Move things around

This commit is contained in:
SeanOMik 2023-04-02 22:45:20 -04:00
parent f1d75d667a
commit 735be23ba4
Signed by: SeanOMik
GPG Key ID: 568F326C7EB33ACB
18 changed files with 90 additions and 102 deletions

View File

@ -1,5 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./traefik
- ./metallb
resources: []
#- ./media

View File

@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./namespace.yaml
- ./sonarr.yaml

View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: media

View File

@ -0,0 +1,31 @@
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: aste88-charts
namespace: flux-system
spec:
interval: 1m
url: https://aste88.github.io/helm-charts/
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: sonarr
namespace: media
spec:
interval: 5m
chart:
spec:
chart: sonarr
version: '17.x.x'
sourceRef:
kind: HelmRepository
name: aste88-charts
namespace: flux-system
interval: 1m
values:
env:
TZ: America/New_York
ingress:
# metrics.enabled: true

View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./sonarr.yaml

View File

@ -1,90 +0,0 @@
additionalArguments:
- --certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare
- --certificatesresolvers.cloudflare.acme.email=seanomik@gmail.com
- --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers=1.1.1.1
- --certificatesresolvers.cloudflare.acme.storage=/ssl-certs/acme-cloudflare.json
- --api.insecure
- --providers.kubernetesingress
logs:
general:
level: DEBUG
ports:
traefik:
port: 9000
expose: true
exposedPort: 9000
# The port protocol (TCP/UDP)
protocol: TCP
web:
port: 8000
expose: true
exposedPort: 80
# (optional) Permanent Redirect to HTTPS
# redirectTo: websecure
protocol: TCP
websecure:
port: 8443
expose: true
exposedPort: 443
protocol: TCP
tls:
enabled: true
certResolver: cloudflare
metrics:
port: 9100
expose: true
exposedPort: 9100
protocol: TCP
service:
enabled: true
single: true
type: LoadBalancer
externalIPs:
- 192.168.87.10
env:
- name: CF_DNS_API_TOKEN
valueFrom:
secretKeyRef:
key: apiToken
name: cloudflare-credentials
# Disable Dashboard
#ingressRoute:
# dashboard:
# enabled: true
# matchRule: Host(`k3st.***REMOVED***`) && (PathPrefix(`/dashboard/`) || PathPrefix(`/api`))
# entryPoints: ["websecure"]
# Persistent Storage
persistence:
enabled: true
name: ssl-certs
size: 1Gi
path: /ssl-certs
#deployment:
# initContainers:
# The "volume-permissions" init container is required if you run into permission issues.
# Related issue: https://github.com/containous/traefik/issues/6972
# - name: volume-permissions
# image: busybox:1.31.1
# command: ["sh", "-c", "chmod -Rv 600 /ssl-certs"]
# volumeMounts:
# - name: ssl-certs
# mountPath: /ssl-certs
# Set Traefik as your default Ingress Controller, according to Kubernetes 1.19+ changes.
ingressClass:
enabled: true
isDefaultClass: true
metrics:
prometheus:
entryPoint: metrics
namespaceOverride: traefik

View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./networking

View File

@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./traefik
- ./metallb

View File

@ -1,7 +1,7 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: traefik-helm
name: traefik
namespace: traefik
spec:
interval: 5m
@ -31,19 +31,39 @@ spec:
level: DEBUG
ports:
web:
traefik:
port: 9000
expose: true
exposedPort: 8080
exposedPort: 9000
# The port protocol (TCP/UDP)
protocol: TCP
web:
port: 8000
expose: true
exposedPort: 80
# (optional) Permanent Redirect to HTTPS
# redirectTo: websecure
protocol: TCP
websecure:
port: 8443
expose: true
exposedPort: 443
protocol: TCP
tls:
exposed: true
exposedPort: 8443
enabled: true
certResolver: cloudflare
metrics:
port: 9100
expose: true
exposedPort: 9100
protocol: TCP
service:
enabled: true
single: true
type: LoadBalancer
externalIPs:
- 192.168.87.10
env:
- name: CF_DNS_API_TOKEN
@ -55,7 +75,9 @@ spec:
# Disable Dashboard
ingressRoute:
dashboard:
enabled: false
enabled: true
matchRule: Host(`k3st.***REMOVED***`) && (PathPrefix(`/dashboard/`) || PathPrefix(`/api`))
entryPoints: ["websecure"]
# Persistent Storage
persistence:
@ -80,4 +102,8 @@ spec:
enabled: true
isDefaultClass: true
metrics:
prometheus:
entryPoint: metrics
namespaceOverride: traefik