
f1c79adc59 Update image ghcr.io/koush/scrypted to v0.123.1 2024-11-08 18:06:32 +00:00
Joseph Hanson
97829c6809
ignore sync-conflicts 2024-11-07 22:20:12 -06:00
Joseph Hanson
14287e4cad Merge pull request 'Update image ghcr.io/jorenn92/maintainerr to v2.2.1' (#833) from renovate/ghcr.io-jorenn92-maintainerr-2.x into main 
Reviewed-on: #833
 2024-11-07 16:08:38 -06:00
Joseph Hanson
7a72a530a7
undeploy piped 2024-11-07 16:07:58 -06:00
Joseph Hanson
c282512a8b
add generic-device-plugin 2024-11-07 15:49:06 -06:00
Renovate Bot
851884bd94 Update image ghcr.io/coder/code-server to v4.95.1 2024-11-07 20:06:55 +00:00
Renovate Bot
2a06b673fb Update image ghcr.io/autobrr/autobrr to v1.49.0 2024-11-07 20:06:47 +00:00
Renovate Bot
dbb411bc42 Update image ghcr.io/jorenn92/maintainerr to v2.2.1 2024-11-07 19:07:54 +00:00
Renovate Bot
366747cfd1 Update image ghcr.io/autobrr/omegabrr to v1.15.0 2024-11-06 12:05:44 +00:00
Renovate Bot
5ae9e7a310 Update image jesec/flood to 8a18a35 2024-11-06 05:35:26 +00:00
25 changed files with 107 additions and 183 deletions
Show stats Expand all files Collapse all files

0
kubernetes/apps/default/piped/app/externalsecret.yaml → .archive/default/piped/app/externalsecret.yaml
View file

0
kubernetes/apps/default/piped/app/helmrelease.yaml → .archive/default/piped/app/helmrelease.yaml
View file

0
kubernetes/apps/default/piped/app/kustomization.yaml → .archive/default/piped/app/kustomization.yaml
View file

0
kubernetes/apps/default/piped/ks.yaml → .archive/default/piped/ks.yaml
View file

3
.gitignore vendored
View file

@ -24,3 +24,6 @@ omniconfig.yaml
*.pem *.pem
*.secrets *.secrets
config.xml config.xml
# syncthing
**/*sync-conflict*

2
kubernetes/apps/ai/ollama/app/helmrelease.yaml
View file

@ -35,7 +35,7 @@ spec:
app: app:
image: image:
repository: docker.io/ollama/ollama repository: docker.io/ollama/ollama
tag: 0.4.0 tag: 0.4.1
env: env:
- name: OLLAMA_HOST - name: OLLAMA_HOST
value: 0.0.0.0 value: 0.0.0.0

2
kubernetes/apps/anime/kustomization.yaml
View file

@ -9,5 +9,5 @@ resources:
- ./jellyfin/ks.yaml # sqlite - ./jellyfin/ks.yaml # sqlite
- ./jellyseerr/ks.yaml # sqlite - ./jellyseerr/ks.yaml # sqlite
- ./radarr/ks.yaml # postgres - ./radarr/ks.yaml # postgres
- ./shoko/ks.yaml # sqlite # - ./shoko/ks.yaml # sqlite
- ./sonarr/ks.yaml # postgres - ./sonarr/ks.yaml # postgres

31
kubernetes/apps/anime/shoko/app/externalsecret.yaml
View file

@ -1,31 +0,0 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: shokoserver
spec:
refreshInterval: 5m
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: shokoserver-secret
creationPolicy: Owner
data:
- secretKey: WIREGUARD_ENDPOINT_IP
remoteRef:
key: ProtonVPN
property: shokoserver_vpn_endpoint_ip
- secretKey: WIREGUARD_PUBLIC_KEY
remoteRef:
key: ProtonVPN
property: shokoserver_wireguard_public_key
- secretKey: WIREGUARD_PRIVATE_KEY
remoteRef:
key: ProtonVPN
property: shokoserver_wireguard_private_key
- secretKey: WIREGUARD_ADDRESSES
remoteRef:
key: ProtonVPN
property: wireguard_addresses

125
kubernetes/apps/anime/shoko/app/helmrelease.yaml
View file

@ -1,125 +0,0 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: &app shokoserver
spec:
interval: 30m
chart:
spec:
chart: app-template
version: 3.5.1
sourceRef:
kind: HelmRepository
name: bjw-s
namespace: flux-system
install:
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
strategy: rollback
retries: 3
dependsOn:
- name: rook-ceph-cluster
namespace: rook-ceph
- name: volsync
namespace: volsync-system
values:
controllers:
shokoserver:
annotations:
reloader.stakater.com/auto: "true"
initContainers:
gluetun:
image:
repository: ghcr.io/qdm12/gluetun
tag: v3.39.1
env:
DOT: "off"
VPN_SERVICE_PROVIDER: protonvpn
VPN_TYPE: wireguard
VPN_INTERFACE: wg0
FIREWALL_INPUT_PORTS: "80"
envFrom:
- secretRef:
name: shokoserver-secret
resources:
limits:
kernel.org/tun: 1
restartPolicy: Always
securityContext:
capabilities:
add: ["NET_ADMIN"]
allowPrivilegeEscalation: false
containers:
app:
image:
repository: ghcr.io/jahanson/shokoserver
tag: v5.0.0@sha256:193aedf3e3f2d7031a76274d5bae0004c3d920c24831d688d991f85d4bb24ce2
env:
TZ: America/Chicago
PORT: &port 80
# probes:
# liveness: &probes
# enabled: true
# custom: true
# spec:
# httpGet:
# path: /status
# port: *port
# initialDelaySeconds: 0
# periodSeconds: 10
# timeoutSeconds: 1
# failureThreshold: 3
# readiness: *probes
# startup:
# enabled: false
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities: { drop: ["ALL"] }
defaultPodOptions:
securityContext:
runAsNonRoot: true
runAsUser: 568
runAsGroup: 568
fsGroup: 568
fsGroupChangePolicy: OnRootMismatch
seccompProfile: { type: RuntimeDefault }
service:
app:
controller: shokoserver
ports:
http:
port: *port
targetPort: 8111
ingress:
app:
className: internal-nginx
hosts:
- host: "${APP}.jahanson.tech"
paths:
- path: /
service:
identifier: app
port: http
persistence:
config:
existingClaim: "${APP}"
globalMounts:
- path: /.shoko
media:
type: nfs
server: 10.1.1.61
path: /moria/media/
globalMounts:
- path: /data/moria-media
# logs:
# type: emptyDir
# globalMounts:
# - path: /app/config/logs
tmp:
type: emptyDir

2
kubernetes/apps/default/autobrr/app/helmrelease.yaml
View file

@ -31,7 +31,7 @@ spec:
app: app:
image: image:
repository: ghcr.io/autobrr/autobrr repository: ghcr.io/autobrr/autobrr
tag: v1.48.0@sha256:0ae19e3beedf491396e450b024c23e9e24df4d692286c0442a81fa699493def0 tag: v1.49.0@sha256:dc2195ccabf8438a8f8eb0581c5e6d2a40c061754e57552bc4f67f1b20a71970
env: env:
AUTOBRR__CHECK_FOR_UPDATES: "false" AUTOBRR__CHECK_FOR_UPDATES: "false"
AUTOBRR__HOST: 0.0.0.0 AUTOBRR__HOST: 0.0.0.0

4
kubernetes/apps/default/home-assistant/app/helmrelease.yaml
View file

@ -36,7 +36,7 @@ spec:
app: app:
image: image:
repository: ghcr.io/onedr0p/home-assistant repository: ghcr.io/onedr0p/home-assistant
tag: 2024.11.0@sha256:23a1ba70e7d5518527e6324d28ccb07f1cbf7c334dbb6326a0b413ef8fe5fafd tag: 2024.11.1@sha256:a3dd7577c28771702b21f817ad86600056467c2c7f45d261a1e7241910ddc2e2
env: env:
TZ: America/Chicago TZ: America/Chicago
envFrom: envFrom:
@ -54,7 +54,7 @@ spec:
code-server: code-server:
image: image:
repository: ghcr.io/coder/code-server repository: ghcr.io/coder/code-server
tag: 4.93.1@sha256:c69e398d1b64589b3b77a7becfd03f4ec524982def20e6bffbb51b1b839e72ba tag: 4.95.1@sha256:d9bc7797d997e1b199e333676732e075bac4bae276dc0fe1baece2e313edfa09
args: [ args: [
"--auth", "none", "--auth", "none",
"--user-data-dir", "/config/.vscode", "--user-data-dir", "/config/.vscode",

1
kubernetes/apps/default/kustomization.yaml
View file

@ -16,7 +16,6 @@ resources:
- ./morphos/ks.yaml - ./morphos/ks.yaml
- ./omegabrr/ks.yaml - ./omegabrr/ks.yaml
- ./overseerr/ks.yaml - ./overseerr/ks.yaml
- ./piped/ks.yaml
- ./plex/ks.yaml - ./plex/ks.yaml
- ./prowlarr/ks.yaml - ./prowlarr/ks.yaml
- ./radarr/ks.yaml - ./radarr/ks.yaml

2
kubernetes/apps/default/maintainerr/app/helmrelease.yaml
View file

@ -32,7 +32,7 @@ spec:
app: app:
image: image:
repository: ghcr.io/jorenn92/maintainerr repository: ghcr.io/jorenn92/maintainerr
tag: 2.2.0@sha256:fbb2c0341b8af502e4488f3664e34992f24947708c7dac10dcbee592f99a946c tag: 2.2.1@sha256:13121a8292ef6db7560a931bf19b601cf3cc12df0a9dea9086b757798eea5b6d
env: env:
TZ: America/Chicago TZ: America/Chicago
resources: resources:

2
kubernetes/apps/default/omegabrr/app/helmrelease.yaml
View file

@ -31,7 +31,7 @@ spec:
app: app:
image: image:
repository: ghcr.io/autobrr/omegabrr repository: ghcr.io/autobrr/omegabrr
tag: v1.14.0@sha256:6f65c7967609746662815933ecc8168c8c25a3b82d909f49833fcce2b47ee052 tag: v1.15.0@sha256:4f6099a76ff9d248e9f032e29c04a92b483f21456e46f3b01eb20399f4732ad0
env: env:
TZ: America/Chicago TZ: America/Chicago
securityContext: securityContext:

2
kubernetes/apps/default/plex/trakt-sync/helmrelease.yaml
View file

@ -33,7 +33,7 @@ spec:
app: app:
image: image:
repository: ghcr.io/taxel/plextraktsync repository: ghcr.io/taxel/plextraktsync
tag: 0.32.0 tag: 0.32.1
args: args:
- sync - sync
env: env:

2
kubernetes/apps/default/scrypted/app/helmrelease.yaml
View file

@ -32,7 +32,7 @@ spec:
app: app:
image: image:
repository: ghcr.io/koush/scrypted repository: ghcr.io/koush/scrypted
tag: v0.123.0-jammy-nvidia tag: v0.123.1-jammy-nvidia
probes: probes:
liveness: liveness:
enabled: true enabled: true

67
kubernetes/apps/kube-system/generic-device-plugin/app/helmrelease.yaml Normal file
View file

@ -0,0 +1,67 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: generic-device-plugin
spec:
interval: 30m
chart:
spec:
chart: app-template
version: 3.5.1
sourceRef:
kind: HelmRepository
name: bjw-s
namespace: flux-system
driftDetection:
mode: enabled
install:
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
strategy: rollback
retries: 3
values:
defaultPodOptions:
priorityClassName: system-node-critical
controllers:
generic-device-plugin:
type: daemonset
strategy: RollingUpdate
annotations:
reloader.stakater.com/auto: "true"
containers:
generic-device-plugin:
image:
repository: ghcr.io/squat/generic-device-plugin
tag: latest@sha256:ba6f0b4cf6c858d6ad29ba4d32e4da11638abbc7d96436bf04f582a97b2b8821
args:
- --config=/config/config.yml
ports:
- containerPort: 8080
name: http
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities: { drop: ["ALL"] }
persistence:
config:
type: configMap
name: generic-device-plugin-configmap
globalMounts:
- path: /config/config.yml
subPath: config.yml
readOnly: true
dev:
type: hostPath
hostPath: /dev
globalMounts:
- path: /dev
device-plugin:
type: hostPath
hostPath: /var/lib/kubelet/device-plugins
globalMounts:
- path: /var/lib/kubelet/device-plugins

9
kubernetes/apps/anime/shoko/app/kustomization.yaml → kubernetes/apps/kube-system/generic-device-plugin/app/kustomization.yaml
View file

@ -3,7 +3,10 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- ./externalsecret.yaml
- ./helmrelease.yaml - ./helmrelease.yaml
- ../../../../templates/gatus/internal configMapGenerator:
- ../../../../templates/volsync - name: generic-device-plugin-configmap
files:
- ./resources/config.yml
generatorOptions:
disableNameSuffixHash: true

9
kubernetes/apps/kube-system/generic-device-plugin/app/resources/config.yml Normal file
View file

@ -0,0 +1,9 @@
---
log-level: info
domain: kernel.org
devices:
- name: tun
groups:
- count: 1000
paths:
- path: /dev/net/tun

12
kubernetes/apps/anime/shoko/ks.yaml → kubernetes/apps/kube-system/generic-device-plugin/ks.yaml
View file

@ -3,22 +3,18 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1 apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization kind: Kustomization
metadata: metadata:
name: &app shoko name: &app generic-device-plugin
namespace: flux-system namespace: flux-system
spec: spec:
targetNamespace: anime targetNamespace: kube-system
commonMetadata: commonMetadata:
labels: labels:
app.kubernetes.io/name: *app app.kubernetes.io/name: *app
path: ./kubernetes/apps/anime/shoko/app path: "./kubernetes/apps/kube-system/generic-device-plugin/app"
prune: true prune: true
sourceRef: sourceRef:
kind: GitRepository kind: GitRepository
name: theshire name: theshire
wait: false wait: true
interval: 30m interval: 30m
timeout: 5m timeout: 5m
postBuild:
substitute:
APP: *app
VOLSYNC_CAPACITY: 5Gi

1
kubernetes/apps/kube-system/kustomization.yaml
View file

@ -12,6 +12,7 @@ resources:
- ./descheduler/ks.yaml - ./descheduler/ks.yaml
- ./dnsimple-webhook-rbac.yaml - ./dnsimple-webhook-rbac.yaml
- ./fstrim/ks.yaml - ./fstrim/ks.yaml
- ./generic-device-plugin/ks.yaml
- ./kubelet-csr-approver/ks.yaml - ./kubelet-csr-approver/ks.yaml
- ./metrics-server/ks.yaml - ./metrics-server/ks.yaml
- ./node-feature-discovery/ks.yaml - ./node-feature-discovery/ks.yaml

2
kubernetes/apps/observability/prometheus-operator-crds/app/helmrelease.yaml
View file

@ -9,7 +9,7 @@ spec:
chart: chart:
spec: spec:
chart: prometheus-operator-crds chart: prometheus-operator-crds
version: 15.0.0 version: 16.0.0
sourceRef: sourceRef:
kind: HelmRepository kind: HelmRepository
name: prometheus-community name: prometheus-community

2
kubernetes/apps/qbittorrent/flood/app/helmrelease.yaml
View file

@ -43,7 +43,7 @@ spec:
app: app:
image: image:
repository: jesec/flood repository: jesec/flood
tag: master@sha256:8d04ec24abcc879f14e744e809520f7a7ec3c66395e1f6efa4179c9399803fbe tag: master@sha256:8a18a3509a6c1557b769873a1ef85dcd5fa4cbce1a939be2c6c87f97eb79de45
envFrom: envFrom:
- secretRef: - secretRef:
name: flood-secret name: flood-secret

2
kubernetes/bootstrap/helmfile.yaml
View file

@ -19,7 +19,7 @@ releases:
- name: prometheus-operator-crds - name: prometheus-operator-crds
namespace: observability namespace: observability
chart: oci://ghcr.io/prometheus-community/charts/prometheus-operator-crds chart: oci://ghcr.io/prometheus-community/charts/prometheus-operator-crds
version: 15.0.0 version: 16.0.0
- name: cilium - name: cilium
namespace: kube-system namespace: kube-system
chart: cilium/cilium chart: cilium/cilium

8
kubernetes/bootstrap/talos/talconfig.yaml
View file

@ -1,9 +1,11 @@
--- ---
# yaml-language-server: $schema=https://ks.hsn.dev/talconfig.json # yaml-language-server: $schema=https://raw.githubusercontent.com/budimanjojo/talhelper/master/pkg/config/schemas/talconfig.json
clusterName: theshire clusterName: theshire
talosVersion: v1.8.2 # renovate: datasource=github-releases depName=siderolabs/talos
kubernetesVersion: 1.31.1 talosVersion: v1.8.1
# renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet
kubernetesVersion: 1.31.2
endpoint: "https://10.1.1.57:6444" endpoint: "https://10.1.1.57:6444"
additionalApiServerCertSans: additionalApiServerCertSans: