252 lines
7.2 KiB
YAML
252 lines
7.2 KiB
YAML
repositories:
|
|
- name: rook-release
|
|
url: https://charts.rook.io/release
|
|
# - name: metallb
|
|
# url: https://metallb.github.io/metallb
|
|
- name: traefik
|
|
url: https://traefik.github.io/charts
|
|
- name: ananace-charts
|
|
url: https://ananace.gitlab.io/charts
|
|
- name: bitnami
|
|
url: https://charts.bitnami.com/bitnami
|
|
- name: crunchydata
|
|
url: git+https://github.com/grantdhunter/postgres-operator@helm?ref=main
|
|
- name: immich
|
|
url: https://immich-app.github.io/immich-charts
|
|
- name: k8up-io
|
|
url: https://k8up-io.github.io/k8up
|
|
- name: tailscale
|
|
url: https://pkgs.tailscale.com/helmcharts
|
|
- name: gitea
|
|
url: https://dl.gitea.io/charts
|
|
- name: grafana
|
|
url: https://grafana.github.io/helm-charts
|
|
- name: prometheus-community
|
|
url: https://prometheus-community.github.io/helm-charts
|
|
- name: static-site
|
|
url: git+https://github.com/cfpb/static-site@charts?ref=main
|
|
|
|
releases:
|
|
# networking
|
|
- name: metallb
|
|
namespace: metallb-system
|
|
createNamespace: true
|
|
chart: ./metallb
|
|
- name: traefik
|
|
namespace: traefik
|
|
createNamespace: true
|
|
chart: traefik/traefik
|
|
values:
|
|
- ./traefik/values.yaml
|
|
setString:
|
|
- name: certificatesResolvers.letsencrypt.acme.email
|
|
value: {{ requiredEnv "ACME_EMAIL" }}
|
|
- name: extraObjects[0].stringData.password
|
|
value: {{ requiredEnv "TRAEFIK_ADMIN_PASSWORD" }}
|
|
- name: tailscale-operator
|
|
namespace: tailscale
|
|
createNamespace: true
|
|
chart: tailscale/tailscale-operator
|
|
setString:
|
|
- name: oauth.clientId
|
|
value: {{ requiredEnv "TAILSCALE_OAUTH_CLIENT_ID" }}
|
|
- name: oauth.clientSecret
|
|
value: {{ requiredEnv "TAILSCALE_OAUTH_CLIENT_SECRET" }}
|
|
- name: apiServerProxyConfig.mode
|
|
value: noauth
|
|
# storage infrastructure
|
|
- name: rook-ceph
|
|
namespace: rook-ceph
|
|
createNamespace: true
|
|
chart: rook-release/rook-ceph
|
|
values:
|
|
- ./rook-ceph/values.yaml
|
|
- name: rook-ceph-cluster
|
|
namespace: rook-ceph
|
|
createNamespace: true
|
|
chart: rook-release/rook-ceph-cluster
|
|
values:
|
|
- ./rook-ceph-cluster/values.yaml
|
|
set:
|
|
- name: operatorNamespace
|
|
value: rook-ceph
|
|
# data storage
|
|
- name: pgo
|
|
namespace: postgres-operator
|
|
createNamespace: true
|
|
chart: crunchydata/pgo
|
|
values:
|
|
- ./postgres/operator-values.yaml
|
|
- name: postgres
|
|
namespace: datastore
|
|
createNamespace: true
|
|
chart: crunchydata/postgrescluster
|
|
values:
|
|
- postgres/values.yaml
|
|
setString:
|
|
- name: multiBackupRepos[1].s3.key
|
|
value: {{ requiredEnv "HETZNER_S3_ACCESS_KEY" }}
|
|
- name: multiBackupRepos[1].s3.keySecret
|
|
value: {{ requiredEnv "HETZNER_S3_ACCESS_SECRET" }}
|
|
- name: multiBackupRepos[1].s3.encryptionPassphrase
|
|
value: {{ requiredEnv "PG_BACKREST_PASSWORD" }}
|
|
- name: mariadb
|
|
namespace: datastore
|
|
createNamespace: true
|
|
chart: bitnami/mariadb
|
|
values:
|
|
- mariadb/values.yaml
|
|
setString:
|
|
- name: auth.rootPassword
|
|
value: {{ requiredEnv "MARIADB_ROOT_PASSWORD" }}
|
|
|
|
# monitoring
|
|
- name: grafana
|
|
namespace: grafana
|
|
createNamespace: true
|
|
chart: grafana/lgtm-distributed
|
|
values:
|
|
- grafana/values.yaml
|
|
- name: alloy
|
|
namespace: grafana
|
|
createNamespace: true
|
|
chart: grafana/alloy
|
|
values:
|
|
- grafana/alloy_values.yaml
|
|
- name: kube-state-metrics
|
|
namespace: grafana
|
|
createNamespace: true
|
|
chart: prometheus-community/kube-state-metrics
|
|
# goatchat matrix
|
|
- name: goatchat
|
|
namespace: goatchat
|
|
createNamespace: true
|
|
chart: ananace-charts/matrix-synapse
|
|
values:
|
|
- ./synapse/values.yaml
|
|
setString:
|
|
- name: config.macaroonSecretKey
|
|
value: {{ requiredEnv "GOATCHAT_SYNAPSE_MACAROON_SECRET_KEY" }}
|
|
- name: config.registrationSharedSecret
|
|
value: {{ requiredEnv "GOATCHAT_REGISTRATION_SHARED_SECRET" }}
|
|
- name: extraConfig.email.smtp_pass
|
|
value: {{ requiredEnv "GOATCHAT_SMTP_PASSWORD" }}
|
|
- name: gate
|
|
namespace: goatchat
|
|
createNamespace: true
|
|
chart: ./matrix-registration
|
|
values:
|
|
- ./matrix-registration/values-overrides.yaml
|
|
setString:
|
|
- name: registrationSharedSecret
|
|
value: {{ requiredEnv "GOATCHAT_REGISTRATION_SHARED_SECRET"}}
|
|
- name: adminApiSharedSecret
|
|
value: {{ requiredEnv "GOATCHAT_REGISTRATION_ADMIN_API_SHARE_SECRET"}}
|
|
|
|
- name: immich
|
|
namespace: immich
|
|
createNamespace: true
|
|
chart: immich/immich
|
|
values:
|
|
- immich/values.yaml.gotmpl
|
|
|
|
# website
|
|
- name: incngrnt-web
|
|
namespace: incngrnt-web
|
|
createNamespace: true
|
|
chart: static-site/static-site
|
|
values:
|
|
- incngrnt-web/values.yaml
|
|
# ghost blogs
|
|
- name: kgnot-ghost
|
|
namespace: ghost
|
|
createNamespace: true
|
|
chart: bitnami/ghost
|
|
values:
|
|
- ./kgnot/values.yaml
|
|
setString:
|
|
- name: ghostUsername
|
|
value: {{ requiredEnv "KGNOT_GHOST_USER_NAME" }}
|
|
- name: ghost-53ll
|
|
namespace: ghost
|
|
createNamespace: true
|
|
chart: bitnami/ghost
|
|
values:
|
|
- ./53ll/values.yaml
|
|
setString:
|
|
- name: ghostUsername
|
|
value: {{ requiredEnv "GHOST_53LL_USER_NAME" }}
|
|
|
|
# dev tools
|
|
- name: gitea
|
|
namespace: gitea
|
|
createNamespace: true
|
|
chart: gitea/gitea
|
|
values:
|
|
- ./gitea/values.yaml
|
|
setString:
|
|
- name: gitea.admin.password
|
|
value: {{ requiredEnv "GITEA_ADMIN_PASSWORD" }}
|
|
# backup
|
|
- name: k8up
|
|
namespace: k8up
|
|
createNamespace: true
|
|
chart: k8up-io/k8up
|
|
values:
|
|
- ./k8up/values.yaml
|
|
|
|
|
|
# backups
|
|
- name: ghost-backup
|
|
namespace: ghost
|
|
chart: ./k8up-backup
|
|
createNamespace: true
|
|
values:
|
|
- ./k8up-backup/values_override.yaml
|
|
setString:
|
|
- name: credentials.id
|
|
value: {{ requiredEnv "HETZNER_S3_ACCESS_KEY" }}
|
|
- name: credentials.key
|
|
value: {{ requiredEnv "HETZNER_S3_ACCESS_SECRET" }}
|
|
- name: repoPassword
|
|
value: {{ requiredEnv "k8UP_REPO_PASSWORD" }}
|
|
- name: goatchat-backup
|
|
namespace: goatchat
|
|
chart: ./k8up-backup
|
|
createNamespace: true
|
|
values:
|
|
- ./k8up-backup/values_override.yaml
|
|
setString:
|
|
- name: credentials.id
|
|
value: {{ requiredEnv "HETZNER_S3_ACCESS_KEY" }}
|
|
- name: credentials.key
|
|
value: {{ requiredEnv "HETZNER_S3_ACCESS_SECRET" }}
|
|
- name: repoPassword
|
|
value: {{ requiredEnv "k8UP_REPO_PASSWORD" }}
|
|
- name: gitea-backup
|
|
namespace: gitea
|
|
chart: ./k8up-backup
|
|
createNamespace: true
|
|
values:
|
|
- ./k8up-backup/values_override.yaml
|
|
setString:
|
|
- name: credentials.id
|
|
value: {{ requiredEnv "HETZNER_S3_ACCESS_KEY" }}
|
|
- name: credentials.key
|
|
value: {{ requiredEnv "HETZNER_S3_ACCESS_SECRET" }}
|
|
- name: repoPassword
|
|
value: {{ requiredEnv "k8UP_REPO_PASSWORD" }}
|
|
- name: immich-backup
|
|
namespace: immich
|
|
chart: ./k8up-backup
|
|
createNamespace: true
|
|
values:
|
|
- ./k8up-backup/values_override.yaml
|
|
setString:
|
|
- name: credentials.id
|
|
value: {{ requiredEnv "HETZNER_S3_ACCESS_KEY" }}
|
|
- name: credentials.key
|
|
value: {{ requiredEnv "HETZNER_S3_ACCESS_SECRET" }}
|
|
- name: repoPassword
|
|
value: {{ requiredEnv "k8UP_REPO_PASSWORD" }}
|