start from an easier starting point

old-manifests/templates/sync/linkwarden.yaml

@@ -0,0 +1,60 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: linkwarden
+  namespace: sync
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: linkwarden
+  template:
+    metadata:
+      labels:
+        app: linkwarden
+    spec:
+      containers:
+        - name: linkwarden
+          image: ghcr.io/linkwarden/linkwarden:latest
+          ports:
+            - containerPort: 8080
+          env:
+            - name: ADMIN_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: linkwarden-secret
+                  key: admin-password
+            # Add other environment variables here as needed
+          volumeMounts:
+            - name: linkwarden-data
+              mountPath: /data
+      volumes:
+        - name: linkwarden-data
+          emptyDir: {} # Change to persistentVolumeClaim for production
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: linkwarden-secret
+  namespace: sync
+type: Opaque
+stringData:
+  admin-password: "YourStrongAdminPasswordHere"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: linkwarden
+  namespace: sync
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: lw.hxme.net
+spec:
+  selector:
+    app: linkwarden
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+  type: ClusterIP
+

old-manifests/templates/sync/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: sync

old-manifests/templates/sync/syncthing.yaml

@@ -0,0 +1,104 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: syncthing-data
+  namespace: sync
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 5Gi
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: syncthing-share-pv
+spec:
+  capacity:
+    storage: 1000Gi
+  accessModes:
+    - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  hostPath:
+    path: /dpool/files
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: syncthing-share
+  namespace: sync
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1000Gi
+  volumeName: syncthing-share-pv
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: syncthing
+  namespace: sync
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: syncthing
+  template:
+    metadata:
+      labels:
+        app: syncthing
+    spec:
+      containers:
+        - name: syncthing
+          image: syncthing/syncthing:latest
+          ports:
+            - containerPort: 8384 
+            - containerPort: 22000
+            - containerPort: 21027
+              protocol: UDP
+          volumeMounts:
+            - name: syncthing-data
+              mountPath: /var/syncthing
+            - name: syncthing-share
+              mountPath: /shared 
+          securityContext:
+            runAsUser:  1000
+            runAsGroup: 1000
+            fsGroup:    1000
+      volumes:
+        - name: syncthing-data
+          persistentVolumeClaim:
+            claimName: syncthing-data
+        - name: syncthing-share
+          persistentVolumeClaim:
+            claimName: syncthing-share
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: syncthing
+  namespace: sync
+spec:
+  selector:
+    app: syncthing
+  ports:
+    - name: web-ui
+      port: 8384
+      targetPort: 8384
+    - name: sync-tcp
+      port: 22000
+      targetPort: 22000
+    - name: sync-udp
+      port: 22000
+      protocol: UDP
+      targetPort: 22000
+    - name: discovery
+      port: 21027
+      protocol: UDP
+      targetPort: 21027
+  type: ClusterIP
+

old-manifests/templates/sync/vaultwarden.yaml

@@ -0,0 +1,100 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: vaultwarden
+  namespace: sync
+  labels:
+    app: vaultwarden
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: vaultwarden
+  template:
+    metadata:
+      labels:
+        app: vaultwarden
+    spec:
+      containers:
+        - name: vaultwarden
+          image: vaultwarden/server:1.30.5
+          imagePullPolicy: IfNotPresent
+          env:
+            - name: WEBSOCKET_ENABLED
+              value: "true"
+            - name: SIGNUPS_ALLOWED
+              value: "false"
+            - name: DOMAIN
+              value: "https://vw.hxme.net"
+            - name: ADMIN_TOKEN
+              value: "CHANGEME_SUPER_SECRET"
+          ports:
+            - containerPort: 80
+              name: http
+          volumeMounts:
+            - name: data
+              mountPath: /data
+          resources:
+            requests:
+              cpu: 50m
+              memory: 128Mi
+            limits:
+              cpu: 250m
+              memory: 512Mi
+      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: bitwarden-data
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: vaultwarden
+  namespace: sync
+  labels:
+    app: vaultwarden
+spec:
+  type: ClusterIP
+  selector:
+    app: vaultwarden
+  ports:
+    - name: http
+      port: 80
+      targetPort: http
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: vaultwarden
+  namespace: sync
+  annotations:
+    kubernetes.io/ingress.class: traefik
+spec:
+  rules:
+    - host: vw.hxme.net
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: vaultwarden
+                port:
+                  number: 80
+  tls:
+    - hosts:
+        - vw.hxme.net
+      secretName: bitwarden-tls
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: bitwarden-data
+  namespace: sync
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+