remoll/k3s-infra
0
0
Fork 0
Code Issues 1 Pull Requests 10 Packages Projects Releases Wiki Activity

whole bunch of fixes

Browse Source
This commit is contained in:
Remy Moll 2023-12-10 16:17:14 +01:00
parent 7fc04f8d43
commit 45aa9c96dc
23 changed files with 204 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/adguard/configmap.yaml
View File

@ -2,7 +2,6 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: adguard-home-config
namespace: adguard
data:
AdGuardHome.yaml: |-
bind_host: 0.0.0.0

1
apps/adguard/deployment.yaml
View File

@ -2,7 +2,6 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: adguard-home
namespace: adguard
spec:
replicas: 1
revisionHistoryLimit: 3

1
apps/adguard/ingress.yaml
View File

@ -2,7 +2,6 @@ apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: adguard-tls-ingress
namespace: adguard
spec:
entryPoints:
- dnsovertls

11
apps/adguard/kustomization.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- configmap.yaml
- ingress.yaml
- service.yaml
- deployment.yaml
namespace: adguard

4
apps/adguard/namespace.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: placeholder

7
apps/adguard/service.yaml
View File

@ -1,8 +1,7 @@
apiVersion: v1
kind: Service
metadata:
name: adguard-home
namespace: adguard
name: adguard-home-web
spec:
ports:
- name: http
@ -22,7 +21,6 @@ metadata:
metallb.universe.tf/allow-shared-ip: adguard-svc
name: adguard-home-dns-tcp
namespace: adguard
spec:
allocateLoadBalancerNodePorts: true
loadBalancerIP: 192.168.3.2
@ -45,7 +43,6 @@ metadata:
metallb.universe.tf/allow-shared-ip: adguard-svc
name: adguard-home-dns-udp
namespace: adguard
spec:
allocateLoadBalancerNodePorts: true
loadBalancerIP: 192.168.3.2
@ -58,4 +55,4 @@ spec:
selector:
app.kubernetes.io/instance: adguard
app.kubernetes.io/name: adguard-home
type: LoadBalancer
type: LoadBalancer

4
apps/media/jellyfin.ingress.yaml → apps/media/ingress.yaml
View File

@ -12,8 +12,8 @@ spec:
- name: jellyfin-websocket
kind: Rule
services:
- name: jellyfin
port: 8096
- name: jellyfin-web
port: 8080
tls:
certResolver: default-tls

12
apps/media/kustomization.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- pvc.yaml
- server.deployment.yaml
- server.service.yaml
- web.deployment.yaml
- web.service.yaml
- ingress.yaml
namespace: media

4
apps/media/namespace.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: placeholder

8
apps/media/jellyfin.pvc.yaml → apps/media/pvc.yaml
View File

@ -4,12 +4,9 @@ kind: PersistentVolume
metadata:
namespace: media
name: jellyfin-config-nfs
spec:
# storageClassName: slow
capacity:
storage: "1Gi"
# volumeMode: Filesystem
accessModes:
- ReadWriteOnce
nfs:
@ -29,6 +26,7 @@ spec:
requests:
storage: "1Gi"
volumeName: jellyfin-config-nfs
---
apiVersion: v1
@ -37,10 +35,8 @@ metadata:
namespace: media
name: jellyfin-data-nfs
spec:
# storageClassName: slow
capacity:
storage: "1Ti"
# volumeMode: Filesystem
accessModes:
- ReadWriteOnce
nfs:
@ -53,7 +49,7 @@ metadata:
namespace: media
name: jellyfin-data-nfs
spec:
storageClassName: nfs-client
storageClassName: ""
accessModes:
- ReadWriteOnce
resources:

44
apps/media/server.deployment.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: jellyfin-server
spec:
selector:
matchLabels:
app: jellyfin-server
template:
metadata:
labels:
app: jellyfin-server
spec:
containers:
- name: jellyfin-server
image: jellyfin/jellyfin:10.8.9
resources:
limits:
memory: "500Mi"
cpu: "2"
ports:
- containerPort: 8096
env:
- name: TZ
value: Europe/Berlin
volumeMounts:
- name: jellyfin-config
mountPath: /config
- name: jellyfin-data
mountPath: /media
livenessProbe:
httpGet:
path: /health
port: 8096
initialDelaySeconds: 100
periodSeconds: 15
volumes:
- name: jellyfin-config
persistentVolumeClaim:
claimName: jellyfin-config-nfs
- name: jellyfin-data
persistentVolumeClaim:
claimName: jellyfin-data-nfs

12
apps/media/server.service.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: jellyfin-server
spec:
selector:
app: jellyfin-server
ports:
- protocol: TCP
port: 8096
targetPort: 8096

27
apps/media/web.deployment.yaml Normal file
View File

@ -0,0 +1,27 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: jellyfin-web
spec:
selector:
matchLabels:
app: jellyfin-web
template:
metadata:
labels:
app: jellyfin-web
spec:
containers:
- name: jellyfin-web
image: ghcr.io/jellyfin/jellyfin-vue
resources:
limits:
memory: "128Mi"
cpu: "30m"
ports:
- containerPort: 8080
env:
- name: TZ
value: Europe/Berlin
- name: DEFAULT_SERVERS
value: "jellyfin-server:8096"

12
apps/media/web.service.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: jellyfin-web
spec:
selector:
app: jellyfin-web
ports:
- protocol: TCP
port: 8080
targetPort: 8080

13
infrastructure/gitea/drone-server.deployment.yaml
View File

@ -92,13 +92,9 @@ apiVersion: v1
kind: PersistentVolume
metadata:
name: drone-data-nfs
labels:
directory: drone
spec:
# storageClassName: fast
capacity:
storage: "1Gi"
# volumeMode: Filesystem
accessModes:
- ReadWriteOnce
nfs:
@ -110,15 +106,10 @@ kind: PersistentVolumeClaim
metadata:
name: drone-data-nfs
spec:
# storageClassName: fast
storageClassName: ""
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "1Gi"
selector:
matchLabels:
directory: drone
volumeName: drone-data-nfs

3
infrastructure/gitea/gitea.pvc.yaml
View File

@ -39,13 +39,12 @@ spec:
server: 192.168.1.157
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitea-postgresql-data-nfs
spec:
storageClassName: nfs-client
storageClassName: ""
accessModes:
- ReadWriteOnce
resources:

52
infrastructure/gitea/gitea.values.yaml
View File

@ -68,26 +68,12 @@ resources:
## @section Persistence
#
## @param persistence.enabled Enable persistent storage
## @param persistence.existingClaim Use an existing claim to store repository information
## @param persistence.size Size for persistence to store repo information
## @param persistence.accessModes AccessMode for persistence
## @param persistence.labels Labels for the persistence volume claim to be created
## @param persistence.annotations Annotations for the persistence volume claim to be created
## @param persistence.storageClass Name of the storage class to use
## @param persistence.subPath Subdirectory of the volume to mount at
persistence:
enabled: true
existingClaim: gitea-data-nfs
create: false
mount: true
claimName: gitea-data-nfs
size: 10Gi
accessModes:
- ReadWriteOnce
labels: {}
annotations: {}
storageClass:
subPath:
# Configure commit/action signing prerequisites
@ -99,13 +85,6 @@ persistence:
## @param signing.existingSecret Use an existing secret to store the value of `signing.privateKey`
signing:
enabled: false
gpgHome: /data/git/.gnupg
privateKey: ""
# privateKey: |-
# -----BEGIN PGP PRIVATE KEY BLOCK-----
# ...
# -----END PGP PRIVATE KEY BLOCK-----
existingSecret: ""
## @section Gitea
#
@ -135,6 +114,7 @@ gitea:
DOMAIN: git.kluster.moll.re
ROOT_URL: https://git.kluster.moll.re
SSH_LISTEN_PORT: 2222
SSH_PORT: 2222
actions:
ENABLED: true
@ -177,8 +157,8 @@ postgresql:
tag: 11
# diagnosticMode:
# enabled: true
# containerSecurityContext:
# runAsUser: 0
containerSecurityContext:
runAsUser: 0
global:
postgresql:
auth:
@ -192,7 +172,16 @@ postgresql:
persistence:
size: 10Gi
existingClaim: gitea-postgresql-data-nfs
mountPath: /bitnami/postgresql/data
# mountPath: /bitnami/postgresql/data
redis-cluster:
enabled: true
usePassword: false
cluster:
nodes: 3 # default: 6
replicas: 0 # default: 1
postgresql-ha:
@ -206,12 +195,3 @@ postgresql-ha:
## @param test.image.name Image name for the wget container used in the test-connection Pod.
## @param test.image.tag Image tag for the wget container used in the test-connection Pod.
checkDeprecation: true
test:
enabled: true
image:
name: busybox
tag: latest
## @param extraDeploy Array of extra objects to deploy with the release
##
extraDeploy: []

13
infrastructure/gitea/kustomization.yaml
View File

@ -1,18 +1,19 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- gitea.pvc.yaml
- gitea.ingress.yaml
- drone-kube-runner.deployment.yaml
- drone-server.deployment.yaml
- drone-server.sealedsecret.yaml
- namespace.yaml
- gitea.pvc.yaml
- gitea.ingress.yaml
- drone-kube-runner.deployment.yaml
- drone-server.deployment.yaml
- drone-server.sealedsecret.yaml
namespace: gitea
helmCharts:
- name: gitea
namespace: gitea # needs to be set explicitly for svc to be referenced correctly
releaseName: gitea
version: 9.6.1
valuesFile: gitea.values.yaml

18
kluster-deployments/adguard/application.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: adguard-application
namespace: argocd
spec:
project: apps
source:
repoURL: ssh://git@git.kluster.moll.re:2222/remoll/k3s-infra.git
targetRevision: main
path: apps/adguard
destination:
server: https://kubernetes.default.svc
namespace: adguard
syncPolicy:
automated:
prune: true
selfHeal: true

4
kluster-deployments/adguard/kustomization.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- application.yaml

2
kluster-deployments/kustomization.yaml
View File

@ -24,3 +24,5 @@ resources:
- homeassistant/
- ntfy/
- rss/
- adguard/
- media/

18
kluster-deployments/media/application.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: media-application
namespace: argocd
spec:
project: apps
source:
repoURL: ssh://git@git.kluster.moll.re:2222/remoll/k3s-infra.git
targetRevision: main
path: apps/media/
destination:
server: https://kubernetes.default.svc
namespace: media
syncPolicy:
automated:
prune: true
selfHeal: true

4
kluster-deployments/media/kustomization.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- application.yaml