Compare commits
19 Commits
d103a6a402
...
70f906efea
Author | SHA1 | Date |
---|---|---|
Renovate Bot | 70f906efea | |
SeanOMik | 927025ea2d | |
SeanOMik | 751b6d2e76 | |
SeanOMik | 06bf3d569a | |
SeanOMik | da70341ab2 | |
SeanOMik | 849f6d4ca9 | |
SeanOMik | 6d4b2946e0 | |
SeanOMik | 48a57df9a9 | |
SeanOMik | cbf08842fc | |
SeanOMik | 4521ee7074 | |
SeanOMik | c9c1a8765f | |
SeanOMik | e02c4d8066 | |
SeanOMik | b4bfb3e11b | |
SeanOMik | 84c6b4841f | |
SeanOMik | dc392a71cf | |
SeanOMik | 9847eac88d | |
SeanOMik | adc21e7861 | |
SeanOMik | 6bf0b594c0 | |
SeanOMik | 8744f71644 |
|
@ -0,0 +1,6 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./namespace.yaml
|
||||
- ./snapshot-controller/ks.yaml
|
||||
- ./volsync/ks.yaml
|
|
@ -0,0 +1,4 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: volsync-system
|
|
@ -0,0 +1,28 @@
|
|||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: snapshot-controller
|
||||
namespace: volsync-system
|
||||
spec:
|
||||
interval: 30m
|
||||
timeout: 15m
|
||||
chart:
|
||||
spec:
|
||||
chart: snapshot-controller
|
||||
version: 3.0.6
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: piraeus
|
||||
namespace: flux-system
|
||||
install:
|
||||
remediation:
|
||||
retries: 3
|
||||
upgrade:
|
||||
cleanupOnFail: true
|
||||
remediation:
|
||||
strategy: rollback
|
||||
retries: 3
|
||||
values:
|
||||
webhook:
|
||||
enabled: false
|
|
@ -0,0 +1,8 @@
|
|||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: HelmRepository
|
||||
metadata:
|
||||
name: piraeus
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 1m
|
||||
url: https://piraeus.io/helm-charts/
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ../../../common/apps/openebs
|
||||
- ./mainpool-sc.yaml
|
||||
- ./helm-repo.yaml
|
||||
- ./helm-release.yaml
|
|
@ -0,0 +1,19 @@
|
|||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: volsync
|
||||
namespace: flux-system
|
||||
spec:
|
||||
timeout: 5m
|
||||
interval: 10m
|
||||
#targetNamespace: volsync-system
|
||||
path: ./kubernetes/common/apps/volsync-system/snapshot-controller/app
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: home-cluster
|
||||
decryption:
|
||||
provider: sops
|
||||
secretRef:
|
||||
name: sops-gpg
|
|
@ -0,0 +1,19 @@
|
|||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: volsync
|
||||
namespace: volsync-system
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: volsync
|
||||
version: 0.10.0
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: backube
|
||||
namespace: flux-system
|
||||
values:
|
||||
manageCRDs: true
|
||||
metrics:
|
||||
disableAuth: true
|
|
@ -0,0 +1,8 @@
|
|||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: HelmRepository
|
||||
metadata:
|
||||
name: backube
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 1m
|
||||
url: https://backube.github.io/helm-charts/
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./helm-release.yaml
|
||||
- ./sonarr-exportarr-metrics.yaml
|
||||
- ./helm-repo.yaml
|
||||
- ./helm-release.yaml
|
|
@ -0,0 +1,19 @@
|
|||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: volsync
|
||||
namespace: flux-system
|
||||
spec:
|
||||
timeout: 5m
|
||||
interval: 10m
|
||||
#targetNamespace: volsync-system
|
||||
path: ./kubernetes/common/apps/volsync-system/volsync/app
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: home-cluster
|
||||
decryption:
|
||||
provider: sops
|
||||
secretRef:
|
||||
name: sops-gpg
|
|
@ -0,0 +1,25 @@
|
|||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationsource_v1alpha1.json
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: "${APP}-b2"
|
||||
spec:
|
||||
sourcePVC: "${APP}"
|
||||
trigger:
|
||||
schedule: "0 0 * * *"
|
||||
restic:
|
||||
copyMethod: "${VOLSYNC_COPYMETHOD:-Snapshot}"
|
||||
pruneIntervalDays: 7
|
||||
repository: "${APP}-volsync-b2-secret"
|
||||
volumeSnapshotClassName: "${VOLSYNC_SNAPSHOTCLASS:-zfs-mainpool}"
|
||||
cacheCapacity: "${VOLSYNC_CACHE_CAPACITY:-4Gi}"
|
||||
cacheStorageClassName: "${VOLSYNC_CACHE_SNAPSHOTCLASS:-mainpool-hostpath}"
|
||||
cacheAccessModes: ["${VOLSYNC_CACHE_ACCESSMODES:-ReadWriteOnce}"]
|
||||
storageClassName: "${VOLSYNC_STORAGECLASS:-openebs-zfs-mainpool}"
|
||||
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
|
||||
moverSecurityContext:
|
||||
runAsUser: 10000
|
||||
runAsGroup: 10000
|
||||
fsGroup: 10000
|
||||
retain:
|
||||
daily: 7
|
|
@ -0,0 +1,7 @@
|
|||
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./pvc.yaml
|
||||
- ./minio.yaml
|
||||
- ./b2.yaml
|
|
@ -0,0 +1,51 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationsource_v1alpha1.json
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: "${APP}"
|
||||
spec:
|
||||
sourcePVC: "${APP}"
|
||||
trigger:
|
||||
schedule: "0 * * * *"
|
||||
restic:
|
||||
copyMethod: "${VOLSYNC_COPYMETHOD:-Snapshot}"
|
||||
pruneIntervalDays: 7
|
||||
repository: "${APP}-volsync-secret"
|
||||
volumeSnapshotClassName: "${VOLSYNC_SNAPSHOTCLASS:-zfs-mainpool}"
|
||||
cacheCapacity: "${VOLSYNC_CACHE_CAPACITY:-4Gi}"
|
||||
cacheStorageClassName: "${VOLSYNC_CACHE_SNAPSHOTCLASS:-mainpool-hostpath}"
|
||||
cacheAccessModes: ["${VOLSYNC_CACHE_ACCESSMODES:-ReadWriteOnce}"]
|
||||
storageClassName: "${VOLSYNC_STORAGECLASS:-openebs-zfs-mainpool}"
|
||||
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
|
||||
moverSecurityContext:
|
||||
runAsUser: 10000
|
||||
runAsGroup: 10000
|
||||
fsGroup: 10000
|
||||
retain:
|
||||
hourly: 24
|
||||
daily: 7
|
||||
weekly: 5
|
||||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationdestination_v1alpha1.json
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationDestination
|
||||
metadata:
|
||||
name: "${APP}-dst"
|
||||
spec:
|
||||
trigger:
|
||||
manual: restore-once
|
||||
restic:
|
||||
repository: "${APP}-volsync-secret"
|
||||
copyMethod: Snapshot # must be Snapshot
|
||||
volumeSnapshotClassName: "${VOLSYNC_SNAPSHOTCLASS:-zfs-mainpool}"
|
||||
cacheStorageClassName: "${VOLSYNC_CACHE_SNAPSHOTCLASS:-mainpool-hostpath}"
|
||||
cacheAccessModes: ["${VOLSYNC_CACHE_ACCESSMODES:-ReadWriteOnce}"]
|
||||
cacheCapacity: "${VOLSYNC_CACHE_CAPACITY:-8Gi}"
|
||||
storageClassName: "${VOLSYNC_STORAGECLASS:-openebs-zfs-mainpool}"
|
||||
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
|
||||
capacity: "${VOLSYNC_CAPACITY}"
|
||||
# moverSecurityContext:
|
||||
# runAsUser: 10000
|
||||
# runAsGroup: 10000
|
||||
# fsGroup: 10000
|
|
@ -0,0 +1,14 @@
|
|||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: "${APP}"
|
||||
spec:
|
||||
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
|
||||
dataSourceRef:
|
||||
kind: ReplicationDestination
|
||||
apiGroup: volsync.backube
|
||||
name: "${APP}-dst"
|
||||
resources:
|
||||
requests:
|
||||
storage: "${VOLSYNC_CAPACITY}"
|
||||
storageClassName: "${VOLSYNC_STORAGECLASS:-openebs-zfs-mainpool}"
|
|
@ -38,9 +38,9 @@ spec:
|
|||
|
||||
env:
|
||||
- name: PUID
|
||||
value: 555
|
||||
value: 10555
|
||||
- name: PGID
|
||||
value: 555
|
||||
value: 10555
|
||||
- name: TZ
|
||||
value: "America/New_York" # Set to your timezone
|
||||
- name: DB_HOST
|
||||
|
|
|
@ -5,8 +5,8 @@ resources:
|
|||
#- ./network_policy.yaml
|
||||
- ./qbittorrent
|
||||
- ./qbit-manage
|
||||
- ./radarr
|
||||
- ./sonarr
|
||||
- ./radarr/ks.yaml
|
||||
- ./sonarr/ks.yaml
|
||||
- ./prowlarr
|
||||
- ./bazarr
|
||||
- ./readarr
|
||||
|
|
|
@ -2,5 +2,5 @@ apiVersion: v1
|
|||
kind: Namespace
|
||||
metadata:
|
||||
name: download
|
||||
labels:
|
||||
name: download
|
||||
annotations:
|
||||
volsync.backube/privileged-movers: "true"
|
||||
|
|
|
@ -0,0 +1,75 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: radarr-volsync-b2-secret
|
||||
namespace: download
|
||||
type: Opaque
|
||||
stringData:
|
||||
RESTIC_REPOSITORY: ENC[AES256_GCM,data:+veFT1W3b3seqmzYobKCeWbG6ENvg4Ldggq5Vr87x3l/IS+ZpNoUg4LvORbA4Bc=,iv:iNyL+43KLbTVcyyrHiZADht0/2e9xjlNmz6Su5alrsM=,tag:OzLJHB4JKZtudbF15SQqHg==,type:str]
|
||||
RESTIC_PASSWORD: ENC[AES256_GCM,data:e1Ji5tLyO+D83LTrCX0Vn2ElbvZ5zjzwmfqukwhm4yI=,iv:s8MtgLlI4zw/tR9/BipWKSjJb3YkawNAoAfYTSnVssE=,tag:nRn5KViI/ap0NHQ/KbDZrQ==,type:str]
|
||||
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:HqlLzU1aRhxs6jPVFPJwC2VvJJKT2se0YQ==,iv:rxkIrlwPz+SpeJzySUqlac36H2UF4aXJPWOieStvVAA=,tag:piy0i2GJ27RdB52f1HN9Pw==,type:str]
|
||||
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:Sc8p4PCOtpedx4RCwiPBokMf6VZK2AIEhqlFWJLMxQ==,iv:WcSlztDPaJ74DOYvLNdMys8qvGcU75hB6ah75BwqS6I=,tag:clEW+2no+iyauPxA9Nogcw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2024-10-13T22:45:06Z"
|
||||
mac: ENC[AES256_GCM,data:Ah819y/70by3PifAVnUxD4Fo0RDvSRB2z85zjmNJe2WMye4OLBY31kfdtG+ExM6wnO5SlRX8MVWxqMHRuR2wDdj1jZ0JauhVEOjffftQ1gVWZDoDPmQPYycDIk6/M+Go/1hh744CGACddxDeLGecnsgYqqXCEMUdOn9V8+7WZwk=,iv:FxVGayNbqsOC/CV0FuEnNhdpuOcUZ57BwqN0u/3KOW8=,tag:DsFqasdTw7yg8Ox2zSL9kw==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-10-13T22:45:06Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAwAAAAAAAAAAAQ/9ElsB9yOzGtSZLfjScPCE7XE9xLfVnZqzWtBQBzpXf9rC
|
||||
AvA9bvFI6nUCHnJ8amqAKIeijm8pAiMdVFuKtDOqAbJm6R5H0c6xs0bWzN0K1c5Z
|
||||
wXECLpgf9x+aDQGSAwu7lJTuuSvunDYY2AxzId5N2l294U8LMHX9tP3mmKr/Yp88
|
||||
mwIfHZyl+2V6RhCBpaSfOcpz+9267Ktgzb6jhkq3kIBJKAAxGVZsGRjSjTlGP6Oo
|
||||
NvpMZ7sWNAcVTG30lHcL2idzXNPC1VHuRoMiJeBvKT8kkv2AIibfN+Aw278TcmXk
|
||||
FXdcgzvctUHkf/gKkPzLn5Bt337mEQbaqdvIbwXLggFI/KgXuNWGWDKLALme10Mt
|
||||
t3XaEoag62HrgvXK2W5WMfuy4lfGzhuM0sdbN2nvR5xEwxSst4fmOBZYmWAdsq9s
|
||||
VkHyPNvPTjJ5/0k7rvyZoy1V131l8GPplf5ZQUxvcF6VFxQsuKv1YQKxcVUE6ye4
|
||||
SrxRhh2fOZUANSiNeh71HRXFfFrwenY/wsM/pmnEXplocAiL5PbNFPQVBrsQ31SC
|
||||
rj50oqdTc7Evwn/CI/SyNB9qdt/huEKL7Yxw8zCm51xh6Wd1k/4KDwW+ACz51ObO
|
||||
Uu21Dyug3ww2Fced2ZyB412z6cJVYGWI7vFYco2X66XCj/Cdfk2EbkcPLPSKxeSF
|
||||
AgwDAAAAAAAAAAABD/9x+giHppcxPjHOeBg4EmXIPLDP7wDvIURBMVFpQLPs1vVY
|
||||
82xfD+GkQyYTvEsaUXy1ts4KaIEYZ7Zc/P1KnsKzDomjPs22fJXxE37YbJqfok2H
|
||||
O1aUfx85g3fLgL7kFf2ASIG1g+NPaiyGH0Z59w1gMv5ag1qQkWCmg1iLWNtngE9F
|
||||
ELnS/DXtNbxOcOB5LfgahdVIkXhfiwl8NPcPgdPq0Pm2n8ckmQTWHLcK/tQ7Es0y
|
||||
6sNx3ofAYfAk1SfZOFxq4yrBNt/hvC+jRkSXHh5G9zcfeoKmH6rptzTw6N980sTv
|
||||
PiyU8TSeccq0+tyz6ZlMmuGQeThTgTZ3Nwxo/JUGlDqw8DYm7ch0Q8EN1JN/rJM6
|
||||
wjxlBGZlH4jIhovSkwgv4X+spQB6kIsZR91M+ZECuvp5tlT5bfHXYkLw/wPilrCS
|
||||
cVXBpIB9vr9fd6Rb2p8U/EJ+AV+fb1UsaBRVkPhDNgOGK7npYeyL8Aoc4IA0oQue
|
||||
TyJKVyyueeUvIJ4X60ho/6DTqn7OIWw0frVshZ7cw73WbT1KSJQGFX+U+Q2Laxj/
|
||||
1zUNyNi2bqHnIn81Yo7aqgiKxXJhUnmV2Ky1EbyZ2aZbjoWVmz2IwO2AJXIO1MpA
|
||||
CjijpJBEI/w9Y54LtGxREZB4cRBB0wiJoXNcMMsQYOxVLQ6oyh0t5vQi5lY6DtRo
|
||||
AQkCECjduK5Lcsdtn+uNenCrDoIArYdDaWyIitEP7MEzMOxTySNbFLrVB2ufovOc
|
||||
ikh61nMtBjjw0cX+rNha1MDQRQxo7eakDhUm/1D3dOmUxoc2sJ/++kBl6qA9OnG/
|
||||
Wo1Ic6rcgl0=
|
||||
=pHI2
|
||||
-----END PGP MESSAGE-----
|
||||
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
|
||||
- created_at: "2024-10-13T22:45:06Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAwAAAAAAAAAAAQ/9HbXhN5NSTcWa5g8C12QP1recnZryBwNh2AJdhRmdZS8R
|
||||
SRZcBzhMm02zoToKSqjy4aYMIoJk6ZShVdtheh4uYxQXI8M6a/CTcurNot+taD96
|
||||
D8iK5GXsIM+mriorCZZhgJK0n9n3oUSp2kMSOyzXzm/Cl24yG+vvbEur3JOh4Tic
|
||||
GogkE6oeyytf6/YeGYtgvRXbsaFD1tRoUrTvzeYkOPL+ii66CDIbVgzOsAyGbg/P
|
||||
DSu0ME9TVCeg+8w0RP/TAnvnsmTP6Pt/fDl+QPJcm7ysqKWkrmxb3pxuIQ3p3Epf
|
||||
qWKxkjqf0GOXf9rzArL1l4my/tzXJyiobuq2felSJUZ4KvWyqRSQeTWuncKQQhVT
|
||||
xK2tBZQDzpRvXugZ1Pu9kTqhhFa9A3T5gR5NTbzyfQraMfzGAHO08vKOYPN/LMgi
|
||||
7hHfnP2tG++zKfvKhaAPMWvW/1TOzxgyHDDOjNwHRaXH4NuuYfEmy+vgcnq2Vohh
|
||||
ej1q+ke5qSDuG6KMAkxq0PcUwD8H8zbJv7VR/QlnL51aauMIVCmqoUUd8i3SZhJV
|
||||
4gskUMjVvSYpq3tdOyAMwfP0c4BI0Ft7ldX7zithfGiNfCKngyrMXEzaRnKx95/n
|
||||
p26pvJudVXBOt7T4MyFSYbH5rlqgnVLehFn/IJS4QUhgC8pAlcc0f2vLJUkZ9n/U
|
||||
aAEJAhDnzLrepQGdEqdiLU4WtLUCd5VPGEk7ROuUe7H3N3f4x5bQHhhjJnNvdjf/
|
||||
DNZ0Jmc7glBUjp+hY8NfhkV2KcpDOmJ7OgSiS+fdAAsLyYuLoDupINpvKU8KHl3N
|
||||
InfTWfiVu02S
|
||||
=zhN+
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.9.1
|
|
@ -0,0 +1,136 @@
|
|||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: radarr
|
||||
namespace: download
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: app-template
|
||||
version: 3.4.0
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bjws-charts
|
||||
namespace: flux-system
|
||||
|
||||
values:
|
||||
controllers:
|
||||
main:
|
||||
pod:
|
||||
securityContext:
|
||||
runAsNonRoot: true
|
||||
runAsUser: 10000
|
||||
runAsGroup: 10000
|
||||
fsGroup: 10000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
containers:
|
||||
radarr:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/radarr-develop
|
||||
tag: 5.12.0.9255
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: radarr-secret
|
||||
env:
|
||||
TZ: America/New_York
|
||||
RADARR__APP__INSTANCENAME: Radarr
|
||||
RADARR__APP__THEME: dark
|
||||
RADARR__AUTH__METHOD: External
|
||||
RADARR__AUTH__REQUIRED: DisabledForLocalAddresses
|
||||
RADARR__LOG__DBENABLED: "False"
|
||||
RADARR__LOG__LEVEL: info
|
||||
RADARR__SERVER__PORT: &port 7878
|
||||
RADARR__UPDATE__BRANCH: develop
|
||||
RADARR__POSTGRES__HOST: postgresql.database.svc
|
||||
RADARR__POSTGRES__PORT: "5432"
|
||||
RADARR__POSTGRES__MAINDB: radarr_main
|
||||
probes:
|
||||
liveness: &probes
|
||||
enabled: true
|
||||
custom: true
|
||||
spec:
|
||||
httpGet:
|
||||
path: /ping
|
||||
port: *port
|
||||
initialDelaySeconds: 0
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 1
|
||||
failureThreshold: 3
|
||||
readiness: *probes
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
readOnlyRootFilesystem: true
|
||||
capabilities: { drop: ["ALL"] }
|
||||
resources:
|
||||
requests:
|
||||
memory: 100Mi
|
||||
limits:
|
||||
memory: 4Gi
|
||||
|
||||
exportarr:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.0.1
|
||||
args:
|
||||
- radarr
|
||||
env:
|
||||
- name: URL
|
||||
value: "http://localhost"
|
||||
- name: CONFIG
|
||||
value: "/config/config.xml"
|
||||
- name: PORT
|
||||
value: 9000
|
||||
- name: ENABLE_ADDITIONAL_METRICS
|
||||
value: "true"
|
||||
- name: ENABLE_UNKNOWN_QUEUE_ITEMS
|
||||
value: "true"
|
||||
|
||||
ingress:
|
||||
main:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
|
||||
|
||||
hosts:
|
||||
- host: "radarr.${SECRET_NEW_DOMAIN}"
|
||||
paths:
|
||||
- path: /
|
||||
service:
|
||||
identifier: main
|
||||
port: http
|
||||
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
|
||||
ports:
|
||||
http:
|
||||
port: *port
|
||||
metrics:
|
||||
port: 9000
|
||||
protocol: HTTP
|
||||
|
||||
persistence:
|
||||
config:
|
||||
#type: hostPath
|
||||
#hostPath: /mnt/MainPool/Kubernetes/radarr
|
||||
existingClaim: radarr
|
||||
globalMounts:
|
||||
- path: /config
|
||||
# main: # controller name
|
||||
# radarr: # container name
|
||||
# - path: /config
|
||||
# exportarr:
|
||||
# - path: /config
|
||||
# readOnly: true
|
||||
storage:
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Media
|
||||
advancedMounts:
|
||||
main: # controller name
|
||||
radarr: # container name
|
||||
- path: /storage
|
|
@ -0,0 +1,10 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
#- ./backup-creds.sops.yaml
|
||||
#- ./minio-creds.sops.yaml
|
||||
#- ../../../../../common/templates/volsync
|
||||
- ./pvc.yaml
|
||||
- ./secret.sops.yaml
|
||||
- ./helm-release.yaml
|
||||
- ./radarr-exportarr-metrics.yaml
|
|
@ -0,0 +1,75 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: radarr-volsync-secret
|
||||
namespace: download
|
||||
type: Opaque
|
||||
stringData:
|
||||
RESTIC_REPOSITORY: ENC[AES256_GCM,data:ebolBMyKUaVKCE4oqtXn8tbgwVM+OG5W/oCNiIEy/dZuUOYUW/3kcP8qPcQ/TP+j,iv:MdfKuDIcOMIu7gKnT8nwAAqA8FXH0qIVGumW7XabnHM=,tag:NFCrjnVgKXHbXNDPqwa8LA==,type:str]
|
||||
RESTIC_PASSWORD: ENC[AES256_GCM,data:OWRCCNHPe7izcDDyr1Df/78XSduQ1KmGrtIoC5iz5Hg=,iv:KPaOpeZbFS4Hg8RLYNf7+26OkHwAfcVqHgZmWwv9R1A=,tag:gOamlt5e3MUQ9b+CeSwTbw==,type:str]
|
||||
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:kzoeP5dV2DBk+VL/31B6sg==,iv:MeQdxt82dWNsvl+OSTnKS+g9zmkwBQxXFlBa813o818=,tag:V2YxoFj3lz4FtGAWutbyFA==,type:str]
|
||||
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:AibU/3Xgi/7qCxXkhdoOlzuN3ETDXg8bvNIg1IjQsfs=,iv:N6U1xM+HDPPHXDRLqY0BIC2ire9ZgN9g68Te8PObRt8=,tag:F8DRJiS4VUX19xO8RhZhEg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2024-10-13T23:24:58Z"
|
||||
mac: ENC[AES256_GCM,data:+BAe3tCH1ZRYvOpktR6Sz4mHkQfNNjso2v70vMGUDgy0hgjkKR/AlvDcHJY6kf5kMoUVEBluPeQ58TVJuCMiXJhTgadTNRes4KPgW1Bm+/QR+TqGsvQYaSkT0YAj3EeUrFfXGU+VGgU/Pf+XE5oM8uqZG9Z3fwS6gZzCFy/JeiY=,iv:jHwrSLB4i9FG9gd4hYO8y+pH/FXhCKxgi3DGw8raSwc=,tag:rJ1sR1FdWcaFcfCOoInSfw==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-10-13T23:24:58Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAwAAAAAAAAAAAQ/+K49WTFNnaDigRZz3RtzJsvuQisVxVBsEG7rUNuIfAtRx
|
||||
AxvmmbhZ97LAwpEcGsXv7uo7HhINX3xNeuLPt77U6lvrWyPDrHwDQKoLEcYpkEBw
|
||||
9NXsReKpyvSa1VP9hoIBhvd3+qoeb7rSgp+qWUWgGmvp/MM5GULI8gN0FV/pE85D
|
||||
fIRd1nbZ6LcGC/gwIO4LgKuFg71V79RVuxFDNWHuyJUvaGnI2up4IFseDXDkfQHg
|
||||
iA386/fzxtMBKrGcveEBFVXWZ4D3G9cacTSrknOfSnD8oGCzNoUArueOjpLvjx6n
|
||||
s6lfQarI75kcAclMYwxFINjSBf7VCIkTvYLlUAUaitcbIVQNEUVKAUrosSc7gKEI
|
||||
lkCty3WCZqRHy5hWIGZpR6tlYSEzqB5GGhBKYnrYn16RtSOXLw37Dl7AzjOB7aOf
|
||||
u5sge6ssPk5zQ0cb2rxBVTN8KJJNh1eFSKBYCmeTjzfG7LGQWJLvp5HWXiGCF+OF
|
||||
6aiUnovEQrr3oNyVQ6oWBM36085hRUM3Gt/AhNaY9anixTYGNHgJO8uQ2HyTSP2p
|
||||
AK69FFXbTAyYcxP5nZbNWctD3PyrhHM6QcqSH0lltZJiDEb6wIhk6c9zzDydDjuG
|
||||
SzzGEWMqeqwu39eYW5Nfovd0IcZjVbC+jAnwwXWzP/tFutcM/OtI2Kpb8njLvLGF
|
||||
AgwDAAAAAAAAAAABEACgTSOriPJ3jzfAGHyeqxHWFLtbBSMfdugXT4T74HNItkoY
|
||||
9pHOzox9CgOpyvslMdJtcUgt4TtNmp1bOWCm4JRKG0mlF4zWjV8hjQa+pIzuHSTg
|
||||
0SuQ+DqG8NelA94zr+H/jJVSSvhJUrv2GWTNsrZ44OGPY6moxhD67YO/2hiApafs
|
||||
p8ololtBzxkdDoOJRjrgusoEOCxEW6AJOZV2Ckl4zWba7YyWQFV9mVUfmulcwNUS
|
||||
7KTFC0nQB1cRYM8Z682W5VAcxzPvoonPfJBdQUTQmfhCtT9W2yN0QtDOOM+oNJ2K
|
||||
OXaDwYspvpUb4A53fGKew7oJArDxxI1bDSmyMzq+vHRmQutmiDOxAj6KH8F0ya5y
|
||||
n7aq4Npas0EPhtu6g8x5NK8TjEmiTn3rkAg0cXwfWuBR+B8ERzSwQGKyHlwBZc2s
|
||||
E2E+N9A1Dgf/I4CtxHB4wZWHPGCiCaQBrxXwr/rTvcLvKH+mWon3S0G3mtF4SEJA
|
||||
vIjSuDiE2o+X9BVdtODN4GUmVCj9QlBLy9l39REhL48T+5+pVVcsNOSlxV33nOyJ
|
||||
Ci0WwmrIZOIHp8Y7Hh4k1uouoaWthHUSwc1DXo6HMfshoWzx6bINtzgErSOc7qTM
|
||||
9ULjGQEOQ9AydZJdV+EGBlBNnC8FDGE1z31OmgAYKz0Tdg3Vmvblni3juzr1E9Ro
|
||||
AQkCEDowXU0V0rKHx7n6ryYIW8u+f97RpQKiBvbYDS+4UvvyseFfSYBrRktp7jOK
|
||||
mDfsaR4rAqSWvaOBg++8i/FTvdeiYoyjM3+CS+EoSt8e1fZS8zXAK9y+vC4VAAgF
|
||||
+WWYmy4iQ9c=
|
||||
=IkMC
|
||||
-----END PGP MESSAGE-----
|
||||
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
|
||||
- created_at: "2024-10-13T23:24:58Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAwAAAAAAAAAAARAAiOhijUf04+HMMqZluNZdp7yP4yavnr5jQinHDGSAJirr
|
||||
+Q/YI1gmWzEsQQ6rBuzDxr+tjObW+M9o9xBTDeb1NC3bfu4+JV9qQMFP6fcj9UGs
|
||||
HKji1jDFObhK1rg8FZaVTkxUL71ofZCxNo+IMo6PI8/uhJNdJ/EwrdnF08azWavI
|
||||
2YsO1pcPCdoW4lvxyuqOxk4ge0zK8su3+uzEBz6sxq6jjWs1970E+ib5nA1KsDsV
|
||||
wjMsb2SFCcxtDzsi1JTaNiHMvuXl08h3ORsRshG/MlOIDI5o52Nf5RS5Efnjwf4Y
|
||||
AhQgpNoxNdN8xHzLrnCTxN2LJh0Z3BRzKtgWOHU7aO+YJsrXMWsr7dRHf6YUltJS
|
||||
RJ+plFusYdoOozfuko+tksz9a6AlWLu9ieLNKnTZuWqqDD4Uy0YLR4DIIPU6+P+k
|
||||
86i5klGgBpkB3y5U+nXoWJ/8dBsXOaaxPp/zpB4ttJv2ggC29fDBnf2bVgKo1TP5
|
||||
mMMzHoFmJcjPo5DXiazCiViPoJDGUyUPhNKNM72atQDCCArVmlIQbE1LUIAhhaBJ
|
||||
Cigmb0kIWpHKEBQ8nK2UlGMo8hfy1GKivIAgTSomsI/KLSBt0YeefnWd0kHK7OIX
|
||||
VnBwPFNLuw9OHDFPTX1M8Dk/iT1J/ACvpbctOZyesSB42fMPjgeh3ZtYzJXoiezU
|
||||
aAEJAhDyA9q1f+2syN92xpqwMdpew3K5l+xzdUHIjjdxL6XzugJRqyuQee6wCxVj
|
||||
GTaS8Bsnx7fg6b/jwxXVPDfE7fv74jJ29CgfzWLXxc8GH47hp9VhQDBq3CqceraG
|
||||
z7N/bgAze6sz
|
||||
=5cXr
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.9.1
|
|
@ -0,0 +1,10 @@
|
|||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: radarr
|
||||
spec:
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 15Gi
|
||||
storageClassName: openebs-zfs-mainpool
|
|
@ -0,0 +1,73 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: radarr-secret
|
||||
namespace: download
|
||||
stringData:
|
||||
RADARR__AUTH__APIKEY: ENC[AES256_GCM,data:n6NygOta67GMqWV6+Q3EjU3JyhY84xNf546FfpOMi4k=,iv:IRGuOPzo0azEmznl0tKe+v9QhwogjjUsMUR9oGqncdU=,tag:O2WEgQxh6E3g7mRJ41Vbwg==,type:str]
|
||||
RADARR__POSTGRES__USER: ENC[AES256_GCM,data:nAaR02DM,iv:xh8ahgckhgFZDu7snxQFM19x8qC5s7smn1hSjY+zxLw=,tag:0ziWTKZq5tjMrdhoFQY6jw==,type:str]
|
||||
RADARR__POSTGRES__PASSWORD: ENC[AES256_GCM,data:6fXWGDYTjoSkJ7jccI3/5hCC6jsKPwh/CgM7hBlUu9g=,iv:vOX435yfn0V4ZPR6OOQgsnQlQZI+TPTjsuiAvgcpAMA=,tag:z5Ctt5dd/rq9alCiUDLcTA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2024-10-15T01:16:00Z"
|
||||
mac: ENC[AES256_GCM,data:t19Lz6df6hohcynjqib03Qj+uqpIC4eLSAJTLTqFEXBtRInsADbEsypvnyUU0Q4A2z6dUKZpP/SEncxAP/8WimaQvpfVPFsWeVUWHvK8ISz5bBxjscgwMI1/TRfA5/BfCMLmfyNDlOYAzshAzJ97aeXLDJKZvrnbMWNgvvMw6W4=,iv:DWRaA3APzKv9cOC0afeBfw2fzhLPraKKvMSNZa8yVQs=,tag:zrOAk8ZZP+8ThVc66RDJlQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-10-15T01:16:00Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAwAAAAAAAAAAAQ//UeSC+2Dk6gQlSW6v0mKf/vfety3Qd0ptrvhL8HmPm8nj
|
||||
a3UDvfvDXfjClJeIVBaV838XYB6U8+tMukQrm5gQxxfP/cxTNCkpCBT4o9hjOvM6
|
||||
5enrWpBgcbD7HqSav8FllR/9kfDZpRV4YccnYD4LT9ExiQd6VGKzSoyojyzQU8ec
|
||||
lzec0cg00BF9be/t7lVZ6/0lbfQaRaqurphkA6cFx0+/i3figs2eSv1vmIK+UQe1
|
||||
4HRXI9AZw/rm+PmFszMipTjwceX2Me0G100eLVWGsP5McSgM1ISJWSC+MM6EmpYO
|
||||
juKcW3Spy5hC7JM3FBNNwAxh4w6d3RdKHYrBvjwZzLDEKChLEZhxKSFKJ+w7QcSN
|
||||
67KpcNNAVTD1Rnf1si3MPEayZWCjvKy56suT5Juhjltcq78kiw690zCVdHlVfAcv
|
||||
v55wpQF5Lq2O8ZWS4dyhx+7ZFKyUW/LCcvYxZLGxutfMqX2gNPtE3427T1Zm5Fnx
|
||||
QOsE92bkeiSkH0uHzhrTPW/9SW9IW5wk/5+sGBRyu8bnO1hWdOaRMe4EWa/Q004t
|
||||
p75kwiaKgjXS8ZsdbkclXBTKRzwGkA/qCWGd7Uj/kxV1fcFJB8B3Sub5DeRypvB9
|
||||
+Z6DisUumBaKRLVCFLk5mf/X/PqHxlswqA86R4bGT3124RywBpFLBsiaYbBPDmaF
|
||||
AgwDAAAAAAAAAAABEADSiLYQigE9hRrSjD97hp10foCPT6n72arrsmXTSRHCLPoW
|
||||
A7v9sSXMeqbvOL8+sgY761RDfmOtYCGLsP6z2UP6mIanalc18chVT8k+frdrcogF
|
||||
3WDBhtyV63Rru9G0HuPqhtq8Q7m6ELC+qo9/MrEQhVxdYuyi7+2jZmOpLKBoNSaw
|
||||
pdC41VE2cx4LEXI5scViXNPSl1zcPgTuIWvr4/ApewDBYvNFElZqGrWPFyJ+2UC2
|
||||
05QlgOJS9akGYmkB44IWXfRQoELzj9UE0jdBpi8SnK7bMMlQOEG1p1SLqyYZ1cln
|
||||
gktnms5jzhTk/XDqpfjzXy7xsJm5G1VBZHTBHub5lzpXJGD2vYfX/AYICEmMfljV
|
||||
WpgmjZGQflPZPdWBm5JEhEvXtimHss9XRKJPfphVFHARWcxjKAtfScXbG5CWFAhA
|
||||
pZzz8nfCTJqMEF5XfB4vOqR6PGI3eIG2NXS/tjptKVczJHUF7C4rh7gthNOcoZOd
|
||||
tTbZPLj73hSWRw22ADJNkNu9xiyU41iA92B7xWk6E4TUGSpgj6pWd1ss+TB3ZsjI
|
||||
fE1q2cyq5yfq2jRnEBbVFypkkVhXpMgICsQv+wJZ+nYNrbYs/wNx5VWOA0xkYPWx
|
||||
Doa2R17tdBX2YYhK7mUaHq74voy2ejnJFTTLP517dTF+8PPaq9v+LHRMbOsFntRo
|
||||
AQkCEBQ7y3f8blmvfqZZr0fR0R83qz1B74oIyOGIeLYtGzqVpNxIQWrL1PBz60qV
|
||||
0n4qynu+C2l+8i+iUBDsp38jl49wIlB5z210f3wmL2SMzhpWL0DsN4GFIRw6OsVd
|
||||
YR+05RNcPRg=
|
||||
=Vl2t
|
||||
-----END PGP MESSAGE-----
|
||||
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
|
||||
- created_at: "2024-10-15T01:16:00Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAwAAAAAAAAAAAQ/+IoF55lQey7yi64PUfhMWc3Be+1EBNGzhHR5RfZMAI3w4
|
||||
rqQdZyGp3SY1tB3q1qHk2TCySL70FZLcT0mdPHHU8bt8kn9M3HWEAHo0TJuoH7K3
|
||||
qlwWnPh0OQuF+AUkmsAzCUDcBpW9CNHifPJjHWgSlhsH+r4DrYdIzGi2vaTDhXU8
|
||||
GMHlEuZ2wrgra78avw9G/v+7I/cnnkzMnFc3zR6F+FbSv9S/w4Z4YCEv4AhLRUox
|
||||
T03kG8r/Gv5UTFZ08TnRGXNzICykBfIHXg5xsXB+ePgh/djD3fLDlByEc8BhE2T/
|
||||
8MbkgNbj7i3V0E3+I53NJocCGkH/SwBOwKlvbstop5eQTN+nuBQC5nYnupO7n1cf
|
||||
wY6gIqODXZjQRItNuygE7yNDkVsF3pcb0/uRNFxc2rkUJQMT2OqusThuvVU1HLho
|
||||
LHYPzx8bvWoPHwY1oFvB+VXU9K5J00jzkAjONRTMqIMYceoqncInoiArjDi+Bby3
|
||||
HGjTblEik+2cuKc9JF6cuwfrSKhrNgoqm7nhNS0beF4Uf+0xvpo1urfAAYycIjWy
|
||||
SC/wPAzwsvU92l7LilfVn8seX+1jVIZnzkxxk2z0USuoRR5Fiiuf3O1zBMOKOU6E
|
||||
/ExchxWvA/9USgvPjtc8JCrZUxIRrI03hIwILzLXOriA2T68ejp8613DnuZuJHLU
|
||||
aAEJAhBLSQzeER6pJ3hCGsB6kMcivumgRoWt9qonf0KqPTb4gRO8KFL2pbV04x58
|
||||
v4FJ3nqUelKEdM9C5oXdHBdiG48gm+EOxzSzey0xRJqsVHi7S7tCj39HR3h47r/k
|
||||
hhBax1k3ZD0e
|
||||
=doxn
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.9.1
|
|
@ -1,119 +0,0 @@
|
|||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: radarr
|
||||
namespace: download
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: app-template
|
||||
version: 1.3.x
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bjws-charts
|
||||
namespace: flux-system
|
||||
|
||||
values:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/radarr-develop
|
||||
tag: "5.12.0.9255"
|
||||
|
||||
# Metrics sidecar
|
||||
sidecars:
|
||||
exportarr:
|
||||
image: ghcr.io/onedr0p/exportarr:v2.0.1
|
||||
args:
|
||||
- radarr
|
||||
ports:
|
||||
- name: metrics
|
||||
containerPort: 9000
|
||||
env:
|
||||
- name: URL
|
||||
value: "http://localhost"
|
||||
- name: CONFIG
|
||||
value: "/config/config.xml"
|
||||
- name: PORT
|
||||
value: 9000
|
||||
- name: ENABLE_ADDITIONAL_METRICS
|
||||
value: "true"
|
||||
- name: ENABLE_UNKNOWN_QUEUE_ITEMS
|
||||
value: "true"
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /config
|
||||
readOnly: true
|
||||
|
||||
env:
|
||||
TZ: America/New_York
|
||||
|
||||
service:
|
||||
main:
|
||||
labels:
|
||||
app: radarr-service
|
||||
|
||||
ports:
|
||||
http:
|
||||
port: 7878
|
||||
|
||||
metrics:
|
||||
enabled: true
|
||||
port: 9000
|
||||
protocol: HTTP
|
||||
|
||||
probes:
|
||||
liveness:
|
||||
enabled: false
|
||||
# custom: true
|
||||
# spec:
|
||||
# httpGet:
|
||||
# path: /ping
|
||||
# port: 7878
|
||||
# initialDelaySeconds: 10
|
||||
# periodSeconds: 10
|
||||
# timeoutSeconds: 3
|
||||
# failureThreshold: 3
|
||||
startup:
|
||||
enabled: false
|
||||
|
||||
ingress:
|
||||
main:
|
||||
enabled: true
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
|
||||
hosts:
|
||||
- host: &host "radarr.${SECRET_NEW_DOMAIN}"
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- hosts:
|
||||
- *host
|
||||
|
||||
persistence:
|
||||
config:
|
||||
enabled: true
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Kubernetes/radarr
|
||||
mountPath: /config
|
||||
storage:
|
||||
enabled: true
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Media
|
||||
mountPath: /storage
|
||||
|
||||
podSecurityContext:
|
||||
runAsNonRoot: true
|
||||
runAsUser: 10000
|
||||
runAsGroup: 10000
|
||||
fsGroup: 10000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
resources:
|
||||
requests:
|
||||
cpu: 1m
|
||||
memory: 350Mi
|
||||
limits:
|
||||
memory: 1500Mi
|
|
@ -0,0 +1,31 @@
|
|||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: &app radarr
|
||||
namespace: flux-system
|
||||
spec:
|
||||
timeout: 5m
|
||||
interval: 10m
|
||||
targetNamespace: download
|
||||
path: ./kubernetes/main/apps/download/radarr/app
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: home-cluster
|
||||
decryption:
|
||||
provider: sops
|
||||
secretRef:
|
||||
name: sops-gpg
|
||||
dependsOn:
|
||||
- name: openebs
|
||||
- name: openebs-sc
|
||||
postBuild:
|
||||
substituteFrom:
|
||||
- kind: ConfigMap
|
||||
name: cluster-settings
|
||||
- kind: Secret
|
||||
name: cluster-secrets
|
||||
substitute:
|
||||
APP: *app
|
||||
VOLSYNC_CAPACITY: 15Gi
|
|
@ -0,0 +1,130 @@
|
|||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: sonarr
|
||||
namespace: download
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: app-template
|
||||
version: 3.4.0
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bjws-charts
|
||||
namespace: flux-system
|
||||
|
||||
values:
|
||||
controllers:
|
||||
main:
|
||||
pod:
|
||||
securityContext:
|
||||
runAsNonRoot: true
|
||||
runAsUser: 10000
|
||||
runAsGroup: 10000
|
||||
fsGroup: 10000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
containers:
|
||||
sonarr:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/sonarr-develop
|
||||
tag: 4.0.9.2513
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: sonarr-secret
|
||||
env:
|
||||
TZ: America/New_York
|
||||
SONARR__APP__INSTANCENAME: Sonarr
|
||||
SONARR__APP__THEME: dark
|
||||
SONARR__AUTH_METHOD: External
|
||||
SONARR__AUTH__REQUIRED: DisabledForLocalAddresses
|
||||
SONARR__LOG__DBENABLED: "False"
|
||||
SONARR__LOG__LEVEL: info
|
||||
SONARR__SERVER__PORT: &port 8989
|
||||
SONARR__UPDATE__BRANCH: develop
|
||||
SONARR__POSTGRES__HOST: postgresql.database.svc
|
||||
SONARR__POSTGRES__PORT: "5432"
|
||||
SONARR__POSTGRES__MAINDB: sonarr_main
|
||||
probes:
|
||||
liveness: &probes
|
||||
enabled: true
|
||||
custom: true
|
||||
spec:
|
||||
httpGet:
|
||||
path: /ping
|
||||
port: *port
|
||||
initialDelaySeconds: 0
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 1
|
||||
failureThreshold: 3
|
||||
readiness: *probes
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
readOnlyRootFilesystem: true
|
||||
capabilities: { drop: ["ALL"] }
|
||||
resources:
|
||||
requests:
|
||||
memory: 100Mi
|
||||
limits:
|
||||
memory: 4Gi
|
||||
|
||||
exportarr:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/exportarr
|
||||
tag: v2.0.1
|
||||
args:
|
||||
- sonarr
|
||||
env:
|
||||
- name: URL
|
||||
value: "http://localhost"
|
||||
- name: PORT
|
||||
value: &metricsPort 9000
|
||||
- name: ENABLE_ADDITIONAL_METRICS
|
||||
value: "true"
|
||||
- name: ENABLE_UNKNOWN_QUEUE_ITEMS
|
||||
value: "true"
|
||||
- name: API_KEY
|
||||
secretKeyRef:
|
||||
name: sonarr-secret
|
||||
key: SONARR__AUTH__APIKEY
|
||||
|
||||
ingress:
|
||||
main:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
|
||||
|
||||
hosts:
|
||||
- host: "sonarr.${SECRET_NEW_DOMAIN}"
|
||||
paths:
|
||||
- path: /
|
||||
service:
|
||||
identifier: main
|
||||
port: http
|
||||
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
|
||||
ports:
|
||||
http:
|
||||
port: *port
|
||||
metrics:
|
||||
port: *metricsPort
|
||||
protocol: HTTP
|
||||
|
||||
persistence:
|
||||
config:
|
||||
existingClaim: sonarr
|
||||
globalMounts:
|
||||
- path: /config
|
||||
storage:
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Media
|
||||
advancedMounts:
|
||||
main: # controller name
|
||||
sonarr: # container name
|
||||
- path: /storage
|
|
@ -1,5 +1,7 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./pvc.yaml
|
||||
- ./secret.sops.yaml
|
||||
- ./helm-release.yaml
|
||||
- ./radarr-exportarr-metrics.yaml
|
||||
- ./sonarr-exportarr-metrics.yaml
|
|
@ -0,0 +1,10 @@
|
|||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: sonarr
|
||||
spec:
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 15Gi
|
||||
storageClassName: openebs-zfs-mainpool
|
|
@ -0,0 +1,73 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: sonarr-secret
|
||||
namespace: download
|
||||
stringData:
|
||||
SONARR__AUTH__APIKEY: ENC[AES256_GCM,data:Z0TKYOp2veBJ/ctC3z1ooj/b8J1p7ewUWX7ItIFWcpA=,iv:oY+k9x+BZxsGW5oAmNncApU+6M6YUx1q+pXDMldsg0M=,tag:lBJHGeSHw8IKS2nSFP/0aA==,type:str]
|
||||
SONARR__POSTGRES__USER: ENC[AES256_GCM,data:vdcAhdIh,iv:tCRA3HFh6G7GUPpt5jFuqunaSRFiD90+b857vrt7tys=,tag:k02ojbFwZi6iufAOP2Fvjg==,type:str]
|
||||
SONARR__POSTGRES__PASSWORD: ENC[AES256_GCM,data:0uqO/FMm3b/DXtthjBLI7HXoujqpjCvs66yTbzuAiDM=,iv:E/FP0rDmFQPlAM00hOGR3lB4WW22W7XezSKYGfStUGM=,tag:cC+IOkw6Oqzz8iFoTrZq1Q==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2024-10-15T21:30:43Z"
|
||||
mac: ENC[AES256_GCM,data:cX94qYBsvl4+cUOrEI6xSpHY/mlQAvk4d6Q5KyRE1QaqX/pau0zJEzczaF4j9UvWGfl7dm5xuR0mrSldwRBg6M/lA6B8xxIACXaCNxdDBj2pmwOCROi6v78BLtB5P7E8Y+wwoQzVxEQQnOQDIFQJ/mMmy+D6a9BmJ5ulneEeouc=,iv:aZf9GZXAOeU3Z3oq2rQ1P6fW8TMKVHwJXjn2CpZHNjg=,tag:wK0iU+FRJylxmYl5qcq4xg==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-10-15T21:30:43Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAwAAAAAAAAAAAQ/+J4pyPCDaePFBF+1IgYzwaefDpRFAkP0kNzHObPZL1vUD
|
||||
4GM3dQTqN8Ay8NoBAasq/dNKzDSjOvMTShZO2YXQJoA8019Q6yZhgc+l1B7bnB+W
|
||||
6tDz5Rtlu+gbJWngvyLFkUhFCmOQ6UyQHKPpC2iObrNj3Rb9ZxxxVTCRa2n6/2g3
|
||||
Bp2lRAIESK/cWxmQbus8PZnzphIAmfwEijot5tQjQy7Virhz4xMiqbxvuWowA2zk
|
||||
X5PY5dHv+l7p+3Ckr7qbOGA/oAxbvFvL3hzLlE0xYj6sXdgWY5a5yqXhbxDtSQ8u
|
||||
rT0QxtDtt3lPie0e4w+f/cxNURw4yitb7IzGFhwvyPi+7eRfzgAaQHndffFv9RM8
|
||||
26la2JeamyXCQgUOJF7EGBD6Ix6fZJE8mHF80yerlC27unZ75Rac7ckxq9GYpKia
|
||||
tdyrU8OrV+f9uUdEyNCeD6wuZrxuKyyL6f+zQs6uj+zzaLYg3/p8iZLgT5HsxBLs
|
||||
dMRVnCEvCWyYd9OJrOLVld9qrvbmuypLuPOUQpTYt9WrC5SxfMPkQQYNnXEGcI0K
|
||||
n2s4eSv4tFOQw4xjRH4hl1H678faXen83F9ScOXWyHpqE54fFCCMAJV6NXMWKByv
|
||||
9l/Rz81+J8kd1wQ4+CcJslsVM06XpwEPPRM9xunxwxPWB2wZQYCF9mQitRmnIliF
|
||||
AgwDAAAAAAAAAAABD/0YtuvVooC7OW45KsL7rJwRMJOryjkJmffl5ocjyU6aicQw
|
||||
MRjD+d8xa3WUsVbCnSYHQATpAltPrKLybi1MpneRk3j7b6kAz8iJaawEcgTUiM3H
|
||||
h6SjtrwCpjNSI7RN3eRAUyxDtdrrvR5P1ynfmMHUWnuQjXlYcBZqtnA/THWOIGnC
|
||||
joEixpi7e2RlAUzFuG2+Mlux2nLdtO+YcGI2ta9qHHp1O1+46HxvYO982dFRTuLq
|
||||
VAHJcdROw1eNBCvwK2n27mKBMo9kfQMLrcUyO8PZqZyxEIimsHM4aQbYp8NvxAtx
|
||||
LuveKR3s60VjC7gHIqfWJw/fqPlv73V/ONwwruC/2WSzZSfZ0C1Z7LPJt84wqbXz
|
||||
7+t7St0R+u4cJ+Vim/XXRpTQOX+xnfO3UZu9Nwszm144uWdkt/5L9zGGLPnYBmPy
|
||||
eAfhcSz7S0xe9qBM1LWXQHqQ3U1U0cSlizE87oYrJgfYCRQ4CsT3MOWEhwfFpd9E
|
||||
wLLXOgCLiFIw77OUBNa4Rcg/v6oYrHKf2UKklOtt6QrqcnVnZT2l2bTUaWupD0Rl
|
||||
lq0/sadpV8FsYtIS1EQ6j7EVvAOZNEdC6L090CQ7bnPiwQyHdS3b6J49RE55TcOP
|
||||
n743wfZNcmqEeV0ooUkGoW6r5q0jvaUBrTbVpJszktps9uBybO5qgqobjdexUtRo
|
||||
AQkCEIda5ST1hWg6TgORmRI2cHqUdw+b4dMy74l3a1RZpBPHyKPbP9e7J98BGm7C
|
||||
XAyNC9vgDwjfp+BwHzPjfA3KtXZDjg2Gu5PFU3cdWWlWhLSreG1+mtsjWjXGAKq+
|
||||
GN4DyUYIF60=
|
||||
=DCkn
|
||||
-----END PGP MESSAGE-----
|
||||
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
|
||||
- created_at: "2024-10-15T21:30:43Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAwAAAAAAAAAAAQ//bqiURh1qRFK0fbL6E7UlU9wIw0Q2jkGQ+FF4gYKTTTtr
|
||||
XdBS+CTBYLlTTpEGMMCSRJJsfOAXVUVRzpgopDt8Imhckqdx4/+I9VVsd6urEkOA
|
||||
MyYXaKc2dY9rQjFj4kKB0vcEJ+tqZ8BrpMktUdt+3/g8QdgTWEfzv2inKi2OsrHQ
|
||||
RevUJpM2FgBjR6f+JbsrbnOuEfYw0B9uD6otBre88HM2uECfEvuu+jMtPbA3X4YZ
|
||||
J7UcmEsiH5oHxIFXNBvJiRQJycbrXwMWaU8m6IkbuADua2dcjsu9kYvPyM5OB1xX
|
||||
f/3UIUa+UFTgS47GadXV/r8Voychp8mo9KflmY+7A66oxnmBo3hSYj83vBKiK+QP
|
||||
qL78M9OSITicDeLYidDRUg5f+J3Ybc9O9duj5w8O/bS4LXWkD8B+9wiytbL80gkV
|
||||
SU8TIat0f0U52ygZH72F60hdXsHoFTfUVD61nrtbIUwDTsS0A6se/5leXrI+23uq
|
||||
boJU5Sz/Q0vzybOUeFjKU40r23D1mYsBqxDoD6LoMwAuZjd//T6yx5ZIVdp8kE5s
|
||||
MMycUsDLAy7jmbsZvG2QmRgaRiTKvKLcvrWeYLrGHsrcExO5sbDDzLjeC61B3tSb
|
||||
X3GUVg+9aOPPoUVB/COG1554F4l2Bbq9aYA9/Uw1tFZGWC9WjCRa3z/HMQQHm4vU
|
||||
aAEJAhAgzTiHxfIdJmKQxVlkdME8Orw11Xo3hdbee9j9qx75+TkPifuNSkUIxKon
|
||||
ufOAcIGDynnUpqD/xStmwCqS3uqpVEy6PGIfXTls34+nLPDWJ4wQ71P3v3kSHLYY
|
||||
Q7jW3gYe3ohw
|
||||
=xHcO
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.9.1
|
|
@ -1,120 +0,0 @@
|
|||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: sonarr
|
||||
namespace: download
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: app-template
|
||||
version: 1.3.x
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bjws-charts
|
||||
namespace: flux-system
|
||||
|
||||
values:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/sonarr-develop
|
||||
tag: "4.0.9.2513"
|
||||
|
||||
# Metrics sidecar
|
||||
sidecars:
|
||||
exportarr:
|
||||
image: ghcr.io/onedr0p/exportarr:v2.0.1
|
||||
args:
|
||||
- sonarr
|
||||
ports:
|
||||
- name: metrics
|
||||
containerPort: 9000
|
||||
env:
|
||||
- name: URL
|
||||
value: "http://localhost"
|
||||
- name: CONFIG
|
||||
value: "/config/config.xml"
|
||||
- name: PORT
|
||||
value: 9000
|
||||
- name: ENABLE_ADDITIONAL_METRICS
|
||||
value: "true"
|
||||
- name: ENABLE_UNKNOWN_QUEUE_ITEMS
|
||||
value: "true"
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /config
|
||||
readOnly: true
|
||||
|
||||
env:
|
||||
TZ: America/New_York
|
||||
SONARR__AUTHENTICATION_METHOD: "External"
|
||||
|
||||
service:
|
||||
main:
|
||||
labels:
|
||||
app: sonarr-service
|
||||
|
||||
ports:
|
||||
http:
|
||||
port: 8989
|
||||
|
||||
metrics:
|
||||
enabled: true
|
||||
port: 9000
|
||||
protocol: HTTP
|
||||
|
||||
probes:
|
||||
liveness:
|
||||
enabled: true
|
||||
custom: true
|
||||
spec:
|
||||
httpGet:
|
||||
path: /ping
|
||||
port: 8989
|
||||
initialDelaySeconds: 0
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 1
|
||||
failureThreshold: 3
|
||||
startup:
|
||||
enabled: false
|
||||
|
||||
ingress:
|
||||
main:
|
||||
enabled: true
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
|
||||
hosts:
|
||||
- host: &host "sonarr.${SECRET_NEW_DOMAIN}"
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- hosts:
|
||||
- *host
|
||||
|
||||
persistence:
|
||||
config:
|
||||
enabled: true
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Kubernetes/sonarr
|
||||
mountPath: /config
|
||||
storage:
|
||||
enabled: true
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Media
|
||||
mountPath: /storage
|
||||
|
||||
podSecurityContext:
|
||||
runAsNonRoot: true
|
||||
runAsUser: 10000
|
||||
runAsGroup: 10000
|
||||
fsGroup: 10000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
resources:
|
||||
requests:
|
||||
cpu: 2m
|
||||
memory: 350Mi
|
||||
limits:
|
||||
memory: 2500Mi
|
|
@ -0,0 +1,28 @@
|
|||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: sonarr
|
||||
namespace: flux-system
|
||||
spec:
|
||||
timeout: 5m
|
||||
interval: 10m
|
||||
targetNamespace: download
|
||||
path: ./kubernetes/main/apps/download/sonarr/app
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: home-cluster
|
||||
decryption:
|
||||
provider: sops
|
||||
secretRef:
|
||||
name: sops-gpg
|
||||
dependsOn:
|
||||
- name: openebs
|
||||
- name: openebs-sc
|
||||
postBuild:
|
||||
substituteFrom:
|
||||
- kind: ConfigMap
|
||||
name: cluster-settings
|
||||
- kind: Secret
|
||||
name: cluster-secrets
|
|
@ -8,7 +8,7 @@ resources:
|
|||
- ./traefik/ks.yaml
|
||||
# storage
|
||||
- ./longhorn
|
||||
- ./openebs
|
||||
- ./openebs/ks.yaml
|
||||
|
||||
- ./kube-replicator
|
||||
|
||||
|
|
|
@ -5,4 +5,5 @@ resources:
|
|||
- ./helm-repository.yaml
|
||||
- ./helm-release.yaml
|
||||
- ./alerts.yaml
|
||||
- ./service-monitor.yaml
|
||||
- ./service-monitor.yaml
|
||||
- ./snapshot-class.yaml
|
|
@ -0,0 +1,7 @@
|
|||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/snapshot.storage.k8s.io/volumesnapshotclass_v1.json
|
||||
kind: VolumeSnapshotClass
|
||||
apiVersion: snapshot.storage.k8s.io/v1
|
||||
metadata:
|
||||
name: longhorn
|
||||
driver: driver.longhorn.io
|
||||
deletionPolicy: Delete
|
|
@ -0,0 +1,59 @@
|
|||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: openebs
|
||||
namespace: openebs-system
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: openebs
|
||||
version: 4.1.0
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: openebs
|
||||
namespace: flux-system
|
||||
values:
|
||||
openebs-crds:
|
||||
csi:
|
||||
volumeSnapshots:
|
||||
enabled: false
|
||||
keep: false
|
||||
|
||||
zfs-localpv:
|
||||
crds:
|
||||
zfsLocalPv:
|
||||
enabled: true
|
||||
csi:
|
||||
volumeSnapshots:
|
||||
enabled: false
|
||||
|
||||
# Refer to https://github.com/openebs/dynamic-localpv-provisioner/blob/HEAD/deploy/helm/charts/values.yaml for complete set of values.
|
||||
localpv-provisioner:
|
||||
rbac:
|
||||
create: true
|
||||
|
||||
# Refer to https://github.com/openebs/lvm-localpv/blob/lvm-localpv-1.6.2/deploy/helm/charts/values.yaml for complete set of values.
|
||||
lvm-localpv:
|
||||
crds:
|
||||
lvmLocalPv:
|
||||
enabled: false
|
||||
csi:
|
||||
volumeSnapshots:
|
||||
enabled: false
|
||||
|
||||
# Refer to https://github.com/openebs/mayastor-extensions/blob/v2.7.0/chart/values.yaml for complete set of values.
|
||||
mayastor:
|
||||
enabled: false
|
||||
|
||||
engines:
|
||||
local:
|
||||
lvm:
|
||||
enabled: false
|
||||
zfs:
|
||||
enabled: true
|
||||
replicated:
|
||||
mayastor:
|
||||
enabled: false
|
||||
|
|
@ -0,0 +1,17 @@
|
|||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: HelmRepository
|
||||
metadata:
|
||||
name: openebs
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 1m
|
||||
url: https://openebs.github.io/openebs
|
||||
---
|
||||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: HelmRepository
|
||||
metadata:
|
||||
name: openebs-monitoring
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 1m
|
||||
url: https://openebs.github.io/monitoring
|
|
@ -0,0 +1,7 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./namespace.yaml
|
||||
- ./helm-repository.yaml
|
||||
- ./helm-release.yaml
|
||||
- ./monitoring-helm-release.yaml
|
|
@ -0,0 +1,39 @@
|
|||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: openebs-monitoring
|
||||
namespace: openebs-system
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: openebs-monitoring
|
||||
version: 0.4.13
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: openebs-monitoring-charts
|
||||
namespace: flux-system
|
||||
|
||||
values:
|
||||
kube-prometheus-stack:
|
||||
install: false
|
||||
|
||||
openebsMonitoringAddon:
|
||||
# this is the only provisioner enabled
|
||||
localPV:
|
||||
enabled: true
|
||||
|
||||
cStore:
|
||||
enabled: false
|
||||
jiva:
|
||||
enabled: false
|
||||
ndm:
|
||||
enabled: false
|
||||
npd:
|
||||
enabled: false
|
||||
deviceLocalPV:
|
||||
enabled: false
|
||||
lvmLocalPV:
|
||||
enabled: false
|
||||
zfsLocalPV:
|
||||
enabled: true
|
|
@ -0,0 +1,4 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: openebs-system
|
|
@ -0,0 +1,54 @@
|
|||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: openebs
|
||||
namespace: flux-system
|
||||
spec:
|
||||
targetNamespace: openebs-system
|
||||
timeout: 5m
|
||||
interval: 10m
|
||||
path: ./kubernetes/main/core/openebs/app
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: home-cluster
|
||||
decryption:
|
||||
provider: sops
|
||||
secretRef:
|
||||
name: sops-gpg
|
||||
postBuild:
|
||||
substitute: {}
|
||||
substituteFrom:
|
||||
- kind: ConfigMap
|
||||
name: cluster-settings
|
||||
- kind: Secret
|
||||
name: cluster-secrets
|
||||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: openebs-sc
|
||||
namespace: flux-system
|
||||
spec:
|
||||
timeout: 5m
|
||||
interval: 10m
|
||||
path: ./kubernetes/main/core/openebs/storage-class
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: home-cluster
|
||||
decryption:
|
||||
provider: sops
|
||||
secretRef:
|
||||
name: sops-gpg
|
||||
dependsOn:
|
||||
- name: openebs
|
||||
postBuild:
|
||||
substitute: {}
|
||||
substituteFrom:
|
||||
- kind: ConfigMap
|
||||
name: cluster-settings
|
||||
- kind: Secret
|
||||
name: cluster-secrets
|
|
@ -0,0 +1,6 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./mainpool-sc.yaml
|
||||
- ./zfs-mainpool-sc.yaml
|
||||
- ./zfs-snapshot.yaml
|
|
@ -0,0 +1,7 @@
|
|||
apiVersion: storage.k8s.io/v1
|
||||
kind: StorageClass
|
||||
metadata:
|
||||
name: openebs-zfs-mainpool
|
||||
parameters:
|
||||
poolname: "MainPool/openebs-zfs"
|
||||
provisioner: zfs.csi.openebs.io
|
|
@ -0,0 +1,6 @@
|
|||
kind: VolumeSnapshotClass
|
||||
apiVersion: snapshot.storage.k8s.io/v1
|
||||
metadata:
|
||||
name: zfs-mainpool
|
||||
driver: zfs.csi.openebs.io
|
||||
deletionPolicy: Delete
|
Loading…
Reference in New Issue