From 3d201842674627f45f64e00ad22185b84cb36954 Mon Sep 17 00:00:00 2001 From: Liana Date: Thu, 21 Nov 2024 23:26:45 -0600 Subject: [PATCH] --wip-- [skipci] --- .../apps/federated/kustomization.yaml | 6 + .../lianalabs/apps/federated/namespace.yaml | 7 ++ .../labs/homepage/app/resources/services.yaml | 56 +++++++++ .../lianalabs/apps/labs/kustomization.yaml | 1 + .../apps/labs/web-check/app/helmrelease.yaml | 84 +++++++++++++ .../labs/web-check/app/kustomization.yaml | 6 + .../lianalabs/apps/labs/web-check/ks.yaml | 26 ++++ .../lianalabs/apps/media/kustomization.yaml | 1 + .../apps/media/piped/app/helmrelease.yaml | 111 ++++++++++++++++++ .../apps/media/piped/app/kustomization.yaml | 8 ++ .../apps/media/piped/app/secret.sops.yaml | 31 +++++ kubernetes/lianalabs/apps/media/piped/ks.yaml | 26 ++++ .../apps/observability/kustomization.yaml | 1 + .../speedtest-tracker/app/helmrelease.yaml | 99 ++++++++++++++++ .../speedtest-tracker/app/kustomization.yaml | 6 + .../speedtest-tracker/app/secret.sops.yaml | 33 ++++++ .../observability/speedtest-tracker/ks.yaml | 26 ++++ .../flux/repositories/helm/piped.yaml | 10 ++ 18 files changed, 538 insertions(+) create mode 100644 kubernetes/lianalabs/apps/federated/kustomization.yaml create mode 100644 kubernetes/lianalabs/apps/federated/namespace.yaml create mode 100644 kubernetes/lianalabs/apps/labs/web-check/app/helmrelease.yaml create mode 100644 kubernetes/lianalabs/apps/labs/web-check/app/kustomization.yaml create mode 100644 kubernetes/lianalabs/apps/labs/web-check/ks.yaml create mode 100644 kubernetes/lianalabs/apps/media/piped/app/helmrelease.yaml create mode 100644 kubernetes/lianalabs/apps/media/piped/app/kustomization.yaml create mode 100644 kubernetes/lianalabs/apps/media/piped/app/secret.sops.yaml create mode 100644 kubernetes/lianalabs/apps/media/piped/ks.yaml create mode 100644 kubernetes/lianalabs/apps/observability/speedtest-tracker/app/helmrelease.yaml create mode 100644 kubernetes/lianalabs/apps/observability/speedtest-tracker/app/kustomization.yaml create mode 100644 kubernetes/lianalabs/apps/observability/speedtest-tracker/app/secret.sops.yaml create mode 100644 kubernetes/lianalabs/apps/observability/speedtest-tracker/ks.yaml create mode 100644 kubernetes/lianalabs/flux/repositories/helm/piped.yaml diff --git a/kubernetes/lianalabs/apps/federated/kustomization.yaml b/kubernetes/lianalabs/apps/federated/kustomization.yaml new file mode 100644 index 0000000..51fca06 --- /dev/null +++ b/kubernetes/lianalabs/apps/federated/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./namespace.yaml diff --git a/kubernetes/lianalabs/apps/federated/namespace.yaml b/kubernetes/lianalabs/apps/federated/namespace.yaml new file mode 100644 index 0000000..93ebf55 --- /dev/null +++ b/kubernetes/lianalabs/apps/federated/namespace.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: federated + labels: + kustomize.toolkit.fluxcd.io/prune: disabled diff --git a/kubernetes/lianalabs/apps/labs/homepage/app/resources/services.yaml b/kubernetes/lianalabs/apps/labs/homepage/app/resources/services.yaml index d9fba7e..24ab465 100644 --- a/kubernetes/lianalabs/apps/labs/homepage/app/resources/services.yaml +++ b/kubernetes/lianalabs/apps/labs/homepage/app/resources/services.yaml @@ -1,2 +1,58 @@ --- +- Network: + # - OPNsense: + # href: https://opnsense.${SECRET_OLD_DOMAIN} + # siteMonitor: https://opnsense.${SECRET_OLD_DOMAIN} + # icon: opnsense + # description: RSS feed + # widget: + # type: opnsense + # url: https://opnsense.${SECRET_OLD_DOMAIN} + # key: "{{HOMEPAGE_VAR_OPNSENSE_TOKEN}}" - Services: + - Miniflux: + href: https://rss.${SECRET_INTERNAL_DOMAIN} + siteMonitor: http://miniflux.labs.svc.cluster.local/healthcheck + icon: miniflux + description: RSS feed + widget: + type: miniflux + url: http://miniflux.labs.svc.cluster.local + key: "{{HOMEPAGE_VAR_MINIFLUX_TOKEN}}" +- Media: + - Jellyfin: + href: https://${SECRET_MEDIA_DOMAIN} + siteMonitor: https://${SECRET_MEDIA_DOMAIN} + icon: jellyfin + description: Media streaming + widget: + type: jellyfin + url: https://${SECRET_MEDIA_DOMAIN} + key: "{{HOMEPAGE_VAR_JELLYFIN_TOKEN}}" + - Jellyfin: + href: https://jellyseerr.${SECRET_MEDIA_DOMAIN} + siteMonitor: https://jellyseerr.${SECRET_MEDIA_DOMAIN} + icon: jellyseerr + description: Media requests + widget: + type: jellyseerr + url: https://jellyseerr.${SECRET_MEDIA_DOMAIN} + key: "{{HOMEPAGE_VAR_JELLYSEERR_TOKEN}}" + - Sonarr: + href: https://sonarr.${SECRET_MEDIA_DOMAIN} + siteMonitor: https://sonarr.${SECRET_MEDIA_DOMAIN} + icon: sonarr + description: TV + widget: + type: sonarr + url: https://sonarr.${SECRET_MEDIA_DOMAIN} + key: "{{HOMEPAGE_VAR_SONARR_TOKEN}}" + - Radarr: + href: https://radarr.${SECRET_MEDIA_DOMAIN} + siteMonitor: https://radarr.${SECRET_MEDIA_DOMAIN} + icon: radarr + description: Movies + widget: + type: radarr + url: https://radarr.${SECRET_MEDIA_DOMAIN} + key: "{{HOMEPAGE_VAR_RADARR_TOKEN}}" diff --git a/kubernetes/lianalabs/apps/labs/kustomization.yaml b/kubernetes/lianalabs/apps/labs/kustomization.yaml index 30fa837..c2168a9 100644 --- a/kubernetes/lianalabs/apps/labs/kustomization.yaml +++ b/kubernetes/lianalabs/apps/labs/kustomization.yaml @@ -13,3 +13,4 @@ resources: - ./cyberchef/ks.yaml - ./redlib/ks.yaml - ./linkding/ks.yaml + - ./web-check/ks.yaml diff --git a/kubernetes/lianalabs/apps/labs/web-check/app/helmrelease.yaml b/kubernetes/lianalabs/apps/labs/web-check/app/helmrelease.yaml new file mode 100644 index 0000000..503c68e --- /dev/null +++ b/kubernetes/lianalabs/apps/labs/web-check/app/helmrelease.yaml @@ -0,0 +1,84 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app web-check +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 3.5.1 + interval: 30m + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + values: + controllers: + web-check: + replicas: 1 + strategy: RollingUpdate + annotations: + reloader.stakater.com/auto: "true" + pod: + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + fsGroupChangePolicy: "OnRootMismatch" + containers: + app: + image: + repository: ghcr.io/lissy93/web-check + tag: latest@sha256:a2ae048b601c7d44ab148d746f5836ace7b4e8514ba8f905c4890b90635c62c5 + resources: + requests: + cpu: 5m + memory: 32Mi + limits: + memory: 256Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + service: + app: + controller: *app + ports: + http: + port: 80 + ingress: + app: + className: traefik + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" + gethomepage.dev/enabled: "true" + gethomepage.dev/group: Tools + gethomepage.dev/name: *app + gethomepage.dev/description: Web OSINT + gethomepage.dev/icon: web-check + hosts: + - host: &host "web-check.${SECRET_INTERNAL_DOMAIN}" + paths: + - path: / + service: + identifier: app + port: http + tls: + - secretName: web-check-tls + hosts: [*host] + persistence: + tmp: + type: emptyDir diff --git a/kubernetes/lianalabs/apps/labs/web-check/app/kustomization.yaml b/kubernetes/lianalabs/apps/labs/web-check/app/kustomization.yaml new file mode 100644 index 0000000..17cbc72 --- /dev/null +++ b/kubernetes/lianalabs/apps/labs/web-check/app/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./helmrelease.yaml diff --git a/kubernetes/lianalabs/apps/labs/web-check/ks.yaml b/kubernetes/lianalabs/apps/labs/web-check/ks.yaml new file mode 100644 index 0000000..ca06079 --- /dev/null +++ b/kubernetes/lianalabs/apps/labs/web-check/ks.yaml @@ -0,0 +1,26 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app web-check + namespace: flux-system +spec: + targetNamespace: labs + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: traefik + path: ./kubernetes/lianalabs/apps/labs/web-check/app + prune: true + sourceRef: + kind: GitRepository + name: k8s-gitops + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/lianalabs/apps/media/kustomization.yaml b/kubernetes/lianalabs/apps/media/kustomization.yaml index 51fca06..1deda68 100644 --- a/kubernetes/lianalabs/apps/media/kustomization.yaml +++ b/kubernetes/lianalabs/apps/media/kustomization.yaml @@ -4,3 +4,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./namespace.yaml + #- ./piped/ks.yaml diff --git a/kubernetes/lianalabs/apps/media/piped/app/helmrelease.yaml b/kubernetes/lianalabs/apps/media/piped/app/helmrelease.yaml new file mode 100644 index 0000000..32088eb --- /dev/null +++ b/kubernetes/lianalabs/apps/media/piped/app/helmrelease.yaml @@ -0,0 +1,111 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app piped + namespace: media +spec: + interval: 30m + chart: + spec: + chart: piped + version: 6.0.4 + sourceRef: + kind: HelmRepository + name: piped + namespace: flux-system + install: + createNamespace: true + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + crds: Skip + remediation: + strategy: rollback + retries: 3 + values: + postgresql: + enabled: false + frontend: + image: + repository: "docker.io/1337kavin/piped-frontend" + tag: "latest" + pullPolicy: Always + env: + BACKEND_HOSTNAME: &api api.yt.${SECRET_INTERNAL_DOMAIN} + TZ: ${TIMEZONE} + + backend: + image: + repository: docker.io/1337kavin/piped + pullPolicy: "Always" + initContainers: + 01-init-db: + image: + repository: ghcr.io/onedr0p/postgres-init + tag: "16" + imagePullPolicy: IfNotPresent + envFrom: + - secretRef: + name: &secret piped-secret + podAnnotations: + configmap.reloader.stakater.com/reload: "piped-backend-config" + env: + TZ: ${TIMEZONE} + config: + PORT: 8080 + HTTP_WORKERS: 4 + PROXY_PART: &proxy https://proxy.yt.${SECRET_INTERNAL_DOMAIN} + # DISABLE_REGISTRATION: false + database: + secret: + name: *secret + connection_url: CONNECTION_URL + username: INIT_POSTGRES_USER + password: INIT_POSTGRES_PASS + ingress: + main: + enabled: true + ingressClassName: traefik + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" + gethomepage.dev/enabled: "true" + gethomepage.dev/group: Tools + gethomepage.dev/name: Piped + gethomepage.dev/description: YouTube client + gethomepage.dev/icon: mdi-youtube + hosts: + - host: &host yt.${SECRET_INTERNAL_DOMAIN} + paths: + - path: "/" + tls: + - secretName: piped-frontend-tls + hosts: + - *host + backend: + enabled: true + ingressClassName: traefik + annotations: + hajimari.io/enable: "false" + hosts: + - host: *api + paths: + - path: "/" + tls: + - secretName: piped-api-tls + hosts: + - *api + ytproxy: + enabled: true + ingressClassName: traefik + annotations: + hajimari.io/enable: "false" + hosts: + - host: &proxy proxy.yt.${SECRET_INTERNAL_DOMAIN} + paths: + - path: "/" + tls: + - secretName: piped-proxy-tls + hosts: + - *proxy diff --git a/kubernetes/lianalabs/apps/media/piped/app/kustomization.yaml b/kubernetes/lianalabs/apps/media/piped/app/kustomization.yaml new file mode 100644 index 0000000..5ae7a45 --- /dev/null +++ b/kubernetes/lianalabs/apps/media/piped/app/kustomization.yaml @@ -0,0 +1,8 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./secret.sops.yaml + - ./helmrelease.yaml + - ../../../database/cloudnative-pg/app/secret.sops.yaml diff --git a/kubernetes/lianalabs/apps/media/piped/app/secret.sops.yaml b/kubernetes/lianalabs/apps/media/piped/app/secret.sops.yaml new file mode 100644 index 0000000..a89c9c0 --- /dev/null +++ b/kubernetes/lianalabs/apps/media/piped/app/secret.sops.yaml @@ -0,0 +1,31 @@ +# yamllint disable +kind: Secret +apiVersion: v1 +type: Opaque +metadata: + name: piped-secret +stringData: + INIT_POSTGRES_USER: ENC[AES256_GCM,data:PClMpCo=,iv:WswYV4g8v6yC9BBc+mRwqaW7uBlLYpB/IQP0/9Xa8uU=,tag:/4UO3l/iYn2G6tWsd/J7EA==,type:str] + INIT_POSTGRES_PASS: null + DATABASE_URL: ENC[AES256_GCM,data:qubN/jEvkx3VtuYvNJcihullUJWUYmISs2/vlQOSqQLhmq2fTbXLIb1loKFmpt9XK/za17EZRKh/cAHOEePR1nvpXcflULyMf89i8+7P0UxtOtVmEJEHDaCpGw==,iv:V5cfvsj12SVUjwZsNjM4RpMB7pnWUFr3ncfT6vNeDoU=,tag:HXUs60lmP9zanDABDJxRlA==,type:str] + CONNECTION_URL: ENC[AES256_GCM,data:Ml4MIn1tcLLbd9woL0wVPAem/MvGq5ZeUVo4XFeJt7iZsZxZInNk4ZlhP3hNQD7Tp4qoQvXatA6YToe6,iv:bFZSz0cFBnzCU56g12Usx6gfm9NHrxnPikVQPuUEI4A=,tag:Fr3kgiADMHUDDeAILoyUDQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age19nu7uf8dageqlmzk23x7vl24fpn0l7cq20l3l4xxf2sk2xd5h98qss437p + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBORHlmdTRudXlhQ0xwb1hv + QVZJMFhPUWJmOU5xZXdwbFhVdWxJTTdxSUdJCjdxYTVZU2ltTFMySkV6cFdqd0hH + VmlYUTRtQmh4L3dUb1gzNDY5Zlk3aG8KLS0tIG83ZVpwQk5pMSswMTRHczk3NTdF + YkI2MTZLamFIOTUyOUx2ZlZOVGw3b3cKzgoAlWBy9DBWFt3SJ6IJa5d1haTNEEmP + bY3ypNKP1yj0MFLDTfqnI3HtE8yRi93z551b2jFy8cViVUXlWzMWtA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-11-19T00:27:03Z" + mac: ENC[AES256_GCM,data:A1H/pyFlWoypT6NA69pUNDTxN3oI/pWuSQjmcvqytfDW/d9B1wbT2JuCa7KZu5P6FUC2cMk7y7gU8rj+g3WF6vPcGQm3bPXJJ0OX2ingztf/041gkZwooxaQTqOpZbsnbpDl3vGI1gnIwQuW18XqFVye34LxgdMmqf/9HsxQYPQ=,iv:KpBhyabXFD67gL33H7xGu0bzrZAkqMmIvMV/GkLbD5g=,tag:toFR3GZiRtZoPR4nPrph6g==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.9.1 diff --git a/kubernetes/lianalabs/apps/media/piped/ks.yaml b/kubernetes/lianalabs/apps/media/piped/ks.yaml new file mode 100644 index 0000000..5cd2035 --- /dev/null +++ b/kubernetes/lianalabs/apps/media/piped/ks.yaml @@ -0,0 +1,26 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app piped + namespace: flux-system +spec: + targetNamespace: media + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: traefik + path: ./kubernetes/lianalabs/apps/media/piped/app + prune: true + sourceRef: + kind: GitRepository + name: k8s-gitops + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/lianalabs/apps/observability/kustomization.yaml b/kubernetes/lianalabs/apps/observability/kustomization.yaml index 333472d..04993c3 100644 --- a/kubernetes/lianalabs/apps/observability/kustomization.yaml +++ b/kubernetes/lianalabs/apps/observability/kustomization.yaml @@ -7,4 +7,5 @@ resources: - ./kube-prometheus-stack/ks.yaml - ./loki/ks.yaml - ./netshoot/ks.yaml + - ./speedtest-tracker/ks.yaml #- ./gatus/ks.yaml diff --git a/kubernetes/lianalabs/apps/observability/speedtest-tracker/app/helmrelease.yaml b/kubernetes/lianalabs/apps/observability/speedtest-tracker/app/helmrelease.yaml new file mode 100644 index 0000000..07225a6 --- /dev/null +++ b/kubernetes/lianalabs/apps/observability/speedtest-tracker/app/helmrelease.yaml @@ -0,0 +1,99 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app speedtest-tracker +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 3.5.1 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + values: + controllers: + speedtest-tracker: + annotations: + reloader.stakater.com/auto: "true" + initContainers: + init-db: + image: + repository: ghcr.io/onedr0p/postgres-init + tag: 16 + env: + INIT_POSTGRES_DBNAME: speedtest + INIT_POSTGRES_HOST: postgres-1-rw.database.svc.cluster.local + INIT_POSTGRES_SUPER_PASS: + valueFrom: + secretKeyRef: + name: cloudnative-pg-secret + key: password + envFrom: &envFrom + - secretRef: + name: &secret speedtest-tracker-secret + containers: + app: + image: + repository: lscr.io/linuxserver/speedtest-tracker + tag: 0.22.0@sha256:207b6fefe8b3f616bfe5f277302dee9d4998b0a3de4a2d06e2dc3df1bffaef94 + env: + TZ: ${TIMEZONE} + DB_CONNECTION: pgsql + SPEEDTEST_SCHEDULE: "45 */3 * * *" + PRUNE_RESULTS_OLDER_THAN: 120 + envFrom: + - secretRef: + name: *secret + resources: + requests: + cpu: 10m + memory: 50Mi + limits: + memory: 256Mi + service: + app: + controller: *app + ports: + http: + port: 80 + ingress: + app: + className: internal + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" + gethomepage.dev/enabled: "true" + gethomepage.dev/icon: speedtest-tracker + gethomepage.dev/name: Speedtest + gethomepage.dev/description: Speedtest tracking + gethomepage.dev/group: Services + hosts: + - host: &host "speedtest.${SECRET_INTERNAL_DOMAIN}" + paths: + - path: / + pathType: Prefix + service: + identifier: app + port: http + tls: + - secretName: speedtest-tracker-tls + hosts: [*host] + persistence: + config: + storageClass: local-nvme + accessMode: ReadWriteOnce + size: 1Gi + retain: true + globalMounts: + - path: /config diff --git a/kubernetes/lianalabs/apps/observability/speedtest-tracker/app/kustomization.yaml b/kubernetes/lianalabs/apps/observability/speedtest-tracker/app/kustomization.yaml new file mode 100644 index 0000000..17cbc72 --- /dev/null +++ b/kubernetes/lianalabs/apps/observability/speedtest-tracker/app/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./helmrelease.yaml diff --git a/kubernetes/lianalabs/apps/observability/speedtest-tracker/app/secret.sops.yaml b/kubernetes/lianalabs/apps/observability/speedtest-tracker/app/secret.sops.yaml new file mode 100644 index 0000000..d29c35e --- /dev/null +++ b/kubernetes/lianalabs/apps/observability/speedtest-tracker/app/secret.sops.yaml @@ -0,0 +1,33 @@ +# yamllint disable +apiVersion: v1 +kind: Secret +metadata: + name: speedtest-tracker-secret + namespace: observability +stringData: + BUCKET_NAME: + APP_KEY: ENC[AES256_GCM,data:KLk9CrFHyfJLX9gVPPjcBWXjh2f4Sv7ZJsvrnJvhhm0UkSgR6AKY8/DUmyEtDfSweGsm/3/13k3KNXjht9Xrsg==,iv:a+TwhZtf5DVM7e2qdgpaoY279apsy4WAuCGrteDa9gA=,tag:K+rGviCYWVnWPuzXgNPZoQ==,type:str] + DB_HOST: ENC[AES256_GCM,data:9/rH2n72MjrdA5u95qrybGK5YsKGIYlK5ePCCywsXApQOPxkK+YXQg==,iv:UVy8r3ZzdHIHTk4MIRv/NwtimK4KAADnV060TEXhOjM=,tag:lTutgg1jSAKZI9F1apul1Q==,type:str] + DB_DATABASE: ENC[AES256_GCM,data:v9carOYTXYc9,iv:SA373oy4vjrnjltVn6J3ktVnU0bgeYgVtAvJsU3H9Fk=,tag:COiiaprT+1lYqWaaITucBg==,type:str] + DB_USERNAME: ENC[AES256_GCM,data:fGnl1w6Yr/my,iv:J+fE7HwEFCu+Lm8zGfMtqqJNHmvq3cM1O73zZ4IKjdo=,tag:tTO84hVZdGfPVw0ZpO1m7w==,type:str] + DB_PASSWORD: ENC[AES256_GCM,data:Bz9E4Ge6GqoD4ZhUSTj4KyqDsyI8ynA+iwNsn9wdZJ4=,iv:KMkfjgHmKnIiy/6jwW5gPX9ioQ8jmdWKm0Pko8qGk3I=,tag:deVLOF4X6XeF74oGWO4S8w==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age19nu7uf8dageqlmzk23x7vl24fpn0l7cq20l3l4xxf2sk2xd5h98qss437p + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPdnh0U09wNkdJc0pIUGk0 + ZUlNcUJWYTlYK01jK0dFb2lFeEQ3bGMvWmpFCjVWZTZaNndrRmFHL3FSRlVza08v + TDVjd2JwdFNoeWhGbk9jbXpMeFNzdVUKLS0tIDd0ejk5d2Q0WDE1bVowc1FoT3d4 + MkMyZU1LaUdEY0hWeTQ5Y1Z5SHRmOEkKcyrtxQhkm3tq9mU0KavMcYmK+mfn15NO + u92dp/8S+sIeqoQw9zIHNvncOj/iUhivfT4YFYXzx4m6i1G4ksg31g== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-11-22T05:16:08Z" + mac: ENC[AES256_GCM,data:pMchoLdhKd8IEmRT/+qdk6hJ5QwUPRPYkURb0x/w8YC3ixkZzKNrfa6ZPYWSyUrGSwMh7WSxmaXaG0uMg9ndNxCFr4F0Nk4ujU2trCgVky+EmeBAypEiZpxtl5bJnVk9HTs/y6iXKFnGe9PMh2sqWiPwPPD11Rw8FaktCoE+Vmk=,iv:r3cMfia9G9stf9Fm2573qRABGfWN7yEwN96RgVxq1hA=,tag:IBZsJdxXR2mqKp1FIBw5Mw==,type:str] + pgp: [] + encrypted_regex: ^(data|stringData)$ + version: 3.9.1 diff --git a/kubernetes/lianalabs/apps/observability/speedtest-tracker/ks.yaml b/kubernetes/lianalabs/apps/observability/speedtest-tracker/ks.yaml new file mode 100644 index 0000000..f62a2b6 --- /dev/null +++ b/kubernetes/lianalabs/apps/observability/speedtest-tracker/ks.yaml @@ -0,0 +1,26 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app speedtest-tracker + namespace: flux-system +spec: + targetNamespace: observability + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: traefik + path: ./kubernetes/lianalabs/apps/observability/speedtest-tracker/app + prune: true + sourceRef: + kind: GitRepository + name: k8s-gitops + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app diff --git a/kubernetes/lianalabs/flux/repositories/helm/piped.yaml b/kubernetes/lianalabs/flux/repositories/helm/piped.yaml new file mode 100644 index 0000000..355c832 --- /dev/null +++ b/kubernetes/lianalabs/flux/repositories/helm/piped.yaml @@ -0,0 +1,10 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/source.toolkit.fluxcd.io/helmrepository_v1.json +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: piped + namespace: flux-system +spec: + interval: 1h + url: https://helm.piped.video