--- # yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: home-assistant spec: interval: 30m chart: spec: chart: app-template version: 3.1.0 sourceRef: kind: HelmRepository name: bjw-s namespace: flux-system install: remediation: retries: 3 upgrade: cleanupOnFail: true remediation: strategy: rollback retries: 3 dependsOn: - name: rook-ceph-cluster namespace: rook-ceph - name: volsync namespace: volsync-system values: controllers: home-assistant: annotations: reloader.stakater.com/auto: "true" pod: annotations: k8s.v1.cni.cncf.io/networks: | [{ "name":"multus-iot", "namespace": "network", "ips": ["10.1.3.151/24"] }] securityContext: runAsUser: 568 runAsGroup: 568 runAsNonRoot: true fsGroup: 568 fsGroupChangePolicy: OnRootMismatch containers: app: image: repository: ghcr.io/onedr0p/home-assistant tag: 2024.4.3@sha256:393ff4d7da4af9f5766d409754257afa6baecb8944f6788dc3da53e9ae659dd8 env: TZ: America/Chicago HASS_HTTP_TRUSTED_PROXY_1: 10.244.0.0/16 envFrom: - secretRef: name: home-assistant-secret securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true capabilities: { drop: ["ALL"] } resources: requests: cpu: 10m limits: memory: 1Gi service: app: controller: home-assistant ports: http: port: 8123 ingress: app: className: internal-nginx hosts: - host: &host hass.jahanson.tech paths: - path: / service: identifier: app port: http tls: - hosts: [*host] persistence: config: existingClaim: home-assistant logs: type: emptyDir globalMounts: - path: /config/logs tts: type: emptyDir globalMounts: - path: /config/tts tmp: type: emptyDir