small fixes

add (broken) deployment
2024-05-15 17:57:15 +02:00 · 2024-05-13 14:27:34 +02:00
17 changed files with 133 additions and 335 deletions
--- a/apps/affine/deployment.yaml
+++ b/apps/affine/deployment.yaml
@@ -0,0 +1,58 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: affine
 spec:
  selector:
    matchLabels:
      app: affine
  template:
    metadata:
      labels:
        app: affine
    spec:
      containers:
      - name: affine
        image: affine
        resources:
          limits:
            memory: "512Mi"
            cpu: "1"
        env:
        - name: AFFINE_SERVER_HOST
          value: "affine.kluster.moll.re"
        - name: AFFINE_SERVER_PORT
          value: "443"
        - name: AFFINE_SERVER_HTTPS
          value: "true"
        - name: AFFINE_CONFIG_PATH
          value: "/root/.affine/config"
        - name: AFFINE_ADMIN_EMAIL
          value: "me@moll.re"
        - name: AFFINE_ADMIN_PASSWORD
          value: "password"
        - name: TELEMETRY_ENABLE
          value: "false"
        - name: DATABASE_URL
          valueFrom:
            secretKeyRef:
              name: postgres-credentials
              key: url
        - name: NODE_OPTIONS
          value: "--import=./scripts/register.js"
        - name: NODE_ENV
          value: "production"
        ports:
        - containerPort: 3010
        volumeMounts:
        - name: affine-data
          mountPath: /root/.affine/storage
        - name: affine-config
          mountPath: /root/.affine/config
      volumes:
      - name: affine-data
        persistentVolumeClaim:
          claimName: affine-data
      - name: affine-config
        persistentVolumeClaim:
          claimName: affine-config
--- a/apps/affine/ingress.yaml
+++ b/apps/affine/ingress.yaml
@@ -0,0 +1,15 @@
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
  name: affine-ingress
 spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`affine.kluster.moll.re`)
      kind: Rule
      services:
        - name: affine-web
          port: 3010
  tls:
    certResolver: default-tls
--- a/apps/affine/kustomization.yaml
+++ b/apps/affine/kustomization.yaml
@@ -0,0 +1,20 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: affine
 resources:
  - namespace.yaml
  - deployment.yaml
  - service.yaml
  - ingress.yaml
  - postgres.yaml
  - pvc.yaml
  - postgres-credentials.secret.yaml
 images:
  - name: affine
    newName: ghcr.io/toeverything/affine-graphql
    newTag: stable
--- a/apps/affine/namespace.yaml
+++ b/apps/affine/namespace.yaml
@@ -0,0 +1,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: placeholder
--- a/apps/affine/postgres.yaml
+++ b/apps/affine/postgres.yaml
@@ -0,0 +1,20 @@
 apiVersion: postgresql.cnpg.io/v1
 kind: Cluster
 metadata:
  name: affine-postgres
 spec:
  instances: 1
  bootstrap:
    initdb:
      owner: affine
      database: affine
      secret:
        name: postgres-credentials
  storage:
    size: 1Gi
    pvcTemplate:
      storageClassName: "nfs-client"
      resources:
        requests:
          storage: "1Gi"
--- a/apps/media-downloads/pvc.yaml
+++ b/apps/media-downloads/pvc.yaml
@@ -1,35 +1,23 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
-  name: radarr-config
+  name: affine-data
 spec:
  storageClassName: "nfs-client"
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
-      storage: "1Gi"
+      storage: 15Gi
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
-  name: qbittorrent-config
+  name: affine-config
 spec:
  storageClassName: "nfs-client"
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
-      storage: "1Gi"
+      storage: 1Gi
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: data
 spec:
  storageClassName: "nfs-client"
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: "10Gi"
--- a/apps/affine/service.yaml
+++ b/apps/affine/service.yaml
@@ -0,0 +1,10 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: affine-web
 spec:
  selector:
    app: affine
  ports:
  - port: 3010
    targetPort: 3010
--- a/apps/media-downloads/jackett.deployment.yaml
+++ b/apps/media-downloads/jackett.deployment.yaml
@@ -1,47 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: jackett
 spec:
  selector:
    matchLabels:
      app: jackett
  template:
    metadata:
      labels:
        app: jackett
    spec:
      containers:
      - name: jackett
        image: jackett
        resources:
          limits:
            memory: "128Mi"
            cpu: "500m"
        ports:
        - containerPort: 9117
        volumeMounts:
        - name: media
          mountPath: /media
        - name: config
          mountPath: /config
      volumes:
      - name: media
        persistentVolumeClaim:
          claimName: media-downloads
      - name: config
        persistentVolumeClaim:
          claimName: transmission-config
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: jackett
 spec:
  selector:
    app: jackett
  ports:
    - protocol: TCP
      port: 9117
      targetPort: 9117
  type: ClusterIP
--- a/apps/media-downloads/kustomization.yaml
+++ b/apps/media-downloads/kustomization.yaml
@@ -1,50 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: media-downloads
 resources:
  - namespace.yaml
  - pvc.yaml
  - transmission.deployment.yaml
  - radarr.deployment.yaml
  - jackett.deployment.yaml
 images:
  - name: transmission
    newName: haugene/transmission-openvpn
    newTag: 5.3.1
  - name: jackett
    newName: lscr.io/linuxserver/jackett
    newTag: latest
  - name: radarr
    newName: lscr.io/linuxserver/radarr
    newTag: 5.4.6
 ---
 # 2nd version
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: media-downloads
 resources: 
  - namespace.yaml
  - pvc.yaml
  - qbittorrent.deployment.yaml
  - qbittorrent.service.yaml
  - qbittorrent.configmap.yaml
  - radarr.deployment.yaml
  - radarr.service.yaml
  - radarr.configmap.yaml
  - openvpn.secret.yaml
 images:
  - name: qbittorrent
    newName: binhex/arch-qbittorrentvpn
    newTag: 5.0.1-1-02
  - name: radarr
    newName: hotio/radarr
    newTag: release-5.14.0.9383
--- a/apps/media-downloads/namespace.yaml
+++ b/apps/media-downloads/namespace.yaml
@@ -1,6 +0,0 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: placeholder
  labels:
    pod-security.kubernetes.io/enforce: privileged 
--- a/apps/media-downloads/qbittorrent.configmap.yaml
+++ b/apps/media-downloads/qbittorrent.configmap.yaml
@@ -1,15 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: qbittorrent
  labels:
    app: qbittorrent
 data:
  VPN_ENABLED: yes
  VPN_USER: vpnbook
  VPN_PASS: e83zu76
  VPN_PROV: custom
  VPN_CLIENT: openvpn
  LAN_NETWORK: 10.244.0.0/24,10.9.0.0/24
  WEBUI_PORT: "8080"
  ENABLE_STARTUP_SCRIPTS: no
--- a/apps/media-downloads/qbittorrent.deployment.yaml
+++ b/apps/media-downloads/qbittorrent.deployment.yaml
@@ -1,40 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: qbittorrent
 spec:
  selector:
    matchLabels:
      app: qbittorrent
  replicas: 1
  template:
    metadata:
      labels:
        app: qbittorrent
    spec:
      containers:
      - name: qbittorrent
        image: qbittorrent
        ports:
        - containerPort: 8080
        envFrom:
        - configMapRef:
            name: qbittorrent
        volumeMounts:
        - name: data
          mountPath: /data
        - name: config
          mountPath: /config
        securityContext:
          capabilities:
            add:
            - NET_ADMIN
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: data
      - name: config
        persistentVolumeClaim:
          claimName: qbittorrent-config
--- a/apps/media-downloads/qbittorrent.service.yaml
+++ b/apps/media-downloads/qbittorrent.service.yaml
@@ -1,12 +0,0 @@
 kind: Service
 apiVersion: v1
 metadata:
  name: qbittorrent
 spec:
  selector:
    app: qbittorrent
  type:  ClusterIP
  ports:
  - name: qbittorrent
    port:  8080
    targetPort:  8080
--- a/apps/media-downloads/radarr.configmap.yaml
+++ b/apps/media-downloads/radarr.configmap.yaml
@@ -1,20 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: radarr
  labels:
    app: radarr
 data:
  # VPN_ENABLED: "true"
  # VPN_CONF: "wg0"
  # VPN_PROVIDER: "generic"
  # VPN_LAN_NETWORK: "192.168.1.0/24"
  # VPN_LAN_LEAK_ENABLED: "false"
  # VPN_EXPOSE_PORTS_ON_LAN: ""
  # VPN_AUTO_PORT_FORWARD: "false"
  # VPN_AUTO_PORT_FORWARD_TO_PORTS: ""
  # VPN_KEEP_LOCAL_DNS: "false"
  # VPN_FIREWALL_TYPE: "auto"
  # VPN_HEALTHCHECK_ENABLED: "false"
  # PRIVOXY_ENABLED: "false"
  # UNBOUND_ENABLED: "false"
--- a/apps/media-downloads/radarr.deployment.yaml
+++ b/apps/media-downloads/radarr.deployment.yaml
@@ -1,34 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: radarr
 spec:
  selector:
    matchLabels:
      app: radarr
  replicas: 1
  template:
    metadata:
      labels:
        app: radarr
    spec:
      containers:
      - name: radarr
        image: radarr
        ports:
        - containerPort: 7878
        envFrom:
        - configMapRef:
            name: radarr
        volumeMounts:
        - name: data
          mountPath: /data
        - name: config
          mountPath: /config
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: data
      - name: config
        persistentVolumeClaim:
          claimName: radarr-config
--- a/apps/media-downloads/radarr.service.yaml
+++ b/apps/media-downloads/radarr.service.yaml
@@ -1,12 +0,0 @@
 kind: Service
 apiVersion: v1
 metadata:
  name: radarr
 spec:
  selector:
    app: radarr
  type:  ClusterIP
  ports:
  - name: radarr
    port:  7878
    targetPort:  7878
--- a/apps/media-downloads/transmission.deployment.yaml
+++ b/apps/media-downloads/transmission.deployment.yaml
@@ -1,81 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: transmission
 spec:
  selector:
    matchLabels:
      app: transmission
  template:
    metadata:
      labels:
        app: transmission
    spec:
      containers:
      - name: transmission
        image: transmission
        resources:
          limits:
            memory: "128Mi"
            cpu: "500m"
        ports:
        - containerPort: 9091
        env:
        - name: OPENVPN_PROVIDER
          value: PROTONVPN
        - name: LOCAL_NETWORK
          value: 10.42.0.0/16
        - name: OPENVPN_CONFIG
          valueFrom:
            secretKeyRef:
              name: protonvpn
              key: country
        - name: OPENVPN_USERNAME
          valueFrom:
            secretKeyRef:
              name: protonvpn
              key: username
        - name: OPENVPN_PASSWORD
          valueFrom:
            secretKeyRef:
              name: protonvpn
              key: password
        volumeMounts:
        - name: media
          mountPath: /data
        - name: config
          mountPath: /config
        securityContext:
          capabilities:
            add: ["NET_ADMIN"]
      volumes:
      - name: media
        persistentVolumeClaim:
          claimName: media-downloads
      - name: config
        persistentVolumeClaim:
          claimName: transmission-config
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: transmission
 spec:
  selector:
    app: transmission
  ports:
    - protocol: TCP
      port: 9091
      targetPort: 9091
  type: ClusterIP
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: protonvpn
 type: Opaque
 stringData:
  country: at.protonvpn.udp,fr.protonvpn.udp,pl.protonvpn.udp,ch.protonvpn.udp
  username: VOYkNuZs5PHjeB8w
  password: WvKCOPijcXKOqcL5d7zjXzOPToS4zPid
Author	SHA1	Message	Date
Remy Moll	ab96719964	small fixes	2024-05-15 17:57:15 +02:00
Remy Moll	0215ecaf87	add (broken) deployment	2024-05-13 14:27:34 +02:00