From 238803b2e029d6582d834d4891cd0f3940ca3cf6 Mon Sep 17 00:00:00 2001 From: SeanOMik Date: Tue, 4 Jun 2024 19:02:13 -0400 Subject: [PATCH] feat: add huginn --- .../apps/default/huginn/env-secret.sops.yaml | 72 +++++++++++++++++++ cluster/apps/default/huginn/helm-release.yaml | 70 ++++++++++++++++++ .../apps/default/huginn/kustomization.yaml | 5 ++ cluster/apps/default/kustomization.yaml | 6 +- 4 files changed, 149 insertions(+), 4 deletions(-) create mode 100644 cluster/apps/default/huginn/env-secret.sops.yaml create mode 100644 cluster/apps/default/huginn/helm-release.yaml create mode 100644 cluster/apps/default/huginn/kustomization.yaml diff --git a/cluster/apps/default/huginn/env-secret.sops.yaml b/cluster/apps/default/huginn/env-secret.sops.yaml new file mode 100644 index 0000000..cd1c702 --- /dev/null +++ b/cluster/apps/default/huginn/env-secret.sops.yaml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Secret +metadata: + name: huginn-env + namespace: default +stringData: + HUGINN_DATABASE_USERNAME: ENC[AES256_GCM,data:DplLihcS,iv:28S8uHD4/8ViH2GO8nXTclR4KOqkxAvK3tmu9zQM7MY=,tag:dASWAy/R+XA9X81Xr9GmGw==,type:str] + HUGINN_DATABASE_PASSWORD: ENC[AES256_GCM,data:TuOZZPC7LUkJEq7WgqdinnGpUUsrehHiQATRKUePNcs=,iv:IHHHnBR6+Pnxn5aI3RpOdK4yAnonvRESGqFYcDhtshQ=,tag:RNXbLOblmXR8N3DVeYKDAA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-06-04T23:00:19Z" + mac: ENC[AES256_GCM,data:hDQ6PP6b8RkbHlQJ9iySk6TyEZzvs4jZ3rYrYKesTBdJyamVpGuEOo7CbXL72xbaVQsotcpwrnoUnNPgfJuB53GWS1sYybxtr093CuBn845Q7ivs039mqLO/peYfNaHadAtKHmqp/BOPx6iXiVdm6aenRWDS2pQgc0BvhJwhpNA=,iv:Fs1YEMynuKS9ETbbi6sgDax4YezjzwVQVe5i4NQItcA=,tag:DoemwgTkHJjvjfu4Aa6ENA==,type:str] + pgp: + - created_at: "2024-06-04T23:00:19Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAyqlIeyoxYovAQ//ZxD4TyoTq0UmLWuHZokzaHT3JynCRaBkVGv7BPBXRL31 + 31C1+V0ST93hq2crly/u+MSwNbsRwqGGYucz+jSVliRjtCATne2WTSuERtZ34hTF + 52+eX9N5OntngyRSkXsmPgjjhys83JAq+Y6n8r9j4+idaLsLyvhuwV718MJu5koB + eXDvhIht36R/1GBXCLhf6bPfraKMVjd+78fsJ84DiVFUrKp1i1Lz1w8ejtGtZLml + mgRM1Yyv2vkAJOTEeLPj9zsUg+3MmnLaM+pxcCTIuQ6DM8aJD/YxeUaowYcVNKhj + mSqlrlpJNlr8xnAU04+lw9SYVSOJ3YWjJHTOqUK/a9WKAdMAfb7EFEhu8whZnB9i + hGAVviu3wbjzjcmhB2KGT5Q86E4PXjFVRlDaXgNxsptx94CpLMXBHmehsgQ/KYZF + yCoL5xV4UfHElHU7L5QfxIf0rghdpVORArTkEqyZABmmK0pZTz/HXbUliWXCziYK + IcFeOrmYVSzdOJpWirhlW02D0YSzjIcyQFGYmYEsWwc2fXSwBu5rzOpkFnUTmJkz + s6mSernxyVCY/zqQ+wrwCZPZ45o2YCeQwiLfd+Tu9CxSe3zbSHx9WpxJPtNW1EkN + oWiNvinsZbZJtr+6TLQtL7uaSxHTorKfBv+yFLsw9k0sqc1jRyKpmAg716FxERmF + AgwDXjg0p2IN1X8BD/wLDI28W1Mi3QX8fj2TrjYEPWY+GIMDxO0Bo/4pOEwXaJoZ + EgY9kWEsMYk5UfEZ+Xdw8abyyA8Z8zXzedWCNxeqWMY+WvtpzibswsU6Z38dGbPM + Tyd/RJVG9ctFTkQ8Fbnhan71NADd7ERvDEx/5Szzi60kzu2D11XZCDNCaxRbUnnF + dY6aC66quuHIYFiIbwlT/hzhKyghEzAm5F14AkeiOSq8BLQk44uoqEo2T3He+Ijh + rDC6zOSR2q+TFAcsJYda5DzVoJPj/GSQnaJEz4rJIHj+q9soYQOE8tJ/vbkVb3vL + VOvTUnG/R6Kg+4MliIOUMo+oN9WSmDA7PiDe7MpCQk6Q5eaDVceLFFwu73Omr/7Z + pvX+RoiQhNbaTkkwLM+0CcvCOEi5s+YN+O0gubsFOzELbUAnOsveQ4biDASAL5Kr + Dkj+vArVOz3v9rEMVlLIA68oYjAOV0AKuvom/DcyOFf6gY1sgebfZ/qoYsxPqppc + /r96SsMJzYs9yNoLcIssGg93rBHympaAXH+fGpBnTBwsD+rZXjX2kd3quHabPALc + sJkY0hFi7bkh8Jtr4dhWyLx2allDszcYunH30V2cdxSvZmXsvu/7apGvel76TCTi + RFwmIEve1KflsPvQJdbMUcKXJtdKmbBtWQWoxkjErVxyDMweODR2om2UJhVt4dRo + AQkCEP587eVWyMnkChA6o3EjS0SbrzKWz9780pVrOm1pUhWTq4un2vSw5FSuovpX + sDq0/4wJN4idMdNa9w0uWBdGSgvu5YNeFE4dGUJjT2oI+FrLBxuSUMRndgx9zKVg + 3XJfOb0uuEI= + =SQjZ + -----END PGP MESSAGE----- + fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD + - created_at: "2024-06-04T23:00:19Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAy5t8IMoPu4VAQ/+MZ3vBFI+QR0XbNvSfkee97BsnROAgfNjs+6vWViiJv2y + O+24WVFfC4GWYofXuOkBfFc2j1TMQgst8Vzx0RvMPfJYJVQJn7nwRlWsi4dRooz/ + lN3C9b7VDX74Cpn5UW6knZTtmIEMHWUQ+SFHUnTAy3XCAv4aiEIrCmesQ7G9dGmi + /19MuBwLIMx78PvWw1Z9BOHsJMo0YZe5v3hRKWveAlYI/6C4vGn0G8VDfA6aJToH + 0kfnmhlqcPw0CtNK6cTtotJa7Gmi573y6erAN8CqvYyZblTPpQhUVIMB2UBpeqZW + 8dTqxBytiZfIj8M+31D6yh9sirZaHb4KC6KDbjyRkLpE1PPc7DgmMOgjQwftOSqT + ok+fFpY+VLbObjqQ4hcy0jUtAcQckwiCDD28EX8xiMWdDxtfFIrtlCUGlL+jOI46 + jJTdnxfK4uSDtxXISlk/4RVf66YI2twEqMHzIxrCqEXWNn0D6xd7nTBI1AKoTkeA + u2o81WNSuFnft0dwSNqbjj4xQc1Tlzke0Dyrf5ylE4aluo1lW0ChQg4V0CTYrmKz + y7uVjsPlJLCqJ3+Ep8UUOxAQAChsrU7B6SgAB5bmGRWkGK53E1945t4WrOHMC39o + frx4uyERO7kGiylvshJyl+5ItrNsw/SQWzWK+7NwMkTAR9u8eDHxQb4zTfHkka/U + aAEJAhDAWk9oX6oON/55LXGL9Zvko1015u+eLvZsnzjNTlkaY4pJsUjaaXPj4WdR + 3mklxz2xhYIonSF/t6+vaTXt9Vckosa3poJ7616KXTzzLRddghpC+9+vTNqVP6WH + 1CjwG/q7eLfE + =VrqI + -----END PGP MESSAGE----- + fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D + encrypted_regex: ^(data|stringData)$ + version: 3.8.1 diff --git a/cluster/apps/default/huginn/helm-release.yaml b/cluster/apps/default/huginn/helm-release.yaml new file mode 100644 index 0000000..9945005 --- /dev/null +++ b/cluster/apps/default/huginn/helm-release.yaml @@ -0,0 +1,70 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: huginn + namespace: default +spec: + interval: 5m + chart: + spec: + chart: app-template + version: 3.1.0 + sourceRef: + kind: HelmRepository + name: bjws-charts + namespace: flux-system + + values: + controllers: + main: + pod: + securityContext: + runAsNonRoot: true + runAsUser: 10000 + runAsGroup: 10000 + fsGroup: 10000 + fsGroupChangePolicy: OnRootMismatch + + containers: + main: + image: + repository: ghcr.io/huginn/huginn + tag: latest@sha256:84adac75461ad50fc1f8ed5f130223eb61b5cab3f43ea5c7dce9882ae81941a8 + + env: + HUGINN_DATABASE_ADAPTER: postgresql + HUGINN_DATABASE_HOST: postgresql.database + HUGINN_DATABASE_PORT: 5432 + + HUGINN_DATABASE_NAME: huginn + # Specified in huginn-env + # HUGINN_DATABASE_USERNAME: + # HUGINN_DATABASE_PASSWORD: + + envFrom: + - secretRef: + name: huginn-env + + service: + app: + controller: main + + ports: + http: + port: 3000 + + ingress: + main: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-production + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd + + hosts: + - host: "huginn.${SECRET_NEW_DOMAIN}" + paths: + - path: / + service: + identifier: app + port: http diff --git a/cluster/apps/default/huginn/kustomization.yaml b/cluster/apps/default/huginn/kustomization.yaml new file mode 100644 index 0000000..8eb891c --- /dev/null +++ b/cluster/apps/default/huginn/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ./env-secret.sops.yaml +- ./helm-release.yaml \ No newline at end of file diff --git a/cluster/apps/default/kustomization.yaml b/cluster/apps/default/kustomization.yaml index 036956b..7cd63d8 100644 --- a/cluster/apps/default/kustomization.yaml +++ b/cluster/apps/default/kustomization.yaml @@ -3,9 +3,7 @@ kind: Kustomization resources: - ./fireflyiii - ./cdn -#- ./gitea -#- ./dendron - ./trilium - ./mealie -#- ./whoami -#- ./msrewards \ No newline at end of file +- ./huginn +#- ./whoami \ No newline at end of file