feat: add mealie, add execPostgres go-task

This commit is contained in:
SeanOMik 2024-05-24 17:59:30 -04:00
parent e441e95380
commit be0b06d19c
Signed by: SeanOMik
GPG Key ID: FEC9E2FC15235964
6 changed files with 174 additions and 2 deletions

View File

@ -7,3 +7,8 @@ vars:
includes:
flux: .taskfiles/Flux/Taskfile.yaml
tasks:
execPostgres:
desc: Exec into the postgres pod as the postgres user
cmd: kubectl -n database exec -it postgresql-0 -- psql -d postgres -U postgres

View File

@ -6,5 +6,6 @@ resources:
#- ./gitea
#- ./dendron
- ./trilium
- ./mealie
#- ./whoami
#- ./msrewards

View File

@ -0,0 +1,71 @@
apiVersion: v1
kind: Secret
metadata:
name: mealie-env
namespace: default
stringData:
POSTGRES_PASSWORD: ENC[AES256_GCM,data:6SsTUHnrE+Kabmq8MIr+8NM5j8qGa4+6h2ajMhXyoSw=,iv:+yHSWqcPkp7sasfMvPJc0egKxI96ntNmRfjzeDWXWJg=,tag:mXtYwWhwASx0/s0Zu9/4cQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-05-24T21:58:23Z"
mac: ENC[AES256_GCM,data:akLXgyEWtiTLPCaeYhyxKE1IxJED6HL7eCW0qFZht0VamMGG+ebKsx8tD6vevb5VnYnOxbncBzW8/Or4nekwCZIXLA2aCsFa265E814yLCoFglPAaCmX1A1YOa6TNwVOAcpfCgO2QiOMI8+/P+xVJdSP6eMCCiNpBsTNA//CZQA=,iv:dobLzZMg5Tua3apU27ujRbfWxK6cMe+d3RmB5RepYuM=,tag:51YTlfsZSNs7VBYbTM7NWg==,type:str]
pgp:
- created_at: "2024-05-24T21:58:23Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAyqlIeyoxYovARAAmsgHmD0qb6M8jYXz8x1SsFHucxyWRsMVNPG57l/EDF8x
I9dw2Hbu0LOf+4btrrNXW0KR0FP/sE8UziqHhMmnxpvI6J4ijLZWIS04GLskhPCP
wPI61ur+OAR7GvwMMOL/+XMPQdZ2vRwARR51TdLKnfAew0ynF2JO5eYOhK9Qfdik
P4nkqGUCVGFj5iVtZ4HAwMcjHxV1cMrElTm2E9QNVwWQ+i4N4lvYu4D6Gjgnds1m
z2xbochEwBtmTe4ZEHQUzZlg96MNr091pcOL9xTKkdjRq9kpvsEq8G/LaT2sdntA
Af4hcrVL2dszNCFXwqDu99ilI4EYQvX9hckg2LW0wZAfzt2E61ciy8nyljKuhs0L
J61mH5TT/6TnvcsN6f78pPTrx4ylyivvoA+vrprIdotWFdHIpjtcRPzWagbKm8t4
30Ee3v+PwiciZYoO8fpHv8H/JYhWuEi+48erFbIzefioCOlOZb3tPCNdeJtALdMr
pCKCEtkWRJWzd8YYSvrYbmoAe9Sin3X/KnGPkITkpSbvMdK5IgaGTf5QtwbBqROV
HHn/ggGLPwdvUrhNjWjt33tdGgwgMeyO1bh6uQWwnHWFQ7V9AC4nxFIjyda56mtY
mwiXTe/7VtGyk+9Ltj66pNtD62WWO2xjwxcjgSohLO90s4Y//j6DPz51z3zKWp+F
AgwDXjg0p2IN1X8BEADTV07SxwRN8EzSx7YflSCogZBEZaH+h/U9Urp4aV64g0X9
6nIRtkiQXlcIXMxmMNRaabOQReiMFspM4gsr0boq6P/l0sCz+Z4wE7uASqh9fkt7
vN8ninoSLjtG5Ttt3ezRS6uItol6vFi/l0GEDfzqB0JtzXfwUGPhjmDCBgRRK8c0
BpmMTYemusFnYH21LkjRXpz+PjzvzNaEtinxk1ZIAfVyCZsIZwBqilMCAlSaX9Ne
FJIQH8mgk5PyXvuAeBJ7EmqDtEbrJ/uAQ2QhR8gKDe/1t4p3aghAoDRC9qLHct/e
ti7a61Ytm9VFBOQ02yJfz55Zv+/QnFKAcidLWc0NokXlBhT3m9Z2JzM/RhhScReR
3qI2JW3PWYgZf5egfMCcFUdWLDNlr1yxFVNAIv3tIvDu2HunMx6tTc5pU/ByMQCE
IbbWDSPn5TL6c+YznE2DztFONyM/03oZnIC4bsckS6X8DPLJHM5i0LRfbg1uTFW9
ceUMAEMM+Da2hQBnT6saIlW+VFZY7Gak7v+Iv318YJo85POs9LBcVzDPIf8NZ7qC
c6RJ+YOL6dkvrupMOuxYFkAoyZbQ7OvgxgTB9rFj6a3fnTFfJaCotkOkI3E0f3gn
0t/oJBZkCXzMgMRknv3o11DU06bkIbpam74mr2zvQKidRBE6Ms4Qjcb/naER7tRm
AQkCEK+bjwRWoyZwxsX+1+6Kip332A/9+bO4cM6J1EuVYSnbXbN344kKbJey6CCp
nf3PdJxhfibou4KbdllK02gomox5nyOD0ktL0CFAg2QHomeJ4FohMBU8O885v/WU
vcJ020xD
=OKQG
-----END PGP MESSAGE-----
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
- created_at: "2024-05-24T21:58:23Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAy5t8IMoPu4VAQ//SWXcuv6gAI50NYTpP1Qy1mrOXplMzKo+bFbhjUN110FG
tv3V8c5BFqmtBZOh81GHchrwtLL04FkJ8TYkClqkmRcGw4fiQWwvzAh+Ne2Hb6EW
bmV5EG4ipE0ALcfH4E7G8JLX3kN/EoW6Q61UWBPI1y6U+t5ywBzYq+KA8f217aMp
4y/PKAVFHfq/41LkKxDUP5P52+kW1xlq3gGcgcfAXrXQ/17GCfFSZ1hdoodGpAvA
5tN/m3oKmNWeXWX8jamruFB1o8Dsp52TtgaXhDdyhdeSd2x8nTCSwypSw4lMPexS
90K45amgzCENBmEJgu/S38q3I/lqh5nvK2Qzr7kLAAzDg33DILmU01Xg5nRJzg4B
T0tn0pwcgvUKf/RLpxuWuPawXF19l15EWYkjTqgDtajH1Si+9/EBdxQpUpr2nIBa
VTE/4V3brJeoRVgxgoSAes5Z4ou6XokyRobdwxvVhfA4E30pZofng50+o49ok7NN
bLlC+BmknpQOgp0q3mybUs3DFSI+7+ptbTUg8v9mU7onCHnykxVcrzW8hAYzIpTs
CroRwR3w0S2p99R3rJ22F7WkTRKoAMEvxNoeXJs28SugEQLDFHlgBeY0a+a4r/GK
ELv8HwyG6MpFiW2kCb1IzdO+I4v9KrtFn5zWpzxDyYxacCnG6xD9blsBHy+MqR3U
ZgEJAhBAE2WUjAExcVUh8t+Pg93SueopD7VzMcTauFzRDIfSfLmTr3v/7e384ZYX
J36xJHFaITDLg1Er+K1d8DA7dtl0Dr+9LuO9ADALWtWbodLtyw1UcmWCS3gJ/GYp
FyuaEkah5g==
=3Knf
-----END PGP MESSAGE-----
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
encrypted_regex: ^(data|stringData)$
version: 3.8.1

View File

@ -0,0 +1,89 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: mealie
namespace: default
spec:
interval: 5m
chart:
spec:
chart: app-template
version: 3.1.0
sourceRef:
kind: HelmRepository
name: bjws-charts
namespace: flux-system
values:
controllers:
main:
# pod:
# securityContext:
# runAsNonRoot: true
# runAsUser: 10000
# runAsGroup: 10000
# fsGroup: 10000
# fsGroupChangePolicy: OnRootMismatch
containers:
main:
image:
repository: ghcr.io/mealie-recipes/mealie
tag: v1.7.0
env:
ALLOW_SIGNUP: true
PUID: 10000
PGID: 10000
TZ: ${SERVER_TIMEZONE}
MAX_WORKERS: 1
WEB_CONCURRENCY: 1
BASE_URL: &host meals.${SECRET_NEW_DOMAIN}
# database
DB_ENGINE: postgres
POSTGRES_USER: mealie
# specified in mealie-env
# POSTGRES_PASSWORD
POSTGRES_SERVER: postgresql.database
POSTGRES_PORT: 5432
POSTGRES_DB: mealie
envFrom:
- secretRef:
name: mealie-env
resources:
limits:
memory: 1Gi
service:
app:
controller: main
ports:
http:
port: 9000
ingress:
main:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
hosts:
- host: *host
paths:
- path: /
service:
identifier: app
port: http
persistence:
data:
type: hostPath
hostPath: /mnt/MainPool/Kubernetes/Mealie
globalMounts:
- path: /app/data

View File

@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./env-secret.sops.yaml
- ./helm-release.yaml

View File

@ -7,3 +7,4 @@ metadata:
data:
# MetalLB
METALLB_LB_RANGE: 192.168.87.10-192.168.87.28
SERVER_TIMEZONE: America/New_York