Infrastructure
/
Gluttony-Cluster
2
1
Fork 0
Code Issues 11 Pull Requests Wiki Activity

Add precommit
continuous-integration/drone/push Build is passing Details

This commit is contained in:
Tyler Perkins 2023-12-02 21:51:04 -05:00
parent 76fcbd4c61
commit 89f898fdbb
Signed by: tyler
GPG Key ID: 03B27509E17EFDC8
61 changed files with 99 additions and 141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.pre-commit-config.yaml Normal file
View File

@ -0,0 +1,10 @@
# See https://pre-commit.com for more information
# See https://pre-commit.com/hooks.html for more hooks
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.2.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-yaml
- id: check-added-large-files

2
README.md
View File

@ -7,5 +7,3 @@ A [Flux](https://fluxcd.io) repo describing my current at home kubernetes cluste
Find the actual, in production version of this repo on my [Gitea Repository](https://git.clortox.com/Infrastructure/Gluttony-Cluster). Here you will also find in use issues denoting things I plan to add to this repository.
Find the mirror of this repository on [Github](https://github.com/Clortox/Gluttony-Cluster).

5
api/api-service.yaml
View File

@ -6,10 +6,9 @@ metadata:
spec:
type: LoadBalancer
ports:
- name: general-api
- name: general-api
port: 8080
targetPort: 80
selector:
app: api-apps
app: api-apps

3
api/general-api/general-api-config-map.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: general-api-config-map
namespace: api-ns
namespace: api-ns
data:
config.yaml: |
images:
@ -13,4 +13,3 @@ data:
secure: True
weather:
period: 15

2
api/general-api/general-api-deployment.yaml
View File

@ -44,5 +44,3 @@ spec:
items:
- key: config.yaml
path: config.yaml

7
authentik/helmrelease-authentik.yaml
View File

@ -13,7 +13,7 @@ spec:
kind: HelmRepository
name: authentik
namespace: flux-system
interval: 15m0s
interval: 15m0s
timeout: 5m
releaseName: authentik
values:
@ -39,7 +39,7 @@ spec:
image:
repository: ghcr.io/goauthentik/server
tag: 2023.8.3
#tag: latest
#tag: latest
# -- optional container image digest
digest: ""
pullPolicy: IfNotPresent
@ -141,7 +141,7 @@ spec:
envValueFrom:
AUTHENTIK_SECRET_KEY:
secretKeyRef:
name: authentik-secret
name: authentik-secret
key: secret-key
AUTHENTIK_POSTGRESQL__PASSWORD:
secretKeyRef:
@ -278,4 +278,3 @@ spec:
enabled: false
image:
tag: 6.2.10-debian-11-r13

3
base/authentik/authentik-helm-repo.yaml
View File

@ -3,7 +3,6 @@ kind: HelmRepository
metadata:
name: authentik
namespace: flux-system
spec:
spec:
interval: 5m0s
url: https://charts.goauthentik.io/

6
base/bitnami/bitnami-helm-repo.yaml
View File

@ -1,8 +1,8 @@
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
name: bitnami
name: bitnami
namespace: flux-system
spec:
interval: 5m0s
spec:
interval: 5m0s
url: "https://charts.bitnami.com/bitnami"

5
base/firefly-iii/firefly-iii-helm-repo.yaml
View File

@ -1,9 +1,8 @@
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
name: firefly-iii
name: firefly-iii
namespace: flux-system
spec:
spec:
interval: 5m0s
url: https://firefly-iii.github.io/kubernetes/

1
base/fission/fission-helm-repo.yaml
View File

@ -6,4 +6,3 @@ metadata:
spec:
interval: 5m
url: https://fission.github.io/fission-charts

1
base/invidious/invidious-namespace.yaml
View File

@ -2,4 +2,3 @@ apiVersion: v1
kind: Namespace
metadata:
name: invidious-ns

3
base/k8s-homelab/k8s-homelab-helm-repo.yaml
View File

@ -3,7 +3,6 @@ kind: HelmRepository
metadata:
name: k8s-homelab
namespace: flux-system
spec:
spec:
interval: 5m0s
url: https://k8s-home-lab.github.io/helm-charts/

4
base/metallb/metallb-kustomization-config.yaml
View File

@ -5,8 +5,8 @@ metadata:
namespace: flux-system
spec:
interval: 15m
dependsOn:
- name: metallb--metallb-system
dependsOn:
- name: metallb--metallb-system
path: metallb
prune: true # remove any elements later removed from the above path
timeout: 2m # if not set, this defaults to interval duration, which is 1h

6
base/runix/runix-helm-repo.yaml
View File

@ -1,8 +1,8 @@
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
name: runix
name: runix
namespace: flux-system
spec:
interval: 5m0s
spec:
interval: 5m0s
url: "https://helm.runix.net"

1
base/sealed-secrets/sealed-secrets-kustomization.yaml
View File

@ -16,4 +16,3 @@ spec:
kind: Deployment
name: sealed-secrets
namespace: sealed-secrets

5
base/truecharts/truecharts-helm-repo.yaml
View File

@ -1,9 +1,8 @@
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
name: truecharts
name: truecharts
namespace: flux-system
spec:
spec:
interval: 5m0s
url: https://charts.truecharts.org/

1
firefly-iii/catagorize-ai-service.yaml
View File

@ -11,4 +11,3 @@ spec:
port: 3000
targetPort: 3000
type: ClusterIP

7
firefly-iii/catagorize-ai.yaml
View File

@ -11,7 +11,7 @@ spec:
template:
metadata:
labels:
app: firefly-iii
app: firefly-iii
spec:
containers:
- name: catagorize-ai
@ -22,7 +22,7 @@ spec:
- name: FIREFLY_URL
value: https://money.clortox.com
- name: ENABLE_UI
value: "true"
value: "true"
- name: FIREFLY_PERSONAL_TOKEN
valueFrom:
secretKeyRef:
@ -33,6 +33,3 @@ spec:
secretKeyRef:
name: firefly-iii-ai
key: OPENAI

8
firefly-iii/helmrelease-firefly-iii.yaml
View File

@ -1,8 +1,8 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: firefly
namespace: firefly-ns
name: firefly
namespace: firefly-ns
spec:
chart:
spec:
@ -11,7 +11,7 @@ spec:
kind: HelmRepository
name: firefly-iii
namespace: flux-system
interval: 15m0s
interval: 15m0s
timeout: 5m
releaseName: firefly-iii
values:
@ -131,7 +131,7 @@ spec:
# runAsUser: 1000
service:
type: LoadBalancer
type: LoadBalancer
port: 80
ingress:

28
fission/helmrelease-fission.yaml.off
View File

@ -24,7 +24,7 @@ spec:
## routerServiceType to consider while creating Fission Router service.
## For minikube, set this to NodePort, elsewhere use LoadBalancer or ClusterIP.
##
routerServiceType: LoadBalancer
routerServiceType: LoadBalancer
## repository represents base repository for images used in the chart.
## Keep it empty for using existing local image
@ -46,7 +46,7 @@ spec:
##
pullPolicy: IfNotPresent
## imageppullsecrets
## imageppullsecrets
imagePullSecrets: []
## priorityClassName represents the priority class name to use for Fission components.
@ -95,7 +95,7 @@ spec:
functionNamespace: ""
## Fission will watch the following namespaces along with the `defaultNamespace` for fission custom resources.
## additionalFissionNamespaces:
## additionalFissionNamespaces:
## - namespace1
## - namespace2
## - namespace3
@ -157,7 +157,7 @@ spec:
## This is applicable to Pool Manager executor type only.
##
podReadyTimeout: 300s
## Pod resources as:
## resources:
## limits:
@ -330,7 +330,7 @@ spec:
runAsGroup: 10001
## The builder manager watches the package & environments CRD changes and manages the builds of function source code.
##
##
buildermgr:
## Pod resources as:
## resources:
@ -381,10 +381,10 @@ spec:
runAsNonRoot: true
fsGroup: 10001
runAsUser: 10001
runAsGroup: 10001
runAsGroup: 10001
## webhook is the component that validates API calls.
## It contains validation and mutation for functions, triggers, environments, Kubernetes event watches, etc.
## It contains validation and mutation for functions, triggers, environments, Kubernetes event watches, etc.
##
webhook:
## Pod resources as:
@ -563,7 +563,7 @@ spec:
# key: "value"
# The following components expose Prometheus metrics and have podmonitors in this chart (disabled by default)
#
#
podMonitor:
enabled: false
##namespace in which you want to deploy podmonitor
@ -592,14 +592,14 @@ spec:
## Sample configuration for AWS s3 storage backend
##
#s3:
# bucketName:
# bucketName:
# subDir: <sub directory within a bucket>
# accessKeyId: <awsAccessKeyId>
# secretAccessKey:
# secretAccessKey:
# region: <awsRegion>
## #For Minio and other s3 compatible storage systems set endPoint property
# endPoint: <s3StorageUrl>
## A manually managed Persistent Volume Claim name
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
@ -776,7 +776,7 @@ spec:
## in seconds
## default '120'
##
jwtExpiryTime:
jwtExpiryTime:
## jwtIssuer is the issuer of JWT
## default 'fission'
##
@ -881,7 +881,7 @@ spec:
## Setting it false by default so that integration tests pass
##
enabled: false
## Checkout PodSpec in https://fission.io/docs/reference/crd-reference/#runtime
##
podSpec:
@ -923,5 +923,3 @@ spec:
dashboards:
## Disabled by default. switch to true to deploy them
enable: false

1
freshrss/freshrss-deployment.yaml
View File

@ -56,4 +56,3 @@ spec:
- name: freshrss-storage
persistentVolumeClaim:
claimName: freshrss-pvc

1
freshrss/freshrss-pvc.yaml
View File

@ -10,4 +10,3 @@ spec:
resources:
requests:
storage: 1Gi

1
freshrss/freshrss-service.yaml
View File

@ -11,4 +11,3 @@ spec:
port: 80
targetPort: 80
type: LoadBalancer

9
games/factorio/factorio-deployment.yaml
View File

@ -1,20 +1,20 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: factorio
name: factorio
namespace: games-ns
spec:
replicas: 1
selector:
matchLabels:
app: games
app: games
template:
metadata:
labels:
app: games
app: games
spec:
containers:
- name: factorio
- name: factorio
image: factoriotools/factorio:stable
ports:
- containerPort: 34179
@ -26,4 +26,3 @@ spec:
- name: factorio-save
persistentVolumeClaim:
claimName: factorio-pvc

1
games/factorio/factorio-pvc.yaml
View File

@ -10,4 +10,3 @@ spec:
resources:
requests:
storage: 8Gi

3
games/games-service.yaml
View File

@ -5,7 +5,7 @@ metadata:
namespace: games-ns
spec:
selector:
app: games
app: games
ports:
- name: factorio
protocol: UDP
@ -16,4 +16,3 @@ spec:
port: 27015
targetPort: 27015
type: LoadBalancer

2
grafana/grafana-deployment.yaml
View File

@ -33,7 +33,7 @@ spec:
value: "true"
- name: GF_AUTH_GENERIC_OAUTH_CLIENT_ID
valueFrom:
secretKeyRef:
secretKeyRef:
name: grafana-oauth
key: OAUTH_CLIENT_ID
- name: GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET

2
invidious/invidious-deployment.yaml
View File

@ -32,7 +32,7 @@ spec:
valueFrom:
secretKeyRef:
name: invidious-secret
key: hmac
key: hmac
- name: INVIDIOUS_CONFIG
value: |
db:

1
invidious/invidious-service.yaml
View File

@ -11,4 +11,3 @@ spec:
targetPort: 3000
selector:
app: invidious

2
metallb/helmrelease-metallb.yaml
View File

@ -18,4 +18,4 @@ spec:
valuesFrom:
- kind: ConfigMap
name: metallb-helm-chart-value-overrides
valuesKey: values.yaml
valuesKey: values.yaml

4
minio/helmrelease-minio.yaml
View File

@ -9,9 +9,9 @@ spec:
chart: minio
sourceRef:
kind: HelmRepository
name: minio
name: minio
namespace: flux-system
interval: 15m0s
interval: 15m0s
timeout: 5m
releaseName: minio
values:

1
node-red/node-red-configmap.yaml
View File

@ -565,4 +565,3 @@ data:
// */
//},
}

9
node-red/node-red-deployment.yaml
View File

@ -1,17 +1,17 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: node-red
name: node-red
namespace: node-red-ns
spec:
replicas: 1
selector:
matchLabels:
app: node-red
app: node-red
template:
metadata:
labels:
app: node-red
app: node-red
spec:
securityContext:
fsGroup: 1000
@ -27,10 +27,9 @@ spec:
mountPath: /data/settings.js
subPath: settings.js
volumes:
- name: node-red-data
- name: node-red-data
persistentVolumeClaim:
claimName: node-red-pvc
- name: settings-file
configMap:
name: nodered-settings

1
node-red/node-red-pvc.yaml
View File

@ -10,4 +10,3 @@ spec:
resources:
requests:
storage: 1Gi

3
node-red/node-red-service.yaml
View File

@ -5,10 +5,9 @@ metadata:
namespace: node-red-ns
spec:
selector:
app: node-red
app: node-red
ports:
- protocol: TCP
port: 80
targetPort: 1880
type: LoadBalancer

1
paperless-ngx/paperless-ngx-consume-pvc.yaml
View File

@ -10,4 +10,3 @@ spec:
resources:
requests:
storage: 2Gi

1
paperless-ngx/paperless-ngx-data-pvc.yaml
View File

@ -10,4 +10,3 @@ spec:
resources:
requests:
storage: 10Gi

2
paperless-ngx/paperless-ngx-deployment.yaml
View File

@ -60,7 +60,7 @@ spec:
- name: PAPERLESS_DBHOST
value: postgresql.postgresql-system.svc.cluster.local
- name: PAPERLESS_DBPORT
value: "5432"
value: "5432"
- name: PAPERLESS_DBUSER
value: "paperless"
- name: PAPERLESS_DBPASS

1
paperless-ngx/paperless-ngx-media-pvc.yaml
View File

@ -10,4 +10,3 @@ spec:
resources:
requests:
storage: 30Gi

9
pgadmin/helmrelease-pgadmin.yaml
View File

@ -6,12 +6,12 @@ metadata:
spec:
chart:
spec:
chart: pgadmin4
chart: pgadmin4
sourceRef:
kind: HelmRepository
name: runix
name: runix
namespace: flux-system
interval: 15m0s
interval: 15m0s
timeout: 5m
releaseName: pgadmin
values:
@ -214,7 +214,7 @@ spec:
## If true, pgAdmin4 will create/use a Persistent Volume Claim
## If false, use emptyDir
##
enabled: true
enabled: true
## pgAdmin4 Persistent Volume Claim annotations
##
@ -375,4 +375,3 @@ spec:
runAsUser: 5051
runAsGroup: 5051
fsGroup: 5051

5
plex/helmrelease-plex.yaml
View File

@ -14,7 +14,7 @@ spec:
kind: HelmRepository
name: k8s-homelab
namespace: flux-system
interval: 15m0s
interval: 15m0s
timeout: 5m
releaseName: plex
values:
@ -98,7 +98,7 @@ spec:
# @default -- See values.yaml
persistence:
config:
enabled: true
enabled: true
existingClaim: "plex-pvc-config"
storageClass: "local-storage"
size: 120Gi
@ -144,4 +144,3 @@ spec:
# # using intel-gpu-plugin (https://github.com/intel/intel-device-plugins-for-kubernetes)
# gpu.intel.com/i915: 1
# memory: 4096Mi

4
postgresql/helmrelease-postgresql.yaml
View File

@ -11,7 +11,7 @@ spec:
kind: HelmRepository
name: bitnami
namespace: flux-system
interval: 15m0s
interval: 15m0s
timeout: 5m
releaseName: postgresql
values:
@ -612,7 +612,7 @@ spec:
service:
## @param primary.service.type Kubernetes Service type
##
type: ClusterIP
type: ClusterIP
## @param primary.service.ports.postgresql PostgreSQL service port
##
ports:

1
prometheus/prometheus-deployment.yaml
View File

@ -34,4 +34,3 @@ spec:
- name: prometheus-storage
persistentVolumeClaim:
claimName: prometheus-pvc

1
prometheus/prometheus-pvc.yaml
View File

@ -12,4 +12,3 @@ spec:
resources:
requests:
storage: 10Gi

1
prometheus/prometheus-service.yaml
View File

@ -14,4 +14,3 @@ spec:
name: http
selector:
app: prometheus

12
redis/helmrelease-redis.yaml
View File

@ -1,19 +1,19 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: redis
name: redis
namespace: redis-system
spec:
chart:
spec:
chart: redis
chart: redis
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
interval: 15m0s
interval: 15m0s
timeout: 5m
releaseName: redis
releaseName: redis
values:
# Copyright VMware, Inc.
# SPDX-License-Identifier: APACHE-2.0
@ -133,7 +133,7 @@ spec:
## @param architecture Redis&reg; architecture. Allowed values: `standalone` or `replication`
##
architecture: standalone
architecture: standalone
## Redis&reg; Authentication parameters
## ref: https://github.com/bitnami/containers/tree/main/bitnami/redis#setting-the-server-password-on-first-run
##
@ -520,7 +520,7 @@ spec:
service:
## @param master.service.type Redis&reg; master service type
##
type: ClusterIP
type: ClusterIP
## @param master.service.ports.redis Redis&reg; master service port
##
ports:

4
sealed-secrets/config-map-overrides.yaml
View File

@ -88,10 +88,10 @@ data:
##
additionalNamespaces: []
## @param privateKeyAnnotations Map of annotations to be set on the sealing keypairs
##
##
privateKeyAnnotations: {}
## @param privateKeyLabels Map of labels to be set on the sealing keypairs
##
##
privateKeyLabels: {}
## @param logInfoStdout Specifies whether the Sealed Secrets controller will log info to stdout
##

1
sealed-secrets/helmrelease-sealed-secrets.yaml
View File

@ -19,4 +19,3 @@ spec:
- kind: ConfigMap
name: sealed-secrets-helm-chart-value-overrides
valuesKey: values.yaml # This is the default, but best to be explicit for clarity

13
tautulli/tautulli-deployment.yaml
View File

@ -1,23 +1,23 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: tautulli
name: tautulli
namespace: tautulli-ns
spec:
replicas: 1
selector:
matchLabels:
app: tautulli
app: tautulli
template:
metadata:
labels:
app: tautulli
app: tautulli
spec:
securityContext:
fsGroup: 1000
initContainers:
- name: init-chown
image: alpine
image: alpine
command: [ "sh", "-c", "chown -R 1000:1000 /mnt/data" ]
volumeMounts:
- name: tautulli-data
@ -27,7 +27,7 @@ spec:
image: ghcr.io/tautulli/tautulli
env:
- name: PUID
value: "1000"
value: "1000"
- name: PGID
value: "1000"
- name: TZ
@ -38,7 +38,6 @@ spec:
- name: tautulli-data
mountPath: "/config"
volumes:
- name: tautulli-data
- name: tautulli-data
persistentVolumeClaim:
claimName: tautulli-pvc

1
tautulli/tautulli-pvc.yaml
View File

@ -10,4 +10,3 @@ spec:
resources:
requests:
storage: 1Gi

1
tautulli/tautulli-service.yaml
View File

@ -11,4 +11,3 @@ spec:
port: 80
targetPort: 8181
type: LoadBalancer

1
torrenter/blackhole-pv.yaml
View File

@ -19,4 +19,3 @@ spec:
operator: In
values:
- gluttony

1
torrenter/blackhole-pvc.yaml
View File

@ -11,4 +11,3 @@ spec:
resources:
requests:
storage: 1000Gi

1
torrenter/deluge/deluge-config-pvc.yaml
View File

@ -10,4 +10,3 @@ spec:
resources:
requests:
storage: 1Gi

1
torrenter/deluge/deluge-deployment.yaml
View File

@ -49,4 +49,3 @@ spec:
- name: downloads-volume
persistentVolumeClaim:
claimName: blackhole-pvc

2
torrenter/media-pvc.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: media-pvc
namespace: torrent-ns
namespace: torrent-ns
spec:
volumeName: media-pv
storageClassName: local-storage

3
torrenter/prowlarr/prowlarr-deployment.yaml
View File

@ -9,7 +9,7 @@ spec:
replicas: 1
selector:
matchLabels:
app: torrenter-apps
app: torrenter-apps
template:
metadata:
labels:
@ -34,4 +34,3 @@ spec:
- name: prowlarr-data
persistentVolumeClaim:
claimName: prowlarr-pvc

1
torrenter/prowlarr/prowlarr-pvc.yaml
View File

@ -10,4 +10,3 @@ spec:
resources:
requests:
storage: 1Gi

1
torrenter/radarr/radarr-config-pvc.yaml
View File

@ -10,4 +10,3 @@ spec:
resources:
requests:
storage: 10Gi

13
torrenter/radarr/radarr-deployment.yaml
View File

@ -1,15 +1,15 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: radarr
name: radarr
namespace: torrent-ns
labels:
app: radarr
app: radarr
spec:
replicas: 1
selector:
matchLabels:
app: torrenter-apps
app: torrenter-apps
template:
metadata:
labels:
@ -25,7 +25,7 @@ spec:
values:
- gluttony
containers:
- name: radarr
- name: radarr
image: lscr.io/linuxserver/radarr:latest
env:
- name: PUID
@ -37,7 +37,7 @@ spec:
ports:
- containerPort: 7878
volumeMounts:
- name: radarr-config
- name: radarr-config
mountPath: /config
- name: downloads-volume
mountPath: /downloads
@ -45,7 +45,7 @@ spec:
mountPath: /movies
subPath: movies/movies_normal
volumes:
- name: radarr-config
- name: radarr-config
persistentVolumeClaim:
claimName: radarr-config-pvc
- name: downloads-volume
@ -54,4 +54,3 @@ spec:
- name: movies-storage
persistentVolumeClaim:
claimName: media-pvc

9
torrenter/torrenter-service.yaml
View File

@ -10,16 +10,15 @@ spec:
port: 9696
targetPort: 9696
- name: deluge-ui
- name: deluge-ui
port: 8112
targetPort: 8112
- name: deluge-p2p
port: 6881
- name: deluge-p2p
port: 6881
targetPort: 6881
- name: radarr
port: 7878
targetPort: 7878
selector:
app: torrenter-apps
app: torrenter-apps