Migrate to chart layout dont want to deploy to test yet

deployments/kustomization.yaml

@@ -2,16 +2,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind:       Kustomization
 
 resources:
-  - monitoring/provider.yaml
-  - monitoring/grafana.yaml
-  - monitoring/loki.yaml
-  - monitoring/prometheus.yaml
-  - operators/mariadb.yaml
-  - operators/replicator.yaml
-  - dns/namespace.yaml
-  - dns/bind.yaml
-  - dns/externaldns.yaml
-  - ssl/certmanager.yaml
-  - auth/authentik.yaml
-  - files/nextcloud.yaml
-  - files/syncthing.yaml

home-server/Chart.yaml

@@ -0,0 +1,43 @@
+apiVersion: v2
+name: home-server
+description: A Helm chart that rolls a curated, functional home server
+version: 0.0.1
+
+dependencies:
+  - name: util
+    version: 0.0.1
+    repository: "file://charts/util"
+
+  - name: dns
+    version: 0.0.1
+    repository: "file://charts/dns"
+
+  - name: files
+    version: 0.0.1
+    repository: "file://charts/files"
+
+  - name: ai
+    version: 0.0.1
+    repository: "file://charts/ai"
+
+  - name: media
+    version: 0.0.1
+    repository: "file://charts/media"
+
+  - name: monitoring
+    version: 0.0.1
+    repository: "file://charts/monitoring"
+
+  - name: remote
+    version: 0.0.1
+    repository: "file://charts/remote"
+
+  - name: social
+    version: 0.0.1
+    repository: "file://charts/social"
+
+  - name: sync
+    version: 0.0.1
+    repository: "file://charts/sync"
+
+

home-server/templates/ai/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: ai

home-server/templates/ai/openwebui.yaml

@@ -0,0 +1,72 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: openwebui
+  namespace: ai
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: openwebui
+  template:
+    metadata:
+      labels:
+        app: openwebui
+    spec:
+      containers:
+        - name: openwebui
+          image: ghcr.io/open-webui/open-webui:latest
+          ports:
+            - containerPort: 8080
+          env:
+            - name: OLLAMA_BASE_URL
+              value: http://ollama:11434
+          volumeMounts:
+            - name: ai-storage
+              mountPath: /app/backend/data
+      volumes:
+        - name: ai-storage
+          hostPath:
+            path: /dpool/files/ai/
+            type: Directory
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: openwebui
+  namespace: ai
+spec:
+  selector:
+    app: openwebui
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: openwebui
+  namespace: ai
+  annotations:
+    kubernetes.io/ingress.class: "traefik" 
+    external-dns.alpha.kubernetes.io/hostname: nc.hxme.net
+spec:
+  rules:
+    - host: ai.hxme.net
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: openwebui
+                port:
+                  number: 80
+  tls:
+    - hosts:
+        - ai.hxme.net
+      secretName: openwebui-tls
+
+

home-server/templates/auth/authentik.yaml

@@ -1,9 +1,4 @@
 ---
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: authentik
----
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
@@ -17,7 +12,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: wildcard-hxme-net
-  namespace: authentik
+  namespace: auth
   annotations:
     replicator.v1.mittwald.de/replicate-from: cert-manager/wildcard-hxme-net
 ---
@@ -25,7 +20,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
   name: authentik
-  namespace: authentik
+  namespace: auth
 spec:
   interval: 30m
   chart:

home-server/templates/auth/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: ai

home-server/templates/dns/bind-master.yaml

@@ -136,3 +136,4 @@ spec:
       protocol: TCP
       targetPort: 53
 
+

home-server/templates/dns/externaldns.yaml

@@ -72,4 +72,3 @@ spec:
                 secretKeyRef:
                   name: dns-secrets
                   key: externaldns-secret
-

home-server/templates/files/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: files

home-server/templates/files/nextcloud.yaml

@@ -1,10 +1,5 @@
 ---
 apiVersion: v1
-kind: Namespace
-metadata:
-  name: nextcloud
----
-apiVersion: v1
 kind: PersistentVolume
 metadata:
   name: nextcloud-pv

home-server/templates/media/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: media

home-server/templates/monitoring/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: monitoring

home-server/templates/remote/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: remote

home-server/templates/remote/rustdesk.yaml

@@ -0,0 +1,72 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: rustdesk-charts
+  namespace: flux-system
+spec:
+  url: https://charts.rustdesk.com
+  interval: 1h
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: rustdesk-server
+  namespace: remote
+spec:
+  interval: 30m
+  chart:
+    spec:
+      chart: rustdesk-server
+      version: 0.5.0
+      sourceRef:
+        kind: HelmRepository
+        name: rustdesk-charts
+        namespace: flux-system
+  install:
+    createNamespace: true
+  values:
+    hbbs:
+      enabled: true
+      service:
+        type: ClusterIP
+        ports:
+          - name: tcp
+            port: 21115
+            targetPort: 21115
+          - name: tcp-hbbs
+            port: 21116
+            targetPort: 21116
+          - name: udp
+            port: 21116
+            targetPort: 21116
+            protocol: UDP
+
+    hbbr:
+      enabled: true
+      service:
+        type: ClusterIP
+        ports:
+          - name: tcp-hbbr
+            port: 21117
+            targetPort: 21117
+
+    ingress:
+      enabled: true
+      className: "traefik" # or nginx or your ingress class
+      annotations: {}
+      hosts:
+        - host: rd.hxme.net
+          paths:
+            - path: /
+              pathType: Prefix
+      tls:
+        - hosts:
+            - rd.hxme.net
+          secretName: rustdesk-tls
+
+    # Optional admin password – change this in production
+    env:
+      ENCRYPTED_ONLY: "false"
+      ENABLE_LOG: "true"
+

home-server/templates/social/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: social

home-server/templates/sync/linkwarden.yaml

@@ -0,0 +1,60 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: linkwarden
+  namespace: sync
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: linkwarden
+  template:
+    metadata:
+      labels:
+        app: linkwarden
+    spec:
+      containers:
+        - name: linkwarden
+          image: ghcr.io/linkwarden/linkwarden:latest
+          ports:
+            - containerPort: 8080
+          env:
+            - name: ADMIN_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: linkwarden-secret
+                  key: admin-password
+            # Add other environment variables here as needed
+          volumeMounts:
+            - name: linkwarden-data
+              mountPath: /data
+      volumes:
+        - name: linkwarden-data
+          emptyDir: {} # Change to persistentVolumeClaim for production
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: linkwarden-secret
+  namespace: sync
+type: Opaque
+stringData:
+  admin-password: "YourStrongAdminPasswordHere"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: linkwarden
+  namespace: sync
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: lw.hxme.net
+spec:
+  selector:
+    app: linkwarden
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+  type: ClusterIP
+

home-server/templates/sync/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: sync

home-server/templates/sync/syncthing.yaml

@@ -1,14 +1,9 @@
 ---
 apiVersion: v1
-kind: Namespace
-metadata:
-  name: syncthing
----
-apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: syncthing-data
-  namespace: syncthing
+  namespace: sync
 spec:
   accessModes:
     - ReadWriteOnce
@@ -33,7 +28,7 @@ apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: syncthing-share
-  namespace: syncthing
+  namespace: sync
 spec:
   accessModes:
     - ReadWriteOnce
@@ -46,7 +41,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: syncthing
-  namespace: syncthing
+  namespace: sync
 spec:
   replicas: 1
   selector:
@@ -86,7 +81,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: syncthing
-  namespace: syncthing
+  namespace: sync
 spec:
   selector:
     app: syncthing

home-server/templates/sync/vaultwarden.yaml

@@ -0,0 +1,100 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: vaultwarden
+  namespace: sync
+  labels:
+    app: vaultwarden
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: vaultwarden
+  template:
+    metadata:
+      labels:
+        app: vaultwarden
+    spec:
+      containers:
+        - name: vaultwarden
+          image: vaultwarden/server:1.30.5
+          imagePullPolicy: IfNotPresent
+          env:
+            - name: WEBSOCKET_ENABLED
+              value: "true"
+            - name: SIGNUPS_ALLOWED
+              value: "false"
+            - name: DOMAIN
+              value: "https://vw.hxme.net"
+            - name: ADMIN_TOKEN
+              value: "CHANGEME_SUPER_SECRET"
+          ports:
+            - containerPort: 80
+              name: http
+          volumeMounts:
+            - name: data
+              mountPath: /data
+          resources:
+            requests:
+              cpu: 50m
+              memory: 128Mi
+            limits:
+              cpu: 250m
+              memory: 512Mi
+      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: bitwarden-data
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: vaultwarden
+  namespace: sync
+  labels:
+    app: vaultwarden
+spec:
+  type: ClusterIP
+  selector:
+    app: vaultwarden
+  ports:
+    - name: http
+      port: 80
+      targetPort: http
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: vaultwarden
+  namespace: sync
+  annotations:
+    kubernetes.io/ingress.class: traefik
+spec:
+  rules:
+    - host: vw.hxme.net
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: vaultwarden
+                port:
+                  number: 80
+  tls:
+    - hosts:
+        - vw.hxme.net
+      secretName: bitwarden-tls
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: bitwarden-data
+  namespace: sync
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+

home-server/templates/util/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: util

home-server/values.yaml

@@ -0,0 +1,24 @@
+ai:
+  enabled: true
+
+dns:
+  enabled: false
+
+media:
+  enabled: true
+
+monitoring:
+  enabled: true
+
+remote:
+  enabled: false
+
+social:
+  enabled: true
+
+sync:
+  enabled: false
+
+util:
+  enabled: true
+