From 45aa9c96dcc06050fb936945f620e67717491d72 Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Sun, 10 Dec 2023 16:17:14 +0100 Subject: [PATCH] whole bunch of fixes --- apps/adguard/configmap.yaml | 1 - apps/adguard/deployment.yaml | 1 - apps/adguard/ingress.yaml | 1 - apps/adguard/kustomization.yaml | 11 ++++ apps/adguard/namespace.yaml | 4 ++ apps/adguard/service.yaml | 7 +-- .../{jellyfin.ingress.yaml => ingress.yaml} | 4 +- apps/media/kustomization.yaml | 12 +++++ apps/media/namespace.yaml | 4 ++ apps/media/{jellyfin.pvc.yaml => pvc.yaml} | 8 +-- apps/media/server.deployment.yaml | 44 ++++++++++++++++ apps/media/server.service.yaml | 12 +++++ apps/media/web.deployment.yaml | 27 ++++++++++ apps/media/web.service.yaml | 12 +++++ .../gitea/drone-server.deployment.yaml | 13 +---- infrastructure/gitea/gitea.pvc.yaml | 3 +- infrastructure/gitea/gitea.values.yaml | 52 ++++++------------- infrastructure/gitea/kustomization.yaml | 13 ++--- kluster-deployments/adguard/application.yaml | 18 +++++++ .../adguard/kustomization.yaml | 4 ++ kluster-deployments/kustomization.yaml | 2 + kluster-deployments/media/application.yaml | 18 +++++++ kluster-deployments/media/kustomization.yaml | 4 ++ 23 files changed, 204 insertions(+), 71 deletions(-) create mode 100644 apps/adguard/kustomization.yaml create mode 100644 apps/adguard/namespace.yaml rename apps/media/{jellyfin.ingress.yaml => ingress.yaml} (91%) create mode 100644 apps/media/kustomization.yaml create mode 100644 apps/media/namespace.yaml rename apps/media/{jellyfin.pvc.yaml => pvc.yaml} (87%) create mode 100644 apps/media/server.deployment.yaml create mode 100644 apps/media/server.service.yaml create mode 100644 apps/media/web.deployment.yaml create mode 100644 apps/media/web.service.yaml create mode 100644 kluster-deployments/adguard/application.yaml create mode 100644 kluster-deployments/adguard/kustomization.yaml create mode 100644 kluster-deployments/media/application.yaml create mode 100644 kluster-deployments/media/kustomization.yaml diff --git a/apps/adguard/configmap.yaml b/apps/adguard/configmap.yaml index 43faca5..20ddd5a 100644 --- a/apps/adguard/configmap.yaml +++ b/apps/adguard/configmap.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: adguard-home-config - namespace: adguard data: AdGuardHome.yaml: |- bind_host: 0.0.0.0 diff --git a/apps/adguard/deployment.yaml b/apps/adguard/deployment.yaml index 1371ce6..bb8d690 100644 --- a/apps/adguard/deployment.yaml +++ b/apps/adguard/deployment.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: adguard-home - namespace: adguard spec: replicas: 1 revisionHistoryLimit: 3 diff --git a/apps/adguard/ingress.yaml b/apps/adguard/ingress.yaml index 4a60da7..48558ca 100644 --- a/apps/adguard/ingress.yaml +++ b/apps/adguard/ingress.yaml @@ -2,7 +2,6 @@ apiVersion: traefik.containo.us/v1alpha1 kind: IngressRouteTCP metadata: name: adguard-tls-ingress - namespace: adguard spec: entryPoints: - dnsovertls diff --git a/apps/adguard/kustomization.yaml b/apps/adguard/kustomization.yaml new file mode 100644 index 0000000..90ec6af --- /dev/null +++ b/apps/adguard/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - namespace.yaml + - configmap.yaml + - ingress.yaml + - service.yaml + - deployment.yaml + +namespace: adguard + diff --git a/apps/adguard/namespace.yaml b/apps/adguard/namespace.yaml new file mode 100644 index 0000000..3900a62 --- /dev/null +++ b/apps/adguard/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: placeholder \ No newline at end of file diff --git a/apps/adguard/service.yaml b/apps/adguard/service.yaml index f6aa339..f46a209 100644 --- a/apps/adguard/service.yaml +++ b/apps/adguard/service.yaml @@ -1,8 +1,7 @@ apiVersion: v1 kind: Service metadata: - name: adguard-home - namespace: adguard + name: adguard-home-web spec: ports: - name: http @@ -22,7 +21,6 @@ metadata: metallb.universe.tf/allow-shared-ip: adguard-svc name: adguard-home-dns-tcp - namespace: adguard spec: allocateLoadBalancerNodePorts: true loadBalancerIP: 192.168.3.2 @@ -45,7 +43,6 @@ metadata: metallb.universe.tf/allow-shared-ip: adguard-svc name: adguard-home-dns-udp - namespace: adguard spec: allocateLoadBalancerNodePorts: true loadBalancerIP: 192.168.3.2 @@ -58,4 +55,4 @@ spec: selector: app.kubernetes.io/instance: adguard app.kubernetes.io/name: adguard-home - type: LoadBalancer \ No newline at end of file + type: LoadBalancer diff --git a/apps/media/jellyfin.ingress.yaml b/apps/media/ingress.yaml similarity index 91% rename from apps/media/jellyfin.ingress.yaml rename to apps/media/ingress.yaml index 3393c7b..e8cb72f 100644 --- a/apps/media/jellyfin.ingress.yaml +++ b/apps/media/ingress.yaml @@ -12,8 +12,8 @@ spec: - name: jellyfin-websocket kind: Rule services: - - name: jellyfin - port: 8096 + - name: jellyfin-web + port: 8080 tls: certResolver: default-tls diff --git a/apps/media/kustomization.yaml b/apps/media/kustomization.yaml new file mode 100644 index 0000000..4c97136 --- /dev/null +++ b/apps/media/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - namespace.yaml + - pvc.yaml + - server.deployment.yaml + - server.service.yaml + - web.deployment.yaml + - web.service.yaml + - ingress.yaml + +namespace: media diff --git a/apps/media/namespace.yaml b/apps/media/namespace.yaml new file mode 100644 index 0000000..3900a62 --- /dev/null +++ b/apps/media/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: placeholder \ No newline at end of file diff --git a/apps/media/jellyfin.pvc.yaml b/apps/media/pvc.yaml similarity index 87% rename from apps/media/jellyfin.pvc.yaml rename to apps/media/pvc.yaml index 2becd83..c78e585 100644 --- a/apps/media/jellyfin.pvc.yaml +++ b/apps/media/pvc.yaml @@ -4,12 +4,9 @@ kind: PersistentVolume metadata: namespace: media name: jellyfin-config-nfs - spec: - # storageClassName: slow capacity: storage: "1Gi" - # volumeMode: Filesystem accessModes: - ReadWriteOnce nfs: @@ -29,6 +26,7 @@ spec: requests: storage: "1Gi" volumeName: jellyfin-config-nfs + --- apiVersion: v1 @@ -37,10 +35,8 @@ metadata: namespace: media name: jellyfin-data-nfs spec: - # storageClassName: slow capacity: storage: "1Ti" - # volumeMode: Filesystem accessModes: - ReadWriteOnce nfs: @@ -53,7 +49,7 @@ metadata: namespace: media name: jellyfin-data-nfs spec: - storageClassName: nfs-client + storageClassName: "" accessModes: - ReadWriteOnce resources: diff --git a/apps/media/server.deployment.yaml b/apps/media/server.deployment.yaml new file mode 100644 index 0000000..bd76191 --- /dev/null +++ b/apps/media/server.deployment.yaml @@ -0,0 +1,44 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: jellyfin-server +spec: + selector: + matchLabels: + app: jellyfin-server + template: + metadata: + labels: + app: jellyfin-server + spec: + containers: + - name: jellyfin-server + image: jellyfin/jellyfin:10.8.9 + resources: + limits: + memory: "500Mi" + cpu: "2" + ports: + - containerPort: 8096 + env: + - name: TZ + value: Europe/Berlin + volumeMounts: + - name: jellyfin-config + mountPath: /config + - name: jellyfin-data + mountPath: /media + livenessProbe: + httpGet: + path: /health + port: 8096 + initialDelaySeconds: 100 + periodSeconds: 15 + volumes: + - name: jellyfin-config + persistentVolumeClaim: + claimName: jellyfin-config-nfs + - name: jellyfin-data + persistentVolumeClaim: + claimName: jellyfin-data-nfs + diff --git a/apps/media/server.service.yaml b/apps/media/server.service.yaml new file mode 100644 index 0000000..521ca4a --- /dev/null +++ b/apps/media/server.service.yaml @@ -0,0 +1,12 @@ + +apiVersion: v1 +kind: Service +metadata: + name: jellyfin-server +spec: + selector: + app: jellyfin-server + ports: + - protocol: TCP + port: 8096 + targetPort: 8096 diff --git a/apps/media/web.deployment.yaml b/apps/media/web.deployment.yaml new file mode 100644 index 0000000..7a8d9e7 --- /dev/null +++ b/apps/media/web.deployment.yaml @@ -0,0 +1,27 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: jellyfin-web +spec: + selector: + matchLabels: + app: jellyfin-web + template: + metadata: + labels: + app: jellyfin-web + spec: + containers: + - name: jellyfin-web + image: ghcr.io/jellyfin/jellyfin-vue + resources: + limits: + memory: "128Mi" + cpu: "30m" + ports: + - containerPort: 8080 + env: + - name: TZ + value: Europe/Berlin + - name: DEFAULT_SERVERS + value: "jellyfin-server:8096" \ No newline at end of file diff --git a/apps/media/web.service.yaml b/apps/media/web.service.yaml new file mode 100644 index 0000000..f70e6d3 --- /dev/null +++ b/apps/media/web.service.yaml @@ -0,0 +1,12 @@ + +apiVersion: v1 +kind: Service +metadata: + name: jellyfin-web +spec: + selector: + app: jellyfin-web + ports: + - protocol: TCP + port: 8080 + targetPort: 8080 diff --git a/infrastructure/gitea/drone-server.deployment.yaml b/infrastructure/gitea/drone-server.deployment.yaml index 4684b88..7b0bb95 100644 --- a/infrastructure/gitea/drone-server.deployment.yaml +++ b/infrastructure/gitea/drone-server.deployment.yaml @@ -92,13 +92,9 @@ apiVersion: v1 kind: PersistentVolume metadata: name: drone-data-nfs - labels: - directory: drone spec: - # storageClassName: fast capacity: storage: "1Gi" - # volumeMode: Filesystem accessModes: - ReadWriteOnce nfs: @@ -110,15 +106,10 @@ kind: PersistentVolumeClaim metadata: name: drone-data-nfs spec: - # storageClassName: fast + storageClassName: "" accessModes: - ReadWriteOnce resources: requests: storage: "1Gi" - selector: - matchLabels: - directory: drone - - - + volumeName: drone-data-nfs diff --git a/infrastructure/gitea/gitea.pvc.yaml b/infrastructure/gitea/gitea.pvc.yaml index f4e3e87..9c35389 100644 --- a/infrastructure/gitea/gitea.pvc.yaml +++ b/infrastructure/gitea/gitea.pvc.yaml @@ -39,13 +39,12 @@ spec: server: 192.168.1.157 --- - apiVersion: v1 kind: PersistentVolumeClaim metadata: name: gitea-postgresql-data-nfs spec: - storageClassName: nfs-client + storageClassName: "" accessModes: - ReadWriteOnce resources: diff --git a/infrastructure/gitea/gitea.values.yaml b/infrastructure/gitea/gitea.values.yaml index 2da779c..38dc8f3 100644 --- a/infrastructure/gitea/gitea.values.yaml +++ b/infrastructure/gitea/gitea.values.yaml @@ -68,26 +68,12 @@ resources: ## @section Persistence -# -## @param persistence.enabled Enable persistent storage -## @param persistence.existingClaim Use an existing claim to store repository information -## @param persistence.size Size for persistence to store repo information -## @param persistence.accessModes AccessMode for persistence -## @param persistence.labels Labels for the persistence volume claim to be created -## @param persistence.annotations Annotations for the persistence volume claim to be created -## @param persistence.storageClass Name of the storage class to use -## @param persistence.subPath Subdirectory of the volume to mount at persistence: enabled: true - existingClaim: gitea-data-nfs + create: false + mount: true + claimName: gitea-data-nfs - size: 10Gi - accessModes: - - ReadWriteOnce - labels: {} - annotations: {} - storageClass: - subPath: # Configure commit/action signing prerequisites @@ -99,13 +85,6 @@ persistence: ## @param signing.existingSecret Use an existing secret to store the value of `signing.privateKey` signing: enabled: false - gpgHome: /data/git/.gnupg - privateKey: "" - # privateKey: |- - # -----BEGIN PGP PRIVATE KEY BLOCK----- - # ... - # -----END PGP PRIVATE KEY BLOCK----- - existingSecret: "" ## @section Gitea # @@ -135,6 +114,7 @@ gitea: DOMAIN: git.kluster.moll.re ROOT_URL: https://git.kluster.moll.re SSH_LISTEN_PORT: 2222 + SSH_PORT: 2222 actions: ENABLED: true @@ -177,8 +157,8 @@ postgresql: tag: 11 # diagnosticMode: # enabled: true - # containerSecurityContext: - # runAsUser: 0 + containerSecurityContext: + runAsUser: 0 global: postgresql: auth: @@ -192,7 +172,16 @@ postgresql: persistence: size: 10Gi existingClaim: gitea-postgresql-data-nfs - mountPath: /bitnami/postgresql/data + # mountPath: /bitnami/postgresql/data + + + +redis-cluster: + enabled: true + usePassword: false + cluster: + nodes: 3 # default: 6 + replicas: 0 # default: 1 postgresql-ha: @@ -206,12 +195,3 @@ postgresql-ha: ## @param test.image.name Image name for the wget container used in the test-connection Pod. ## @param test.image.tag Image tag for the wget container used in the test-connection Pod. checkDeprecation: true -test: - enabled: true - image: - name: busybox - tag: latest - -## @param extraDeploy Array of extra objects to deploy with the release -## -extraDeploy: [] diff --git a/infrastructure/gitea/kustomization.yaml b/infrastructure/gitea/kustomization.yaml index 541003b..8f2a5b2 100644 --- a/infrastructure/gitea/kustomization.yaml +++ b/infrastructure/gitea/kustomization.yaml @@ -1,18 +1,19 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- namespace.yaml -- gitea.pvc.yaml -- gitea.ingress.yaml -- drone-kube-runner.deployment.yaml -- drone-server.deployment.yaml -- drone-server.sealedsecret.yaml + - namespace.yaml + - gitea.pvc.yaml + - gitea.ingress.yaml + - drone-kube-runner.deployment.yaml + - drone-server.deployment.yaml + - drone-server.sealedsecret.yaml namespace: gitea helmCharts: - name: gitea + namespace: gitea # needs to be set explicitly for svc to be referenced correctly releaseName: gitea version: 9.6.1 valuesFile: gitea.values.yaml diff --git a/kluster-deployments/adguard/application.yaml b/kluster-deployments/adguard/application.yaml new file mode 100644 index 0000000..6d328be --- /dev/null +++ b/kluster-deployments/adguard/application.yaml @@ -0,0 +1,18 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: adguard-application + namespace: argocd +spec: + project: apps + source: + repoURL: ssh://git@git.kluster.moll.re:2222/remoll/k3s-infra.git + targetRevision: main + path: apps/adguard + destination: + server: https://kubernetes.default.svc + namespace: adguard + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/kluster-deployments/adguard/kustomization.yaml b/kluster-deployments/adguard/kustomization.yaml new file mode 100644 index 0000000..977dcfe --- /dev/null +++ b/kluster-deployments/adguard/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - application.yaml diff --git a/kluster-deployments/kustomization.yaml b/kluster-deployments/kustomization.yaml index f863c0d..0589e61 100644 --- a/kluster-deployments/kustomization.yaml +++ b/kluster-deployments/kustomization.yaml @@ -24,3 +24,5 @@ resources: - homeassistant/ - ntfy/ - rss/ + - adguard/ + - media/ diff --git a/kluster-deployments/media/application.yaml b/kluster-deployments/media/application.yaml new file mode 100644 index 0000000..9150ffe --- /dev/null +++ b/kluster-deployments/media/application.yaml @@ -0,0 +1,18 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: media-application + namespace: argocd +spec: + project: apps + source: + repoURL: ssh://git@git.kluster.moll.re:2222/remoll/k3s-infra.git + targetRevision: main + path: apps/media/ + destination: + server: https://kubernetes.default.svc + namespace: media + syncPolicy: + automated: + prune: true + selfHeal: true \ No newline at end of file diff --git a/kluster-deployments/media/kustomization.yaml b/kluster-deployments/media/kustomization.yaml new file mode 100644 index 0000000..1f43d0d --- /dev/null +++ b/kluster-deployments/media/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- application.yaml