From f1a76a715ccc7e17c05beaed997e21f619483d9e Mon Sep 17 00:00:00 2001 From: j Date: Sat, 5 Jul 2025 21:34:21 +1000 Subject: [PATCH 1/3] YESUS --- README.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9f0c069..a10e6d6 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,10 @@ # home-server -Kubernetes manifests that define my home server \ No newline at end of file +Kubernetes manifests that define my home server + +THIS SPIRALED + +Originally a kustomize but I wanted to be able to let others use it and tweak +hostname values, so it became my first ever Helm chart. + +I know I don't love Helm, but I needed to us it sadly. From e0386f8f730ebc75cfbd4e6901a6222fc259deec Mon Sep 17 00:00:00 2001 From: j Date: Sat, 5 Jul 2025 21:34:32 +1000 Subject: [PATCH 2/3] start from an easier starting point --- charts/dns/Chart.yaml | 10 ++ charts/dns/templates/clusterrole.yaml | 32 +++++ charts/dns/templates/external-dns.yaml | 38 +++++ charts/dns/templates/master.yaml | 136 ++++++++++++++++++ home-server/Chart.yaml | 32 ----- old-manifests/Chart.yaml | 41 ++++++ .../templates/ai/namespace.yaml | 0 .../templates/ai/openwebui.yaml | 0 .../templates/auth/authentik.yaml | 0 .../templates/auth/namespace.yaml | 0 .../templates/dns/Chart.yaml | 0 .../templates/dns/bind-master.yaml | 0 .../templates/dns/externaldns.yaml | 0 .../templates/dns/namespace.yaml | 0 .../templates/files/namespace.yaml | 0 .../templates/files/nextcloud.yaml | 0 .../templates/media/namespace.yaml | 0 .../templates/monitoring/grafana.yaml | 0 .../templates/monitoring/loki.yaml | 0 .../templates/monitoring/namespace.yaml | 0 .../templates/monitoring/prometheus.yaml | 0 .../templates/monitoring/provider.yaml | 0 .../templates/remote/namespace.yaml | 0 .../templates/remote/rustdesk.yaml | 0 .../templates/social/namespace.yaml | 0 .../templates/sync/linkwarden.yaml | 0 .../templates/sync/namespace.yaml | 0 .../templates/sync/syncthing.yaml | 0 .../templates/sync/vaultwarden.yaml | 0 .../templates/util/Chart.yaml | 0 .../util/templates/00-namespace.yaml | 0 .../util/templates/10-replicator.yaml | 0 .../util/templates/20-certmanager.yaml | 0 .../templates/util/templates/20-mariadb.yaml | 0 old-manifests/values.yaml | 24 ++++ 35 files changed, 281 insertions(+), 32 deletions(-) create mode 100644 charts/dns/Chart.yaml create mode 100644 charts/dns/templates/clusterrole.yaml create mode 100644 charts/dns/templates/external-dns.yaml create mode 100644 charts/dns/templates/master.yaml create mode 100644 old-manifests/Chart.yaml rename {home-server => old-manifests}/templates/ai/namespace.yaml (100%) rename {home-server => old-manifests}/templates/ai/openwebui.yaml (100%) rename {home-server => old-manifests}/templates/auth/authentik.yaml (100%) rename {home-server => old-manifests}/templates/auth/namespace.yaml (100%) rename {home-server => old-manifests}/templates/dns/Chart.yaml (100%) rename {home-server => old-manifests}/templates/dns/bind-master.yaml (100%) rename {home-server => old-manifests}/templates/dns/externaldns.yaml (100%) rename {home-server => old-manifests}/templates/dns/namespace.yaml (100%) rename {home-server => old-manifests}/templates/files/namespace.yaml (100%) rename {home-server => old-manifests}/templates/files/nextcloud.yaml (100%) rename {home-server => old-manifests}/templates/media/namespace.yaml (100%) rename {home-server => old-manifests}/templates/monitoring/grafana.yaml (100%) rename {home-server => old-manifests}/templates/monitoring/loki.yaml (100%) rename {home-server => old-manifests}/templates/monitoring/namespace.yaml (100%) rename {home-server => old-manifests}/templates/monitoring/prometheus.yaml (100%) rename {home-server => old-manifests}/templates/monitoring/provider.yaml (100%) rename {home-server => old-manifests}/templates/remote/namespace.yaml (100%) rename {home-server => old-manifests}/templates/remote/rustdesk.yaml (100%) rename {home-server => old-manifests}/templates/social/namespace.yaml (100%) rename {home-server => old-manifests}/templates/sync/linkwarden.yaml (100%) rename {home-server => old-manifests}/templates/sync/namespace.yaml (100%) rename {home-server => old-manifests}/templates/sync/syncthing.yaml (100%) rename {home-server => old-manifests}/templates/sync/vaultwarden.yaml (100%) rename {home-server => old-manifests}/templates/util/Chart.yaml (100%) rename {home-server => old-manifests}/templates/util/templates/00-namespace.yaml (100%) rename {home-server => old-manifests}/templates/util/templates/10-replicator.yaml (100%) rename {home-server => old-manifests}/templates/util/templates/20-certmanager.yaml (100%) rename {home-server => old-manifests}/templates/util/templates/20-mariadb.yaml (100%) create mode 100644 old-manifests/values.yaml diff --git a/charts/dns/Chart.yaml b/charts/dns/Chart.yaml new file mode 100644 index 0000000..93c28a8 --- /dev/null +++ b/charts/dns/Chart.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: v2 +name: home-server-dns +description: Deploys a master/slave DNS server with External DNS for declaring hostnames with annotations. +version: 0.0.1 + +dependencies: + - name: util + version: 0.0.1 + repository: "file://templates/util" diff --git a/charts/dns/templates/clusterrole.yaml b/charts/dns/templates/clusterrole.yaml new file mode 100644 index 0000000..a01f23b --- /dev/null +++ b/charts/dns/templates/clusterrole.yaml @@ -0,0 +1,32 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: external-dns +rules: + - apiGroups: [""] + resources: ["services","endpoints","pods"] + verbs: ["get","watch","list"] + - apiGroups: ["extensions","networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get","watch","list"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["list","watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: external-dns-viewer +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: external-dns +subjects: + - kind: ServiceAccount + name: external-dns +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: external-dns diff --git a/charts/dns/templates/external-dns.yaml b/charts/dns/templates/external-dns.yaml new file mode 100644 index 0000000..4705370 --- /dev/null +++ b/charts/dns/templates/external-dns.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: external-dns +spec: + replicas: 1 + selector: + matchLabels: + app: external-dns + template: + metadata: + labels: + app: external-dns + spec: + serviceAccountName: external-dns + containers: + - name: external-dns + image: bitnami/external-dns:latest + args: + - --source=service + - --source=ingress + - --provider=rfc2136 + - --rfc2136-host=bind-master.dns.svc.cluster.local + - --rfc2136-port=53 + - --rfc2136-zone=hxme.net + - --rfc2136-tsig-secret=$(RFC2136_TSIG_SECRET) + - --rfc2136-tsig-secret-alg=hmac-sha256 + - --rfc2136-tsig-keyname=externaldns-key + - --policy=sync + - --registry=txt + - --txt-owner-id=my-cluster + env: + - name: RFC2136_TSIG_SECRET + valueFrom: + secretKeyRef: + name: dns-secrets + key: externaldns-secret diff --git a/charts/dns/templates/master.yaml b/charts/dns/templates/master.yaml new file mode 100644 index 0000000..aed06f4 --- /dev/null +++ b/charts/dns/templates/master.yaml @@ -0,0 +1,136 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: bind-master-config +data: + named.conf: | + include "/etc/bind/externaldns-key.conf"; + + options { + directory "/var/cache/bind"; + + recursion yes; + allow-query { any; }; + + listen-on port 53 { any; }; + listen-on-v6 port 53 { any; }; + + forwarders { + 10.40.0.254; + }; + + dnssec-validation auto; + }; + + zone "." IN { + type hint; + file "/usr/share/dns/root.hints"; + }; + + zone "hxme.net." IN { + type master; + file "/etc/bind/db.hxme.net"; + allow-update { key "externaldns-key"; }; + }; + db.hxme.net: | + $TTL 3600 + @ IN SOA ns1.hxme.net. admin.hxme.net. ( + 1 ; Serial + 7200 ; Refresh + 1800 ; Retry + 1209600 ; Expire + 86400 ) ; Negative Cache TTL + ; + @ IN NS ns1.hxme.net. + ns1 IN A 10.40.0.110 + @ IN A 10.40.0.110 + www IN A 10.40.0.110 +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: bind-master +spec: + selector: + matchLabels: + app: bind-master + template: + metadata: + labels: + app: bind-master + spec: + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + securityContext: + fsGroup: 999 + initContainers: + - name: fetch-root-hints + image: debian:12 + command: + - sh + - -c + - | + apt update && apt -y install curl + curl -sfSL https://www.internic.net/domain/named.cache -o /usr/share/dns/root.hints + volumeMounts: + - mountPath: /usr/share/dns + name: root-hints + containers: + - name: bind-master + image: internetsystemsconsortium/bind9:9.18 + command: ["named", "-g", "-c", "/etc/bind/named.conf"] + ports: + - containerPort: 53 + protocol: UDP + - containerPort: 53 + protocol: TCP + volumeMounts: + - name: config + mountPath: /etc/bind/named.conf + subPath: named.conf + - name: config + mountPath: /etc/bind/db.hxme.net + subPath: db.hxme.net + - name: dns-secrets + mountPath: /etc/bind/externaldns-key.conf + subPath: externaldns-key.conf + - name: bind-cache + mountPath: /var/cache/bind + - name: bind-rundir + mountPath: /var/run/named + - name: root-hints + mountPath: /usr/share/dns + volumes: + - name: dns-secrets + secret: + secretName: dns-secrets + - name: config + configMap: + name: bind-master-config + - name: bind-cache + emptyDir: {} + - name: bind-rundir + emptyDir: {} + - name: root-hints + emptyDir: {} + +--- +apiVersion: v1 +kind: Service +metadata: + name: bind-master +spec: + selector: + app: bind-master + ports: + - name: dns-udp + port: 53 + protocol: UDP + targetPort: 53 + - name: dns-tcp + port: 53 + protocol: TCP + targetPort: 53 + + diff --git a/home-server/Chart.yaml b/home-server/Chart.yaml index 98f4c4b..2c171b0 100644 --- a/home-server/Chart.yaml +++ b/home-server/Chart.yaml @@ -7,35 +7,3 @@ dependencies: - name: util version: 0.0.1 repository: "file://templates/util" - - - name: dns - version: 0.0.1 - repository: "file://templates/dns" -# -# - name: files -# version: 0.0.1 -# repository: "file://templates/files" -# -# - name: ai -# version: 0.0.1 -# repository: "file://templates/ai" -# -# - name: media -# version: 0.0.1 -# repository: "file://templates/media" -# -# - name: monitoring -# version: 0.0.1 -# repository: "file://templates/monitoring" -# -# - name: remote -# version: 0.0.1 -# repository: "file://templates/remote" -# -# - name: social -# version: 0.0.1 -# repository: "file://templates/social" -# -# - name: sync -# version: 0.0.1 -# repository: "file://templates/sync" diff --git a/old-manifests/Chart.yaml b/old-manifests/Chart.yaml new file mode 100644 index 0000000..98f4c4b --- /dev/null +++ b/old-manifests/Chart.yaml @@ -0,0 +1,41 @@ +apiVersion: v2 +name: home-server +description: A Helm chart that rolls a curated, functional home server +version: 0.0.1 + +dependencies: + - name: util + version: 0.0.1 + repository: "file://templates/util" + + - name: dns + version: 0.0.1 + repository: "file://templates/dns" +# +# - name: files +# version: 0.0.1 +# repository: "file://templates/files" +# +# - name: ai +# version: 0.0.1 +# repository: "file://templates/ai" +# +# - name: media +# version: 0.0.1 +# repository: "file://templates/media" +# +# - name: monitoring +# version: 0.0.1 +# repository: "file://templates/monitoring" +# +# - name: remote +# version: 0.0.1 +# repository: "file://templates/remote" +# +# - name: social +# version: 0.0.1 +# repository: "file://templates/social" +# +# - name: sync +# version: 0.0.1 +# repository: "file://templates/sync" diff --git a/home-server/templates/ai/namespace.yaml b/old-manifests/templates/ai/namespace.yaml similarity index 100% rename from home-server/templates/ai/namespace.yaml rename to old-manifests/templates/ai/namespace.yaml diff --git a/home-server/templates/ai/openwebui.yaml b/old-manifests/templates/ai/openwebui.yaml similarity index 100% rename from home-server/templates/ai/openwebui.yaml rename to old-manifests/templates/ai/openwebui.yaml diff --git a/home-server/templates/auth/authentik.yaml b/old-manifests/templates/auth/authentik.yaml similarity index 100% rename from home-server/templates/auth/authentik.yaml rename to old-manifests/templates/auth/authentik.yaml diff --git a/home-server/templates/auth/namespace.yaml b/old-manifests/templates/auth/namespace.yaml similarity index 100% rename from home-server/templates/auth/namespace.yaml rename to old-manifests/templates/auth/namespace.yaml diff --git a/home-server/templates/dns/Chart.yaml b/old-manifests/templates/dns/Chart.yaml similarity index 100% rename from home-server/templates/dns/Chart.yaml rename to old-manifests/templates/dns/Chart.yaml diff --git a/home-server/templates/dns/bind-master.yaml b/old-manifests/templates/dns/bind-master.yaml similarity index 100% rename from home-server/templates/dns/bind-master.yaml rename to old-manifests/templates/dns/bind-master.yaml diff --git a/home-server/templates/dns/externaldns.yaml b/old-manifests/templates/dns/externaldns.yaml similarity index 100% rename from home-server/templates/dns/externaldns.yaml rename to old-manifests/templates/dns/externaldns.yaml diff --git a/home-server/templates/dns/namespace.yaml b/old-manifests/templates/dns/namespace.yaml similarity index 100% rename from home-server/templates/dns/namespace.yaml rename to old-manifests/templates/dns/namespace.yaml diff --git a/home-server/templates/files/namespace.yaml b/old-manifests/templates/files/namespace.yaml similarity index 100% rename from home-server/templates/files/namespace.yaml rename to old-manifests/templates/files/namespace.yaml diff --git a/home-server/templates/files/nextcloud.yaml b/old-manifests/templates/files/nextcloud.yaml similarity index 100% rename from home-server/templates/files/nextcloud.yaml rename to old-manifests/templates/files/nextcloud.yaml diff --git a/home-server/templates/media/namespace.yaml b/old-manifests/templates/media/namespace.yaml similarity index 100% rename from home-server/templates/media/namespace.yaml rename to old-manifests/templates/media/namespace.yaml diff --git a/home-server/templates/monitoring/grafana.yaml b/old-manifests/templates/monitoring/grafana.yaml similarity index 100% rename from home-server/templates/monitoring/grafana.yaml rename to old-manifests/templates/monitoring/grafana.yaml diff --git a/home-server/templates/monitoring/loki.yaml b/old-manifests/templates/monitoring/loki.yaml similarity index 100% rename from home-server/templates/monitoring/loki.yaml rename to old-manifests/templates/monitoring/loki.yaml diff --git a/home-server/templates/monitoring/namespace.yaml b/old-manifests/templates/monitoring/namespace.yaml similarity index 100% rename from home-server/templates/monitoring/namespace.yaml rename to old-manifests/templates/monitoring/namespace.yaml diff --git a/home-server/templates/monitoring/prometheus.yaml b/old-manifests/templates/monitoring/prometheus.yaml similarity index 100% rename from home-server/templates/monitoring/prometheus.yaml rename to old-manifests/templates/monitoring/prometheus.yaml diff --git a/home-server/templates/monitoring/provider.yaml b/old-manifests/templates/monitoring/provider.yaml similarity index 100% rename from home-server/templates/monitoring/provider.yaml rename to old-manifests/templates/monitoring/provider.yaml diff --git a/home-server/templates/remote/namespace.yaml b/old-manifests/templates/remote/namespace.yaml similarity index 100% rename from home-server/templates/remote/namespace.yaml rename to old-manifests/templates/remote/namespace.yaml diff --git a/home-server/templates/remote/rustdesk.yaml b/old-manifests/templates/remote/rustdesk.yaml similarity index 100% rename from home-server/templates/remote/rustdesk.yaml rename to old-manifests/templates/remote/rustdesk.yaml diff --git a/home-server/templates/social/namespace.yaml b/old-manifests/templates/social/namespace.yaml similarity index 100% rename from home-server/templates/social/namespace.yaml rename to old-manifests/templates/social/namespace.yaml diff --git a/home-server/templates/sync/linkwarden.yaml b/old-manifests/templates/sync/linkwarden.yaml similarity index 100% rename from home-server/templates/sync/linkwarden.yaml rename to old-manifests/templates/sync/linkwarden.yaml diff --git a/home-server/templates/sync/namespace.yaml b/old-manifests/templates/sync/namespace.yaml similarity index 100% rename from home-server/templates/sync/namespace.yaml rename to old-manifests/templates/sync/namespace.yaml diff --git a/home-server/templates/sync/syncthing.yaml b/old-manifests/templates/sync/syncthing.yaml similarity index 100% rename from home-server/templates/sync/syncthing.yaml rename to old-manifests/templates/sync/syncthing.yaml diff --git a/home-server/templates/sync/vaultwarden.yaml b/old-manifests/templates/sync/vaultwarden.yaml similarity index 100% rename from home-server/templates/sync/vaultwarden.yaml rename to old-manifests/templates/sync/vaultwarden.yaml diff --git a/home-server/templates/util/Chart.yaml b/old-manifests/templates/util/Chart.yaml similarity index 100% rename from home-server/templates/util/Chart.yaml rename to old-manifests/templates/util/Chart.yaml diff --git a/home-server/templates/util/templates/00-namespace.yaml b/old-manifests/templates/util/templates/00-namespace.yaml similarity index 100% rename from home-server/templates/util/templates/00-namespace.yaml rename to old-manifests/templates/util/templates/00-namespace.yaml diff --git a/home-server/templates/util/templates/10-replicator.yaml b/old-manifests/templates/util/templates/10-replicator.yaml similarity index 100% rename from home-server/templates/util/templates/10-replicator.yaml rename to old-manifests/templates/util/templates/10-replicator.yaml diff --git a/home-server/templates/util/templates/20-certmanager.yaml b/old-manifests/templates/util/templates/20-certmanager.yaml similarity index 100% rename from home-server/templates/util/templates/20-certmanager.yaml rename to old-manifests/templates/util/templates/20-certmanager.yaml diff --git a/home-server/templates/util/templates/20-mariadb.yaml b/old-manifests/templates/util/templates/20-mariadb.yaml similarity index 100% rename from home-server/templates/util/templates/20-mariadb.yaml rename to old-manifests/templates/util/templates/20-mariadb.yaml diff --git a/old-manifests/values.yaml b/old-manifests/values.yaml new file mode 100644 index 0000000..4bbdba6 --- /dev/null +++ b/old-manifests/values.yaml @@ -0,0 +1,24 @@ +ai: + enabled: true + +dns: + enabled: false + +media: + enabled: true + +monitoring: + enabled: true + +remote: + enabled: false + +social: + enabled: true + +sync: + enabled: false + +util: + enabled: true + From 1ac9f74334ce219dd7f1754676d2348601ef5bb2 Mon Sep 17 00:00:00 2001 From: j Date: Sat, 5 Jul 2025 21:35:11 +1000 Subject: [PATCH 3/3] Deploy charts/dns --- charts/dns/Chart.yaml | 5 ----- deployments/home-server.yaml | 2 +- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/charts/dns/Chart.yaml b/charts/dns/Chart.yaml index 93c28a8..0c8db9e 100644 --- a/charts/dns/Chart.yaml +++ b/charts/dns/Chart.yaml @@ -3,8 +3,3 @@ apiVersion: v2 name: home-server-dns description: Deploys a master/slave DNS server with External DNS for declaring hostnames with annotations. version: 0.0.1 - -dependencies: - - name: util - version: 0.0.1 - repository: "file://templates/util" diff --git a/deployments/home-server.yaml b/deployments/home-server.yaml index f43a9b6..8a9bbb9 100644 --- a/deployments/home-server.yaml +++ b/deployments/home-server.yaml @@ -21,7 +21,7 @@ spec: interval: 1m chart: spec: - chart: ./home-server + chart: ./charts/dns sourceRef: kind: GitRepository name: home-server