├── .github ├── CODEOWNERS ├── ISSUE_TEMPLATE │ ├── bug-report.md │ ├── feature-request.md │ └── question.md ├── PULL_REQUEST_TEMPLATE.md ├── linters │ ├── .markdownlint.yaml │ ├── .prettierignore │ ├── .prettierrc.yaml │ ├── .tflint.hcl │ └── .yamllint.yaml ├── renovate.json5 └── workflows │ ├── dependency.yaml │ └── lint.yaml ├── .gitignore ├── .gitmodules ├── Helm └── apps │ ├── beaverhabits │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── changedetection │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── cyberchef │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── service.yaml │ └── values.yaml │ ├── diagrams │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── service.yaml │ └── values.yaml │ ├── excalidraw │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── service.yaml │ └── values.yaml │ ├── firefly │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── database.yaml │ │ ├── deployment.yaml │ │ ├── firefly-bot-deployment.yaml │ │ ├── firefly-pvc.yaml │ │ └── ingress.yaml │ └── values.yaml │ ├── freshrss │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── database.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── goip │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ └── goip-config.yaml │ └── values.yaml │ ├── homebox │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── it-tools │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── pdb.yaml │ │ └── service.yaml │ └── values.yaml │ ├── lubelogger │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── mazanoke │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── service.yaml │ └── values.yaml │ ├── mealie │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── media │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── cleanuperr.yaml │ │ ├── flaresolverr.yaml │ │ ├── huntarr.yaml │ │ ├── ingress.yaml │ │ ├── kavita.yaml │ │ ├── media-pvc.yaml │ │ ├── overseer.yaml │ │ ├── prowlarr.yaml │ │ ├── radarr.yaml │ │ ├── readarr.yaml │ │ ├── sonarr.yaml │ │ └── transmission.yaml │ └── values.yaml │ ├── monitoring │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── cadvisor.yaml │ │ ├── grafana.yaml │ │ ├── ingress.yaml │ │ ├── ksm.yaml │ │ ├── loki.yaml │ │ ├── node-exporter.yaml │ │ ├── prometheus-config.yaml │ │ ├── prometheus.yaml │ │ ├── promtail-config.yaml │ │ ├── promtail.yaml │ │ ├── speedtest.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── n8n │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── database.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── niolesk │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── service.yaml │ └── values.yaml │ ├── nodered │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── nodered-pvc.yaml │ └── values.yaml │ ├── openbooks │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── orphanedpodscleaner │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ └── deployment.yaml │ └── values.yaml │ ├── postgresql │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── ingress.yaml │ │ ├── pgadmin.yaml │ │ └── postgresql-pv.yaml │ └── values.yaml │ ├── reactiveresume │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── database.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── stirlingpdf │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ └── ingress.yaml │ └── values.yaml │ ├── storage │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── ingress.yaml │ │ ├── pdb.yaml │ │ ├── storage-pvc.yaml │ │ └── syncthing.yaml │ └── values.yaml │ ├── uptimekuma │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── uptime-kuma-pvc.yaml │ └── values.yaml │ ├── vaultwarden │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── vikunja │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── database.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── wallabag │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── database.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── pdb.yaml │ │ ├── service.yaml │ │ └── storage.yaml │ └── values.yaml │ ├── website │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── pdb.yaml │ │ └── service.yaml │ └── values.yaml │ └── whoogle │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── README.md │ ├── templates │ ├── deployment.yaml │ ├── ingress.yaml │ └── service.yaml │ └── values.yaml ├── README.md ├── TODOS.md ├── ansible ├── hosts │ ├── group_vars │ │ ├── master │ │ │ └── k3s-config.yaml │ │ └── workers │ │ │ └── k3s-config.yaml │ └── inventory └── playbooks │ └── install │ ├── files │ ├── allContainerLogs │ ├── cleanUpOrphanedPods.py │ ├── cniLogs │ ├── multipath.conf │ └── podLogs │ ├── main.yml │ ├── requirements.yml │ └── vars │ └── main.yml ├── cluster └── homelab │ ├── age.agekey.public │ ├── apps │ ├── archive │ │ ├── beaverhabits │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ └── namespace.yaml │ │ ├── goip │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ ├── namespace.yaml │ │ │ └── secret.sops.yaml │ │ ├── karakeep │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ ├── namespace.yaml │ │ │ ├── pvc-karakeep.yaml │ │ │ └── pvc-meili.yaml │ │ ├── lubelogger │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ └── namespace.yaml │ │ ├── postgresql │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ ├── namespace.yaml │ │ │ └── secret.sops.yaml │ │ ├── vaultwarden │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ ├── namespace.yaml │ │ │ └── secret.sops.yaml │ │ ├── wger │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ └── namespace.yaml │ │ └── whoogle │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ └── namespace.yaml │ ├── cert-manager │ │ ├── issuer.yaml │ │ ├── kustomization.yaml │ │ └── wildcard-certificate.yaml │ ├── changedetection │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── cyberchef │ │ ├── deny-local-networkPolicy.yaml │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── diagrams │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── excalidraw │ │ ├── deny-local-networkPolicy.yaml │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── external-ingress │ │ ├── README.md │ │ ├── endpoint.yaml │ │ ├── kustomization.yaml │ │ ├── plex-ingress.sops.yaml │ │ └── service.yaml │ ├── firefly │ │ ├── deny-local-networkPolicy.yaml │ │ ├── helm-release.yaml │ │ ├── ingress.sops.yaml │ │ ├── kustomization.yaml │ │ ├── namespace.yaml │ │ └── secret.sops.yaml │ ├── freshrss │ │ ├── helm-release.yaml │ │ ├── ingress.sops.yaml │ │ ├── kustomization.yaml │ │ ├── namespace.yaml │ │ └── secret.sops.yaml │ ├── go-ddns-controller │ │ ├── configMaps.sops.yaml │ │ ├── git-repo-release.yaml │ │ ├── kustomization.yaml │ │ ├── namespace.yaml │ │ ├── notifier.yaml │ │ ├── provider.yaml │ │ └── secret.sops.yaml │ ├── gotenberg │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── homebox │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── homepage │ │ ├── helm-release.yaml │ │ ├── homepage-config.sops.yaml │ │ ├── ingress.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── it-tools │ │ ├── deny-local-networkPolicy.yaml │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── kustomization.yaml │ ├── mazanoke │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── mealie │ │ ├── deny-local-networkPolicy.yaml │ │ ├── helm-release.yaml │ │ ├── ingress.sops.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── media │ │ ├── helm-release.yaml │ │ ├── ingress.sops.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── monitoring │ │ ├── helm-release.yaml │ │ ├── ingress.sops.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── n8n │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ ├── namespace.yaml │ │ └── secret.sops.yaml │ ├── niolesk │ │ ├── deny-local-networkPolicy.yaml │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── nodered │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── openbooks │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── paperless-ngx │ │ ├── deny-local-networkPolicy.yaml │ │ ├── helm-release.sops.yaml │ │ └── kustomization.yaml │ ├── reactiveresume │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ ├── namespace.yaml │ │ └── secret.sops.yaml │ ├── searxng │ │ ├── helm-release.sops.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── stirlingpdf │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── storage │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── tika │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── uptimekuma │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── vikunja │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ ├── namespace.yaml │ │ └── secret.sops.yaml │ ├── wallabag │ │ ├── deny-local-networkPolicy.yaml │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ ├── namespace.yaml │ │ └── secret.sops.yaml │ └── website │ │ ├── deny-local-networkPolicy.yaml │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ ├── namespace.yaml │ │ └── secret.sops.yaml │ ├── base │ ├── .sops.yaml │ ├── apps.yaml │ ├── configs.yaml │ ├── core.yaml │ ├── flux-system │ │ ├── gotk-components.yaml │ │ ├── gotk-patch.yaml │ │ ├── gotk-sync.yaml │ │ └── kustomization.yaml │ └── helm.yaml │ ├── configs │ ├── flux │ │ ├── alert.yaml │ │ ├── kustomization.yaml │ │ └── notification.sops.yaml │ ├── kustomization.yaml │ ├── metallb │ │ ├── ip-pool.yaml │ │ ├── kustomization.yaml │ │ └── l2-advertisement.yaml │ ├── system-upgrade │ │ ├── README.md │ │ ├── kustomization.yaml │ │ └── plans │ │ │ ├── latest │ │ │ ├── agent.yaml │ │ │ ├── kustomization.yaml │ │ │ └── server.yaml │ │ │ └── stable │ │ │ ├── agent.yaml │ │ │ ├── kustomization.yaml │ │ │ └── server.yaml │ └── velero │ │ ├── kustomization.yaml │ │ └── schedule.yaml │ ├── core │ ├── archive │ │ ├── cgroup-gc │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ └── namespace.yaml │ │ ├── kube-vip │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ └── namespace.yaml │ │ ├── orphanedpodscleaner │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ └── namespace.yaml │ │ └── trivy │ │ │ ├── helm-release.yaml │ │ │ ├── kustomization.yaml │ │ │ └── namespace.yaml │ ├── cert-manager │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ ├── namespace.yaml │ │ └── secret.sops.yaml │ ├── cluster-critical │ │ ├── kustomization.yaml │ │ └── priority-classes.yaml │ ├── descheduler │ │ ├── helm-release.yaml │ │ └── kustomization.yaml │ ├── ingress-nginx │ │ ├── basic-auth.sops.yaml │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── kured │ │ ├── helm-release.sops.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── kustomization.yaml │ ├── longhorn-system │ │ ├── db-storageclass.yaml │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ ├── namespace.yaml │ │ └── np-patch.yaml │ ├── metallb │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── reflector │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ ├── rook-ceph │ │ ├── helm-release.yaml │ │ └── kustomization.yaml │ ├── system-upgrade │ │ └── kustomization.yaml │ └── velero │ │ ├── helm-release.yaml │ │ ├── kustomization.yaml │ │ ├── namespace.yaml │ │ └── secret.sops.yaml │ ├── helm │ ├── aqua │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── authentik │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── bjw-s │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── botkube │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── cert-manager │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── descheduler │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── gabe565 │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── go-ddns-controller │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── ingress-nginx │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── k8s-at-home │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── kube-vip │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── kubereboot │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── kustomization.yaml │ ├── longhorn-system │ │ ├── kustomization.yaml │ │ └── longhorn-repo.yaml │ ├── maikumori │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── metallb │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── metrics-server │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── oneuptime │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── reflector │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── rook │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── searxng │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── tika │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── unofficial │ │ ├── jameswynn.yaml │ │ └── kustomization.yaml │ ├── velero │ │ ├── kustomization.yaml │ │ └── repo.yaml │ └── wger │ │ ├── kustomization.yaml │ │ └── repo.yaml │ ├── storage │ ├── kustomization.yaml │ └── rook-ceph-cluster │ │ ├── helm-release.yaml │ │ ├── ingress.yaml │ │ └── kustomization.yaml │ └── template.secret.yaml ├── config └── grafana │ ├── grafana-velero.json │ └── grafana.json ├── docs ├── Backups.md ├── Flux.md ├── Getting Started.md ├── Longhorn.md ├── SettingUpCertManager.md ├── SettingUpRenovate.md ├── Sops.md └── Troubleshooting.md └── upgrades ├── v1.32.0+k3s1_to_v1.32.3+k3s1.yaml └── v1.32.3+k3s1_to_v1.33.0+k3s1.yaml /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | # https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners 2 | * @Michaelpalacce 3 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug-report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: '' 5 | labels: kind/bug 6 | assignees: '' 7 | 8 | --- 9 | 10 | # Details 11 | 12 | **What steps did you take and what happened:** 13 | 14 | 15 | 16 | **What did you expect to happen:** 17 | 18 | **Anything else you would like to add:** 19 | 20 | 21 | 22 | **Additional Information:** 23 | 24 | 25 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature-request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: '' 5 | labels: kind/enhancement 6 | assignees: '' 7 | 8 | --- 9 | 10 | # Details 11 | 12 | **Describe the solution you'd like:** 13 | 14 | 15 | 16 | **Anything else you would like to add:** 17 | 18 | 19 | 20 | **Additional Information:** 21 | 22 | 23 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/question.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Question 3 | about: Ask a question to the maintainer 4 | title: '' 5 | labels: kind/question 6 | assignees: '' 7 | 8 | --- 9 | 10 | # Details 11 | 12 | **Ask your question:** 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | **Description of the change** 2 | 3 | 4 | 5 | **Benefits** 6 | 7 | 8 | 9 | **Possible drawbacks** 10 | 11 | 12 | 13 | **Applicable issues** 14 | 15 | 16 | - fixes # 17 | 18 | **Additional information** 19 | 20 | 21 | -------------------------------------------------------------------------------- /.github/linters/.markdownlint.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | default: true 3 | 4 | # MD013/line-length - Line length 5 | MD013: 6 | # Number of characters 7 | line_length: 240 8 | # Number of characters for headings 9 | heading_line_length: 80 10 | # Number of characters for code blocks 11 | code_block_line_length: 80 12 | # Include code blocks 13 | code_blocks: true 14 | # Include tables 15 | tables: true 16 | # Include headings 17 | headings: true 18 | # Include headings 19 | headers: true 20 | # Strict length checking 21 | strict: false 22 | # Stern length checking 23 | stern: false 24 | -------------------------------------------------------------------------------- /.github/linters/.prettierignore: -------------------------------------------------------------------------------- 1 | *.sops.* 2 | gotk-components.yaml 3 | -------------------------------------------------------------------------------- /.github/linters/.prettierrc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | trailingComma: es5 3 | tabWidth: 2 4 | semi: false 5 | singleQuote: false 6 | -------------------------------------------------------------------------------- /.github/linters/.tflint.hcl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Michaelpalacce/HomeLab/7f4e6593b8f5740174db902bfc645e63f835e563/.github/linters/.tflint.hcl -------------------------------------------------------------------------------- /.github/linters/.yamllint.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ignore: | 3 | gotk-*.yaml 4 | *jenkins* 5 | extends: default 6 | rules: 7 | truthy: false 8 | comments: 9 | min-spaces-from-content: 1 10 | line-length: disable 11 | hyphens: disable 12 | braces: 13 | min-spaces-inside: 0 14 | max-spaces-inside: 1 15 | brackets: 16 | min-spaces-inside: 0 17 | max-spaces-inside: 0 18 | indentation: 19 | spaces: consistent 20 | -------------------------------------------------------------------------------- /.github/workflows/dependency.yaml: -------------------------------------------------------------------------------- 1 | name: 'Dependency Review' 2 | 3 | on: 4 | pull_request: 5 | 6 | 7 | permissions: 8 | contents: read 9 | 10 | jobs: 11 | dependency-review: 12 | runs-on: ubuntu-latest 13 | steps: 14 | - name: 'Checkout Repository' 15 | uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 16 | - name: 'Dependency Review' 17 | uses: actions/dependency-review-action@v4 18 | -------------------------------------------------------------------------------- /.github/workflows/lint.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Lint 3 | 4 | on: # yamllint disable-line rule:truthy 5 | workflow_dispatch: 6 | pull_request: 7 | branches: 8 | - master 9 | 10 | env: 11 | # Currently no way to detect automatically 12 | DEFAULT_BRANCH: master 13 | 14 | jobs: 15 | build: 16 | name: Lint 17 | runs-on: ubuntu-latest 18 | steps: 19 | - name: Checkout 20 | uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 21 | with: 22 | fetch-depth: 0 23 | - name: Lint 24 | uses: github/super-linter/slim@v7 25 | env: 26 | VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'workflow_dispatch' }} 27 | DEFAULT_BRANCH: "${{ env.DEFAULT_BRANCH }}" 28 | GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" 29 | MARKDOWN_CONFIG_FILE: .markdownlint.yaml 30 | TERRAFORM_TFLINT_CONFIG_FILE: .tflint.hcl 31 | YAML_CONFIG_FILE: .yamllint.yaml 32 | KUBERNETES_KUBEVAL_OPTIONS: --ignore-missing-schemas 33 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | TestingEnv 3 | output/ 4 | .secret 5 | testing 6 | ansible/playbooks/restore/files/backup 7 | velero-credentials 8 | temp 9 | *.tfvars 10 | *.tfstate.backup 11 | .terraform 12 | docker-data -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "HomeLab-IaC"] 2 | path = HomeLab-IaC 3 | url = https://github.com/Michaelpalacce/HomeLab-IaC.git 4 | -------------------------------------------------------------------------------- /Helm/apps/beaverhabits/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/beaverhabits/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V1.0.0] 2 | * Initial Deployment 3 | -------------------------------------------------------------------------------- /Helm/apps/beaverhabits/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install beaverhabits 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: beaverhabits 9 | type: application 10 | version: 1.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/beaverhabits/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install beaverhabits 2 | -------------------------------------------------------------------------------- /Helm/apps/beaverhabits/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: beaverhabits 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: Personal Habits 10 | gethomepage.dev/group: Personal 11 | gethomepage.dev/icon: beaver-habit-tracker 12 | gethomepage.dev/name: Beaver Habits 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: beaverhabits.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: beaverhabits 28 | port: 29 | number: {{ .Values.beaverhabits.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/beaverhabits/templates/storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: beaverhabits-pvc 6 | spec: 7 | accessModes: 8 | # beaverhabits uses sqlite, be ceareful for RWX as that is NFS 9 | - ReadWriteOnce 10 | storageClassName: longhorn 11 | resources: 12 | requests: 13 | storage: {{ .Values.storage.dataSize }} 14 | -------------------------------------------------------------------------------- /Helm/apps/beaverhabits/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | beaverhabits: 3 | image: daya0576/beaverhabits:0.5.2 4 | port: 8080 5 | resources: 6 | requests: 7 | cpu: 10m 8 | memory: 10Mi 9 | 10 | storage: 11 | dataSize: 5Gi 12 | -------------------------------------------------------------------------------- /Helm/apps/changedetection/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/changedetection/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V1.1.0] 2 | * New Version 3 | * Removed NodePort 4 | 5 | #### [V1.0.0] 6 | * Initial Deployment 7 | -------------------------------------------------------------------------------- /Helm/apps/changedetection/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install changedetection 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: changedetection 9 | type: application 10 | version: 1.1.0 11 | -------------------------------------------------------------------------------- /Helm/apps/changedetection/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install changedetection 2 | -------------------------------------------------------------------------------- /Helm/apps/changedetection/templates/storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: changedetection-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: {{ .Values.storage.configSize }} 13 | -------------------------------------------------------------------------------- /Helm/apps/changedetection/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | changedetection: 3 | image: dgtlmoon/changedetection.io:0.49.18 4 | port: 5000 5 | baseUrl: changedetection.sgenov.dev 6 | resources: 7 | requests: 8 | cpu: 10m 9 | memory: 125Mi 10 | selenium: 11 | image: selenium/standalone-chrome-debug:3.141.59 12 | port: 4444 13 | playwright: 14 | image: browserless/chrome:1.61-chrome-stable 15 | port: 3000 16 | 17 | storage: 18 | configSize: 1Gi 19 | -------------------------------------------------------------------------------- /Helm/apps/cyberchef/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/cyberchef/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V2.0.0] 2 | - Better selectors 3 | 4 | #### [V1.1.0] 5 | * Removed NodePort 6 | 7 | #### [V1.0.0] 8 | * Initial Deployment 9 | -------------------------------------------------------------------------------- /Helm/apps/cyberchef/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install cyberchef 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: cyberchef 9 | type: application 10 | version: 2.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/cyberchef/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install cyberchef. 2 | -------------------------------------------------------------------------------- /Helm/apps/cyberchef/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: cyberchef 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: Swiss Army Knife of the internet 10 | gethomepage.dev/group: Tools 11 | gethomepage.dev/icon: cyberchef 12 | gethomepage.dev/name: CyberChef 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: cyberchef.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: cyberchef 28 | port: 29 | number: {{ .Values.cyberchef.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/cyberchef/templates/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.cyberchef }} 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: cyberchef 7 | namespace: {{ $.Release.Namespace }} 8 | spec: 9 | {{- with .lbIp }} 10 | type: LoadBalancer 11 | loadBalancerIP: {{ . }} 12 | {{- end }} 13 | selector: 14 | app.kubernetes.io/instance: cyberchef 15 | app.kubernetes.io/name: cyberchef 16 | ports: 17 | - name: cyberchef 18 | protocol: TCP 19 | port: 80 20 | targetPort: {{ .port }} 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /Helm/apps/cyberchef/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | cyberchef: 3 | image: mpepping/cyberchef:v10.19.4 4 | port: 8000 5 | lbIp: 192.168.1.12 6 | resources: 7 | requests: 8 | cpu: 10m 9 | memory: 50Mi 10 | -------------------------------------------------------------------------------- /Helm/apps/diagrams/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/diagrams/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V3.0.0] 2 | - Better Selector 3 | - 4 | 5 | #### [V2.0.0] 6 | * Removed NodePort 7 | * Moved to official image as they now have an arm build 8 | 9 | #### [V1.3.0] 10 | * Latest version 11 | 12 | #### [V1.2.0] 13 | * Added ingress 14 | 15 | #### [V1.1.0] 16 | * Moved resources to values.yaml 17 | 18 | #### [V1.0.0] 19 | * Initial Deployment 20 | -------------------------------------------------------------------------------- /Helm/apps/diagrams/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install diagrams 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: diagrams 9 | type: application 10 | version: 3.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/diagrams/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install diagrams. 2 | 3 | Diagrams or draw.io is a free online diagram software for making flowcharts, 4 | process diagrams, org charts, UML, etc 5 | 6 | -------------------------------------------------------------------------------- /Helm/apps/diagrams/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: diagrams 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: Make diagrams in your browser 10 | gethomepage.dev/group: Tools 11 | gethomepage.dev/icon: draw-io 12 | gethomepage.dev/name: Diagrams 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: diagrams.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: diagrams 28 | port: 29 | number: {{ .Values.diagrams.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/diagrams/templates/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.diagrams }} 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: diagrams 7 | namespace: {{ $.Release.Namespace }} 8 | spec: 9 | selector: 10 | app.kubernetes.io/instance: diagrams 11 | app.kubernetes.io/name: diagrams 12 | ports: 13 | - name: diagrams 14 | protocol: TCP 15 | port: {{ .port }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /Helm/apps/diagrams/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | diagrams: 3 | image: jgraph/drawio:27.0.9 4 | port: 8080 5 | resources: 6 | requests: 7 | cpu: 10m 8 | memory: 10Mi 9 | -------------------------------------------------------------------------------- /Helm/apps/excalidraw/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/excalidraw/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V1.0.0] 2 | * Initial Deployment 3 | -------------------------------------------------------------------------------- /Helm/apps/excalidraw/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install excalidraw 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: excalidraw 9 | type: application 10 | version: 1.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/excalidraw/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install excalidraw 2 | -------------------------------------------------------------------------------- /Helm/apps/excalidraw/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: excalidraw 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: Draw and make diagarms 10 | gethomepage.dev/group: Tools 11 | gethomepage.dev/icon: excalidraw 12 | gethomepage.dev/name: Excalidraw 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: excalidraw.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: excalidraw 28 | port: 29 | number: {{ .Values.excalidraw.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/excalidraw/templates/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.excalidraw }} 3 | 4 | apiVersion: v1 5 | kind: Service 6 | metadata: 7 | name: excalidraw 8 | namespace: {{ $.Release.Namespace }} 9 | spec: 10 | {{- with .lbIp }} 11 | type: LoadBalancer 12 | loadBalancerIP: {{ . }} 13 | {{- end }} 14 | selector: 15 | app.kubernetes.io/instance: excalidraw 16 | app.kubernetes.io/name: excalidraw 17 | ports: 18 | - name: excalidraw 19 | protocol: TCP 20 | port: {{ .port }} 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /Helm/apps/excalidraw/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | excalidraw: 3 | image: excalidraw/excalidraw:latest # Doesn't provide tags.... 4 | port: 80 5 | lbIp: 192.168.1.10 6 | resources: 7 | requests: 8 | cpu: 10m 9 | memory: 10Mi 10 | -------------------------------------------------------------------------------- /Helm/apps/firefly/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/firefly/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [v4.0.0] 2 | - Better Selector 3 | 4 | #### [v3.0.0] 5 | * Added firefly-iii-bot 6 | 7 | #### [V2.0.0] 8 | * Added simplesecrets 9 | 10 | #### [V1.1.0] 11 | * New Version 12 | * Removed NodePort 13 | 14 | #### [V1.0.0] 15 | * Initial Deployment 16 | -------------------------------------------------------------------------------- /Helm/apps/firefly/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install firefly 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: firefly 9 | type: application 10 | version: 4.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/firefly/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install firefly 2 | -------------------------------------------------------------------------------- /Helm/apps/firefly/templates/firefly-pvc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: firefly-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: {{ .Values.storage.configSize }} 13 | 14 | --- 15 | apiVersion: v1 16 | kind: PersistentVolumeClaim 17 | metadata: 18 | name: firefly-bot-pvc 19 | spec: 20 | accessModes: 21 | - ReadWriteMany 22 | storageClassName: longhorn 23 | resources: 24 | requests: 25 | storage: {{ .Values.storage.botSessionSize }} 26 | 27 | --- 28 | apiVersion: v1 29 | kind: PersistentVolumeClaim 30 | metadata: 31 | name: postgresql-pvc 32 | spec: 33 | accessModes: 34 | - ReadWriteMany 35 | storageClassName: longhorn 36 | resources: 37 | requests: 38 | storage: {{ .Values.storage.postgresSize }} 39 | -------------------------------------------------------------------------------- /Helm/apps/firefly/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: firefly 6 | namespace: {{ $.Release.Namespace }} 7 | spec: 8 | ingressClassName: nginx 9 | tls: 10 | - hosts: 11 | - "*.sgenov.dev" 12 | secretName: ingress 13 | rules: 14 | - host: firefly.sgenov.dev 15 | http: 16 | paths: 17 | - pathType: Prefix 18 | path: "/" 19 | backend: 20 | service: 21 | name: firefly 22 | port: 23 | number: 80 24 | -------------------------------------------------------------------------------- /Helm/apps/firefly/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | firefly: 3 | image: fireflyiii/core:version-6.2.10 4 | port: 8080 5 | appUrl: https://firefly.sgenov.dev 6 | resources: 7 | requests: 8 | cpu: 500m 9 | memory: 2Gi 10 | 11 | fireflybot: 12 | image: cyxou/firefly-iii-telegram-bot:v2.1.1 13 | resources: 14 | requests: 15 | cpu: 200m 16 | memory: 500Mi 17 | 18 | postgres: 19 | image: postgres:16.9 20 | port: 5432 21 | resources: 22 | requests: 23 | cpu: 500m 24 | memory: 2Gi 25 | 26 | storage: 27 | configSize: 5Gi 28 | botSessionSize: 2Gi 29 | postgresSize: 10Gi 30 | -------------------------------------------------------------------------------- /Helm/apps/freshrss/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/freshrss/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [v3.0.0] 2 | - Better Selectors 3 | - Improved probes 4 | 5 | #### [V2.1.0] 6 | * New Version 7 | 8 | #### [V2.0.0] 9 | * Removed NodePort 10 | * New Version 11 | 12 | #### [V1.0.0] 13 | * Initial Deployment 14 | -------------------------------------------------------------------------------- /Helm/apps/freshrss/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install freshrss 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: freshrss 9 | type: application 10 | version: 2.1.0 11 | -------------------------------------------------------------------------------- /Helm/apps/freshrss/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install freshrss 2 | -------------------------------------------------------------------------------- /Helm/apps/freshrss/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: freshrss 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: RSS Reader 10 | gethomepage.dev/group: Knowledge 11 | gethomepage.dev/icon: freshrss 12 | gethomepage.dev/name: Fresh RSS 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: freshrss.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: freshrss 28 | port: 29 | number: {{ .Values.freshrss.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/freshrss/templates/storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: freshrss-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: {{ .Values.storage.configSize }} 13 | --- 14 | apiVersion: v1 15 | kind: PersistentVolumeClaim 16 | metadata: 17 | name: postgresql-pvc 18 | spec: 19 | accessModes: 20 | - ReadWriteMany 21 | storageClassName: longhorn 22 | resources: 23 | requests: 24 | storage: {{ .Values.storage.postgresSize }} 25 | -------------------------------------------------------------------------------- /Helm/apps/freshrss/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | freshrss: 3 | image: lscr.io/linuxserver/freshrss:1.26.3 4 | port: 80 5 | resources: 6 | requests: 7 | cpu: 200m 8 | memory: 200Mi 9 | 10 | postgres: 11 | image: postgres:16.9 12 | port: 5432 13 | resources: 14 | requests: 15 | cpu: 10m 16 | memory: 256Mi 17 | 18 | storage: 19 | configSize: 1Gi 20 | postgresSize: 10Gi 21 | -------------------------------------------------------------------------------- /Helm/apps/goip/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/goip/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # [V1.0.0] 2 | * Initial Deployment 3 | -------------------------------------------------------------------------------- /Helm/apps/goip/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install goip 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: goip 9 | type: application 10 | version: 1.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/goip/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install goip. 2 | -------------------------------------------------------------------------------- /Helm/apps/goip/templates/goip-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.goip }} 3 | 4 | apiVersion: v1 5 | kind: ConfigMap 6 | metadata: 7 | name: goip-config 8 | namespace: {{ $.Release.Namespace }} 9 | data: 10 | config.json: | 11 | { 12 | "cloudflare": { 13 | "zones": [ 14 | { 15 | "name": "sgenov.dev", 16 | "records": [ 17 | { 18 | "name": "sgenov.dev", 19 | "proxied": true 20 | } 21 | ] 22 | } 23 | ] 24 | } 25 | } 26 | {{- end }} 27 | -------------------------------------------------------------------------------- /Helm/apps/goip/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | goip: 3 | image: ghcr.io/michaelpalacce/goip:1.2.0 4 | replicas: 1 5 | resources: 6 | requests: 7 | cpu: 10m 8 | memory: 100Mi 9 | limits: 10 | cpu: 100m 11 | -------------------------------------------------------------------------------- /Helm/apps/homebox/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/homebox/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V1.0.0] 2 | * Initial Deployment 3 | -------------------------------------------------------------------------------- /Helm/apps/homebox/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install homebox 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: homebox 9 | type: application 10 | version: 1.0.1 11 | -------------------------------------------------------------------------------- /Helm/apps/homebox/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install homebox 2 | -------------------------------------------------------------------------------- /Helm/apps/homebox/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: homebox 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | nginx.ingress.kubernetes.io/proxy-body-size: "100m" 9 | gethomepage.dev/enabled: "true" 10 | gethomepage.dev/description: Home Inventory 11 | gethomepage.dev/group: Storage 12 | gethomepage.dev/icon: homebox 13 | gethomepage.dev/name: Homebox 14 | spec: 15 | ingressClassName: nginx 16 | tls: 17 | - hosts: 18 | - "*.sgenov.dev" 19 | secretName: ingress 20 | rules: 21 | - host: homebox.sgenov.dev 22 | http: 23 | paths: 24 | - pathType: Prefix 25 | path: "/" 26 | backend: 27 | service: 28 | name: homebox 29 | port: 30 | number: {{ .Values.homebox.port }} 31 | -------------------------------------------------------------------------------- /Helm/apps/homebox/templates/storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: data-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: {{ .Values.storage.dataSize }} 13 | -------------------------------------------------------------------------------- /Helm/apps/homebox/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | homebox: 3 | image: ghcr.io/hay-kot/homebox:v0.10.3 4 | port: 7745 5 | replicas: 1 6 | resources: 7 | requests: 8 | cpu: 10m 9 | memory: 50Mi 10 | 11 | storage: 12 | dataSize: 2Gi 13 | -------------------------------------------------------------------------------- /Helm/apps/it-tools/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/it-tools/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [v1.1.0] 2 | - Add PodDisruptionBudgets 3 | 4 | #### [V1.0.0] 5 | * Initial Deployment 6 | -------------------------------------------------------------------------------- /Helm/apps/it-tools/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install it-tools 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: it-tools 9 | type: application 10 | version: 1.1.0 11 | -------------------------------------------------------------------------------- /Helm/apps/it-tools/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install it-tools. 2 | -------------------------------------------------------------------------------- /Helm/apps/it-tools/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: it-tools 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: Usefull tools for IT professionals 10 | gethomepage.dev/group: Tools 11 | gethomepage.dev/icon: it-tools 12 | gethomepage.dev/name: IT Tools 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: it-tools.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: it-tools 28 | port: 29 | number: {{ .Values.ittools.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/it-tools/templates/pdb.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: policy/v1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: it-tools 6 | spec: 7 | minAvailable: 1 8 | selector: 9 | matchLabels: 10 | app.kubernetes.io/instance: it-tools 11 | app.kubernetes.io/name: it-tools 12 | -------------------------------------------------------------------------------- /Helm/apps/it-tools/templates/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.ittools }} 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: it-tools 7 | namespace: {{ $.Release.Namespace }} 8 | spec: 9 | {{- with .lbIp }} 10 | type: LoadBalancer 11 | loadBalancerIP: {{ . }} 12 | {{- end }} 13 | selector: 14 | app.kubernetes.io/instance: it-tools 15 | app.kubernetes.io/name: it-tools 16 | ports: 17 | - name: it-tools 18 | protocol: TCP 19 | port: {{ .port }} 20 | {{- end }} 21 | -------------------------------------------------------------------------------- /Helm/apps/it-tools/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ittools: 3 | image: ghcr.io/corentinth/it-tools:2024.10.22-7ca5933 4 | lbIp: 192.168.1.11 5 | port: 80 6 | resources: 7 | requests: 8 | cpu: 10m 9 | memory: 10Mi 10 | -------------------------------------------------------------------------------- /Helm/apps/lubelogger/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/lubelogger/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V1.0.0] 2 | * Initial Deployment 3 | -------------------------------------------------------------------------------- /Helm/apps/lubelogger/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install lubelogger 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: lubelogger 9 | type: application 10 | version: 1.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/lubelogger/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install lubelogger 2 | -------------------------------------------------------------------------------- /Helm/apps/lubelogger/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: lubelogger 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: Car Logger 10 | gethomepage.dev/group: Personal 11 | gethomepage.dev/icon: lubelogger 12 | gethomepage.dev/name: LubeLogger 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: lubelogger.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: lubelogger 28 | port: 29 | number: {{ .Values.lubelogger.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/lubelogger/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | lubelogger: 3 | image: ghcr.io/hargata/lubelogger:v1.4.7 4 | port: 8080 5 | 6 | storage: 7 | configSize: 1Gi 8 | dataSize: 2Gi 9 | translationsSize: 1Gi 10 | documentsSize: 1Gi 11 | imagesSize: 2Gi 12 | tempSize: 1Gi 13 | logSize: 2Gi 14 | keysSize: 1Gi 15 | -------------------------------------------------------------------------------- /Helm/apps/mazanoke/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/mazanoke/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V1.0.0] 2 | * Initial Deployment 3 | -------------------------------------------------------------------------------- /Helm/apps/mazanoke/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install mazanoke 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: mazanoke 9 | type: application 10 | version: 1.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/mazanoke/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install mazanoke. 2 | -------------------------------------------------------------------------------- /Helm/apps/mazanoke/templates/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.mazanoke }} 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: mazanoke 7 | namespace: {{ $.Release.Namespace }} 8 | spec: 9 | selector: 10 | app.kubernetes.io/instance: mazanoke 11 | app.kubernetes.io/name: mazanoke 12 | ports: 13 | - name: mazanoke 14 | protocol: TCP 15 | port: {{ .port }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /Helm/apps/mazanoke/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | mazanoke: 3 | image: ghcr.io/civilblur/mazanoke:v1.1.4 4 | port: 80 5 | resources: 6 | requests: 7 | cpu: 10m 8 | memory: 10Mi 9 | -------------------------------------------------------------------------------- /Helm/apps/mealie/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/mealie/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V1.0.0] 2 | * Initial Deployment 3 | -------------------------------------------------------------------------------- /Helm/apps/mealie/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install mealie 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: mealie 9 | type: application 10 | version: 1.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/mealie/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install mealie 2 | -------------------------------------------------------------------------------- /Helm/apps/mealie/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: mealie 6 | namespace: {{ $.Release.Namespace }} 7 | spec: 8 | ingressClassName: nginx 9 | tls: 10 | - hosts: 11 | - "*.sgenov.dev" 12 | secretName: ingress 13 | rules: 14 | - host: mealie.sgenov.dev 15 | http: 16 | paths: 17 | - pathType: Prefix 18 | path: "/" 19 | backend: 20 | service: 21 | name: mealie 22 | port: 23 | number: {{ .Values.mealie.port }} 24 | -------------------------------------------------------------------------------- /Helm/apps/mealie/templates/storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: data-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: {{ .Values.storage.dataSize }} 13 | -------------------------------------------------------------------------------- /Helm/apps/mealie/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | mealie: 3 | replicas: 1 4 | image: ghcr.io/mealie-recipes/mealie:v2.8.0 5 | port: 9000 6 | lbIp: 192.168.1.13 7 | baseUrl: https://mealie.sgenov.dev 8 | resources: 9 | requests: 10 | cpu: 10m 11 | memory: 50Mi 12 | 13 | storage: 14 | dataSize: 2Gi 15 | -------------------------------------------------------------------------------- /Helm/apps/media/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/media/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | ### [v6.1.0] 2 | - Added huntarr 3 | - Modified requests 4 | 5 | #### [v6.0.0] 6 | - Better selectors 7 | - Better probes 8 | 9 | 10 | #### [V5.0.0] 11 | * Moved services to pvcs 12 | 13 | #### [V4.1.0] 14 | * Added Prowlarr 15 | 16 | #### [V4.0.0] 17 | * Removed NodePort mostly 18 | * Newer versions of apps 19 | 20 | #### [V3.0.0] 21 | * Improved image tags, updated old ones 22 | * Migrated to NFS 23 | 24 | #### [V2.0.0] 25 | * Converted to the *arr stack 26 | * Entire rework 27 | * Updated storage capacities. 28 | * Added sonarr 29 | * Removed medusa 30 | 31 | #### [V1.1.0] 32 | * Added Radarr 33 | 34 | #### [V1.0.0] 35 | * Initial Deployment 36 | -------------------------------------------------------------------------------- /Helm/apps/media/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install different media services 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: media 9 | type: application 10 | version: 7.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/media/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install different media components. 2 | 3 | Since I use sonarr a lot, and it's the only one struggling really, there is an automatic backup solution in place, that will copy over files 4 | to an emptyDir, rather than using longhorn... this is a fix since longhorn is actually not the best, since it uses NFS ... -------------------------------------------------------------------------------- /Helm/apps/monitoring/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/monitoring/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V2.5.0] 2 | * Decreased speedtest scrape interval to 30m 3 | 4 | #### [V2.4.0] 5 | * Added namespace as scraped data from promtail 6 | 7 | #### [V2.3.0] 8 | * Removed NodePort 9 | 10 | #### [V2.2.0] 11 | * Moved logs and monitoring data to nfs 12 | 13 | #### [V2.1.0] 14 | * Added varlogs `/var/log/*.log` 15 | 16 | #### [V2.0.0] 17 | * Added Logging 18 | 19 | #### [V1.0.0] 20 | * Initial Deployment 21 | -------------------------------------------------------------------------------- /Helm/apps/monitoring/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: Installs Prometheus with Grafana. Sets up scrapers -> Node-Exporter, Uptimekuma, Speedtest 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: monitoring 9 | type: application 10 | version: 2.5.0 11 | -------------------------------------------------------------------------------- /Helm/apps/monitoring/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install prometheus, grafana and node-exporter as a monitoring stack and grafana loki + promtail as a logging stack. 2 | 3 | The processes are limited, so we don't steal all the resources of the PIs. 4 | 5 | Available scrapers: 6 | - Node-Exporter: `https://github.com/prometheus/node_exporter` 7 | - Speedtest 8 | - Uptimekuma -------------------------------------------------------------------------------- /Helm/apps/n8n/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/n8n/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V1.3.0] 2 | * Added simplesecret 3 | 4 | #### [V1.2.0] 5 | * Added ingress 6 | 7 | #### [V1.1.0] 8 | * Moved resources to values.yaml 9 | 10 | #### [V1.0.1] 11 | * Removed storage class and pv/pvc 12 | 13 | #### [V1.0.0] 14 | * Initial Deployment 15 | -------------------------------------------------------------------------------- /Helm/apps/n8n/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install n8n 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: n8n 9 | type: application 10 | version: 1.3.0 11 | -------------------------------------------------------------------------------- /Helm/apps/n8n/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install n8n 2 | -------------------------------------------------------------------------------- /Helm/apps/n8n/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: n8n 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: Low-code automation 10 | gethomepage.dev/group: Automation 11 | gethomepage.dev/icon: n8n 12 | gethomepage.dev/name: N8N 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: n8n.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: n8n 28 | port: 29 | number: {{ .Values.n8n.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/n8n/templates/storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | apiVersion: v1 4 | kind: PersistentVolumeClaim 5 | metadata: 6 | name: postgresql-pvc 7 | spec: 8 | accessModes: 9 | - ReadWriteMany 10 | storageClassName: longhorn 11 | resources: 12 | requests: 13 | storage: {{ .Values.postgres.dataSize }} 14 | 15 | --- 16 | apiVersion: v1 17 | kind: PersistentVolumeClaim 18 | metadata: 19 | name: n8n-pvc 20 | spec: 21 | accessModes: 22 | - ReadWriteMany 23 | storageClassName: longhorn 24 | resources: 25 | requests: 26 | storage: {{ .Values.n8n.dataSize }} 27 | -------------------------------------------------------------------------------- /Helm/apps/n8n/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | n8n: 3 | image: n8nio/n8n:1.97.0 4 | dataSize: 10Gi 5 | port: 5678 6 | replicas: 1 7 | nasIp: 192.168.1.39 8 | nasPath: /volume1/k3s 9 | resources: 10 | requests: 11 | cpu: 10m 12 | memory: 250Mi 13 | 14 | postgres: 15 | image: postgres:16.9 16 | dataSize: 2Gi 17 | port: 5432 18 | resources: 19 | requests: 20 | cpu: 10m 21 | memory: 256Mi 22 | 23 | -------------------------------------------------------------------------------- /Helm/apps/niolesk/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/niolesk/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V1.0.0] 2 | * Initial Deployment 3 | -------------------------------------------------------------------------------- /Helm/apps/niolesk/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install niolesk 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: niolesk 9 | type: application 10 | version: 1.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/niolesk/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install niolesk. 2 | -------------------------------------------------------------------------------- /Helm/apps/niolesk/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: niolesk 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: UML Diagrams and More 10 | gethomepage.dev/group: Tools 11 | gethomepage.dev/icon: https://niolesk.sgenov.dev/favicon.ico 12 | gethomepage.dev/name: Niolesk Kroki 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: niolesk.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: niolesk 28 | port: 29 | number: {{ .Values.niolesk.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/niolesk/templates/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.niolesk }} 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: niolesk 7 | namespace: {{ $.Release.Namespace }} 8 | spec: 9 | {{- with .lbIp }} 10 | type: LoadBalancer 11 | loadBalancerIP: {{ . }} 12 | {{- end }} 13 | selector: 14 | app.kubernetes.io/instance: niolesk 15 | app.kubernetes.io/name: niolesk 16 | ports: 17 | - name: niolesk 18 | protocol: TCP 19 | port: {{ .port }} 20 | {{- end }} 21 | -------------------------------------------------------------------------------- /Helm/apps/niolesk/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | niolesk: 3 | image: ghcr.io/webgiss/niolesk:v1.7.6 4 | lbIp: 192.168.1.14 5 | port: 80 6 | resources: 7 | requests: 8 | cpu: 10m 9 | memory: 10Mi 10 | -------------------------------------------------------------------------------- /Helm/apps/nodered/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/nodered/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V2.2.0] 2 | * Added NFS drive as well for backups 3 | 4 | #### [V2.1.0] 5 | * Updated resource limits 6 | 7 | #### [V2.0.0] 8 | * Removed NodePort 9 | * New Version 10 | 11 | #### [V1.1.0] 12 | * Removed the unnecessary configmap 13 | 14 | #### [V1.0.0] 15 | * Initial Deployment 16 | -------------------------------------------------------------------------------- /Helm/apps/nodered/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install nodered 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: nodered 9 | type: application 10 | version: 2.2.0 11 | -------------------------------------------------------------------------------- /Helm/apps/nodered/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install nodered 2 | -------------------------------------------------------------------------------- /Helm/apps/nodered/templates/nodered-pvc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: nodered-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: {{ .Values.storage.configSize }} 13 | -------------------------------------------------------------------------------- /Helm/apps/nodered/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | nodered: 3 | image: nodered/node-red:3.1.15-16 4 | port: 1880 5 | resources: 6 | requests: 7 | cpu: 100m 8 | memory: 512Mi 9 | limits: 10 | memory: 2Gi 11 | storage: 12 | configSize: 5Gi 13 | -------------------------------------------------------------------------------- /Helm/apps/openbooks/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/openbooks/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [v2.0.0] 2 | - Better selectors 3 | - Added Probes 4 | - Added securityContext 5 | 6 | #### [V1.0.0] 7 | * Initial Deployment 8 | -------------------------------------------------------------------------------- /Helm/apps/openbooks/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install openbooks 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: openbooks 9 | type: application 10 | version: 2.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/openbooks/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install openbooks 2 | -------------------------------------------------------------------------------- /Helm/apps/openbooks/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: openbooks 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: IRC Book Downloader 10 | gethomepage.dev/group: Media 11 | gethomepage.dev/icon: https://raw.githubusercontent.com/evan-buss/openbooks/master/server/app/public/favicon-32x32.png 12 | gethomepage.dev/name: OpenBooks 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: openbooks.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: openbooks 28 | port: 29 | number: {{ .Values.openbooks.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/openbooks/templates/storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: openbooks-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: {{ .Values.storage.configSize }} 13 | -------------------------------------------------------------------------------- /Helm/apps/openbooks/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | openbooks: 3 | image: ghcr.io/evan-buss/openbooks:4.5.0 4 | port: 80 5 | resources: 6 | requests: 7 | cpu: 10m 8 | memory: 256Mi 9 | 10 | storage: 11 | configSize: 1Gi 12 | -------------------------------------------------------------------------------- /Helm/apps/orphanedpodscleaner/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/orphanedpodscleaner/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V1.0.0] 2 | * Initial Deployment 3 | -------------------------------------------------------------------------------- /Helm/apps/orphanedpodscleaner/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install orphanedpodscleaner that cleans up orphanedpodscleaner 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: orphanedpodscleaner 9 | type: application 10 | version: 1.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/orphanedpodscleaner/README.md: -------------------------------------------------------------------------------- 1 | This charts installs a daemonset that helps with cleaning up orphaned pods. 2 | -------------------------------------------------------------------------------- /Helm/apps/orphanedpodscleaner/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | tolerations: 3 | - key: node-role.kubernetes.io/master 4 | effect: NoSchedule 5 | -------------------------------------------------------------------------------- /Helm/apps/postgresql/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/postgresql/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V3.0.0] 2 | - Removed pgadmin 3 | 4 | #### [V2.0.0] 5 | * Removed NodePort 6 | 7 | #### [V1.3.0] 8 | * Updated replicas to 3 9 | * Pg admin separate storage class 10 | 11 | #### [V1.2.0] 12 | * Upgraded to newest version 6.1 13 | 14 | #### [V1.1.0] 15 | * Moved resources to values.yaml 16 | 17 | #### [V1.0.0] 18 | * Initial Deployment 19 | -------------------------------------------------------------------------------- /Helm/apps/postgresql/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install postgresql 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: postgresql 9 | type: application 10 | version: 2.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/postgresql/README.md: -------------------------------------------------------------------------------- 1 | This chart installs postgresql 2 | -------------------------------------------------------------------------------- /Helm/apps/postgresql/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: pgadmin 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | kubernetes.io/ingress.class: "nginx" 9 | gethomepage.dev/enabled: "true" 10 | gethomepage.dev/description: PostgreSQL admin pannel 11 | gethomepage.dev/group: Databases 12 | gethomepage.dev/icon: pgadmin 13 | gethomepage.dev/name: pgAdmin 14 | spec: 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: pgadmin.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: pgadmin 28 | port: 29 | number: {{ .Values.pgadmin.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/postgresql/templates/postgresql-pv.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.storage }} 3 | 4 | --- 5 | 6 | apiVersion: v1 7 | kind: PersistentVolumeClaim 8 | metadata: 9 | name: pgadmin-data-pvc 10 | spec: 11 | accessModes: 12 | - ReadWriteMany 13 | storageClassName: longhorn 14 | resources: 15 | requests: 16 | storage: {{ .pgAdmin }} 17 | 18 | --- 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /Helm/apps/postgresql/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | storage: 3 | pgAdmin: 2Gi 4 | 5 | pgadmin: 6 | image: dpage/pgadmin4:9.4 7 | port: 80 8 | replicas: 1 9 | resources: 10 | requests: 11 | cpu: 10m 12 | memory: 250Mi 13 | -------------------------------------------------------------------------------- /Helm/apps/reactiveresume/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/reactiveresume/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [v2.0.0] 2 | - Better Selectors 3 | - Probes 4 | 5 | #### [V1.0.0] 6 | * Initial Deployment 7 | -------------------------------------------------------------------------------- /Helm/apps/reactiveresume/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install reactiveresume 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: reactiveresume 9 | type: application 10 | version: 2.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/reactiveresume/README.md: -------------------------------------------------------------------------------- 1 | This chart installs reactiveresume 2 | -------------------------------------------------------------------------------- /Helm/apps/reactiveresume/templates/storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: postgresql-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: {{ .Values.storage.postgresSize }} 13 | --- 14 | 15 | apiVersion: v1 16 | kind: PersistentVolumeClaim 17 | metadata: 18 | name: reactiveresume-uploads-pvc 19 | spec: 20 | accessModes: 21 | - ReadWriteMany 22 | storageClassName: longhorn 23 | resources: 24 | requests: 25 | storage: {{ .Values.storage.uploadSize }} 26 | -------------------------------------------------------------------------------- /Helm/apps/reactiveresume/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | reactiveresume: 3 | api: 4 | image: amruthpillai/reactive-resume:server-3.6.18 5 | port: 3100 6 | frontendUrl: https://reactiveresume.sgenov.dev 7 | frontend: 8 | image: amruthpillai/reactive-resume:client-3.6.18 9 | port: 3000 10 | 11 | postgres: 12 | image: postgres:16.9 13 | port: 5432 14 | resources: 15 | requests: 16 | cpu: 10m 17 | memory: 256Mi 18 | 19 | storage: 20 | postgresSize: 5Gi 21 | uploadSize: 5Gi 22 | -------------------------------------------------------------------------------- /Helm/apps/stirlingpdf/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/stirlingpdf/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V2.0.0] 2 | - Better Selectors 3 | - Added startupProbe 4 | 5 | #### [V1.0.0] 6 | * Initial Deployment 7 | -------------------------------------------------------------------------------- /Helm/apps/stirlingpdf/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install stirlingpdf 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: stirlingpdf 9 | type: application 10 | version: 2.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/stirlingpdf/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install stirlingpdf 2 | -------------------------------------------------------------------------------- /Helm/apps/stirlingpdf/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: stirlingpdf 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | nginx.ingress.kubernetes.io/proxy-body-size: "100m" 9 | gethomepage.dev/enabled: "true" 10 | gethomepage.dev/description: Swiss Army Knife For PDFs 11 | gethomepage.dev/group: Tools 12 | gethomepage.dev/icon: stirling-pdf 13 | gethomepage.dev/name: Stirling-PDF 14 | spec: 15 | ingressClassName: nginx 16 | tls: 17 | - hosts: 18 | - "*.sgenov.dev" 19 | secretName: ingress 20 | rules: 21 | - host: pdf.sgenov.dev 22 | http: 23 | paths: 24 | - pathType: Prefix 25 | path: "/" 26 | backend: 27 | service: 28 | name: stirlingpdf 29 | port: 30 | number: {{ .Values.stirlingpdf.port }} 31 | -------------------------------------------------------------------------------- /Helm/apps/stirlingpdf/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | stirlingpdf: 3 | image: frooodle/s-pdf:0.46.2 4 | port: 8080 5 | -------------------------------------------------------------------------------- /Helm/apps/storage/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/storage/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [v1.1.0] 2 | - Added Pod Disruption Budget 3 | 4 | #### [V1.0.0] 5 | * Initial Deployment 6 | -------------------------------------------------------------------------------- /Helm/apps/storage/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install storage 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: storage 9 | type: application 10 | version: 1.1.0 11 | -------------------------------------------------------------------------------- /Helm/apps/storage/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install syncthing and server emulator 2 | -------------------------------------------------------------------------------- /Helm/apps/storage/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.syncthing }} 3 | apiVersion: networking.k8s.io/v1 4 | kind: Ingress 5 | metadata: 6 | name: syncthing 7 | namespace: {{ $.Release.Namespace }} 8 | annotations: 9 | gethomepage.dev/enabled: "true" 10 | gethomepage.dev/description: File synchronization 11 | gethomepage.dev/group: Storage 12 | gethomepage.dev/icon: syncthing 13 | gethomepage.dev/name: Syncthing 14 | spec: 15 | ingressClassName: nginx 16 | tls: 17 | - hosts: 18 | - "*.sgenov.dev" 19 | secretName: ingress 20 | rules: 21 | - host: syncthing.sgenov.dev 22 | http: 23 | paths: 24 | - pathType: Prefix 25 | path: "/" 26 | backend: 27 | service: 28 | name: syncthing 29 | port: 30 | number: {{ .port }} 31 | {{- end }} 32 | -------------------------------------------------------------------------------- /Helm/apps/storage/templates/pdb.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: policy/v1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: syncthing 6 | spec: 7 | minAvailable: 1 8 | selector: 9 | matchLabels: 10 | app.kubernetes.io/instance: syncthing 11 | app.kubernetes.io/name: syncthing 12 | -------------------------------------------------------------------------------- /Helm/apps/storage/templates/storage-pvc.yaml: -------------------------------------------------------------------------------- 1 | 2 | {{- with .Values.syncthing }} 3 | 4 | --- 5 | apiVersion: v1 6 | kind: PersistentVolumeClaim 7 | metadata: 8 | name: syncthing-config-pvc 9 | spec: 10 | accessModes: 11 | - ReadWriteMany 12 | storageClassName: longhorn 13 | resources: 14 | requests: 15 | storage: {{ $.Values.storage.syncthingConfigSize }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /Helm/apps/storage/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | syncthing: 3 | image: lscr.io/linuxserver/syncthing:1.29.7 4 | replicas: 1 5 | port: 8384 6 | resources: 7 | requests: 8 | cpu: 10m 9 | memory: 50Mi 10 | 11 | storage: 12 | syncthingConfigSize: 1Gi 13 | nasIp: 192.168.1.39 14 | -------------------------------------------------------------------------------- /Helm/apps/uptimekuma/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/uptimekuma/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [v3.0.0] 2 | - Better Selectors 3 | - Better pods 4 | 5 | #### [V2.0.0] 6 | * New version 7 | * Removed NodePort 8 | 9 | #### [V1.3.0] 10 | * New version 11 | 12 | #### [V1.2.0] 13 | * Added ingress 14 | 15 | #### [V1.1.0] 16 | * Moved resources to values.yaml 17 | 18 | #### [V1.0.0] 19 | * Initial Deployment 20 | -------------------------------------------------------------------------------- /Helm/apps/uptimekuma/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install uptimekuma 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: uptimekuma 9 | type: application 10 | version: 3.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/uptimekuma/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install uptimekuma 2 | -------------------------------------------------------------------------------- /Helm/apps/uptimekuma/templates/uptime-kuma-pvc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: uptimekuma-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteOnce 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: {{ .Values.storage.size }} 13 | -------------------------------------------------------------------------------- /Helm/apps/uptimekuma/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | uptimekuma: 3 | image: louislam/uptime-kuma:1.23.16-debian 4 | replicas: 1 5 | port: 3001 6 | resources: 7 | requests: 8 | cpu: 10m 9 | memory: 512Mi 10 | 11 | storage: 12 | size: 10Gi 13 | -------------------------------------------------------------------------------- /Helm/apps/vaultwarden/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/vaultwarden/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V1.0.0] 2 | * Initial Deployment 3 | -------------------------------------------------------------------------------- /Helm/apps/vaultwarden/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install vaultwarden 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: vaultwarden 9 | type: application 10 | version: 1.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/vaultwarden/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install vaultwarden 2 | -------------------------------------------------------------------------------- /Helm/apps/vaultwarden/templates/storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: vaultwarden 6 | spec: 7 | accessModes: 8 | - ReadWriteOnce 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: {{ .Values.storage.dataSize }} 13 | -------------------------------------------------------------------------------- /Helm/apps/vaultwarden/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | vaultwarden: 3 | image: ghcr.io/dani-garcia/vaultwarden:1.34.1 4 | port: 80 5 | replicas: 1 6 | resources: 7 | requests: 8 | cpu: 500m 9 | memory: 512Mi 10 | backup: 11 | image: stefangenov/vaultwarden-backup:1.0.0 12 | resources: 13 | requests: 14 | cpu: 10m 15 | memory: 50Mi 16 | 17 | storage: 18 | dataSize: 5Gi 19 | backupSize: 10Gi 20 | -------------------------------------------------------------------------------- /Helm/apps/vikunja/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/vikunja/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [v3.0.0] 2 | - Better Selectors 3 | - Migrated to internal postgresql 4 | 5 | #### [V2.0.0] 6 | * Fully removed nginx 7 | * Probes added 8 | 9 | #### [V1.3.0] 10 | * Added simplesecret 11 | 12 | #### [V1.2.0] 13 | * Added from email and frontendurl setting, as well as readiness probes and a better recreation strategy 14 | 15 | #### [V1.1.0] 16 | * Added SMTP settings 17 | 18 | #### [V1.0.0] 19 | * Initial Deployment 20 | -------------------------------------------------------------------------------- /Helm/apps/vikunja/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install vikunja 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: vikunja 9 | type: application 10 | version: 3.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/vikunja/README.md: -------------------------------------------------------------------------------- 1 | This chart installs vikunja 2 | -------------------------------------------------------------------------------- /Helm/apps/vikunja/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: vikunja 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: Tasks 10 | gethomepage.dev/group: Knowledge 11 | gethomepage.dev/icon: vikunja 12 | gethomepage.dev/name: Vikunja 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: vikunja.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: vikunja 28 | port: 29 | number: {{ .Values.vikunja.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/vikunja/templates/storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: vikunja-pvc 6 | namespace: {{ $.Release.Namespace }} 7 | spec: 8 | accessModes: 9 | - ReadWriteMany 10 | storageClassName: longhorn 11 | resources: 12 | requests: 13 | storage: {{ .Values.storage.dataSize }} 14 | 15 | --- 16 | apiVersion: v1 17 | kind: PersistentVolumeClaim 18 | metadata: 19 | name: postgresql-pvc 20 | spec: 21 | accessModes: 22 | - ReadWriteMany 23 | storageClassName: longhorn 24 | resources: 25 | requests: 26 | storage: {{ .Values.storage.postgresqlSize }} 27 | -------------------------------------------------------------------------------- /Helm/apps/vikunja/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | vikunja: 3 | image: vikunja/vikunja:0.24.6 4 | port: 3456 5 | frontendUrl: https://vikunja.sgenov.dev 6 | 7 | postgres: 8 | image: postgres:16.9 9 | port: 5432 10 | resources: 11 | requests: 12 | cpu: 10m 13 | memory: 256Mi 14 | 15 | storage: 16 | postgresqlSize: 5Gi 17 | dataSize: 5Gi 18 | -------------------------------------------------------------------------------- /Helm/apps/wallabag/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/wallabag/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [v1.3.0] 2 | * Moved Env to simplesecret 3 | * Improved security 4 | 5 | #### [v1.2.1] 6 | * Added probes for wallabag so it will automatically fix itself if failed 7 | 8 | #### [v1.2.0] 9 | * Added ingress 10 | 11 | #### [V1.1.0] 12 | * Moved resources to values.yaml 13 | 14 | #### [V1.0.0] 15 | * Initial Deployment 16 | -------------------------------------------------------------------------------- /Helm/apps/wallabag/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install wallabag 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: wallabag 9 | type: application 10 | version: 1.3.0 11 | -------------------------------------------------------------------------------- /Helm/apps/wallabag/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install wallabag. 2 | -------------------------------------------------------------------------------- /Helm/apps/wallabag/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: wallabag 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: Self-Hosted Pocket 10 | gethomepage.dev/group: Knowledge 11 | gethomepage.dev/icon: wallabag 12 | gethomepage.dev/name: Wallabag 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: wallabag.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: wallabag 28 | port: 29 | number: {{ .Values.wallabag.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/wallabag/templates/pdb.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: policy/v1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: wallabag 6 | spec: 7 | minAvailable: 1 8 | selector: 9 | matchLabels: 10 | app.kubernetes.io/instance: wallabag 11 | app.kubernetes.io/name: wallabag 12 | --- 13 | apiVersion: policy/v1 14 | kind: PodDisruptionBudget 15 | metadata: 16 | name: wallabag-db 17 | spec: 18 | minAvailable: 1 19 | selector: 20 | matchLabels: 21 | app.kubernetes.io/instance: postgres 22 | app.kubernetes.io/name: postgres 23 | -------------------------------------------------------------------------------- /Helm/apps/wallabag/templates/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.wallabag }} 3 | 4 | apiVersion: v1 5 | kind: Service 6 | metadata: 7 | name: wallabag 8 | namespace: {{ $.Release.Namespace }} 9 | spec: 10 | {{- with .lbIp }} 11 | type: LoadBalancer 12 | loadBalancerIP: {{ . }} 13 | {{- end }} 14 | selector: 15 | app.kubernetes.io/instance: wallabag 16 | app.kubernetes.io/name: wallabag 17 | ports: 18 | - name: wallabag 19 | protocol: TCP 20 | port: {{ .port }} 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /Helm/apps/wallabag/templates/storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: postgresql-pvc 6 | labels: 7 | app.kubernetes.io/instance: postgres 8 | app.kubernetes.io/name: postgres 9 | app.kubernetes.io/component: database 10 | app.kubernetes.io/part-of: wallabag 11 | app.kubernetes.io/managed-by: helm 12 | spec: 13 | accessModes: 14 | - ReadWriteMany 15 | storageClassName: longhorn 16 | resources: 17 | requests: 18 | storage: {{ .Values.storage.postgresqlSize }} 19 | -------------------------------------------------------------------------------- /Helm/apps/wallabag/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | wallabag: 3 | image: wallabag/wallabag:2.6.12 4 | replicas: 1 5 | port: 80 6 | lbIp: 192.168.1.7 7 | domainName: https://wallabag.sgenov.dev 8 | resources: 9 | requests: 10 | cpu: 100m 11 | memory: 500Mi 12 | 13 | postgres: 14 | image: postgres:16.9 15 | port: 5432 16 | resources: 17 | requests: 18 | cpu: 10m 19 | memory: 256Mi 20 | 21 | storage: 22 | postgresqlSize: 5Gi 23 | -------------------------------------------------------------------------------- /Helm/apps/website/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/website/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [v3.0.0] 2 | - Better selectors 3 | - Better probes 4 | 5 | #### [V2.0.0] 6 | * Migrated to ghcr.io 7 | 8 | #### [V1.1.0] 9 | * Updated security 10 | 11 | #### [V1.0.0] 12 | * Initial Deployment 13 | -------------------------------------------------------------------------------- /Helm/apps/website/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install website 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: website 9 | type: application 10 | version: 3.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/website/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install my personal website https://github.com/Michaelpalacce/personal-website-vue 2 | -------------------------------------------------------------------------------- /Helm/apps/website/templates/pdb.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: policy/v1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: website 6 | spec: 7 | minAvailable: 1 8 | selector: 9 | matchLabels: 10 | app.kubernetes.io/instance: website 11 | app.kubernetes.io/name: website 12 | -------------------------------------------------------------------------------- /Helm/apps/website/templates/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.website }} 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: website 7 | namespace: {{ $.Release.Namespace }} 8 | spec: 9 | type: LoadBalancer 10 | loadBalancerIP: 192.168.1.6 11 | selector: 12 | app.kubernetes.io/instance: website 13 | app.kubernetes.io/name: website 14 | ports: 15 | - name: website 16 | protocol: TCP 17 | port: {{ .port }} 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /Helm/apps/website/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | website: 3 | image: ghcr.io/michaelpalacce/website:v2.14.0 4 | port: 80 5 | replicas: 6 6 | resources: 7 | requests: 8 | cpu: 500m 9 | memory: 512Mi 10 | -------------------------------------------------------------------------------- /Helm/apps/whoogle/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /Helm/apps/whoogle/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | #### [V4.0.0] 2 | - Better selectors 3 | - Lowered requests 4 | 5 | #### [V3.0.0] 6 | * Improved security of the deployment 7 | * Updated UpdateStrategy 8 | * Image from ghcr.io instead of docker hub 9 | 10 | #### [V2.2.0] 11 | * Increased resources 12 | * Probes 13 | 14 | #### [V2.1.0] 15 | * New Version 16 | 17 | #### [V2.0.0] 18 | * Removed NodePort 19 | 20 | #### [V1.0.0] 21 | * Initial Deployment 22 | -------------------------------------------------------------------------------- /Helm/apps/whoogle/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | appVersion: 1.0.0 4 | description: This chart is used to install whoogle 5 | maintainers: 6 | - email: sgenov94@gmail.com 7 | name: Stefan Genov 8 | name: whoogle 9 | type: application 10 | version: 4.0.0 11 | -------------------------------------------------------------------------------- /Helm/apps/whoogle/README.md: -------------------------------------------------------------------------------- 1 | This chart is used to install whoogle. 2 | -------------------------------------------------------------------------------- /Helm/apps/whoogle/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: whoogle 6 | namespace: {{ $.Release.Namespace }} 7 | annotations: 8 | gethomepage.dev/enabled: "true" 9 | gethomepage.dev/description: Self-Hosted Google 10 | gethomepage.dev/group: Tools 11 | gethomepage.dev/icon: whoogle 12 | gethomepage.dev/name: Whoogle 13 | spec: 14 | ingressClassName: nginx 15 | tls: 16 | - hosts: 17 | - "*.sgenov.dev" 18 | secretName: ingress 19 | rules: 20 | - host: whoogle.sgenov.dev 21 | http: 22 | paths: 23 | - pathType: Prefix 24 | path: "/" 25 | backend: 26 | service: 27 | name: whoogle 28 | port: 29 | number: {{ .Values.whoogle.port }} 30 | -------------------------------------------------------------------------------- /Helm/apps/whoogle/templates/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | {{- with .Values.whoogle }} 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: whoogle 7 | namespace: {{ $.Release.Namespace }} 8 | spec: 9 | {{- with .lbIp }} 10 | type: LoadBalancer 11 | loadBalancerIP: {{ . }} 12 | {{- end }} 13 | selector: 14 | app.kubernetes.io/instance: whoogle 15 | app.kubernetes.io/name: whoogle 16 | ports: 17 | - name: whoogle 18 | protocol: TCP 19 | port: {{ .port }} 20 | {{- end }} 21 | -------------------------------------------------------------------------------- /Helm/apps/whoogle/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | whoogle: 3 | image: ghcr.io/benbusby/whoogle-search:0.9.3 4 | replicas: 1 5 | port: 5000 6 | resources: 7 | requests: 8 | cpu: 250m 9 | memory: 512Mi 10 | -------------------------------------------------------------------------------- /TODOS.md: -------------------------------------------------------------------------------- 1 | # TODOs 2 | 3 | ## Infrastructure 4 | 5 | - [ ] Terraform 6 | - [ ] Strip down the K3S Nodes of unused services and packages 7 | 8 | ## Service Specifics 9 | 10 | - [ ] HomeBox entries for all of the hardware I have 11 | 12 | ## Upgrades 13 | 14 | - [ ] Migrate to newest postgresql 15 | - [ ] postgresql instances should be a statefulset 16 | -------------------------------------------------------------------------------- /ansible/hosts/group_vars/master/k3s-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | k3s_control_node: true 3 | 4 | k3s_server: 5 | node-ip: "{{ ansible_default_ipv4.address }}" 6 | kubelet-arg: 7 | - "image-gc-high-threshold=75" 8 | - "image-gc-low-threshold=60" 9 | tls-san: 10 | - "{{ k3s_registration_address }}" 11 | docker: false 12 | disable: 13 | - traefik 14 | - local-storage 15 | - servicelb 16 | disable-network-policy: false 17 | disable-cloud-controller: true 18 | write-kubeconfig-mode: "644" 19 | cluster-cidr: "10.40.0.0/16" 20 | service-cidr: "10.96.0.0/16" 21 | etcd-expose-metrics: true 22 | -------------------------------------------------------------------------------- /ansible/hosts/group_vars/workers/k3s-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | k3s_control_node: false 3 | 4 | k3s_agent: 5 | node-ip: "{{ ansible_default_ipv4.address }}" 6 | kubelet-arg: 7 | - "image-gc-high-threshold=75" 8 | - "image-gc-low-threshold=60" 9 | -------------------------------------------------------------------------------- /ansible/hosts/inventory: -------------------------------------------------------------------------------- 1 | [master] 2 | 192.168.1.78 3 | 192.168.1.83 4 | 192.168.1.242 5 | 6 | [workers] 7 | 192.168.1.56 8 | 192.168.1.57 9 | 192.168.1.55 10 | 192.168.1.89 11 | 192.168.1.247 12 | 13 | [extra] 14 | # 192.168.1.20 15 | 16 | 17 | # This group has all the servers 18 | [all:children] 19 | master 20 | workers 21 | extra 22 | 23 | #Variables for all the servers 24 | [all:vars] 25 | ansible_connection=ssh 26 | ansible_user=stefan 27 | ansible_ssh_common_args='-o StrictHostKeyChecking=no' 28 | -------------------------------------------------------------------------------- /ansible/playbooks/install/files/allContainerLogs: -------------------------------------------------------------------------------- 1 | /var/logs/containers/*.log { 2 | rotate 2 3 | copytruncate 4 | missingok 5 | notifempty 6 | compress 7 | maxsize 10M 8 | dateext 9 | dateformat -%Y%m%d-%s 10 | create 0644 root root 11 | } -------------------------------------------------------------------------------- /ansible/playbooks/install/files/cleanUpOrphanedPods.py: -------------------------------------------------------------------------------- 1 | import subprocess 2 | import select 3 | import re 4 | import shutil 5 | 6 | f = subprocess.Popen(['tail', '-F', '/var/log/syslog'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) 7 | p = select.poll() 8 | p.register(f.stdout) 9 | 10 | while True: 11 | if p.poll(1): 12 | line = f.stdout.readline().decode('utf-8') 13 | result = re.search('orphaned pod \\\\"([0-9a-zA-Z-]*)\\\\"', line) 14 | if result: 15 | toDelete = '/var/lib/kubelet/pods/' + result.group(1) 16 | try: 17 | shutil.rmtree(toDelete) 18 | print(toDelete + " was deleted") 19 | except: 20 | print(toDelete + " could not be deleted") 21 | -------------------------------------------------------------------------------- /ansible/playbooks/install/files/cniLogs: -------------------------------------------------------------------------------- 1 | /var/logs/calico/cni/*.log { 2 | rotate 2 3 | copytruncate 4 | missingok 5 | notifempty 6 | compress 7 | maxsize 10M 8 | dateext 9 | dateformat -%Y%m%d-%s 10 | create 0644 root root 11 | } -------------------------------------------------------------------------------- /ansible/playbooks/install/files/multipath.conf: -------------------------------------------------------------------------------- 1 | blacklist { 2 | devnode "^sd[a-z0-9]+" 3 | } -------------------------------------------------------------------------------- /ansible/playbooks/install/files/podLogs: -------------------------------------------------------------------------------- 1 | /var/logs/pods/*/*/*.log { 2 | rotate 2 3 | copytruncate 4 | missingok 5 | notifempty 6 | compress 7 | maxsize 10M 8 | dateext 9 | dateformat -%Y%m%d-%s 10 | create 0644 root root 11 | } -------------------------------------------------------------------------------- /ansible/playbooks/install/requirements.yml: -------------------------------------------------------------------------------- 1 | --- 2 | collections: 3 | - name: kubernetes.core 4 | version: 5.3.0 5 | - name: community.general 6 | version: 10.7.0 7 | - name: hifis.toolkit 8 | version: 5.3.0 9 | roles: 10 | - src: xanmanning.k3s 11 | -------------------------------------------------------------------------------- /ansible/playbooks/install/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | arch: amd64 # architecture 3 | 4 | output_dir: ./output # Where to output files generated by the playbook 5 | 6 | journalctl_vaccum_size: 200M # After what size should journalctl logs be cleaned up 7 | 8 | k3s_release_version: "v1.32.0+k3s1" 9 | k3s_install_hard_links: true # For system-upgrader 10 | k3s_become: true 11 | k3s_debug: false 12 | k3s_etcd_datastore: true 13 | k3s_use_unsupported_config: true 14 | k3s_registration_address: 192.168.1.78 # Master node ip 15 | # k3s_server_manifests_urls: 16 | # - url: https://docs.projectcalico.org/archive/v3.22/manifests/tigera-operator.yaml 17 | # filename: tigera-operator.yaml 18 | -------------------------------------------------------------------------------- /cluster/homelab/age.agekey.public: -------------------------------------------------------------------------------- 1 | age1mq6usjzvvxvcp7tl03yjdqd0kgjhhvhz48kmg86p43nhx0jc75jssw0kfn -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/beaverhabits/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: beaverhabits 6 | namespace: beaverhabits 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/beaverhabits 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/beaverhabits/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/beaverhabits/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: beaverhabits 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/goip/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: goip 6 | namespace: goip 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/goip 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | values: 20 | goip: 21 | replicas: 1 22 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/goip/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - secret.sops.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/goip/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: goip 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/karakeep/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - namespace.yaml 6 | - pvc-karakeep.yaml 7 | - pvc-meili.yaml 8 | - helm-release.yaml 9 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/karakeep/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: karakeep 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/karakeep/pvc-karakeep.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: karakeep-storage 5 | namespace: karakeep 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: 10Gi 13 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/karakeep/pvc-meili.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: meili-storage 5 | namespace: karakeep 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: longhorn 10 | resources: 11 | requests: 12 | storage: 5Gi 13 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/lubelogger/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: lubelogger 6 | namespace: lubelogger 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/lubelogger 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/lubelogger/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/lubelogger/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: lubelogger 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/postgresql/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: postgresql 6 | namespace: postgresql 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/postgresql 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/postgresql/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - secret.sops.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/postgresql/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: postgresql 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/vaultwarden/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: vaultwarden 6 | namespace: vaultwarden 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/vaultwarden 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | values: 20 | replicas: 1 21 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/vaultwarden/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - secret.sops.yaml 6 | - namespace.yaml 7 | - helm-release.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/vaultwarden/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: vaultwarden 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/wger/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - namespace.yaml 6 | - helm-release.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/wger/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: wger 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/whoogle/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: whoogle 6 | namespace: whoogle 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/whoogle 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | values: 20 | whoogle: 21 | replicas: 1 22 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/whoogle/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/archive/whoogle/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: whoogle 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/cert-manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - issuer.yaml 6 | - wildcard-certificate.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/cert-manager/wildcard-certificate.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: cert-manager.io/v1 3 | kind: Certificate 4 | metadata: 5 | name: ingress 6 | namespace: cert-manager 7 | spec: 8 | secretTemplate: 9 | annotations: 10 | reflector.v1.k8s.emberstack.com/reflection-auto-enabled: 'true' 11 | reflector.v1.k8s.emberstack.com/reflection-allowed: 'true' 12 | secretName: ingress 13 | issuerRef: 14 | name: letsencrypt 15 | kind: ClusterIssuer 16 | commonName: "*.sgenov.dev" 17 | dnsNames: 18 | - '*.sgenov.dev' 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/changedetection/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: changedetection 6 | namespace: changedetection 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/changedetection 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | values: 20 | image: dgtlmoon/changedetection.io:0.49.18 21 | -------------------------------------------------------------------------------- /cluster/homelab/apps/changedetection/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/changedetection/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: changedetection 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/cyberchef/deny-local-networkPolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: cyberchef-allow-dns-egress 5 | namespace: cyberchef 6 | spec: 7 | podSelector: {} 8 | policyTypes: 9 | - Egress 10 | egress: 11 | - to: 12 | - ipBlock: 13 | cidr: 0.0.0.0/0 14 | except: 15 | - 10.0.0.0/8 # RFC 1918 - Class A private 16 | - 172.16.0.0/12 # RFC 1918 - Class B private 17 | - 192.168.0.0/16 # RFC 1918 - Class C private 18 | - to: 19 | - namespaceSelector: 20 | matchLabels: 21 | kubernetes.io/metadata.name: kube-system 22 | ports: 23 | - protocol: UDP 24 | port: 53 25 | - protocol: TCP 26 | port: 53 27 | -------------------------------------------------------------------------------- /cluster/homelab/apps/cyberchef/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: cyberchef 6 | namespace: cyberchef 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/cyberchef 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | values: 20 | cyberchef: 21 | image: mpepping/cyberchef:v10.19.4 22 | -------------------------------------------------------------------------------- /cluster/homelab/apps/cyberchef/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - deny-local-networkPolicy.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/cyberchef/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: cyberchef 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/diagrams/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: diagrams 6 | namespace: diagrams 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/diagrams 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/diagrams/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/diagrams/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: diagrams 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/excalidraw/deny-local-networkPolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: excalidraw-allow-dns-egress 5 | namespace: excalidraw 6 | spec: 7 | podSelector: {} 8 | policyTypes: 9 | - Egress 10 | egress: 11 | - to: 12 | - ipBlock: 13 | cidr: 0.0.0.0/0 14 | except: 15 | - 10.0.0.0/8 # RFC 1918 - Class A private 16 | - 172.16.0.0/12 # RFC 1918 - Class B private 17 | - 192.168.0.0/16 # RFC 1918 - Class C private 18 | - to: 19 | - namespaceSelector: 20 | matchLabels: 21 | kubernetes.io/metadata.name: kube-system 22 | ports: 23 | - protocol: UDP 24 | port: 53 25 | - protocol: TCP 26 | port: 53 27 | -------------------------------------------------------------------------------- /cluster/homelab/apps/excalidraw/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: excalidraw 6 | namespace: excalidraw 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/excalidraw 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/excalidraw/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - deny-local-networkPolicy.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/excalidraw/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: excalidraw 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/external-ingress/README.md: -------------------------------------------------------------------------------- 1 | # What this is for? 2 | 3 | I have external services that are outside of my kubernetes cluster. I use these resources to reverse proxy to my external server and still get TLS. -------------------------------------------------------------------------------- /cluster/homelab/apps/external-ingress/endpoint.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Endpoints 4 | metadata: 5 | name: plex 6 | namespace: ingress-nginx 7 | subsets: 8 | - addresses: 9 | - ip: 192.168.1.20 10 | ports: 11 | - name: app 12 | port: 32400 13 | protocol: TCP 14 | -------------------------------------------------------------------------------- /cluster/homelab/apps/external-ingress/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - plex-ingress.sops.yaml 6 | - service.yaml 7 | - endpoint.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/external-ingress/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: plex 6 | namespace: ingress-nginx 7 | spec: 8 | ports: 9 | - name: plex 10 | port: 32400 11 | protocol: TCP 12 | targetPort: 32400 13 | clusterIP: None 14 | type: ClusterIP 15 | -------------------------------------------------------------------------------- /cluster/homelab/apps/firefly/deny-local-networkPolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: firefly-allow-dns-egress 5 | namespace: firefly 6 | spec: 7 | podSelector: {} 8 | policyTypes: 9 | - Egress 10 | egress: 11 | - to: 12 | - namespaceSelector: 13 | matchLabels: 14 | kubernetes.io/metadata.name: firefly 15 | - to: 16 | - ipBlock: 17 | cidr: 0.0.0.0/0 18 | except: 19 | - 10.0.0.0/8 # RFC 1918 - Class A private 20 | - 172.16.0.0/12 # RFC 1918 - Class B private 21 | - 192.168.0.0/16 # RFC 1918 - Class C private 22 | - to: 23 | - namespaceSelector: 24 | matchLabels: 25 | kubernetes.io/metadata.name: kube-system 26 | ports: 27 | - protocol: UDP 28 | port: 53 29 | - protocol: TCP 30 | port: 53 31 | -------------------------------------------------------------------------------- /cluster/homelab/apps/firefly/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: firefly 6 | namespace: firefly 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/firefly 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/firefly/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - secret.sops.yaml 8 | - ingress.sops.yaml 9 | - deny-local-networkPolicy.yaml 10 | -------------------------------------------------------------------------------- /cluster/homelab/apps/firefly/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: firefly 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/freshrss/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: freshrss 6 | namespace: freshrss 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/freshrss 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/freshrss/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - namespace.yaml 6 | - helm-release.yaml 7 | - ingress.sops.yaml 8 | - secret.sops.yaml 9 | -------------------------------------------------------------------------------- /cluster/homelab/apps/freshrss/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: freshrss 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/go-ddns-controller/git-repo-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: go-ddns-controller 6 | namespace: go-ddns-controller-system 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | crds: CreateReplace 12 | remediation: 13 | retries: 3 14 | upgrade: 15 | crds: CreateReplace 16 | remediation: 17 | retries: 3 18 | chart: 19 | spec: 20 | chart: ./charts/go-ddns-controller 21 | reconcileStrategy: Revision 22 | sourceRef: 23 | kind: GitRepository 24 | name: go-ddns-controller 25 | namespace: flux-system 26 | values: 27 | image: 28 | repository: ghcr.io/michaelpalacce/go-ddns-controller 29 | tag: v1.1.3 30 | controller: 31 | replicas: 3 32 | resources: 33 | limits: 34 | cpu: 100m 35 | memory: 512Mi 36 | requests: 37 | cpu: 10m 38 | memory: 64Mi 39 | -------------------------------------------------------------------------------- /cluster/homelab/apps/go-ddns-controller/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | namespace: go-ddns-controller-system 5 | resources: 6 | - namespace.yaml 7 | - git-repo-release.yaml 8 | - secret.sops.yaml 9 | - configMaps.sops.yaml 10 | - notifier.yaml 11 | - provider.yaml 12 | -------------------------------------------------------------------------------- /cluster/homelab/apps/go-ddns-controller/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: go-ddns-controller-system 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/go-ddns-controller/notifier.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ddns.stefangenov.site/v1alpha1 2 | kind: Notifier 3 | metadata: 4 | labels: 5 | app.kubernetes.io/name: go-ddns-controller 6 | app.kubernetes.io/managed-by: kustomize 7 | name: webhook-notifier 8 | namespace: go-ddns-controller-system 9 | spec: 10 | name: Webhook 11 | secretName: webhook 12 | configMap: webhook-config 13 | -------------------------------------------------------------------------------- /cluster/homelab/apps/go-ddns-controller/provider.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ddns.stefangenov.site/v1alpha1 2 | kind: Provider 3 | metadata: 4 | labels: 5 | app.kubernetes.io/name: go-ddns-controller 6 | app.kubernetes.io/managed-by: kustomize 7 | name: cloudflare-provider 8 | namespace: go-ddns-controller-system 9 | spec: 10 | name: Cloudflare 11 | secretName: cloudflare 12 | configMap: cloudflare-config 13 | notifierRefs: 14 | - name: webhook-notifier 15 | -------------------------------------------------------------------------------- /cluster/homelab/apps/gotenberg/helm-release.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: helm.toolkit.fluxcd.io/v2 2 | kind: HelmRelease 3 | metadata: 4 | name: gotenberg 5 | namespace: gotenberg 6 | spec: 7 | interval: 1h 8 | install: 9 | createNamespace: true 10 | crds: CreateReplace 11 | remediation: 12 | retries: 3 13 | upgrade: 14 | crds: CreateReplace 15 | remediation: 16 | retries: 3 17 | chart: 18 | spec: 19 | chart: gotenberg 20 | version: 1.12.0 21 | interval: 1h 22 | sourceRef: 23 | kind: HelmRepository 24 | name: maikumori 25 | namespace: flux-system 26 | values: 27 | image: 28 | repository: gotenberg/gotenberg 29 | tag: 8.21.0 30 | -------------------------------------------------------------------------------- /cluster/homelab/apps/gotenberg/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - namespace.yaml 6 | - helm-release.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/gotenberg/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: gotenberg 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/homebox/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: homebox 6 | namespace: homebox 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | crds: CreateReplace 12 | remediation: 13 | retries: 3 14 | upgrade: 15 | crds: CreateReplace 16 | remediation: 17 | retries: 3 18 | chart: 19 | spec: 20 | chart: ./Helm/apps/homebox 21 | reconcileStrategy: Revision 22 | sourceRef: 23 | kind: GitRepository 24 | name: flux-system 25 | namespace: flux-system 26 | -------------------------------------------------------------------------------- /cluster/homelab/apps/homebox/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/homebox/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: homebox 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/homepage/ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: homepage 6 | namespace: homepage 7 | spec: 8 | ingressClassName: nginx 9 | tls: 10 | - hosts: 11 | - "*.sgenov.dev" 12 | secretName: ingress 13 | rules: 14 | - host: homepage.sgenov.dev 15 | http: 16 | paths: 17 | - pathType: Prefix 18 | path: "/" 19 | backend: 20 | service: 21 | name: homepage 22 | port: 23 | number: 3000 24 | -------------------------------------------------------------------------------- /cluster/homelab/apps/homepage/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - namespace.yaml 6 | - homepage-config.sops.yaml 7 | - helm-release.yaml 8 | - ingress.yaml 9 | -------------------------------------------------------------------------------- /cluster/homelab/apps/homepage/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: homepage 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/it-tools/deny-local-networkPolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: it-tools-allow-dns-egress 5 | namespace: it-tools 6 | spec: 7 | podSelector: {} 8 | policyTypes: 9 | - Egress 10 | egress: 11 | - to: 12 | - ipBlock: 13 | cidr: 0.0.0.0/0 14 | except: 15 | - 10.0.0.0/8 # RFC 1918 - Class A private 16 | - 172.16.0.0/12 # RFC 1918 - Class B private 17 | - 192.168.0.0/16 # RFC 1918 - Class C private 18 | - to: 19 | - namespaceSelector: 20 | matchLabels: 21 | kubernetes.io/metadata.name: kube-system 22 | ports: 23 | - protocol: UDP 24 | port: 53 25 | - protocol: TCP 26 | port: 53 27 | -------------------------------------------------------------------------------- /cluster/homelab/apps/it-tools/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: it-tools 6 | namespace: it-tools 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/it-tools 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/it-tools/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - deny-local-networkPolicy.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/it-tools/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: it-tools 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - cert-manager 6 | - changedetection 7 | - cyberchef 8 | - diagrams 9 | - excalidraw 10 | - external-ingress 11 | - firefly 12 | - freshrss 13 | - go-ddns-controller 14 | - gotenberg 15 | - homepage 16 | - it-tools 17 | - mazanoke 18 | - mealie 19 | - media 20 | - monitoring 21 | - n8n 22 | - niolesk 23 | - nodered 24 | - openbooks 25 | - reactiveresume 26 | - searxng 27 | - stirlingpdf 28 | - tika 29 | - uptimekuma 30 | - vikunja 31 | - website 32 | - wallabag 33 | - paperless-ngx 34 | - homebox 35 | - storage 36 | -------------------------------------------------------------------------------- /cluster/homelab/apps/mazanoke/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: mazanoke 6 | namespace: mazanoke 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/mazanoke 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/mazanoke/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/mazanoke/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: mazanoke 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/mealie/deny-local-networkPolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: mealie-allow-dns-egress 5 | namespace: mealie 6 | spec: 7 | podSelector: {} 8 | policyTypes: 9 | - Egress 10 | egress: 11 | - to: 12 | - ipBlock: 13 | cidr: 0.0.0.0/0 14 | except: 15 | - 10.0.0.0/8 # RFC 1918 - Class A private 16 | - 172.16.0.0/12 # RFC 1918 - Class B private 17 | - 192.168.0.0/16 # RFC 1918 - Class C private 18 | - to: 19 | - namespaceSelector: 20 | matchLabels: 21 | kubernetes.io/metadata.name: kube-system 22 | ports: 23 | - protocol: UDP 24 | port: 53 25 | - protocol: TCP 26 | port: 53 27 | -------------------------------------------------------------------------------- /cluster/homelab/apps/mealie/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: mealie 6 | namespace: mealie 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/mealie 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | values: 20 | mealie: 21 | replicas: 1 22 | -------------------------------------------------------------------------------- /cluster/homelab/apps/mealie/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - ingress.sops.yaml 8 | - deny-local-networkPolicy.yaml 9 | -------------------------------------------------------------------------------- /cluster/homelab/apps/mealie/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: mealie 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/media/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: media 6 | namespace: media 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/media 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | values: 20 | readarr: 21 | replicas: 1 22 | 23 | -------------------------------------------------------------------------------- /cluster/homelab/apps/media/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - ingress.sops.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/media/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: media 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/monitoring/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: monitoring 6 | namespace: monitoring 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/monitoring 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/monitoring/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - ingress.sops.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/monitoring/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: monitoring 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/n8n/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: n8n 6 | namespace: n8n 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/n8n 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | values: 20 | n8n: 21 | replicas: 1 22 | -------------------------------------------------------------------------------- /cluster/homelab/apps/n8n/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - secret.sops.yaml 7 | - namespace.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/n8n/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: n8n 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/niolesk/deny-local-networkPolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: niolesk-allow-dns-egress 5 | namespace: niolesk 6 | spec: 7 | podSelector: {} 8 | policyTypes: 9 | - Egress 10 | egress: 11 | - to: 12 | - ipBlock: 13 | cidr: 0.0.0.0/0 14 | except: 15 | - 10.0.0.0/8 # RFC 1918 - Class A private 16 | - 172.16.0.0/12 # RFC 1918 - Class B private 17 | - 192.168.0.0/16 # RFC 1918 - Class C private 18 | - to: 19 | - namespaceSelector: 20 | matchLabels: 21 | kubernetes.io/metadata.name: kube-system 22 | ports: 23 | - protocol: UDP 24 | port: 53 25 | - protocol: TCP 26 | port: 53 27 | -------------------------------------------------------------------------------- /cluster/homelab/apps/niolesk/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: niolesk 6 | namespace: niolesk 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/niolesk 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/niolesk/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - deny-local-networkPolicy.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/niolesk/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: niolesk 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/nodered/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: nodered 6 | namespace: nodered 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/nodered 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/nodered/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/nodered/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: nodered 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/openbooks/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: openbooks 6 | namespace: openbooks 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/openbooks 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/openbooks/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/openbooks/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: openbooks 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/paperless-ngx/deny-local-networkPolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: paperless-ngx-allow-dns-egress 5 | namespace: paperless-ngx 6 | spec: 7 | podSelector: {} 8 | policyTypes: 9 | - Egress 10 | egress: 11 | - to: 12 | - namespaceSelector: 13 | matchLabels: 14 | kubernetes.io/metadata.name: paperless-ngx 15 | - to: 16 | - ipBlock: 17 | cidr: 0.0.0.0/0 18 | except: 19 | - 10.0.0.0/8 # RFC 1918 - Class A private 20 | - 172.16.0.0/12 # RFC 1918 - Class B private 21 | - 192.168.0.0/16 # RFC 1918 - Class C private 22 | - to: 23 | - namespaceSelector: 24 | matchLabels: 25 | kubernetes.io/metadata.name: kube-system 26 | ports: 27 | - protocol: UDP 28 | port: 53 29 | - protocol: TCP 30 | port: 53 31 | -------------------------------------------------------------------------------- /cluster/homelab/apps/paperless-ngx/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.sops.yaml 6 | - deny-local-networkPolicy.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/reactiveresume/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: reactiveresume 6 | namespace: reactiveresume 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/reactiveresume 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/reactiveresume/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - namespace.yaml 6 | - secret.sops.yaml 7 | - helm-release.yaml -------------------------------------------------------------------------------- /cluster/homelab/apps/reactiveresume/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: reactiveresume 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/searxng/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - namespace.yaml 6 | - helm-release.sops.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/searxng/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: searxng 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/stirlingpdf/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: stirlingpdf 6 | namespace: stirlingpdf 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/stirlingpdf 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/stirlingpdf/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/stirlingpdf/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: stirlingpdf 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/storage/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: storage 6 | namespace: storage 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/storage 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/storage/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/storage/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: storage 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/tika/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - namespace.yaml 6 | - helm-release.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/tika/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: tika 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/uptimekuma/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: uptimekuma 6 | namespace: uptimekuma 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/uptimekuma 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | values: 20 | uptimekuma: 21 | replicas: 1 22 | -------------------------------------------------------------------------------- /cluster/homelab/apps/uptimekuma/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/apps/uptimekuma/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: uptimekuma 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/vikunja/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: vikunja 6 | namespace: vikunja 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/vikunja 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/vikunja/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - secret.sops.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/apps/vikunja/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: vikunja 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/wallabag/deny-local-networkPolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: wallabag-allow-dns-egress 5 | namespace: wallabag 6 | spec: 7 | podSelector: {} 8 | policyTypes: 9 | - Egress 10 | egress: 11 | - to: 12 | - namespaceSelector: 13 | matchLabels: 14 | kubernetes.io/metadata.name: wallabag 15 | - to: 16 | - ipBlock: 17 | cidr: 0.0.0.0/0 18 | except: 19 | - 10.0.0.0/8 # RFC 1918 - Class A private 20 | - 172.16.0.0/12 # RFC 1918 - Class B private 21 | - 192.168.0.0/16 # RFC 1918 - Class C private 22 | - to: 23 | - namespaceSelector: 24 | matchLabels: 25 | kubernetes.io/metadata.name: kube-system 26 | ports: 27 | - protocol: UDP 28 | port: 53 29 | - protocol: TCP 30 | port: 53 31 | -------------------------------------------------------------------------------- /cluster/homelab/apps/wallabag/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: wallabag 6 | namespace: wallabag 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/wallabag 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | values: 20 | wallabag: 21 | replicas: 1 22 | -------------------------------------------------------------------------------- /cluster/homelab/apps/wallabag/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - secret.sops.yaml 8 | - deny-local-networkPolicy.yaml 9 | -------------------------------------------------------------------------------- /cluster/homelab/apps/wallabag/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: wallabag 6 | -------------------------------------------------------------------------------- /cluster/homelab/apps/website/deny-local-networkPolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: website-allow-dns-egress 5 | namespace: website 6 | spec: 7 | podSelector: {} 8 | policyTypes: 9 | - Egress 10 | egress: 11 | - to: 12 | - ipBlock: 13 | cidr: 0.0.0.0/0 14 | except: 15 | - 10.0.0.0/8 # RFC 1918 - Class A private 16 | - 172.16.0.0/12 # RFC 1918 - Class B private 17 | - 192.168.0.0/16 # RFC 1918 - Class C private 18 | - to: 19 | - namespaceSelector: 20 | matchLabels: 21 | kubernetes.io/metadata.name: kube-system 22 | ports: 23 | - protocol: UDP 24 | port: 53 25 | - protocol: TCP 26 | port: 53 27 | -------------------------------------------------------------------------------- /cluster/homelab/apps/website/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: website 6 | namespace: website 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/website 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/apps/website/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - secret.sops.yaml 8 | - deny-local-networkPolicy.yaml 9 | -------------------------------------------------------------------------------- /cluster/homelab/apps/website/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: website 6 | -------------------------------------------------------------------------------- /cluster/homelab/base/.sops.yaml: -------------------------------------------------------------------------------- 1 | creation_rules: 2 | # Secrets 3 | - path_regex: .*/*secret.sops.yaml 4 | encrypted_regex: ^(data|stringData|annotations|)$ 5 | pgp: age1mq6usjzvvxvcp7tl03yjdqd0kgjhhvhz48kmg86p43nhx0jc75jssw0kfn 6 | 7 | # Config Maps 8 | - path_regex: .*/*config.sops.yaml 9 | encrypted_regex: ^(data|stringData|annotations|)$ 10 | pgp: age1mq6usjzvvxvcp7tl03yjdqd0kgjhhvhz48kmg86p43nhx0jc75jssw0kfn 11 | 12 | # Ingress Hosts 13 | - path_regex: .*/*ingress.sops.yaml 14 | encrypted_regex: ^(rules|annotations|)$ 15 | pgp: age1mq6usjzvvxvcp7tl03yjdqd0kgjhhvhz48kmg86p43nhx0jc75jssw0kfn 16 | 17 | # helm-release 18 | - path_regex: .*/*helm-release.sops.yaml 19 | encrypted_regex: ^(values)$ 20 | pgp: age1mq6usjzvvxvcp7tl03yjdqd0kgjhhvhz48kmg86p43nhx0jc75jssw0kfn 21 | 22 | -------------------------------------------------------------------------------- /cluster/homelab/base/apps.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.toolkit.fluxcd.io/v1 3 | kind: Kustomization 4 | metadata: 5 | name: apps 6 | namespace: flux-system 7 | spec: 8 | interval: 1h0s 9 | dependsOn: 10 | - name: core 11 | - name: helm 12 | path: ./cluster/homelab/apps 13 | prune: true 14 | decryption: 15 | provider: sops 16 | secretRef: 17 | name: sops-age 18 | sourceRef: 19 | kind: GitRepository 20 | name: flux-system 21 | -------------------------------------------------------------------------------- /cluster/homelab/base/configs.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.toolkit.fluxcd.io/v1 3 | kind: Kustomization 4 | metadata: 5 | name: configs 6 | namespace: flux-system 7 | spec: 8 | interval: 1h0s 9 | dependsOn: 10 | - name: core 11 | path: ./cluster/homelab/configs 12 | prune: true 13 | decryption: 14 | provider: sops 15 | secretRef: 16 | name: sops-age 17 | sourceRef: 18 | kind: GitRepository 19 | name: flux-system 20 | -------------------------------------------------------------------------------- /cluster/homelab/base/core.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.toolkit.fluxcd.io/v1 3 | kind: Kustomization 4 | metadata: 5 | name: core 6 | namespace: flux-system 7 | spec: 8 | interval: 1h0s 9 | dependsOn: 10 | - name: helm 11 | path: ./cluster/homelab/core 12 | prune: true 13 | decryption: 14 | provider: sops 15 | secretRef: 16 | name: sops-age 17 | sourceRef: 18 | kind: GitRepository 19 | name: flux-system 20 | -------------------------------------------------------------------------------- /cluster/homelab/base/flux-system/gotk-sync.yaml: -------------------------------------------------------------------------------- 1 | # This manifest was generated by flux. DO NOT EDIT. 2 | --- 3 | apiVersion: source.toolkit.fluxcd.io/v1 4 | kind: GitRepository 5 | metadata: 6 | name: flux-system 7 | namespace: flux-system 8 | spec: 9 | interval: 1m0s 10 | ref: 11 | branch: master 12 | secretRef: 13 | name: flux-system 14 | url: ssh://git@github.com/Michaelpalacce/HomeLab 15 | --- 16 | apiVersion: kustomize.toolkit.fluxcd.io/v1 17 | kind: Kustomization 18 | metadata: 19 | name: flux-system 20 | namespace: flux-system 21 | spec: 22 | interval: 10m0s 23 | path: ./cluster/homelab/base 24 | prune: true 25 | sourceRef: 26 | kind: GitRepository 27 | name: flux-system 28 | -------------------------------------------------------------------------------- /cluster/homelab/base/flux-system/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - gotk-components.yaml 5 | - gotk-sync.yaml 6 | patchesStrategicMerge: 7 | - gotk-patch.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/base/helm.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.toolkit.fluxcd.io/v1 3 | kind: Kustomization 4 | metadata: 5 | name: helm 6 | namespace: flux-system 7 | spec: 8 | interval: 1h0s 9 | path: ./cluster/homelab/helm 10 | prune: true 11 | decryption: 12 | provider: sops 13 | secretRef: 14 | name: sops-age 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | -------------------------------------------------------------------------------- /cluster/homelab/configs/flux/alert.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: notification.toolkit.fluxcd.io/v1beta3 3 | kind: Alert 4 | metadata: 5 | name: discord-alert 6 | namespace: flux-system 7 | spec: 8 | providerRef: 9 | name: discord 10 | eventMetadata: 11 | summary: Cluster impacted 12 | env: homelab 13 | cluster: homelab 14 | eventSeverity: error 15 | eventSources: 16 | - kind: GitRepository 17 | name: '*' 18 | - kind: Kustomization 19 | name: '*' 20 | - kind: HelmRelease 21 | name: '*' 22 | -------------------------------------------------------------------------------- /cluster/homelab/configs/flux/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - notification.sops.yaml 6 | - alert.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/configs/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - flux 6 | - velero 7 | - metallb 8 | # Commented out to prevent accidental upgrades... turns out automated upgrades are a bad idea due to incompatibilities.One issue I ran into was with longhorn, which was not compatible with the latest version of k3s and resulted in a broken cluster that I had to recreate. 9 | # - system-upgrade 10 | -------------------------------------------------------------------------------- /cluster/homelab/configs/metallb/ip-pool.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: metallb.io/v1beta1 2 | kind: IPAddressPool 3 | metadata: 4 | name: first-pool 5 | namespace: metallb-system 6 | spec: 7 | addresses: 8 | - 192.168.1.5-192.168.1.19 9 | -------------------------------------------------------------------------------- /cluster/homelab/configs/metallb/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - ip-pool.yaml 6 | - l2-advertisement.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/configs/metallb/l2-advertisement.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: metallb.io/v1beta1 2 | kind: L2Advertisement 3 | metadata: 4 | name: default 5 | namespace: metallb-system 6 | -------------------------------------------------------------------------------- /cluster/homelab/configs/system-upgrade/README.md: -------------------------------------------------------------------------------- 1 | # Warning 2 | 3 | This is disabled since automatic updates may end up breaking something due to deprecations. -------------------------------------------------------------------------------- /cluster/homelab/configs/system-upgrade/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - plans/stable 6 | -------------------------------------------------------------------------------- /cluster/homelab/configs/system-upgrade/plans/latest/agent.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Agent plan 3 | apiVersion: upgrade.cattle.io/v1 4 | kind: Plan 5 | metadata: 6 | name: agent-plan 7 | namespace: system-upgrade 8 | spec: 9 | concurrency: 1 10 | cordon: true 11 | nodeSelector: 12 | matchExpressions: 13 | - key: node-role.kubernetes.io/master 14 | operator: DoesNotExist 15 | prepare: 16 | args: 17 | - prepare 18 | - server-plan 19 | image: rancher/k3s-upgrade 20 | serviceAccountName: system-upgrade 21 | upgrade: 22 | image: rancher/k3s-upgrade 23 | channel: https://update.k3s.io/v1-release/channels/latest -------------------------------------------------------------------------------- /cluster/homelab/configs/system-upgrade/plans/latest/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | spec: 5 | dependsOn: 6 | - name: core 7 | - name: helm 8 | resources: 9 | - agent.yaml 10 | - server.yaml -------------------------------------------------------------------------------- /cluster/homelab/configs/system-upgrade/plans/latest/server.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Server plan 3 | apiVersion: upgrade.cattle.io/v1 4 | kind: Plan 5 | metadata: 6 | name: server-plan 7 | namespace: system-upgrade 8 | spec: 9 | concurrency: 1 10 | cordon: true 11 | nodeSelector: 12 | matchExpressions: 13 | - key: node-role.kubernetes.io/master 14 | operator: In 15 | values: 16 | - "true" 17 | serviceAccountName: system-upgrade 18 | upgrade: 19 | image: rancher/k3s-upgrade 20 | channel: https://update.k3s.io/v1-release/channels/latest -------------------------------------------------------------------------------- /cluster/homelab/configs/system-upgrade/plans/stable/agent.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Agent plan 3 | apiVersion: upgrade.cattle.io/v1 4 | kind: Plan 5 | metadata: 6 | name: agent-plan 7 | namespace: system-upgrade 8 | spec: 9 | concurrency: 1 10 | cordon: true 11 | nodeSelector: 12 | matchExpressions: 13 | - key: node-role.kubernetes.io/master 14 | operator: DoesNotExist 15 | prepare: 16 | args: 17 | - prepare 18 | - server-plan 19 | image: rancher/k3s-upgrade 20 | serviceAccountName: system-upgrade 21 | upgrade: 22 | image: rancher/k3s-upgrade 23 | channel: https://update.k3s.io/v1-release/channels/stable -------------------------------------------------------------------------------- /cluster/homelab/configs/system-upgrade/plans/stable/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - agent.yaml 6 | - server.yaml -------------------------------------------------------------------------------- /cluster/homelab/configs/system-upgrade/plans/stable/server.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Server plan 3 | apiVersion: upgrade.cattle.io/v1 4 | kind: Plan 5 | metadata: 6 | name: server-plan 7 | namespace: system-upgrade 8 | spec: 9 | concurrency: 1 10 | cordon: true 11 | nodeSelector: 12 | matchExpressions: 13 | - key: node-role.kubernetes.io/master 14 | operator: In 15 | values: 16 | - "true" 17 | serviceAccountName: system-upgrade 18 | upgrade: 19 | image: rancher/k3s-upgrade 20 | channel: https://update.k3s.io/v1-release/channels/stable -------------------------------------------------------------------------------- /cluster/homelab/configs/velero/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - schedule.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/cgroup-gc/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: cgroup-gc 6 | namespace: cgroup-gc 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/cgroup-gc 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/cgroup-gc/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/cgroup-gc/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: cgroup-gc 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/kube-vip/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: kube-vip 6 | namespace: kube-vip 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | crds: CreateReplace 12 | remediation: 13 | retries: 3 14 | upgrade: 15 | crds: CreateReplace 16 | remediation: 17 | retries: 3 18 | chart: 19 | spec: 20 | chart: kube-vip 21 | version: 0.6.6 22 | interval: 1h 23 | sourceRef: 24 | kind: HelmRepository 25 | name: kube-vip 26 | namespace: flux-system 27 | values: 28 | image: 29 | repository: ghcr.io/kube-vip/kube-vip 30 | tag: "v0.9.1" 31 | env: 32 | lb_enable: "true" 33 | lb_port: "6443" 34 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/kube-vip/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/kube-vip/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: kube-vip 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/orphanedpodscleaner/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: orphanedpodscleaner 6 | namespace: orphanedpodscleaner 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: ./Helm/apps/orphanedpodscleaner 14 | reconcileStrategy: Revision 15 | sourceRef: 16 | kind: GitRepository 17 | name: flux-system 18 | namespace: flux-system 19 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/orphanedpodscleaner/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/orphanedpodscleaner/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: orphanedpodscleaner 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/trivy/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: trivy-operator 6 | namespace: trivy-system 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | upgrade: 12 | crds: CreateReplace 13 | remediation: 14 | retries: 3 15 | chart: 16 | spec: 17 | chart: trivy-operator 18 | version: 0.28.1 19 | interval: 1h 20 | sourceRef: 21 | kind: HelmRepository 22 | name: aqua 23 | namespace: flux-system 24 | values: 25 | podAnnotations: 26 | prometheus.io/port: "8080" 27 | prometheus.io/scrape: "true" 28 | trivy: 29 | ignoreUnfixed: true 30 | # targetWorkloads: "pod,statefulset,daemonset,replicaset,cronjob" 31 | # Targeting only my specific apps 32 | targetNamespaces: "website,go-ddns-controller" 33 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/trivy/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/core/archive/trivy/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: trivy-system 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/cert-manager/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: cert-manager 6 | namespace: cert-manager 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: cert-manager 14 | version: v1.17.2 15 | interval: 1h 16 | sourceRef: 17 | kind: HelmRepository 18 | name: cert-manager 19 | namespace: flux-system 20 | values: 21 | installCRDs: true 22 | deploymentAnnotations: 23 | certmanager.k8s.io/disable-validation: "true" 24 | -------------------------------------------------------------------------------- /cluster/homelab/core/cert-manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - secret.sops.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/core/cert-manager/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: cert-manager 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/cluster-critical/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - priority-classes.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/cluster-critical/priority-classes.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: scheduling.k8s.io/v1 3 | kind: PriorityClass 4 | metadata: 5 | name: default-priority 6 | value: 0 7 | globalDefault: true 8 | description: "Default priority of pods. Generally 0 is used without specifying it, but adding it for explicitness." 9 | 10 | --- 11 | apiVersion: scheduling.k8s.io/v1 12 | kind: PriorityClass 13 | metadata: 14 | name: general-priority 15 | value: 1000 16 | globalDefault: false 17 | description: "For general workload of apps that are not important." 18 | 19 | --- 20 | apiVersion: scheduling.k8s.io/v1 21 | kind: PriorityClass 22 | metadata: 23 | name: sensitive-priority 24 | value: 2000 25 | globalDefault: false 26 | description: "Related to my homelab or automation." 27 | 28 | --- 29 | apiVersion: scheduling.k8s.io/v1 30 | kind: PriorityClass 31 | metadata: 32 | name: critical-priority 33 | value: 3000 34 | globalDefault: false 35 | description: "Apps I don't want to go down." 36 | -------------------------------------------------------------------------------- /cluster/homelab/core/descheduler/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: descheduler 6 | namespace: kube-system 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | crds: CreateReplace 12 | remediation: 13 | retries: 3 14 | upgrade: 15 | crds: CreateReplace 16 | remediation: 17 | retries: 3 18 | chart: 19 | spec: 20 | chart: descheduler 21 | version: 0.33.0 22 | interval: 1h 23 | sourceRef: 24 | kind: HelmRepository 25 | name: descheduler 26 | namespace: flux-system 27 | -------------------------------------------------------------------------------- /cluster/homelab/core/descheduler/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/ingress-nginx/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - basic-auth.sops.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/core/ingress-nginx/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: ingress-nginx 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/kured/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.sops.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/core/kured/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: kured 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - cluster-critical 6 | - reflector 7 | - ingress-nginx 8 | - system-upgrade 9 | - longhorn-system 10 | - velero 11 | - cert-manager 12 | # - kured # Temporarily stopping this 13 | - descheduler 14 | - metallb 15 | -------------------------------------------------------------------------------- /cluster/homelab/core/longhorn-system/db-storageclass.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: storage.k8s.io/v1 3 | kind: StorageClass 4 | metadata: 5 | name: longhorn-db 6 | parameters: 7 | dataEngine: v1 8 | dataLocality: best-effort 9 | disableRevisionCounter: "true" 10 | fromBackup: "" 11 | fsType: ext4 12 | numberOfReplicas: "3" 13 | staleReplicaTimeout: "30" 14 | unmapMarkSnapChainRemoved: ignored 15 | provisioner: driver.longhorn.io 16 | reclaimPolicy: Retain 17 | volumeBindingMode: Immediate 18 | allowVolumeExpansion: true 19 | -------------------------------------------------------------------------------- /cluster/homelab/core/longhorn-system/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - np-patch.yaml 8 | - db-storageclass.yaml 9 | -------------------------------------------------------------------------------- /cluster/homelab/core/longhorn-system/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: longhorn-system 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/longhorn-system/np-patch.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: NetworkPolicy 4 | metadata: 5 | name: longhorn-ui-frontend 6 | namespace: longhorn-system 7 | spec: 8 | ingress: 9 | - from: 10 | - namespaceSelector: 11 | matchLabels: 12 | kubernetes.io/metadata.name: ingress-nginx 13 | podSelector: 14 | matchLabels: 15 | app.kubernetes.io/name: ingress-nginx 16 | ports: 17 | - port: 8000 18 | protocol: TCP 19 | - port: 80 20 | protocol: TCP 21 | podSelector: 22 | matchLabels: 23 | app: longhorn-ui 24 | policyTypes: 25 | - Ingress 26 | -------------------------------------------------------------------------------- /cluster/homelab/core/metallb/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: metallb 6 | namespace: metallb-system 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | upgrade: 12 | crds: CreateReplace 13 | remediation: 14 | retries: 3 15 | chart: 16 | spec: 17 | chart: metallb 18 | version: 0.14.9 19 | interval: 1h 20 | sourceRef: 21 | kind: HelmRepository 22 | name: metallb 23 | namespace: flux-system 24 | values: 25 | controller: 26 | image: 27 | repository: quay.io/metallb/controller 28 | tag: v0.14.9 29 | -------------------------------------------------------------------------------- /cluster/homelab/core/metallb/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/core/metallb/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: metallb-system 6 | labels: 7 | pod-security.kubernetes.io/enforce: privileged 8 | pod-security.kubernetes.io/audit: privileged 9 | pod-security.kubernetes.io/warn: privileged 10 | -------------------------------------------------------------------------------- /cluster/homelab/core/reflector/helm-release.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.toolkit.fluxcd.io/v2 3 | kind: HelmRelease 4 | metadata: 5 | name: reflector 6 | namespace: reflector 7 | spec: 8 | interval: 1h 9 | install: 10 | createNamespace: true 11 | chart: 12 | spec: 13 | chart: reflector 14 | version: 9.1.7 15 | interval: 1h 16 | sourceRef: 17 | kind: HelmRepository 18 | name: reflector 19 | namespace: flux-system 20 | values: 21 | livenessProbe: 22 | periodSeconds: 30 23 | readinessProbe: 24 | periodSeconds: 10 25 | -------------------------------------------------------------------------------- /cluster/homelab/core/reflector/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/core/reflector/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: reflector 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/rook-ceph/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/core/system-upgrade/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - https://github.com/rancher/system-upgrade-controller.git?ref=v0.15.2 # There is a kustomization spec inside of the git repo, may be good to monitor for new releases in the future 6 | images: 7 | - name: rancher/system-upgrade-controller 8 | newTag: v0.15.2 # overwrite since there is a newer version 9 | -------------------------------------------------------------------------------- /cluster/homelab/core/velero/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - namespace.yaml 7 | - secret.sops.yaml 8 | -------------------------------------------------------------------------------- /cluster/homelab/core/velero/namespace.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: velero 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/aqua/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/aqua/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: aqua 6 | namespace: flux-system 7 | spec: 8 | url: https://aquasecurity.github.io/helm-charts 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/authentik/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/authentik/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: authentik 6 | namespace: flux-system 7 | spec: 8 | url: https://charts.goauthentik.io 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/bjw-s/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/bjw-s/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: bjw-s 6 | namespace: flux-system 7 | spec: 8 | url: https://bjw-s-labs.github.io/helm-charts 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/botkube/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/botkube/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: botkube 6 | namespace: flux-system 7 | spec: 8 | url: https://charts.botkube.io 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/cert-manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/cert-manager/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: cert-manager 6 | namespace: flux-system 7 | spec: 8 | url: https://charts.jetstack.io 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/descheduler/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/descheduler/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: descheduler 6 | namespace: flux-system 7 | spec: 8 | url: https://kubernetes-sigs.github.io/descheduler/ 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/gabe565/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/gabe565/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: gabe565 6 | namespace: flux-system 7 | spec: 8 | url: https://charts.gabe565.com 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/go-ddns-controller/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/go-ddns-controller/repo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: source.toolkit.fluxcd.io/v1 2 | kind: GitRepository 3 | metadata: 4 | name: go-ddns-controller 5 | namespace: flux-system 6 | spec: 7 | interval: 1h 8 | url: https://github.com/Michaelpalacce/go-ddns-controller 9 | ref: 10 | branch: master 11 | -------------------------------------------------------------------------------- /cluster/homelab/helm/ingress-nginx/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/ingress-nginx/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: ingress-nginx 6 | namespace: flux-system 7 | spec: 8 | url: https://kubernetes.github.io/ingress-nginx 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/k8s-at-home/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/k8s-at-home/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: k8s-at-home 6 | namespace: flux-system 7 | spec: 8 | url: https://k8s-at-home.com/charts 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/kube-vip/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/kube-vip/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: kube-vip 6 | namespace: flux-system 7 | spec: 8 | url: https://kube-vip.github.io/helm-charts 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/kubereboot/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/kubereboot/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: kubereboot 6 | namespace: flux-system 7 | spec: 8 | url: https://kubereboot.github.io/charts 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - aqua 6 | - k8s-at-home 7 | - metrics-server 8 | - unofficial 9 | - longhorn-system 10 | - cert-manager 11 | - ingress-nginx 12 | - reflector 13 | - velero 14 | - botkube 15 | - kube-vip 16 | - kubereboot 17 | - oneuptime 18 | - descheduler 19 | - gabe565 20 | - searxng 21 | - go-ddns-controller 22 | - metallb 23 | - tika 24 | - maikumori 25 | - bjw-s 26 | - wger 27 | -------------------------------------------------------------------------------- /cluster/homelab/helm/longhorn-system/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - longhorn-repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/longhorn-system/longhorn-repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: longhorn-system 6 | namespace: flux-system 7 | spec: 8 | url: https://charts.longhorn.io 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/maikumori/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/maikumori/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: maikumori 6 | namespace: flux-system 7 | spec: 8 | url: https://maikumori.github.io/helm-charts 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/metallb/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/metallb/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: metallb 6 | namespace: flux-system 7 | spec: 8 | url: https://metallb.github.io/metallb 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/metrics-server/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/metrics-server/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: metrics-server 6 | namespace: flux-system 7 | spec: 8 | url: https://kubernetes-sigs.github.io/metrics-server/ 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/oneuptime/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/oneuptime/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: oneuptime 6 | namespace: flux-system 7 | spec: 8 | url: https://helm-chart.oneuptime.com/ 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/reflector/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/reflector/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: reflector 6 | namespace: flux-system 7 | spec: 8 | url: https://emberstack.github.io/helm-charts 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/rook/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/rook/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: rook-release 6 | namespace: flux-system 7 | spec: 8 | url: https://charts.rook.io/release 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/searxng/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/searxng/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: searxng 6 | namespace: flux-system 7 | spec: 8 | url: https://charts.searxng.org 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/tika/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/tika/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: tika 6 | namespace: flux-system 7 | spec: 8 | url: https://apache.jfrog.io/artifactory/tika 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/unofficial/jameswynn.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: homepage 6 | namespace: flux-system 7 | spec: 8 | url: https://jameswynn.github.io/helm-charts 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/unofficial/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - jameswynn.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/velero/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/velero/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: velero 6 | namespace: flux-system 7 | spec: 8 | url: https://vmware-tanzu.github.io/helm-charts 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/helm/wger/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - repo.yaml 6 | -------------------------------------------------------------------------------- /cluster/homelab/helm/wger/repo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: source.toolkit.fluxcd.io/v1 3 | kind: HelmRepository 4 | metadata: 5 | name: wger 6 | namespace: flux-system 7 | spec: 8 | url: https://wger-project.github.io/helm-charts 9 | interval: 10m 10 | -------------------------------------------------------------------------------- /cluster/homelab/storage/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - rook-ceph-cluster 6 | -------------------------------------------------------------------------------- /cluster/homelab/storage/rook-ceph-cluster/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - helm-release.yaml 6 | - ingress.yaml 7 | -------------------------------------------------------------------------------- /cluster/homelab/template.secret.yaml: -------------------------------------------------------------------------------- 1 | kind: Secret 2 | apiVersion: v1 3 | type: Opaque 4 | metadata: 5 | name: template 6 | namespace: default 7 | data: 8 | BOT_TOKEN: aHR0cHM6Ly93d3cueW91dHViZS5jb20vd2F0Y2g/dj1kUXc0dzlXZ1hjU 9 | -------------------------------------------------------------------------------- /docs/Longhorn.md: -------------------------------------------------------------------------------- 1 | # Increasing PVC/volume Size 2 | Longhorn requires a few manual steps to achieve this. 3 | 4 | ## Steps: 5 | 1. Stop all pods the volume is attached to 6 | 2. Increase size of volume 7 | 3. Go to Longhorn UI 8 | 4. Attach the volume in maintenance mode 9 | 5. Wait for the resizing to finish 10 | 6. Start all pods 11 | -------------------------------------------------------------------------------- /docs/SettingUpCertManager.md: -------------------------------------------------------------------------------- 1 | # Resource to read: 2 | https://blog.darkedges.com/2020/05/04/cert-manager-kubernetes-cloudflare-dns-update/ 3 | 4 | It describes how to generate the API token from cloudflare. -------------------------------------------------------------------------------- /docs/SettingUpRenovate.md: -------------------------------------------------------------------------------- 1 | # Setting up Renovate 2 | 3 | Renovate is installed as a Github App and periodically checks my repository for new versions of docker images / helm charts / etc 4 | and creates Pull Requests with the update. 5 | 6 | ## Steps: 7 | 1. Initial Renovate setup by following the official documentation 8 | 2. Follow instructions [here](https://github.com/renovatebot/github-action#special-token-requirements-when-using-the-github-actions-manager) 9 | --------------------------------------------------------------------------------