Compare commits
7 Commits
3732265498
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
1378b63e73 | ||
|
|
c472e3ea48 | ||
|
|
c6883990b6 | ||
|
|
2416f8bb60 | ||
|
|
dece1c54aa | ||
|
|
1584645538 | ||
|
|
69241ec6a7 |
@@ -62,7 +62,7 @@ extraDeploy:
|
||||
spec:
|
||||
secretName: 53ll-ca-tls
|
||||
issuerRef:
|
||||
name: letsencrypt-53ll
|
||||
name: letsencrypt
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- 53ll.ca
|
||||
30
audiobookshelf/values.yaml.gotmpl
Normal file
30
audiobookshelf/values.yaml.gotmpl
Normal file
@@ -0,0 +1,30 @@
|
||||
env:
|
||||
TZ: America/Edmonton
|
||||
ingress:
|
||||
main:
|
||||
enabled: true
|
||||
hosts:
|
||||
- host: audiobookshelf.incngrnt.ca
|
||||
paths:
|
||||
- path: /
|
||||
tls:
|
||||
- secretName: audiobookshelf-incngrnt-ca-tls
|
||||
hosts:
|
||||
- audiobookshelf.incngrnt.ca
|
||||
|
||||
persistence:
|
||||
config:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 1Mi
|
||||
storageClassName: ceph-block
|
||||
metadata:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
storageClassName: ceph-block
|
||||
media:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 50Gi
|
||||
storageClassName: ceph-block
|
||||
26
calibre-web/values.yaml.gotmpl
Normal file
26
calibre-web/values.yaml.gotmpl
Normal file
@@ -0,0 +1,26 @@
|
||||
env:
|
||||
TZ: America/Edmonton
|
||||
DOCKER_MODS: linuxserver/mods:universal-calibre
|
||||
ingress:
|
||||
main:
|
||||
enabled: true
|
||||
hosts:
|
||||
- host: calibre.incngrnt.ca
|
||||
paths:
|
||||
- path: /
|
||||
tls:
|
||||
- secretName: calibre-incngrnt-ca-tls
|
||||
hosts:
|
||||
- calibre.incngrnt.ca
|
||||
|
||||
persistence:
|
||||
config:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 1Mi
|
||||
storageClassName: ceph-block
|
||||
books:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 1Gi
|
||||
storageClassName: ceph-block
|
||||
@@ -6,83 +6,25 @@ metadata:
|
||||
type: Opaque
|
||||
stringData:
|
||||
api-key: {{ .Values.hetzner.apiToken }}
|
||||
|
||||
---
|
||||
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: letsencrypt-incngrnt
|
||||
name: letsencrypt
|
||||
spec:
|
||||
acme:
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
email: {{ .Values.acme.email }}
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt-incngrnt-private-key
|
||||
name: letsencrypt-private-key
|
||||
solvers:
|
||||
- dns01:
|
||||
webhook:
|
||||
groupName: acme.hetzner.com
|
||||
solverName: hetzner
|
||||
config:
|
||||
secretName: hetzner-dns-credentials
|
||||
zoneName: incngrnt.ca
|
||||
apiUrl: https://dns.hetzner.com/api/v1
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: letsencrypt-goatchat
|
||||
spec:
|
||||
acme:
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
email: {{ .Values.acme.email }}
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt-goatchat-private-key
|
||||
solvers:
|
||||
- dns01:
|
||||
webhook:
|
||||
groupName: acme.hetzner.com
|
||||
solverName: hetzner
|
||||
config:
|
||||
secretName: hetzner-dns-credentials
|
||||
zoneName: goatchat.ca
|
||||
apiUrl: https://dns.hetzner.com/api/v1
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: letsencrypt-53ll
|
||||
spec:
|
||||
acme:
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
email: {{ .Values.acme.email }}
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt-53ll-private-key
|
||||
solvers:
|
||||
- dns01:
|
||||
webhook:
|
||||
groupName: acme.hetzner.com
|
||||
solverName: hetzner
|
||||
config:
|
||||
secretName: hetzner-dns-credentials
|
||||
zoneName: 53ll.ca
|
||||
apiUrl: https://dns.hetzner.com/api/v1
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: letsencrypt-kgnot
|
||||
spec:
|
||||
acme:
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
email: {{ .Values.acme.email }}
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt-kgnot-private-key
|
||||
solvers:
|
||||
- dns01:
|
||||
webhook:
|
||||
groupName: acme.hetzner.com
|
||||
solverName: hetzner
|
||||
config:
|
||||
secretName: hetzner-dns-credentials
|
||||
zoneName: kgnot.ca
|
||||
apiUrl: https://dns.hetzner.com/api/v1
|
||||
tokenSecretKeyRef:
|
||||
name: hetzner-dns-credentials
|
||||
key: api-key
|
||||
|
||||
@@ -78,7 +78,7 @@ extraDeploy:
|
||||
spec:
|
||||
secretName: git-incngrnt-ca-tls
|
||||
issuerRef:
|
||||
name: letsencrypt-incngrnt
|
||||
name: letsencrypt
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- git.incngrnt.ca
|
||||
|
||||
@@ -2,21 +2,21 @@ version: 1.2.3
|
||||
dependencies:
|
||||
- name: cert-manager
|
||||
repository: https://charts.jetstack.io
|
||||
version: v1.19.3
|
||||
version: v1.20.0
|
||||
- name: cert-manager-webhook-hetzner
|
||||
repository: https://vadimkim.github.io/cert-manager-webhook-hetzner
|
||||
version: 1.4.2
|
||||
repository: https://charts.hetzner.cloud
|
||||
version: 0.6.7
|
||||
- name: rook-ceph
|
||||
repository: https://charts.rook.io/release
|
||||
version: v1.19.1
|
||||
version: v1.19.2
|
||||
- name: rook-ceph-cluster
|
||||
repository: https://charts.rook.io/release
|
||||
version: v1.19.1
|
||||
version: v1.19.2
|
||||
- name: tailscale-operator
|
||||
repository: https://pkgs.tailscale.com/helmcharts
|
||||
version: 1.94.1
|
||||
version: 1.94.2
|
||||
- name: traefik
|
||||
repository: https://traefik.github.io/charts
|
||||
version: 39.0.0
|
||||
digest: sha256:4f5c8a239ffdf62b0ee3c5cad93fe0a155fc9d311f2754a27f28b45d08abedfc
|
||||
generated: "2026-02-08T14:48:11.557963845-07:00"
|
||||
version: 39.0.6
|
||||
digest: sha256:ab4571859e9f203e981e51fddd6eb64e39e327d1f469aae0aebd5f53cf0ec025
|
||||
generated: "2026-03-21T15:54:30.181487309-06:00"
|
||||
|
||||
@@ -7,8 +7,8 @@ repositories:
|
||||
url: https://pkgs.tailscale.com/helmcharts
|
||||
- name: jetstack
|
||||
url: https://charts.jetstack.io
|
||||
- name: cert-manager-webhook-hetzner
|
||||
url: https://vadimkim.github.io/cert-manager-webhook-hetzner
|
||||
- name: hcloud
|
||||
url: https://charts.hetzner.cloud
|
||||
|
||||
lockFilePath: ./helmfile.d/01-infrastructure.lock
|
||||
releases:
|
||||
@@ -28,9 +28,7 @@ releases:
|
||||
- name: cert-manager-webhook-hetzner
|
||||
namespace: cert-manager
|
||||
createNamespace: true
|
||||
chart: cert-manager-webhook-hetzner/cert-manager-webhook-hetzner
|
||||
values:
|
||||
- ../cert-manager-hetzner-webhook/values.yaml.gotmpl
|
||||
chart: hcloud/cert-manager-webhook-hetzner
|
||||
- name: cert-manager-issuers
|
||||
namespace: cert-manager
|
||||
createNamespace: true
|
||||
|
||||
@@ -2,15 +2,15 @@ version: 1.2.3
|
||||
dependencies:
|
||||
- name: k8up
|
||||
repository: https://k8up-io.github.io/k8up
|
||||
version: 4.8.6
|
||||
version: 4.8.7
|
||||
- name: mariadb
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 24.0.4
|
||||
version: 25.0.5
|
||||
- name: pgo
|
||||
repository: git+https://github.com/grantdhunter/postgres-operator@helm?ref=main
|
||||
version: 5.8.1
|
||||
- name: postgrescluster
|
||||
repository: git+https://github.com/grantdhunter/postgres-operator@helm?ref=main
|
||||
version: 5.7.4
|
||||
digest: sha256:fc54869ca74c71a7cff3a47249fc1c1abad85af8b5fd46f50cc5f94e34ea196f
|
||||
generated: "2026-02-08T14:48:12.433127048-07:00"
|
||||
digest: sha256:15aa54bcbc82cc0a0f2fde31f8a9999598a4ac8d8ae8ef4ea5d2cbc361443075
|
||||
generated: "2026-03-21T14:15:00.978030866-06:00"
|
||||
|
||||
@@ -1,5 +1,11 @@
|
||||
version: 1.2.3
|
||||
dependencies:
|
||||
- name: audiobookshelf
|
||||
repository: https://k8s-home-lab.github.io/helm-charts/
|
||||
version: 2.0.1
|
||||
- name: calibre-web
|
||||
repository: https://k8s-home-lab.github.io/helm-charts/
|
||||
version: 9.1.0
|
||||
- name: ghost
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 25.0.4
|
||||
@@ -29,9 +35,9 @@ dependencies:
|
||||
version: 0.1.0
|
||||
- name: matrix-synapse
|
||||
repository: https://ananace.gitlab.io/charts
|
||||
version: 3.12.19
|
||||
version: 3.12.23
|
||||
- name: static-site
|
||||
repository: git+https://github.com/cfpb/static-site@charts?ref=main
|
||||
version: 0.1.1
|
||||
digest: sha256:c3533d8c4b01672a46feeb0bf7610dddceb4387d76ab5bf5f3edc27086747ba1
|
||||
generated: "2026-02-08T14:48:18.507177487-07:00"
|
||||
digest: sha256:5fa6810fb7db97d0ff56fc5dcf272fd59202bad89b36c5b30ce212db7956edb9
|
||||
generated: "2026-03-21T15:54:36.111194061-06:00"
|
||||
|
||||
@@ -11,6 +11,8 @@ repositories:
|
||||
url: git+https://github.com/cfpb/static-site@charts?ref=main
|
||||
- name: incngrnt
|
||||
url: git+https://git.incngrnt.ca/grant/charts@charts?ref=main
|
||||
- name: k8s-home-lab
|
||||
url: https://k8s-home-lab.github.io/helm-charts/
|
||||
|
||||
lockFilePath: ./helmfile.d/03-apps.lock
|
||||
releases:
|
||||
@@ -64,6 +66,20 @@ releases:
|
||||
values:
|
||||
- ../gitea/values.yaml.gotmpl
|
||||
|
||||
# books
|
||||
- name: calibre-web
|
||||
namespace: calibre
|
||||
createNamespace: true
|
||||
chart: k8s-home-lab/calibre-web
|
||||
values:
|
||||
- ../calibre-web/values.yaml.gotmpl
|
||||
- name: audiobookshelf
|
||||
namespace: audiobookshelf
|
||||
createNamespace: true
|
||||
chart: k8s-home-lab/audiobookshelf
|
||||
values:
|
||||
- ../audiobookshelf/values.yaml.gotmpl
|
||||
|
||||
# backups
|
||||
- name: ghost-backup
|
||||
namespace: ghost
|
||||
|
||||
@@ -7,5 +7,5 @@ spec:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 200Gi
|
||||
storage: 300Gi
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ controllers:
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
tag: v2.5.5
|
||||
tag: v2.5.6
|
||||
|
||||
env:
|
||||
DB_HOSTNAME: {{ exec "kubectl" (list "-n" "immich" "get" "secrets" "postgres-pguser-immich" "-ogo-template='{{.data.host | base64decode }}'") }}
|
||||
|
||||
@@ -64,7 +64,7 @@ extraDeploy:
|
||||
spec:
|
||||
secretName: kgnot-ca-tls
|
||||
issuerRef:
|
||||
name: letsencrypt-kgnot
|
||||
name: letsencrypt
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- kgnot.ca
|
||||
@@ -9,3 +9,4 @@ spec:
|
||||
subnetRouter:
|
||||
advertiseRoutes:
|
||||
- "192.168.1.0/24"
|
||||
exitNode: true
|
||||
|
||||
@@ -116,7 +116,7 @@ extraObjects:
|
||||
spec:
|
||||
secretName: fog-incngrnt-ca-tls
|
||||
issuerRef:
|
||||
name: letsencrypt-incngrnt
|
||||
name: letsencrypt
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- fog.incngrnt.ca
|
||||
@@ -130,7 +130,7 @@ extraObjects:
|
||||
spec:
|
||||
secretName: goatchat-ca-tls
|
||||
issuerRef:
|
||||
name: letsencrypt-goatchat
|
||||
name: letsencrypt
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- goatchat.ca
|
||||
@@ -142,7 +142,7 @@ extraObjects:
|
||||
spec:
|
||||
secretName: incngrnt-ca-tls
|
||||
issuerRef:
|
||||
name: letsencrypt-incngrnt
|
||||
name: letsencrypt
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- incngrnt.ca
|
||||
@@ -154,7 +154,31 @@ extraObjects:
|
||||
spec:
|
||||
secretName: photos-incngrnt-ca-tls
|
||||
issuerRef:
|
||||
name: letsencrypt-incngrnt
|
||||
name: letsencrypt
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- photos.incngrnt.ca
|
||||
- apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: calibre-incngrnt-ca
|
||||
namespace: calibre
|
||||
spec:
|
||||
secretName: calibre-incngrnt-ca-tls
|
||||
issuerRef:
|
||||
name: letsencrypt
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- calibre.incngrnt.ca
|
||||
- apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: audiobookshelf-incngrnt-ca
|
||||
namespace: audiobookshelf
|
||||
spec:
|
||||
secretName: audiobookshelf-incngrnt-ca-tls
|
||||
issuerRef:
|
||||
name: letsencrypt
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- audiobookshelf.incngrnt.ca
|
||||
|
||||
Reference in New Issue
Block a user