diff --git a/new/charts/auth/authentik.yaml b/deployments/auth/authentik.yaml similarity index 89% rename from new/charts/auth/authentik.yaml rename to deployments/auth/authentik.yaml index c1c5b32..ced40ed 100644 --- a/new/charts/auth/authentik.yaml +++ b/deployments/auth/authentik.yaml @@ -1,4 +1,9 @@ --- +apiVersion: v1 +kind: Namespace +metadata: + name: authentik +--- apiVersion: source.toolkit.fluxcd.io/v1 kind: HelmRepository metadata: @@ -12,7 +17,7 @@ apiVersion: v1 kind: Secret metadata: name: wildcard-hxme-net - namespace: auth + namespace: authentik annotations: replicator.v1.mittwald.de/replicate-from: cert-manager/wildcard-hxme-net --- @@ -20,7 +25,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: authentik - namespace: auth + namespace: authentik spec: interval: 30m chart: diff --git a/new/charts/dns/bind-master.yaml b/deployments/dns/bind.yaml similarity index 99% rename from new/charts/dns/bind-master.yaml rename to deployments/dns/bind.yaml index 7683f55..23eab06 100644 --- a/new/charts/dns/bind-master.yaml +++ b/deployments/dns/bind.yaml @@ -136,4 +136,3 @@ spec: protocol: TCP targetPort: 53 - diff --git a/new/charts/dns/externaldns.yaml b/deployments/dns/externaldns.yaml similarity index 99% rename from new/charts/dns/externaldns.yaml rename to deployments/dns/externaldns.yaml index a029940..ed64c21 100644 --- a/new/charts/dns/externaldns.yaml +++ b/deployments/dns/externaldns.yaml @@ -72,3 +72,4 @@ spec: secretKeyRef: name: dns-secrets key: externaldns-secret + diff --git a/new/charts/dns/namespace.yaml b/deployments/dns/namespace.yaml similarity index 100% rename from new/charts/dns/namespace.yaml rename to deployments/dns/namespace.yaml diff --git a/new/charts/files/nextcloud.yaml b/deployments/files/nextcloud.yaml similarity index 97% rename from new/charts/files/nextcloud.yaml rename to deployments/files/nextcloud.yaml index cb3ab91..2ef2de0 100644 --- a/new/charts/files/nextcloud.yaml +++ b/deployments/files/nextcloud.yaml @@ -1,5 +1,10 @@ --- apiVersion: v1 +kind: Namespace +metadata: + name: nextcloud +--- +apiVersion: v1 kind: PersistentVolume metadata: name: nextcloud-pv diff --git a/new/charts/sync/syncthing.yaml b/deployments/files/syncthing.yaml similarity index 92% rename from new/charts/sync/syncthing.yaml rename to deployments/files/syncthing.yaml index 74dea87..a7279b2 100644 --- a/new/charts/sync/syncthing.yaml +++ b/deployments/files/syncthing.yaml @@ -1,9 +1,14 @@ --- apiVersion: v1 +kind: Namespace +metadata: + name: syncthing +--- +apiVersion: v1 kind: PersistentVolumeClaim metadata: name: syncthing-data - namespace: sync + namespace: syncthing spec: accessModes: - ReadWriteOnce @@ -28,7 +33,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: syncthing-share - namespace: sync + namespace: syncthing spec: accessModes: - ReadWriteOnce @@ -41,7 +46,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: syncthing - namespace: sync + namespace: syncthing spec: replicas: 1 selector: @@ -81,7 +86,7 @@ apiVersion: v1 kind: Service metadata: name: syncthing - namespace: sync + namespace: syncthing spec: selector: app: syncthing diff --git a/deployments/kustomization.yaml b/deployments/kustomization.yaml index 8525795..04b8189 100644 --- a/deployments/kustomization.yaml +++ b/deployments/kustomization.yaml @@ -2,3 +2,16 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: + - monitoring/provider.yaml + - monitoring/grafana.yaml + - monitoring/loki.yaml + - monitoring/prometheus.yaml + - operators/mariadb.yaml + - operators/replicator.yaml + - dns/namespace.yaml + - dns/bind.yaml + - dns/externaldns.yaml + - ssl/certmanager.yaml + - auth/authentik.yaml + - files/nextcloud.yaml + - files/syncthing.yaml diff --git a/new/charts/monitoring/grafana.yaml b/deployments/monitoring/grafana.yaml similarity index 100% rename from new/charts/monitoring/grafana.yaml rename to deployments/monitoring/grafana.yaml diff --git a/new/charts/monitoring/loki.yaml b/deployments/monitoring/loki.yaml similarity index 100% rename from new/charts/monitoring/loki.yaml rename to deployments/monitoring/loki.yaml diff --git a/new/charts/monitoring/prometheus.yaml b/deployments/monitoring/prometheus.yaml similarity index 100% rename from new/charts/monitoring/prometheus.yaml rename to deployments/monitoring/prometheus.yaml diff --git a/new/charts/monitoring/provider.yaml b/deployments/monitoring/provider.yaml similarity index 100% rename from new/charts/monitoring/provider.yaml rename to deployments/monitoring/provider.yaml diff --git a/new/charts/util/mariadb.yaml b/deployments/operators/mariadb.yaml similarity index 100% rename from new/charts/util/mariadb.yaml rename to deployments/operators/mariadb.yaml diff --git a/new/charts/util/replicator.yaml b/deployments/operators/replicator.yaml similarity index 100% rename from new/charts/util/replicator.yaml rename to deployments/operators/replicator.yaml diff --git a/new/charts/util/certmanager.yaml b/deployments/ssl/certmanager.yaml similarity index 100% rename from new/charts/util/certmanager.yaml rename to deployments/ssl/certmanager.yaml diff --git a/new/Chart.yaml b/new/Chart.yaml deleted file mode 100644 index f6cbdbb..0000000 --- a/new/Chart.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: v2 -name: home-server -description: A Helm chart that rolls a curated, functional home server -version: 0.0.1 - -dependencies: - - name: ai - version: 0.0.1 - repository: "file://charts/ai" - - name: dns - version: 0.0.1 - repository: "file://charts/dns" - - name: media - version: 0.0.1 - repository: "file://charts/media" - - name: monitoring - version: 0.0.1 - repository: "file://charts/monitoring" - - name: remote - version: 0.0.1 - repository: "file://charts/remote" - - name: social - version: 0.0.1 - repository: "file://charts/social" - - name: sync - version: 0.0.1 - repository: "file://charts/sync" - - name: util - version: 0.0.1 - repository: "file://charts/util" - diff --git a/new/charts/ai/namespace.yaml b/new/charts/ai/namespace.yaml deleted file mode 100644 index c252dcd..0000000 --- a/new/charts/ai/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: ai diff --git a/new/charts/ai/openwebui.yaml b/new/charts/ai/openwebui.yaml deleted file mode 100644 index f6ed214..0000000 --- a/new/charts/ai/openwebui.yaml +++ /dev/null @@ -1,72 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: openwebui - namespace: ai -spec: - replicas: 1 - selector: - matchLabels: - app: openwebui - template: - metadata: - labels: - app: openwebui - spec: - containers: - - name: openwebui - image: ghcr.io/open-webui/open-webui:latest - ports: - - containerPort: 8080 - env: - - name: OLLAMA_BASE_URL - value: http://ollama:11434 - volumeMounts: - - name: ai-storage - mountPath: /app/backend/data - volumes: - - name: ai-storage - hostPath: - path: /dpool/files/ai/ - type: Directory ---- -apiVersion: v1 -kind: Service -metadata: - name: openwebui - namespace: ai -spec: - selector: - app: openwebui - ports: - - protocol: TCP - port: 80 - targetPort: 8080 ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: openwebui - namespace: ai - annotations: - kubernetes.io/ingress.class: "traefik" - external-dns.alpha.kubernetes.io/hostname: nc.hxme.net -spec: - rules: - - host: ai.hxme.net - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: openwebui - port: - number: 80 - tls: - - hosts: - - ai.hxme.net - secretName: openwebui-tls - - diff --git a/new/charts/auth/namespace.yaml b/new/charts/auth/namespace.yaml deleted file mode 100644 index c252dcd..0000000 --- a/new/charts/auth/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: ai diff --git a/new/charts/files/namespace.yaml b/new/charts/files/namespace.yaml deleted file mode 100644 index 311b86d..0000000 --- a/new/charts/files/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: files diff --git a/new/charts/media/namespace.yaml b/new/charts/media/namespace.yaml deleted file mode 100644 index 6a99325..0000000 --- a/new/charts/media/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: media diff --git a/new/charts/monitoring/namespace.yaml b/new/charts/monitoring/namespace.yaml deleted file mode 100644 index ff7ae1b..0000000 --- a/new/charts/monitoring/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: monitoring diff --git a/new/charts/remote/namespace.yaml b/new/charts/remote/namespace.yaml deleted file mode 100644 index 84965e5..0000000 --- a/new/charts/remote/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: remote diff --git a/new/charts/remote/rustdesk.yaml b/new/charts/remote/rustdesk.yaml deleted file mode 100644 index 9e1ba31..0000000 --- a/new/charts/remote/rustdesk.yaml +++ /dev/null @@ -1,72 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: rustdesk-charts - namespace: flux-system -spec: - url: https://charts.rustdesk.com - interval: 1h ---- -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: rustdesk-server - namespace: remote -spec: - interval: 30m - chart: - spec: - chart: rustdesk-server - version: 0.5.0 - sourceRef: - kind: HelmRepository - name: rustdesk-charts - namespace: flux-system - install: - createNamespace: true - values: - hbbs: - enabled: true - service: - type: ClusterIP - ports: - - name: tcp - port: 21115 - targetPort: 21115 - - name: tcp-hbbs - port: 21116 - targetPort: 21116 - - name: udp - port: 21116 - targetPort: 21116 - protocol: UDP - - hbbr: - enabled: true - service: - type: ClusterIP - ports: - - name: tcp-hbbr - port: 21117 - targetPort: 21117 - - ingress: - enabled: true - className: "traefik" # or nginx or your ingress class - annotations: {} - hosts: - - host: rd.hxme.net - paths: - - path: / - pathType: Prefix - tls: - - hosts: - - rd.hxme.net - secretName: rustdesk-tls - - # Optional admin password – change this in production - env: - ENCRYPTED_ONLY: "false" - ENABLE_LOG: "true" - diff --git a/new/charts/social/namespace.yaml b/new/charts/social/namespace.yaml deleted file mode 100644 index 7c93211..0000000 --- a/new/charts/social/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: social diff --git a/new/charts/sync/linkwarden.yaml b/new/charts/sync/linkwarden.yaml deleted file mode 100644 index 770be83..0000000 --- a/new/charts/sync/linkwarden.yaml +++ /dev/null @@ -1,60 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: linkwarden - namespace: sync -spec: - replicas: 1 - selector: - matchLabels: - app: linkwarden - template: - metadata: - labels: - app: linkwarden - spec: - containers: - - name: linkwarden - image: ghcr.io/linkwarden/linkwarden:latest - ports: - - containerPort: 8080 - env: - - name: ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: linkwarden-secret - key: admin-password - # Add other environment variables here as needed - volumeMounts: - - name: linkwarden-data - mountPath: /data - volumes: - - name: linkwarden-data - emptyDir: {} # Change to persistentVolumeClaim for production ---- -apiVersion: v1 -kind: Secret -metadata: - name: linkwarden-secret - namespace: sync -type: Opaque -stringData: - admin-password: "YourStrongAdminPasswordHere" ---- -apiVersion: v1 -kind: Service -metadata: - name: linkwarden - namespace: sync - annotations: - external-dns.alpha.kubernetes.io/hostname: lw.hxme.net -spec: - selector: - app: linkwarden - ports: - - protocol: TCP - port: 80 - targetPort: 8080 - type: ClusterIP - diff --git a/new/charts/sync/namespace.yaml b/new/charts/sync/namespace.yaml deleted file mode 100644 index 1477548..0000000 --- a/new/charts/sync/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: sync diff --git a/new/charts/sync/vaultwarden.yaml b/new/charts/sync/vaultwarden.yaml deleted file mode 100644 index 8bd7a74..0000000 --- a/new/charts/sync/vaultwarden.yaml +++ /dev/null @@ -1,100 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: vaultwarden - namespace: sync - labels: - app: vaultwarden -spec: - replicas: 1 - selector: - matchLabels: - app: vaultwarden - template: - metadata: - labels: - app: vaultwarden - spec: - containers: - - name: vaultwarden - image: vaultwarden/server:1.30.5 - imagePullPolicy: IfNotPresent - env: - - name: WEBSOCKET_ENABLED - value: "true" - - name: SIGNUPS_ALLOWED - value: "false" - - name: DOMAIN - value: "https://vw.hxme.net" - - name: ADMIN_TOKEN - value: "CHANGEME_SUPER_SECRET" - ports: - - containerPort: 80 - name: http - volumeMounts: - - name: data - mountPath: /data - resources: - requests: - cpu: 50m - memory: 128Mi - limits: - cpu: 250m - memory: 512Mi - volumes: - - name: data - persistentVolumeClaim: - claimName: bitwarden-data ---- -apiVersion: v1 -kind: Service -metadata: - name: vaultwarden - namespace: sync - labels: - app: vaultwarden -spec: - type: ClusterIP - selector: - app: vaultwarden - ports: - - name: http - port: 80 - targetPort: http ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: vaultwarden - namespace: sync - annotations: - kubernetes.io/ingress.class: traefik -spec: - rules: - - host: vw.hxme.net - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: vaultwarden - port: - number: 80 - tls: - - hosts: - - vw.hxme.net - secretName: bitwarden-tls ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: bitwarden-data - namespace: sync -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - diff --git a/new/charts/util/namespace.yaml b/new/charts/util/namespace.yaml deleted file mode 100644 index f860de2..0000000 --- a/new/charts/util/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: util diff --git a/new/values.yaml b/new/values.yaml deleted file mode 100644 index 4bbdba6..0000000 --- a/new/values.yaml +++ /dev/null @@ -1,24 +0,0 @@ -ai: - enabled: true - -dns: - enabled: false - -media: - enabled: true - -monitoring: - enabled: true - -remote: - enabled: false - -social: - enabled: true - -sync: - enabled: false - -util: - enabled: true -