From bf1916ebd1cd7301cd5355a6b707d3f90d29fb76 Mon Sep 17 00:00:00 2001 From: j Date: Sat, 5 Jul 2025 11:49:57 +1000 Subject: [PATCH] Move to Helm chart stub --- deployments/kustomization.yaml | 13 --- deployments/synctools/vaultwarden.yaml | 79 -------------- new/Chart.yaml | 31 ++++++ new/charts/ai/namespace.yaml | 5 + .../charts/ai/openwebui.yaml | 6 +- .../charts}/auth/authentik.yaml | 9 +- new/charts/auth/namespace.yaml | 5 + .../charts/dns/bind-master.yaml | 1 + .../charts}/dns/externaldns.yaml | 1 - .../charts}/dns/namespace.yaml | 0 new/charts/files/namespace.yaml | 5 + .../charts}/files/nextcloud.yaml | 5 - new/charts/media/namespace.yaml | 5 + .../charts}/monitoring/grafana.yaml | 0 .../charts}/monitoring/loki.yaml | 0 new/charts/monitoring/namespace.yaml | 5 + .../charts}/monitoring/prometheus.yaml | 0 .../charts}/monitoring/provider.yaml | 0 new/charts/remote/namespace.yaml | 5 + .../charts/remote}/rustdesk.yaml | 7 +- new/charts/social/namespace.yaml | 5 + new/charts/sync/linkwarden.yaml | 60 +++++++++++ new/charts/sync/namespace.yaml | 5 + .../files => new/charts/sync}/syncthing.yaml | 13 +-- new/charts/sync/vaultwarden.yaml | 100 ++++++++++++++++++ .../ssl => new/charts/util}/certmanager.yaml | 0 .../charts/util}/mariadb.yaml | 0 new/charts/util/namespace.yaml | 5 + .../charts/util}/replicator.yaml | 0 new/values.yaml | 24 +++++ 30 files changed, 269 insertions(+), 125 deletions(-) delete mode 100644 deployments/synctools/vaultwarden.yaml create mode 100644 new/Chart.yaml create mode 100644 new/charts/ai/namespace.yaml rename deployments/ai/openweb.yaml => new/charts/ai/openwebui.yaml (96%) rename {deployments => new/charts}/auth/authentik.yaml (89%) create mode 100644 new/charts/auth/namespace.yaml rename deployments/dns/bind.yaml => new/charts/dns/bind-master.yaml (99%) rename {deployments => new/charts}/dns/externaldns.yaml (99%) rename {deployments => new/charts}/dns/namespace.yaml (100%) create mode 100644 new/charts/files/namespace.yaml rename {deployments => new/charts}/files/nextcloud.yaml (97%) create mode 100644 new/charts/media/namespace.yaml rename {deployments => new/charts}/monitoring/grafana.yaml (100%) rename {deployments => new/charts}/monitoring/loki.yaml (100%) create mode 100644 new/charts/monitoring/namespace.yaml rename {deployments => new/charts}/monitoring/prometheus.yaml (100%) rename {deployments => new/charts}/monitoring/provider.yaml (100%) create mode 100644 new/charts/remote/namespace.yaml rename {deployments/remote-access => new/charts/remote}/rustdesk.yaml (94%) create mode 100644 new/charts/social/namespace.yaml create mode 100644 new/charts/sync/linkwarden.yaml create mode 100644 new/charts/sync/namespace.yaml rename {deployments/files => new/charts/sync}/syncthing.yaml (92%) create mode 100644 new/charts/sync/vaultwarden.yaml rename {deployments/ssl => new/charts/util}/certmanager.yaml (100%) rename {deployments/operators => new/charts/util}/mariadb.yaml (100%) create mode 100644 new/charts/util/namespace.yaml rename {deployments/operators => new/charts/util}/replicator.yaml (100%) create mode 100644 new/values.yaml diff --git a/deployments/kustomization.yaml b/deployments/kustomization.yaml index 04b8189..8525795 100644 --- a/deployments/kustomization.yaml +++ b/deployments/kustomization.yaml @@ -2,16 +2,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - monitoring/provider.yaml - - monitoring/grafana.yaml - - monitoring/loki.yaml - - monitoring/prometheus.yaml - - operators/mariadb.yaml - - operators/replicator.yaml - - dns/namespace.yaml - - dns/bind.yaml - - dns/externaldns.yaml - - ssl/certmanager.yaml - - auth/authentik.yaml - - files/nextcloud.yaml - - files/syncthing.yaml diff --git a/deployments/synctools/vaultwarden.yaml b/deployments/synctools/vaultwarden.yaml deleted file mode 100644 index 93c3475..0000000 --- a/deployments/synctools/vaultwarden.yaml +++ /dev/null @@ -1,79 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: bitwarden ---- -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: bjw-s-charts - namespace: flux-system -spec: - url: https://bjw-s.github.io/helm-charts/ - interval: 1h ---- -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: vaultwarden - namespace: bitwarden -spec: - interval: 30m - chart: - spec: - chart: app-template - version: 2.4.0 - sourceRef: - kind: HelmRepository - name: bjw-s-charts - namespace: flux-system - install: - createNamespace: true - values: - # Basic container config - image: - repository: vaultwarden/server - tag: 1.30.5 - pullPolicy: IfNotPresent - - env: - WEBSOCKET_ENABLED: "true" - SIGNUPS_ALLOWED: "false" - DOMAIN: "https://vw.hxme.net" - ADMIN_TOKEN: "CHANGEME_SUPER_SECRET" - - service: - main: - ports: - http: - port: 80 - - ingress: - main: - enabled: true - annotations: - kubernetes.io/ingress.class: "traefik" # Or nginx or your ingress class - hosts: - - host: vw.hxme.net - paths: - - path: / - pathType: Prefix - tls: - - hosts: - - vw.hxme.net - secretName: bitwarden-tls - - persistence: - data: - enabled: true - existingClaim: bitwarden-data # You must create a PVC or a StorageClass dynamic claim - - resources: - requests: - cpu: 50m - memory: 128Mi - limits: - cpu: 250m - memory: 512Mi - diff --git a/new/Chart.yaml b/new/Chart.yaml new file mode 100644 index 0000000..f6cbdbb --- /dev/null +++ b/new/Chart.yaml @@ -0,0 +1,31 @@ +apiVersion: v2 +name: home-server +description: A Helm chart that rolls a curated, functional home server +version: 0.0.1 + +dependencies: + - name: ai + version: 0.0.1 + repository: "file://charts/ai" + - name: dns + version: 0.0.1 + repository: "file://charts/dns" + - name: media + version: 0.0.1 + repository: "file://charts/media" + - name: monitoring + version: 0.0.1 + repository: "file://charts/monitoring" + - name: remote + version: 0.0.1 + repository: "file://charts/remote" + - name: social + version: 0.0.1 + repository: "file://charts/social" + - name: sync + version: 0.0.1 + repository: "file://charts/sync" + - name: util + version: 0.0.1 + repository: "file://charts/util" + diff --git a/new/charts/ai/namespace.yaml b/new/charts/ai/namespace.yaml new file mode 100644 index 0000000..c252dcd --- /dev/null +++ b/new/charts/ai/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: ai diff --git a/deployments/ai/openweb.yaml b/new/charts/ai/openwebui.yaml similarity index 96% rename from deployments/ai/openweb.yaml rename to new/charts/ai/openwebui.yaml index e2c52ea..f6ed214 100644 --- a/deployments/ai/openweb.yaml +++ b/new/charts/ai/openwebui.yaml @@ -1,9 +1,4 @@ --- -apiVersion: v1 -kind: Namespace -metadata: - name: ai ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -74,3 +69,4 @@ spec: - ai.hxme.net secretName: openwebui-tls + diff --git a/deployments/auth/authentik.yaml b/new/charts/auth/authentik.yaml similarity index 89% rename from deployments/auth/authentik.yaml rename to new/charts/auth/authentik.yaml index ced40ed..c1c5b32 100644 --- a/deployments/auth/authentik.yaml +++ b/new/charts/auth/authentik.yaml @@ -1,9 +1,4 @@ --- -apiVersion: v1 -kind: Namespace -metadata: - name: authentik ---- apiVersion: source.toolkit.fluxcd.io/v1 kind: HelmRepository metadata: @@ -17,7 +12,7 @@ apiVersion: v1 kind: Secret metadata: name: wildcard-hxme-net - namespace: authentik + namespace: auth annotations: replicator.v1.mittwald.de/replicate-from: cert-manager/wildcard-hxme-net --- @@ -25,7 +20,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: authentik - namespace: authentik + namespace: auth spec: interval: 30m chart: diff --git a/new/charts/auth/namespace.yaml b/new/charts/auth/namespace.yaml new file mode 100644 index 0000000..c252dcd --- /dev/null +++ b/new/charts/auth/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: ai diff --git a/deployments/dns/bind.yaml b/new/charts/dns/bind-master.yaml similarity index 99% rename from deployments/dns/bind.yaml rename to new/charts/dns/bind-master.yaml index 23eab06..7683f55 100644 --- a/deployments/dns/bind.yaml +++ b/new/charts/dns/bind-master.yaml @@ -136,3 +136,4 @@ spec: protocol: TCP targetPort: 53 + diff --git a/deployments/dns/externaldns.yaml b/new/charts/dns/externaldns.yaml similarity index 99% rename from deployments/dns/externaldns.yaml rename to new/charts/dns/externaldns.yaml index ed64c21..a029940 100644 --- a/deployments/dns/externaldns.yaml +++ b/new/charts/dns/externaldns.yaml @@ -72,4 +72,3 @@ spec: secretKeyRef: name: dns-secrets key: externaldns-secret - diff --git a/deployments/dns/namespace.yaml b/new/charts/dns/namespace.yaml similarity index 100% rename from deployments/dns/namespace.yaml rename to new/charts/dns/namespace.yaml diff --git a/new/charts/files/namespace.yaml b/new/charts/files/namespace.yaml new file mode 100644 index 0000000..311b86d --- /dev/null +++ b/new/charts/files/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: files diff --git a/deployments/files/nextcloud.yaml b/new/charts/files/nextcloud.yaml similarity index 97% rename from deployments/files/nextcloud.yaml rename to new/charts/files/nextcloud.yaml index 2ef2de0..cb3ab91 100644 --- a/deployments/files/nextcloud.yaml +++ b/new/charts/files/nextcloud.yaml @@ -1,10 +1,5 @@ --- apiVersion: v1 -kind: Namespace -metadata: - name: nextcloud ---- -apiVersion: v1 kind: PersistentVolume metadata: name: nextcloud-pv diff --git a/new/charts/media/namespace.yaml b/new/charts/media/namespace.yaml new file mode 100644 index 0000000..6a99325 --- /dev/null +++ b/new/charts/media/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: media diff --git a/deployments/monitoring/grafana.yaml b/new/charts/monitoring/grafana.yaml similarity index 100% rename from deployments/monitoring/grafana.yaml rename to new/charts/monitoring/grafana.yaml diff --git a/deployments/monitoring/loki.yaml b/new/charts/monitoring/loki.yaml similarity index 100% rename from deployments/monitoring/loki.yaml rename to new/charts/monitoring/loki.yaml diff --git a/new/charts/monitoring/namespace.yaml b/new/charts/monitoring/namespace.yaml new file mode 100644 index 0000000..ff7ae1b --- /dev/null +++ b/new/charts/monitoring/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: monitoring diff --git a/deployments/monitoring/prometheus.yaml b/new/charts/monitoring/prometheus.yaml similarity index 100% rename from deployments/monitoring/prometheus.yaml rename to new/charts/monitoring/prometheus.yaml diff --git a/deployments/monitoring/provider.yaml b/new/charts/monitoring/provider.yaml similarity index 100% rename from deployments/monitoring/provider.yaml rename to new/charts/monitoring/provider.yaml diff --git a/new/charts/remote/namespace.yaml b/new/charts/remote/namespace.yaml new file mode 100644 index 0000000..84965e5 --- /dev/null +++ b/new/charts/remote/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: remote diff --git a/deployments/remote-access/rustdesk.yaml b/new/charts/remote/rustdesk.yaml similarity index 94% rename from deployments/remote-access/rustdesk.yaml rename to new/charts/remote/rustdesk.yaml index 47ec81d..9e1ba31 100644 --- a/deployments/remote-access/rustdesk.yaml +++ b/new/charts/remote/rustdesk.yaml @@ -1,9 +1,4 @@ --- -apiVersion: v1 -kind: Namespace -metadata: - name: rustdesk ---- apiVersion: source.toolkit.fluxcd.io/v1 kind: HelmRepository metadata: @@ -17,7 +12,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: rustdesk-server - namespace: rustdesk + namespace: remote spec: interval: 30m chart: diff --git a/new/charts/social/namespace.yaml b/new/charts/social/namespace.yaml new file mode 100644 index 0000000..7c93211 --- /dev/null +++ b/new/charts/social/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: social diff --git a/new/charts/sync/linkwarden.yaml b/new/charts/sync/linkwarden.yaml new file mode 100644 index 0000000..770be83 --- /dev/null +++ b/new/charts/sync/linkwarden.yaml @@ -0,0 +1,60 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: linkwarden + namespace: sync +spec: + replicas: 1 + selector: + matchLabels: + app: linkwarden + template: + metadata: + labels: + app: linkwarden + spec: + containers: + - name: linkwarden + image: ghcr.io/linkwarden/linkwarden:latest + ports: + - containerPort: 8080 + env: + - name: ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: linkwarden-secret + key: admin-password + # Add other environment variables here as needed + volumeMounts: + - name: linkwarden-data + mountPath: /data + volumes: + - name: linkwarden-data + emptyDir: {} # Change to persistentVolumeClaim for production +--- +apiVersion: v1 +kind: Secret +metadata: + name: linkwarden-secret + namespace: sync +type: Opaque +stringData: + admin-password: "YourStrongAdminPasswordHere" +--- +apiVersion: v1 +kind: Service +metadata: + name: linkwarden + namespace: sync + annotations: + external-dns.alpha.kubernetes.io/hostname: lw.hxme.net +spec: + selector: + app: linkwarden + ports: + - protocol: TCP + port: 80 + targetPort: 8080 + type: ClusterIP + diff --git a/new/charts/sync/namespace.yaml b/new/charts/sync/namespace.yaml new file mode 100644 index 0000000..1477548 --- /dev/null +++ b/new/charts/sync/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: sync diff --git a/deployments/files/syncthing.yaml b/new/charts/sync/syncthing.yaml similarity index 92% rename from deployments/files/syncthing.yaml rename to new/charts/sync/syncthing.yaml index a7279b2..74dea87 100644 --- a/deployments/files/syncthing.yaml +++ b/new/charts/sync/syncthing.yaml @@ -1,14 +1,9 @@ --- apiVersion: v1 -kind: Namespace -metadata: - name: syncthing ---- -apiVersion: v1 kind: PersistentVolumeClaim metadata: name: syncthing-data - namespace: syncthing + namespace: sync spec: accessModes: - ReadWriteOnce @@ -33,7 +28,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: syncthing-share - namespace: syncthing + namespace: sync spec: accessModes: - ReadWriteOnce @@ -46,7 +41,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: syncthing - namespace: syncthing + namespace: sync spec: replicas: 1 selector: @@ -86,7 +81,7 @@ apiVersion: v1 kind: Service metadata: name: syncthing - namespace: syncthing + namespace: sync spec: selector: app: syncthing diff --git a/new/charts/sync/vaultwarden.yaml b/new/charts/sync/vaultwarden.yaml new file mode 100644 index 0000000..8bd7a74 --- /dev/null +++ b/new/charts/sync/vaultwarden.yaml @@ -0,0 +1,100 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: vaultwarden + namespace: sync + labels: + app: vaultwarden +spec: + replicas: 1 + selector: + matchLabels: + app: vaultwarden + template: + metadata: + labels: + app: vaultwarden + spec: + containers: + - name: vaultwarden + image: vaultwarden/server:1.30.5 + imagePullPolicy: IfNotPresent + env: + - name: WEBSOCKET_ENABLED + value: "true" + - name: SIGNUPS_ALLOWED + value: "false" + - name: DOMAIN + value: "https://vw.hxme.net" + - name: ADMIN_TOKEN + value: "CHANGEME_SUPER_SECRET" + ports: + - containerPort: 80 + name: http + volumeMounts: + - name: data + mountPath: /data + resources: + requests: + cpu: 50m + memory: 128Mi + limits: + cpu: 250m + memory: 512Mi + volumes: + - name: data + persistentVolumeClaim: + claimName: bitwarden-data +--- +apiVersion: v1 +kind: Service +metadata: + name: vaultwarden + namespace: sync + labels: + app: vaultwarden +spec: + type: ClusterIP + selector: + app: vaultwarden + ports: + - name: http + port: 80 + targetPort: http +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: vaultwarden + namespace: sync + annotations: + kubernetes.io/ingress.class: traefik +spec: + rules: + - host: vw.hxme.net + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: vaultwarden + port: + number: 80 + tls: + - hosts: + - vw.hxme.net + secretName: bitwarden-tls +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: bitwarden-data + namespace: sync +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + diff --git a/deployments/ssl/certmanager.yaml b/new/charts/util/certmanager.yaml similarity index 100% rename from deployments/ssl/certmanager.yaml rename to new/charts/util/certmanager.yaml diff --git a/deployments/operators/mariadb.yaml b/new/charts/util/mariadb.yaml similarity index 100% rename from deployments/operators/mariadb.yaml rename to new/charts/util/mariadb.yaml diff --git a/new/charts/util/namespace.yaml b/new/charts/util/namespace.yaml new file mode 100644 index 0000000..f860de2 --- /dev/null +++ b/new/charts/util/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: util diff --git a/deployments/operators/replicator.yaml b/new/charts/util/replicator.yaml similarity index 100% rename from deployments/operators/replicator.yaml rename to new/charts/util/replicator.yaml diff --git a/new/values.yaml b/new/values.yaml new file mode 100644 index 0000000..4bbdba6 --- /dev/null +++ b/new/values.yaml @@ -0,0 +1,24 @@ +ai: + enabled: true + +dns: + enabled: false + +media: + enabled: true + +monitoring: + enabled: true + +remote: + enabled: false + +social: + enabled: true + +sync: + enabled: false + +util: + enabled: true +