Showing preview only (1,910K chars total). Download the full file or copy to clipboard to get everything.
Repository: Michaelpalacce/HomeLab
Branch: master
Commit: 23607982daba
Files: 523
Total size: 1.7 MB
Directory structure:
gitextract_h1nphho3/
├── .github/
│ ├── CODEOWNERS
│ ├── ISSUE_TEMPLATE/
│ │ ├── bug-report.md
│ │ ├── feature-request.md
│ │ └── question.md
│ ├── PULL_REQUEST_TEMPLATE.md
│ ├── linters/
│ │ ├── .markdownlint.yaml
│ │ ├── .prettierignore
│ │ ├── .prettierrc.yaml
│ │ ├── .tflint.hcl
│ │ └── .yamllint.yaml
│ ├── renovate.json5
│ └── workflows/
│ ├── dependency.yaml
│ └── lint.yaml
├── .gitignore
├── .gitmodules
├── Helm/
│ └── apps/
│ ├── changedetection/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── cyberchef/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── diagrams/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── firefly/
│ │ ├── .helmignore
│ │ ├── CHANGELOG.md
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── firefly-bot-deployment.yaml
│ │ │ ├── firefly-pvc.yaml
│ │ │ └── gateway-api.yaml
│ │ └── values.yaml
│ ├── foldingathome/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── gateway-api.yaml
│ │ │ └── statefulset.yaml
│ │ └── values.yaml
│ ├── freshrss/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── homebox/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── it-tools/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── pdb.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── linkwarden/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── mazanoke/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── mealie/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── service.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── media/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── flaresolverr.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kavita.yaml
│ │ │ ├── media-pvc.yaml
│ │ │ ├── overseer.yaml
│ │ │ ├── prowlarr.yaml
│ │ │ ├── radarr.yaml
│ │ │ ├── sonarr.yaml
│ │ │ └── transmission.yaml
│ │ └── values.yaml
│ ├── n8n/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── nodered/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── nodered-pvc.yaml
│ │ └── values.yaml
│ ├── openbooks/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── reactiveresume/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── storage/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── gateway-api.yaml
│ │ │ ├── storage-pvc.yaml
│ │ │ └── syncthing.yaml
│ │ └── values.yaml
│ ├── uptimekuma/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── uptime-kuma-pvc.yaml
│ │ └── values.yaml
│ ├── vikunja/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── wallabag/
│ │ ├── .helmignore
│ │ ├── CHANGELOG.md
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── database.yaml
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── pdb.yaml
│ │ │ ├── service.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ └── website/
│ ├── .helmignore
│ ├── CHANGELOG.md
│ ├── Chart.yaml
│ ├── README.md
│ ├── templates/
│ │ ├── deployment.yaml
│ │ ├── gateway-api.yaml
│ │ ├── pdb.yaml
│ │ └── service.yaml
│ └── values.yaml
├── README.md
├── TODOS.md
├── ansible/
│ ├── hosts/
│ │ ├── group_vars/
│ │ │ ├── master/
│ │ │ │ └── k3s-config.yaml
│ │ │ └── workers/
│ │ │ └── k3s-config.yaml
│ │ └── inventory
│ └── playbooks/
│ └── install/
│ ├── files/
│ │ ├── allContainerLogs
│ │ ├── cleanUpOrphanedPods.py
│ │ ├── cniLogs
│ │ ├── multipath.conf
│ │ └── podLogs
│ ├── main.yml
│ ├── requirements.yml
│ └── vars/
│ └── main.yml
├── cluster/
│ └── homelab/
│ ├── age.agekey.public
│ ├── apps/
│ │ ├── adminer/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── service.yaml
│ │ ├── bentopdf/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── service.yaml
│ │ ├── cert-manager/
│ │ │ ├── issuer.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── wildcard-certificate.yaml
│ │ ├── changedetection/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── cyberchef/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── diagrams/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── firefly/
│ │ │ ├── cnpg.yaml
│ │ │ ├── gateway-api.sensitive.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── foldingathome/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── freshrss/
│ │ │ ├── cnpg.yaml
│ │ │ ├── gateway-api.sops.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── garden/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ ├── pdb.yaml
│ │ │ └── service.yaml
│ │ ├── go-ddns-controller/
│ │ │ ├── configMaps.sops.yaml
│ │ │ ├── git-repo-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ ├── notifier.yaml
│ │ │ ├── provider.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── gotenberg/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── homebox/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── homepage/
│ │ │ ├── gateway-api.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── homepage-config.sops.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── it-tools/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── koffan/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ ├── secret.sops.yaml
│ │ │ ├── service.yaml
│ │ │ └── storage.yaml
│ │ ├── kustomization.yaml
│ │ ├── linkwarden/
│ │ │ ├── cnpg.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── mazanoke/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── mealie/
│ │ │ ├── gateway-api.sops.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── media/
│ │ │ ├── gateway-api.sops.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── shelfmark/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── service.yaml
│ │ │ └── storage.yaml
│ │ ├── n8n/
│ │ │ ├── cnpg.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── networking-toolbox/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── service.yaml
│ │ ├── nodered/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── observeability/
│ │ │ ├── helm-release.sensitive.sops.yaml
│ │ │ ├── kubernetes-server-metrics.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── loki-helm-release.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── trivy.yaml
│ │ ├── openbooks/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── paperless-ngx/
│ │ │ ├── gateway-api.sensitive.yaml
│ │ │ ├── helm-release.yaml
│ │ │ └── kustomization.yaml
│ │ ├── reactiveresume/
│ │ │ ├── cnpg.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── replacedby/
│ │ │ ├── database.yaml
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── service.yaml
│ │ ├── storage/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── tika/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── uptimekuma/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── vikunja/
│ │ │ ├── cnpg.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── wallabag/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ └── website/
│ │ ├── helm-release.yaml
│ │ ├── kustomization.yaml
│ │ ├── namespace.yaml
│ │ └── secret.sops.yaml
│ ├── base/
│ │ ├── .sops.yaml
│ │ ├── apps.yaml
│ │ ├── configs.yaml
│ │ ├── core.yaml
│ │ ├── crds.yaml
│ │ ├── flux-system/
│ │ │ ├── gotk-components.yaml
│ │ │ ├── gotk-patch.yaml
│ │ │ ├── gotk-sync.yaml
│ │ │ └── kustomization.yaml
│ │ ├── helm.yaml
│ │ └── terraform.yaml
│ ├── configs/
│ │ ├── flux/
│ │ │ ├── alert.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── notification.sops.yaml
│ │ ├── istio/
│ │ │ ├── external-gateway-adygenova.yaml
│ │ │ ├── external-gateway-replacedby.yaml
│ │ │ ├── external-gateway.yaml
│ │ │ ├── internal-gateway.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── kustomization.yaml
│ │ ├── kyverno/
│ │ │ ├── cleanup-empty-replicasets.yaml
│ │ │ ├── default-network-policy.yaml
│ │ │ ├── disallow-default.yaml
│ │ │ ├── disallow-helm-tiller.yaml
│ │ │ ├── disallow-latest-tag.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── inject-image-pull-secrets.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── no-privileged.yaml
│ │ │ ├── require-drop-all.yaml
│ │ │ ├── restrict-node-port.yaml
│ │ │ └── restrict-service-external-ips.yaml
│ │ ├── metallb/
│ │ │ ├── ip-pool.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── l2-advertisement.yaml
│ │ ├── system-upgrade/
│ │ │ ├── README.md
│ │ │ ├── kustomization.yaml
│ │ │ └── plans/
│ │ │ ├── latest/
│ │ │ │ ├── agent.yaml
│ │ │ │ ├── kustomization.yaml
│ │ │ │ └── server.yaml
│ │ │ └── stable/
│ │ │ ├── agent.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── server.yaml
│ │ └── velero/
│ │ ├── kustomization.yaml
│ │ └── schedule.yaml
│ ├── core/
│ │ ├── archive/
│ │ │ ├── cgroup-gc/
│ │ │ │ ├── helm-release.yaml
│ │ │ │ ├── kustomization.yaml
│ │ │ │ └── namespace.yaml
│ │ │ └── kube-vip/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── cert-manager/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── cluster-critical/
│ │ │ ├── kustomization.yaml
│ │ │ └── priority-classes.yaml
│ │ ├── cnpg/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── descheduler/
│ │ │ ├── helm-release.yaml
│ │ │ └── kustomization.yaml
│ │ ├── istio/
│ │ │ ├── cni-helm-release.yaml
│ │ │ ├── control-plane-helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── ztunnel-helm-release.yaml
│ │ ├── kured/
│ │ │ ├── helm-release.sops.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── kustomization.yaml
│ │ ├── kyverno/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── longhorn-system/
│ │ │ ├── db-storageclass.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── mariadb-operator/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── metallb/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── reflector/
│ │ │ ├── helm-release.yaml
│ │ │ ├── image_pull_secret.sops.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── rook-ceph/
│ │ │ ├── helm-release.yaml
│ │ │ └── kustomization.yaml
│ │ ├── system-upgrade/
│ │ │ └── kustomization.yaml
│ │ ├── tofu-controller/
│ │ │ ├── helm-release.yaml
│ │ │ └── kustomization.yaml
│ │ ├── trivy/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ └── velero/
│ │ ├── helm-release.yaml
│ │ ├── kustomization.yaml
│ │ ├── namespace.yaml
│ │ └── secret.sops.yaml
│ ├── crds/
│ │ ├── external-snapshotter/
│ │ │ ├── crds.yaml
│ │ │ └── kustomization.yaml
│ │ ├── gateway-api/
│ │ │ ├── crds.yaml
│ │ │ └── kustomization.yaml
│ │ ├── istio/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── kustomization.yaml
│ │ └── mariadb-operator/
│ │ ├── helm-release.yaml
│ │ ├── kustomization.yaml
│ │ └── namespace.yaml
│ ├── helm/
│ │ ├── aqua/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── bjw-s/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── cert-manager/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── cnpg/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── descheduler/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── gabe565/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── go-ddns-controller/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── istio/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── k8s-at-home/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── kube-vip/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── kubereboot/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── kustomization.yaml
│ │ ├── kyverno/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── longhorn-system/
│ │ │ ├── kustomization.yaml
│ │ │ └── longhorn-repo.yaml
│ │ ├── maikumori/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── mariadb-operator/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── metallb/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── metrics-server/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── observability/
│ │ │ ├── kube-prometheus-stack.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── loki-stack.yaml
│ │ ├── reflector/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── rook/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── tika/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── tofu-controller/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── unofficial/
│ │ │ ├── jameswynn.yaml
│ │ │ └── kustomization.yaml
│ │ ├── velero/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ └── wger/
│ │ ├── kustomization.yaml
│ │ └── repo.yaml
│ ├── storage/
│ │ ├── kustomization.yaml
│ │ └── rook-ceph-cluster/
│ │ ├── helm-release.yaml
│ │ └── kustomization.yaml
│ ├── template.secret.yaml
│ └── terraform/
│ ├── homelab-iac-secrets.sops.yaml
│ ├── homelab-iac.yaml
│ └── kustomization.yaml
├── docs/
│ ├── Backups.md
│ ├── Flux.md
│ ├── Getting Started.md
│ ├── Longhorn.md
│ ├── SettingUpCertManager.md
│ ├── SettingUpRenovate.md
│ ├── Sops.md
│ ├── Troubleshooting.md
│ └── tofu.md
├── local/
│ └── docker-compose.yaml
└── upgrades/
└── v1.35.0+k3s1.yaml
================================================
FILE CONTENTS
================================================
================================================
FILE: .github/CODEOWNERS
================================================
# https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
* @Michaelpalacce
================================================
FILE: .github/ISSUE_TEMPLATE/bug-report.md
================================================
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: kind/bug
assignees: ''
---
# Details
**What steps did you take and what happened:**
<!-- Note: This should be a clear and concise description of what the bug is. -->
**What did you expect to happen:**
**Anything else you would like to add:**
<!-- Note: Miscellaneous information that will assist in solving the issue. -->
**Additional Information:**
<!-- Note: Anything to give further context to the bug report. -->
================================================
FILE: .github/ISSUE_TEMPLATE/feature-request.md
================================================
---
name: Feature request
about: Suggest an idea for this project
title: ''
labels: kind/enhancement
assignees: ''
---
# Details
**Describe the solution you'd like:**
<!-- Note: A clear and concise description of what you want to happen. -->
**Anything else you would like to add:**
<!-- Note: Miscellaneous information that will assist in solving the issue. -->
**Additional Information:**
<!-- Note: Anything to give further context to the requested new feature. -->
================================================
FILE: .github/ISSUE_TEMPLATE/question.md
================================================
---
name: Question
about: Ask a question to the maintainer
title: ''
labels: kind/question
assignees: ''
---
# Details
**Ask your question:**
<!-- Note: A clear and concise query of what you want to ask. -->
<!-- Besides asking here, you can also ask in the following Discussion board or Discord -->
<!-- Discussion board: https://github.com/k8s-at-home/charts/discussions -->
<!-- Discord: https://discord.gg/sTMX7Vh -->
================================================
FILE: .github/PULL_REQUEST_TEMPLATE.md
================================================
**Description of the change**
<!-- Describe the scope of your change - i.e. what the change does. -->
**Benefits**
<!-- What benefits will be realized by the code change? -->
**Possible drawbacks**
<!-- Describe any known limitations with your change -->
**Applicable issues**
<!-- Enter any applicable Issues here (You can reference an issue using #) -->
- fixes #
**Additional information**
<!-- If there's anything else that's important and relevant to your pull request, mention that information here.-->
================================================
FILE: .github/linters/.markdownlint.yaml
================================================
---
default: true
# MD013/line-length - Line length
MD013:
# Number of characters
line_length: 240
# Number of characters for headings
heading_line_length: 80
# Number of characters for code blocks
code_block_line_length: 80
# Include code blocks
code_blocks: true
# Include tables
tables: true
# Include headings
headings: true
# Include headings
headers: true
# Strict length checking
strict: false
# Stern length checking
stern: false
================================================
FILE: .github/linters/.prettierignore
================================================
*.sops.*
gotk-components.yaml
================================================
FILE: .github/linters/.prettierrc.yaml
================================================
---
trailingComma: es5
tabWidth: 2
semi: false
singleQuote: false
================================================
FILE: .github/linters/.tflint.hcl
================================================
================================================
FILE: .github/linters/.yamllint.yaml
================================================
---
ignore: |
gotk-*.yaml
*jenkins*
extends: default
rules:
truthy: false
comments:
min-spaces-from-content: 1
line-length: disable
hyphens: disable
braces:
min-spaces-inside: 0
max-spaces-inside: 1
brackets:
min-spaces-inside: 0
max-spaces-inside: 0
indentation:
spaces: consistent
================================================
FILE: .github/renovate.json5
================================================
{
extends: [
':enableRenovate',
'config:recommended',
':disableRateLimiting',
':dependencyDashboard',
':semanticCommits',
':separatePatchReleases',
'docker:enableMajor',
],
enabled: true,
semanticCommits: 'enabled',
dependencyDashboard: true,
dependencyDashboardTitle: 'Renovate Dashboard',
suppressNotifications: [
],
rebaseWhen: 'conflicted',
ignoreDeps: [
'ghcr.io/fluxcd/helm-controller',
'ghcr.io/fluxcd/image-automation-controller',
'ghcr.io/fluxcd/image-reflector-controller',
'ghcr.io/fluxcd/kustomize-controller',
'ghcr.io/fluxcd/notification-controller',
'ghcr.io/fluxcd/source-controller',
],
'pre-commit': {
enabled: true,
},
flux: {
managerFilePatterns: [
'/cluster/.+\\.ya?ml$/',
],
},
'helm-values': {
managerFilePatterns: [
'/cluster/.+\\.ya?ml$/',
],
},
kubernetes: {
managerFilePatterns: [
'/cluster/.+\\.ya?ml$/',
],
},
customManagers: [
{
customType: 'regex',
managerFilePatterns: [
'/cluster/.+\\.ya?ml$/',
],
matchStrings: [
'reference:\\s*(?<depName>[^\\s:]+):(?<currentValue>[^\\s\\n]+)',
],
datasourceTemplate: 'docker',
},
{
customType: 'regex',
managerFilePatterns: [
'/cluster/.+\\.ya?ml$/',
],
matchStrings: [
'registryUrl=(?<registryUrl>.*?)\n *chart: (?<depName>.*?)\n *version: (?<currentValue>.*)\n',
],
datasourceTemplate: 'helm',
},
{
customType: 'regex',
managerFilePatterns: [
'/cluster/crds/cert-manager/.+\\.ya?ml$/',
],
matchStrings: [
'registryUrl=(?<registryUrl>.*?) chart=(?<depName>.*?)\n.*\\/(?<currentValue>.*?)\\/',
],
datasourceTemplate: 'helm',
},
],
packageRules: [
{
matchDatasources: [
'helm',
],
separateMinorPatch: true,
ignoreDeprecated: true,
},
{
matchDatasources: [
'docker',
],
enabled: true,
commitMessageTopic: 'container image {{depName}}',
commitMessageExtra: 'to {{#if isSingleVersion}}v{{{newVersion}}}{{else}}{{{newValue}}}{{/if}}',
matchUpdateTypes: [
'major',
'minor',
'patch',
],
},
{
matchDatasources: [
'docker',
],
matchUpdateTypes: [
'major',
],
labels: [
'renovate/image',
'dep/major',
],
},
{
matchDatasources: [
'docker',
],
matchUpdateTypes: [
'minor',
],
labels: [
'renovate/image',
'dep/minor',
],
automerge: true,
},
{
matchDatasources: [
'docker',
],
matchUpdateTypes: [
'patch',
],
labels: [
'renovate/image',
'dep/patch',
],
automerge: true,
},
{
matchDatasources: [
'helm',
],
matchUpdateTypes: [
'major',
],
labels: [
'renovate/helm',
'dep/major',
],
automerge: false,
},
{
matchDatasources: [
'helm',
],
matchUpdateTypes: [
'minor',
],
labels: [
'renovate/helm',
'dep/minor',
],
automerge: true,
},
{
matchDatasources: [
'helm',
],
matchUpdateTypes: [
'patch',
],
labels: [
'renovate/helm',
'dep/patch',
],
automerge: true,
},
],
}
================================================
FILE: .github/workflows/dependency.yaml
================================================
name: 'Dependency Review'
on:
pull_request:
permissions:
contents: read
jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: 'Dependency Review'
uses: actions/dependency-review-action@v4
================================================
FILE: .github/workflows/lint.yaml
================================================
---
name: Lint
on: # yamllint disable-line rule:truthy
workflow_dispatch:
pull_request:
branches:
- master
env:
# Currently no way to detect automatically
DEFAULT_BRANCH: master
jobs:
build:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
fetch-depth: 0
- name: Lint
uses: github/super-linter/slim@v7
env:
VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'workflow_dispatch' }}
DEFAULT_BRANCH: "${{ env.DEFAULT_BRANCH }}"
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
MARKDOWN_CONFIG_FILE: .markdownlint.yaml
TERRAFORM_TFLINT_CONFIG_FILE: .tflint.hcl
YAML_CONFIG_FILE: .yamllint.yaml
KUBERNETES_KUBEVAL_OPTIONS: --ignore-missing-schemas
================================================
FILE: .gitignore
================================================
.idea
TestingEnv
output/
.secret
testing
ansible/playbooks/restore/files/backup
velero-credentials
temp
*.tfvars
*.tfstate.backup
.terraform
docker-data
================================================
FILE: .gitmodules
================================================
[submodule "HomeLab-IaC"]
path = HomeLab-IaC
url = https://github.com/Michaelpalacce/HomeLab-IaC.git
================================================
FILE: Helm/apps/changedetection/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/changedetection/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install changedetection
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: changedetection
type: application
version: 2.0.0
================================================
FILE: Helm/apps/changedetection/README.md
================================================
This chart is used to install changedetection
================================================
FILE: Helm/apps/changedetection/templates/deployment.yaml
================================================
---
{{- with .Values.changedetection }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: changedetection
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: changedetection
app.kubernetes.io/name: changedetection
spec:
strategy:
rollingUpdate:
maxUnavailable: 0
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: changedetection
app.kubernetes.io/name: changedetection
template:
metadata:
annotations:
backup.velero.io/backup-volumes: data-config
labels:
app.kubernetes.io/instance: changedetection
app.kubernetes.io/name: changedetection
spec:
containers:
- name: browserless
image: {{ .playwright.image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
ports:
- name: browserless
containerPort: {{ .playwright.port }}
env:
- name: DEFAULT_LAUNCH_ARGS
value: "--window-size=1920.1080"
resources:
limits:
memory: 2Gi
volumeMounts:
- name: shm-empty-playwright
mountPath: /dev/shm
livenessProbe:
failureThreshold: 10
initialDelaySeconds: 30
tcpSocket:
port: {{ .playwright.port }}
timeoutSeconds: 2
startupProbe:
failureThreshold: 20
timeoutSeconds: 2
tcpSocket:
port: {{ .playwright.port }}
- name: selenium
image: {{ .selenium.image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
ports:
- name: selenium
containerPort: {{ .selenium.port }}
resources:
limits:
memory: 2Gi
volumeMounts:
- name: shm-empty
mountPath: /dev/shm
livenessProbe:
failureThreshold: 10
initialDelaySeconds: 30
tcpSocket:
port: {{ .selenium.port }}
timeoutSeconds: 2
startupProbe:
failureThreshold: 20
timeoutSeconds: 2
tcpSocket:
port: {{ .selenium.port }}
- name: changedetection
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: data-config
mountPath: /datastore
env:
- name: PUID
value: "1000"
- name: PGID
value: "1000"
- name: TZ
value: "Europe/Sofia"
- name: BASE_URL
value: "{{ .baseUrl }}"
- name: WEBDRIVER_URL
value: "http://localhost:{{ .selenium.port }}/wd/hub"
- name: PLAYWRIGHT_DRIVER_URL
value: "ws://localhost:{{ .playwright.port }}/?stealth=1&--disable-web-security=true"
livenessProbe:
failureThreshold: 10
initialDelaySeconds: 30
tcpSocket:
port: {{ .port }}
timeoutSeconds: 2
startupProbe:
failureThreshold: 20
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
restartPolicy: Always
volumes:
- name: data-config
persistentVolumeClaim:
claimName: changedetection-pvc
- name: shm-empty
emptyDir:
medium: Memory
- name: shm-empty-playwright
emptyDir:
medium: Memory
---
apiVersion: v1
kind: Service
metadata:
name: changedetection
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: changedetection
app.kubernetes.io/name: changedetection
ports:
- name: changedetection
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/changedetection/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: changedetection-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Monitors changes to websites
gethomepage.dev/group: Automation
gethomepage.dev/icon: changedetection
gethomepage.dev/name: ChangeDetection.io
gethomepage.dev/widget.type: changedetectionio
gethomepage.dev/widget.url: https://changedetection.sgenov.dev
gethomepage.dev/widget.key: 24f82bd47ffef64b0b533239ad38d945 # yeah, it's public, but it's not so secret
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "changedetection.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: changedetection
port: {{ .Values.changedetection.port }}
================================================
FILE: Helm/apps/changedetection/templates/storage.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: changedetection-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.configSize }}
================================================
FILE: Helm/apps/changedetection/values.yaml
================================================
---
changedetection:
image: dgtlmoon/changedetection.io:0.55.3
port: 5000
baseUrl: changedetection.sgenov.dev
resources:
requests:
cpu: 10m
memory: 125Mi
selenium:
image: selenium/standalone-chrome-debug:3.141.59
port: 4444
playwright:
image: browserless/chrome:1.61-chrome-stable
port: 3000
storage:
configSize: 1Gi
================================================
FILE: Helm/apps/cyberchef/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/cyberchef/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install cyberchef
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: cyberchef
type: application
version: 3.0.0
================================================
FILE: Helm/apps/cyberchef/README.md
================================================
This chart is used to install cyberchef.
================================================
FILE: Helm/apps/cyberchef/templates/deployment.yaml
================================================
---
{{- with .Values.cyberchef }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: cyberchef
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: cyberchef
app.kubernetes.io/name: cyberchef
spec:
strategy:
rollingUpdate:
maxUnavailable: 0
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: cyberchef
app.kubernetes.io/name: cyberchef
template:
metadata:
labels:
app.kubernetes.io/instance: cyberchef
app.kubernetes.io/name: cyberchef
spec:
containers:
- name: cyberchef
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 30
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
startupProbe:
failureThreshold: 5
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
restartPolicy: Always
{{- end }}
================================================
FILE: Helm/apps/cyberchef/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: cyberchef-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Swiss Army Knife of the internet
gethomepage.dev/group: Tools
gethomepage.dev/icon: cyberchef
gethomepage.dev/name: CyberChef
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "cyberchef.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: cyberchef
port: {{ .Values.cyberchef.port }}
================================================
FILE: Helm/apps/cyberchef/templates/service.yaml
================================================
---
{{- with .Values.cyberchef }}
apiVersion: v1
kind: Service
metadata:
name: cyberchef
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: cyberchef
app.kubernetes.io/name: cyberchef
ports:
- name: cyberchef
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/cyberchef/values.yaml
================================================
---
cyberchef:
image: mpepping/cyberchef:v10.24.0
port: 8000
resources:
requests:
cpu: 10m
memory: 50Mi
================================================
FILE: Helm/apps/diagrams/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/diagrams/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install diagrams
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: diagrams
type: application
version: 4.0.0
================================================
FILE: Helm/apps/diagrams/README.md
================================================
This chart is used to install diagrams.
Diagrams or draw.io is a free online diagram software for making flowcharts,
process diagrams, org charts, UML, etc
================================================
FILE: Helm/apps/diagrams/templates/deployment.yaml
================================================
---
{{- with .Values.diagrams }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: diagrams
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: diagrams
app.kubernetes.io/name: diagrams
spec:
replicas: 1
strategy:
rollingUpdate:
maxUnavailable: 0
selector:
matchLabels:
app.kubernetes.io/instance: diagrams
app.kubernetes.io/name: diagrams
template:
metadata:
labels:
app.kubernetes.io/instance: diagrams
app.kubernetes.io/name: diagrams
spec:
containers:
- name: diagrams
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
restartPolicy: Always
{{- end }}
================================================
FILE: Helm/apps/diagrams/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: diagrams-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Make diagrams in your browser
gethomepage.dev/group: Tools
gethomepage.dev/icon: draw-io
gethomepage.dev/name: Diagrams
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "diagrams.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: diagrams
port: {{ .Values.diagrams.port }}
================================================
FILE: Helm/apps/diagrams/templates/service.yaml
================================================
---
{{- with .Values.diagrams }}
apiVersion: v1
kind: Service
metadata:
name: diagrams
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: diagrams
app.kubernetes.io/name: diagrams
ports:
- name: diagrams
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/diagrams/values.yaml
================================================
---
diagrams:
image: jgraph/drawio:29.7.9
port: 8080
resources:
requests:
cpu: 10m
memory: 10Mi
================================================
FILE: Helm/apps/firefly/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/firefly/CHANGELOG.md
================================================
#### [v4.0.0]
- Better Selector
#### [v3.0.0]
* Added firefly-iii-bot
#### [V2.0.0]
* Added simplesecrets
#### [V1.1.0]
* New Version
* Removed NodePort
#### [V1.0.0]
* Initial Deployment
================================================
FILE: Helm/apps/firefly/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install firefly
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: firefly
type: application
version: 4.0.0
================================================
FILE: Helm/apps/firefly/README.md
================================================
This chart is used to install firefly
================================================
FILE: Helm/apps/firefly/templates/deployment.yaml
================================================
---
{{- with .Values.firefly }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: firefly
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: firefly
app.kubernetes.io/name: firefly
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: firefly
app.kubernetes.io/name: firefly
template:
metadata:
annotations:
backup.velero.io/backup-volumes: data
labels:
app.kubernetes.io/instance: firefly
app.kubernetes.io/name: firefly
spec:
containers:
- name: firefly
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
privileged: false
allowPrivilegeEscalation: false
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: data
mountPath: /var/www/html/storage
env:
- name: PUID
value: "1000"
- name: PGID
value: "1000"
- name: TZ
value: "Europe/Sofia"
- name: DB_USERNAME
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: username
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: password
- name: DB_DATABASE
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: dbname
- name: DB_HOST
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: host
- name: DB_PORT
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: port
- name: DB_CONNECTION
value: pgsql
- name: APP_KEY
valueFrom:
secretKeyRef:
name: app
key: key
- name: APP_URL
value: "{{ .appUrl }}"
- name: TRUSTED_PROXIES
value: "**"
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 30
timeoutSeconds: 5
httpGet:
path: /login
port: {{ .port }}
startupProbe:
failureThreshold: 10
timeoutSeconds: 5
httpGet:
path: /login
port: {{ .port }}
restartPolicy: Always
volumes:
- name: data
persistentVolumeClaim:
claimName: firefly-pvc
---
apiVersion: v1
kind: Service
metadata:
name: firefly
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: firefly
app.kubernetes.io/name: firefly
ports:
- name: web
protocol: TCP
port: 80
targetPort: 8080
{{- end }}
================================================
FILE: Helm/apps/firefly/templates/firefly-bot-deployment.yaml
================================================
---
{{- with .Values.fireflybot }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: fireflybot
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: fireflybot
app.kubernetes.io/name: fireflybot
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: fireflybot
app.kubernetes.io/name: fireflybot
template:
metadata:
annotations:
backup.velero.io/backup-volumes: sessions
labels:
app.kubernetes.io/instance: fireflybot
app.kubernetes.io/name: fireflybot
spec:
containers:
- name: fireflybot
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
privileged: false
allowPrivilegeEscalation: false
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
volumeMounts:
- name: sessions
mountPath: /home/node/app/sessions
envFrom:
- secretRef:
name: bot-env
restartPolicy: Always
volumes:
- name: sessions
persistentVolumeClaim:
claimName: firefly-bot-pvc
{{- end }}
================================================
FILE: Helm/apps/firefly/templates/firefly-pvc.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: firefly-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.configSize }}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: firefly-bot-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.botSessionSize }}
================================================
FILE: Helm/apps/firefly/templates/gateway-api.yaml
================================================
# ---
# apiVersion: gateway.networking.k8s.io/v1
# kind: HTTPRoute
# metadata:
# name: firefly-external
# namespace: {{ $.Release.Namespace }}
# spec:
# parentRefs:
# - name: external
# namespace: istio-gateway
# hostnames:
# - "firefly.sgenov.dev"
# rules:
# - matches:
# - path:
# type: PathPrefix
# value: /
# backendRefs:
# - name: firefly
# port: 80
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: firefly-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "firefly.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: firefly
port: 80
================================================
FILE: Helm/apps/firefly/values.yaml
================================================
---
firefly:
image: fireflyiii/core:version-6.2.10
port: 8080
appUrl: https://firefly.sgenov.dev
resources:
requests:
cpu: 500m
memory: 2Gi
fireflybot:
image: cyxou/firefly-iii-telegram-bot:v2.3.1
resources:
requests:
cpu: 200m
memory: 500Mi
storage:
configSize: 5Gi
botSessionSize: 2Gi
================================================
FILE: Helm/apps/foldingathome/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/foldingathome/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install foldingathome
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: foldingathome
type: application
version: 3.1.0
================================================
FILE: Helm/apps/foldingathome/README.md
================================================
This chart is used to install foldingathome
================================================
FILE: Helm/apps/foldingathome/templates/gateway-api.yaml
================================================
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: foldingathome-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "foldingathome.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: foldingathome
port: {{ .Values.foldingathome.port }}
================================================
FILE: Helm/apps/foldingathome/templates/statefulset.yaml
================================================
---
{{- with .Values.foldingathome }}
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: foldingathome
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: foldingathome
app.kubernetes.io/name: foldingathome
spec:
serviceName: foldingathome
replicas: {{ .replicas }}
selector:
matchLabels:
app.kubernetes.io/instance: foldingathome
app.kubernetes.io/name: foldingathome
template:
metadata:
annotations:
backup.velero.io/backup-volumes: app-config
labels:
app.kubernetes.io/instance: foldingathome
app.kubernetes.io/name: foldingathome
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/instance: foldingathome
app.kubernetes.io/name: foldingathome
topologyKey: kubernetes.io/hostname
restartPolicy: Always
containers:
- name: foldingathome
image: {{ .image }}
imagePullPolicy: IfNotPresent
{{- if .resources }}
resources:
{{ toYaml .resources | indent 12 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: app-config
mountPath: /config
env:
- name: PUID
value: "1000"
- name: PGID
value: "1000"
- name: TZ
value: "Europe/Sofia"
- name: MACHINE_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
envFrom:
- secretRef:
name: app
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 60
timeoutSeconds: 5
tcpSocket:
port: {{ .port }}
startupProbe:
failureThreshold: 5
initialDelaySeconds: 10
tcpSocket:
port: {{ .port }}
volumeClaimTemplates:
- metadata:
name: app-config
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ $.Values.storage.configSize | default "1Gi" }}
---
apiVersion: v1
kind: Service
metadata:
name: foldingathome
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: foldingathome
app.kubernetes.io/name: foldingathome
ports:
- name: foldingathome
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/foldingathome/values.yaml
================================================
---
foldingathome:
image: lscr.io/linuxserver/foldingathome:8.5.5
port: 7396
replicas: 0 # One for each server
resources:
requests:
cpu: 200m
memory: 200Mi
limits:
cpu: 2
memory: 1Gi
storage:
configSize: 1Gi
================================================
FILE: Helm/apps/freshrss/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/freshrss/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install freshrss
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: freshrss
type: application
version: 3.1.0
================================================
FILE: Helm/apps/freshrss/README.md
================================================
This chart is used to install freshrss
================================================
FILE: Helm/apps/freshrss/templates/deployment.yaml
================================================
---
{{- with .Values.freshrss }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: freshrss
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: freshrss
app.kubernetes.io/name: freshrss
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: freshrss
app.kubernetes.io/name: freshrss
template:
metadata:
annotations:
backup.velero.io/backup-volumes: app-config
labels:
app.kubernetes.io/instance: freshrss
app.kubernetes.io/name: freshrss
spec:
containers:
- name: freshrss
image: {{ .image }}
imagePullPolicy: IfNotPresent
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: app-config
mountPath: /config
env:
- name: PUID
value: "1000"
- name: PGID
value: "1000"
- name: TZ
value: "Europe/Sofia"
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 60
timeoutSeconds: 5
tcpSocket:
port: {{ .port }}
startupProbe:
failureThreshold: 5
initialDelaySeconds: 10
tcpSocket:
port: {{ .port }}
restartPolicy: Always
volumes:
- name: app-config
persistentVolumeClaim:
claimName: freshrss-pvc
---
apiVersion: v1
kind: Service
metadata:
name: freshrss
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: freshrss
app.kubernetes.io/name: freshrss
ports:
- name: freshrss
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/freshrss/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: freshrss-external
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: external
namespace: istio-gateway
hostnames:
- "freshrss.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: freshrss
port: {{ .Values.freshrss.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: freshrss-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "freshrss.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: freshrss
port: {{ .Values.freshrss.port }}
================================================
FILE: Helm/apps/freshrss/templates/storage.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: freshrss-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.configSize }}
================================================
FILE: Helm/apps/freshrss/values.yaml
================================================
---
freshrss:
image: lscr.io/linuxserver/freshrss:1.28.1
port: 80
resources:
requests:
cpu: 200m
memory: 200Mi
storage:
configSize: 1Gi
================================================
FILE: Helm/apps/homebox/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/homebox/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install homebox
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: homebox
type: application
version: 2.0.0
================================================
FILE: Helm/apps/homebox/README.md
================================================
This chart is used to install homebox
================================================
FILE: Helm/apps/homebox/templates/deployment.yaml
================================================
---
{{- with .Values.homebox }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: homebox
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: homebox
app.kubernetes.io/name: homebox
spec:
replicas: {{ .replicas }}
selector:
matchLabels:
app.kubernetes.io/instance: homebox
app.kubernetes.io/name: homebox
template:
metadata:
annotations:
backup.velero.io/backup-volumes: data
labels:
app.kubernetes.io/instance: homebox
app.kubernetes.io/name: homebox
spec:
containers:
- name: homebox
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
env:
- name: HBOX_LOG_LEVEL
value: "info"
- name: HBOX_LOG_FORMAT
value: "json"
- name: HBOX_WEB_MAX_UPLOAD_SIZE
value: "100"
- name: HBOX_ALLOW_REGISTRATION
value: "true"
volumeMounts:
- mountPath: /data
name: data
livenessProbe:
failureThreshold: 2
initialDelaySeconds: 60
periodSeconds: 10
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
startupProbe:
failureThreshold: 10
periodSeconds: 5
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
restartPolicy: Always
volumes:
- name: data
persistentVolumeClaim:
claimName: data-pvc
---
apiVersion: v1
kind: Service
metadata:
name: homebox
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: homebox
app.kubernetes.io/name: homebox
ports:
- name: homebox
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/homebox/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: homebox-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Home Inventory
gethomepage.dev/group: Storage
gethomepage.dev/icon: homebox
gethomepage.dev/name: Homebox
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "homebox.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: homebox
port: {{ .Values.homebox.port }}
================================================
FILE: Helm/apps/homebox/templates/storage.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.dataSize }}
================================================
FILE: Helm/apps/homebox/values.yaml
================================================
---
homebox:
image: ghcr.io/hay-kot/homebox:v0.10.3
port: 7745
replicas: 1
resources:
requests:
cpu: 10m
memory: 50Mi
storage:
dataSize: 2Gi
================================================
FILE: Helm/apps/it-tools/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/it-tools/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install it-tools
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: it-tools
type: application
version: 2.0.0
================================================
FILE: Helm/apps/it-tools/README.md
================================================
This chart is used to install it-tools.
================================================
FILE: Helm/apps/it-tools/templates/deployment.yaml
================================================
---
{{- with .Values.ittools }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: it-tools
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: it-tools
app.kubernetes.io/name: it-tools
spec:
replicas: {{ .replicas }}
strategy:
rollingUpdate:
maxUnavailable: 0
selector:
matchLabels:
app.kubernetes.io/instance: it-tools
app.kubernetes.io/name: it-tools
template:
metadata:
labels:
app.kubernetes.io/instance: it-tools
app.kubernetes.io/name: it-tools
spec:
containers:
- name: it-tools
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
add:
- CHOWN
- SETGID
- SETUID
drop:
- ALL
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
restartPolicy: Always
{{- end }}
================================================
FILE: Helm/apps/it-tools/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: it-tools-external
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: external
namespace: istio-gateway
hostnames:
- "it-tools.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: it-tools
port: {{ .Values.ittools.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: it-tools-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Usefull tools for IT professionals
gethomepage.dev/group: Tools
gethomepage.dev/icon: it-tools
gethomepage.dev/name: IT Tools
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "it-tools.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: it-tools
port: {{ .Values.ittools.port }}
================================================
FILE: Helm/apps/it-tools/templates/pdb.yaml
================================================
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: it-tools
spec:
minAvailable: 1
selector:
matchLabels:
app.kubernetes.io/instance: it-tools
app.kubernetes.io/name: it-tools
================================================
FILE: Helm/apps/it-tools/templates/service.yaml
================================================
---
{{- with .Values.ittools }}
apiVersion: v1
kind: Service
metadata:
name: it-tools
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: it-tools
app.kubernetes.io/name: it-tools
ports:
- name: it-tools
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/it-tools/values.yaml
================================================
---
ittools:
replicas: 1
image: ghcr.io/corentinth/it-tools:nightly # The project doesn't have good docker tag hygiene
port: 80
resources:
requests:
cpu: 10m
memory: 10Mi
================================================
FILE: Helm/apps/linkwarden/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/linkwarden/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install linkwarden
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: linkwarden
type: application
version: 1.0.0
================================================
FILE: Helm/apps/linkwarden/README.md
================================================
This chart is used to install linkwarden
================================================
FILE: Helm/apps/linkwarden/templates/deployment.yaml
================================================
---
{{- with .Values.linkwarden }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: linkwarden
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: linkwarden
app.kubernetes.io/name: linkwarden
spec:
replicas: {{ .replicas }}
selector:
matchLabels:
app.kubernetes.io/instance: linkwarden
app.kubernetes.io/name: linkwarden
template:
metadata:
annotations:
backup.velero.io/backup-volumes: data-config
labels:
app.kubernetes.io/instance: linkwarden
app.kubernetes.io/name: linkwarden
spec:
containers:
- name: linkwarden
image: {{ .image }}
imagePullPolicy: IfNotPresent
env:
- name: "NEXT_PUBLIC_DISABLE_REGISTRATION"
value: "true"
- name: "DATABASE_URL"
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: fqdn-uri
envFrom:
- secretRef:
name: app
securityContext:
privileged: false
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
add:
- CHOWN
- SETUID
- SETGID
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: data-config
mountPath: /data/data
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 60
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
startupProbe:
failureThreshold: 10
initialDelaySeconds: 10
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
restartPolicy: Always
volumes:
- name: data-config
persistentVolumeClaim:
claimName: linkwarden-pvc
---
apiVersion: v1
kind: Service
metadata:
name: linkwarden
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: linkwarden
app.kubernetes.io/name: linkwarden
ports:
- name: linkwarden
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/linkwarden/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: linkwarden-external
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: external
namespace: istio-gateway
hostnames:
- "linkwarden.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: linkwarden
port: {{ .Values.linkwarden.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: linkwarden-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Bookmarks
gethomepage.dev/group: Knowledge
gethomepage.dev/icon: linkwarden
gethomepage.dev/name: Linkwarden
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "linkwarden.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: linkwarden
port: {{ .Values.linkwarden.port }}
================================================
FILE: Helm/apps/linkwarden/templates/storage.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: linkwarden-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.configSize }}
================================================
FILE: Helm/apps/linkwarden/values.yaml
================================================
---
linkwarden:
replicas: 1
image: ghcr.io/linkwarden/linkwarden:v2.14.1
port: 3000
resources:
requests:
cpu: 10m
memory: 256Mi
storage:
configSize: 25Gi
================================================
FILE: Helm/apps/mazanoke/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/mazanoke/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install mazanoke
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: mazanoke
type: application
version: 2.0.0
================================================
FILE: Helm/apps/mazanoke/README.md
================================================
This chart is used to install mazanoke.
================================================
FILE: Helm/apps/mazanoke/templates/deployment.yaml
================================================
---
{{- with .Values.mazanoke }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: mazanoke
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: mazanoke
app.kubernetes.io/name: mazanoke
spec:
replicas: 1
strategy:
rollingUpdate:
maxUnavailable: 0
selector:
matchLabels:
app.kubernetes.io/instance: mazanoke
app.kubernetes.io/name: mazanoke
template:
metadata:
labels:
app.kubernetes.io/instance: mazanoke
app.kubernetes.io/name: mazanoke
spec:
containers:
- name: mazanoke
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
add:
- CHOWN
- NET_BIND_SERVICE
- SETGID
- SETUID
drop:
- ALL
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
restartPolicy: Always
{{- end }}
================================================
FILE: Helm/apps/mazanoke/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: mazanoke-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Image Optimzier
gethomepage.dev/group: Tools
gethomepage.dev/icon: https://raw.githubusercontent.com/civilblur/mazanoke/refs/heads/main/favicon.ico
gethomepage.dev/name: Mazanoke
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "mazanoke.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: mazanoke
port: {{ .Values.mazanoke.port }}
================================================
FILE: Helm/apps/mazanoke/templates/service.yaml
================================================
---
{{- with .Values.mazanoke }}
apiVersion: v1
kind: Service
metadata:
name: mazanoke
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: mazanoke
app.kubernetes.io/name: mazanoke
ports:
- name: mazanoke
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/mazanoke/values.yaml
================================================
---
mazanoke:
image: ghcr.io/civilblur/mazanoke:v1.1.5
port: 80
resources:
requests:
cpu: 10m
memory: 10Mi
================================================
FILE: Helm/apps/mealie/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/mealie/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install mealie
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: mealie
type: application
version: 2.0.0
================================================
FILE: Helm/apps/mealie/README.md
================================================
This chart is used to install mealie
================================================
FILE: Helm/apps/mealie/templates/deployment.yaml
================================================
---
{{- with .Values.mealie }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: mealie
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: mealie
app.kubernetes.io/name: mealie
spec:
strategy:
rollingUpdate:
maxUnavailable: 0
replicas: {{ .replicas }}
selector:
matchLabels:
app.kubernetes.io/instance: mealie
app.kubernetes.io/name: mealie
template:
metadata:
annotations:
backup.velero.io/backup-volumes: data
labels:
app.kubernetes.io/instance: mealie
app.kubernetes.io/name: mealie
spec:
containers:
- name: mealie
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
add:
- CHOWN
- SETUID
- SETGID
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
env:
- name: PUID
value: "1000"
- name: GUID
value: "1000"
- name: TZ
value: "Europe/Sofia"
- name: MAX_WORKERS
value: "1"
- name: WEB_CONCURRENCY
value: "1"
- name: BASE_URL
value: "{{ .baseUrl }}"
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: data
mountPath: /app/data
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 60
successThreshold: 1
tcpSocket:
port: {{ .port }}
timeoutSeconds: 2
startupProbe:
failureThreshold: 10
successThreshold: 1
tcpSocket:
port: {{ .port }}
timeoutSeconds: 2
restartPolicy: Always
volumes:
- name: data
persistentVolumeClaim:
claimName: data-pvc
{{- end }}
================================================
FILE: Helm/apps/mealie/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: mealie-external
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: external
namespace: istio-gateway
hostnames:
- "mealie.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: mealie
port: {{ .Values.mealie.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: mealie-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "mealie.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: mealie
port: {{ .Values.mealie.port }}
================================================
FILE: Helm/apps/mealie/templates/service.yaml
================================================
{{- with .Values.mealie }}
apiVersion: v1
kind: Service
metadata:
name: mealie
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: mealie
app.kubernetes.io/name: mealie
ports:
- name: web
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/mealie/templates/storage.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.dataSize }}
================================================
FILE: Helm/apps/mealie/values.yaml
================================================
---
mealie:
replicas: 1
image: ghcr.io/mealie-recipes/mealie:v3.16.0
port: 9000
baseUrl: https://mealie.sgenov.dev
resources:
requests:
cpu: 10m
memory: 50Mi
storage:
dataSize: 2Gi
================================================
FILE: Helm/apps/media/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/media/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install different media services
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: media
type: application
version: 9.0.0
================================================
FILE: Helm/apps/media/README.md
================================================
This chart is used to install different media components.
Since I use sonarr a lot, and it's the only one struggling really, there is an automatic backup solution in place, that will copy over files
to an emptyDir, rather than using longhorn... this is a fix since longhorn is actually not the best, since it uses NFS ...
================================================
FILE: Helm/apps/media/templates/flaresolverr.yaml
================================================
---
{{- with .Values.flaresolverr }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: flaresolverr
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: flaresolverr
app.kubernetes.io/name: flaresolverr
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: flaresolverr
app.kubernetes.io/name: flaresolverr
template:
metadata:
labels:
app.kubernetes.io/instance: flaresolverr
app.kubernetes.io/name: flaresolverr
spec:
containers:
- name: flaresolverr
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
privileged: false
allowPrivilegeEscalation: false
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
env:
- name: LOG_LEVEL
value: INFO
ports:
- name: web
containerPort: {{ .port }}
livenessProbe:
failureThreshold: 2
initialDelaySeconds: 30
timeoutSeconds: 2
httpGet:
path: /
port: {{ .port }}
startupProbe:
failureThreshold: 5
timeoutSeconds: 2
httpGet:
path: /
port: {{ .port }}
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
name: flaresolverr
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: flaresolverr
app.kubernetes.io/name: flaresolverr
ports:
- name: flaresolverr
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/media/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: flaresolverr-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "flaresolverr.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: flaresolverr
port: {{ .Values.flaresolverr.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: sonarr-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "sonarr.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: sonarr
port: {{ .Values.sonarr.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: kavita-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "kavita.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: kavita
port: {{ .Values.kavita.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: prowlarr-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "prowlarr.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: prowlarr
port: {{ .Values.prowlarr.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: radarr-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "radarr.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: radarr
port: {{ .Values.radarr.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: overseerr-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "overseerr.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: overseerr
port: {{ .Values.overseerr.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: transmission-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "transmission.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: transmission
port: {{ .Values.transmission.port }}
================================================
FILE: Helm/apps/media/templates/kavita.yaml
================================================
---
{{- with .Values.kavita }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: kavita
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: kavita
app.kubernetes.io/name: kavita
spec:
strategy:
type: Recreate
replicas: {{ .replicas }}
selector:
matchLabels:
app.kubernetes.io/instance: kavita
app.kubernetes.io/name: kavita
template:
metadata:
annotations:
backup.velero.io/backup-volumes: config-data
labels:
app.kubernetes.io/instance: kavita
app.kubernetes.io/name: kavita
spec:
containers:
- name: kavita
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
add:
- CHOWN
- SETGID
- SETUID
drop:
- ALL
privileged: false
allowPrivilegeEscalation: false
env:
- name: PUID
value: "1000"
- name: GUID
value: "1000"
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: config-data
mountPath: /config
- name: books-data-nfs
mountPath: /books
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 30
timeoutSeconds: 2
httpGet:
path: /login
port: {{ .port }}
startupProbe:
failureThreshold: 10
timeoutSeconds: 2
httpGet:
path: /login
port: {{ .port }}
restartPolicy: Always
volumes:
- name: config-data
persistentVolumeClaim:
claimName: kavita-config-pvc
- name: books-data-nfs
nfs:
path: "/volume1/k3s/media/books"
server: "192.168.1.39"
---
apiVersion: v1
kind: Service
metadata:
name: kavita
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: kavita
app.kubernetes.io/name: kavita
ports:
- name: kavita
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/media/templates/media-pvc.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: transmission-config-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.transmission.config }}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kavita-config-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.kavita.config }}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: overseer-config-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.overseer.config }}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonarr-config-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.sonarr.config }}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: radarr-config-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.radarr.config }}
---
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: prowlarr-config-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.prowlarr.config }}
================================================
FILE: Helm/apps/media/templates/overseer.yaml
================================================
---
{{- with .Values.overseerr }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: overseerr
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: overseerr
app.kubernetes.io/name: overseerr
spec:
replicas: {{ .replicas }}
selector:
matchLabels:
app.kubernetes.io/instance: overseerr
app.kubernetes.io/name: overseerr
template:
metadata:
annotations:
backup.velero.io/backup-volumes: config-data
labels:
app.kubernetes.io/instance: overseerr
app.kubernetes.io/name: overseerr
spec:
containers:
- name: overseerr
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
add:
- CHOWN
- SETGID
- SETUID
drop:
- ALL
privileged: false
allowPrivilegeEscalation: false
env:
- name: PUID
value: "1000"
- name: GUID
value: "1000"
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: config-data
mountPath: /config
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 30
timeoutSeconds: 2
httpGet:
path: /login
port: {{ .port }}
startupProbe:
failureThreshold: 10
timeoutSeconds: 2
httpGet:
path: /login
port: {{ .port }}
restartPolicy: Always
volumes:
- name: config-data
persistentVolumeClaim:
claimName: overseer-config-pvc
---
apiVersion: v1
kind: Service
metadata:
name: overseerr
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: overseerr
app.kubernetes.io/name: overseerr
ports:
- name: overseerr
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/media/templates/prowlarr.yaml
================================================
---
{{- with .Values.prowlarr }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: prowlarr
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: prowlarr
app.kubernetes.io/name: prowlarr
spec:
replicas: {{ .replicas }}
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/instance: prowlarr
app.kubernetes.io/name: prowlarr
template:
metadata:
annotations:
backup.velero.io/backup-volumes: config
labels:
app.kubernetes.io/instance: prowlarr
app.kubernetes.io/name: prowlarr
spec:
containers:
- name: prowlarr
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
add:
- CHOWN
- SETGID
- SETUID
drop:
- ALL
privileged: false
allowPrivilegeEscalation: false
env:
- name: PUID
value: "1000"
- name: GUID
value: "1000"
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: config
mountPath: /config
livenessProbe:
failureThreshold: 10
initialDelaySeconds: 30
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
startupProbe:
failureThreshold: 10
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
restartPolicy: Always
volumes:
- name: config
persistentVolumeClaim:
claimName: prowlarr-config-pvc
---
apiVersion: v1
kind: Service
metadata:
name: prowlarr
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: prowlarr
app.kubernetes.io/name: prowlarr
ports:
- name: prowlarr
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/media/templates/radarr.yaml
================================================
---
{{- with .Values.radarr }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: radarr
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: radarr
app.kubernetes.io/name: radarr
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/instance: radarr
app.kubernetes.io/name: radarr
template:
metadata:
annotations:
backup.velero.io/backup-volumes: config
labels:
app.kubernetes.io/instance: radarr
app.kubernetes.io/name: radarr
spec:
containers:
- name: radarr
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
add:
- CHOWN
- SETGID
- SETUID
drop:
- ALL
privileged: false
allowPrivilegeEscalation: false
env:
- name: PUID
value: "1000"
- name: GUID
value: "1000"
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: config
mountPath: /config
- name: downloads-data
mountPath: /downloads
- name: movies-data-nfs
mountPath: /tv
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 30
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
startupProbe:
failureThreshold: 10
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
restartPolicy: Always
volumes:
- name: config
persistentVolumeClaim:
claimName: radarr-config-pvc
- name: movies-data-nfs
nfs:
path: "/volume1/k3s/media/movies"
server: "192.168.1.39"
- name: downloads-data
nfs:
path: "/volume1/k3s/media/downloads"
server: "192.168.1.39"
---
apiVersion: v1
kind: Service
metadata:
name: radarr
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: radarr
app.kubernetes.io/name: radarr
ports:
- name: radarr
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/media/templates/sonarr.yaml
================================================
---
{{- with .Values.sonarr }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: sonarr
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: sonarr
app.kubernetes.io/name: sonarr
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/instance: sonarr
app.kubernetes.io/name: sonarr
template:
metadata:
annotations:
backup.velero.io/backup-volumes: config
labels:
app.kubernetes.io/instance: sonarr
app.kubernetes.io/name: sonarr
spec:
containers:
- name: sonarr
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
add:
- CHOWN
- SETGID
- SETUID
drop:
- ALL
privileged: false
allowPrivilegeEscalation: false
env:
- name: PUID
value: "1000"
- name: GUID
value: "1000"
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: config
mountPath: /config
- name: downloads-data
mountPath: /downloads
- name: shows-data-nfs
mountPath: /shows
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 30
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
startupProbe:
failureThreshold: 10
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
restartPolicy: Always
volumes:
- name: shows-data-nfs
nfs:
path: "/volume1/k3s/media/shows"
server: "192.168.1.39"
- name: downloads-data
nfs:
path: "/volume1/k3s/media/downloads"
server: "192.168.1.39"
- name: config
persistentVolumeClaim:
claimName: sonarr-config-pvc
---
apiVersion: v1
kind: Service
metadata:
name: sonarr
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: sonarr
app.kubernetes.io/name: sonarr
ports:
- name: sonarr
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/media/templates/transmission.yaml
================================================
---
{{- with .Values.transmission }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: transmission
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: transmission
app.kubernetes.io/name: transmission
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: transmission
app.kubernetes.io/name: transmission
template:
metadata:
annotations:
backup.velero.io/backup-volumes: transmission-data
labels:
app.kubernetes.io/instance: transmission
app.kubernetes.io/name: transmission
spec:
containers:
- name: transmission
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
add:
- CHOWN
- SETGID
- SETUID
drop:
- ALL
privileged: false
allowPrivilegeEscalation: false
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
env:
- name: USER
value: {{ .username }}
- name: PASS
value: {{ .password }}
- name: PUID
value: "1000"
- name: GUID
value: "1000"
ports:
- name: web
containerPort: {{ .port }}
- name: torrent-tcp
protocol: TCP
containerPort: 51413
- name: torrent-udp
protocol: UDP
containerPort: 51413
volumeMounts:
- name: transmission-data
mountPath: /config
- name: downloads-data
mountPath: /downloads
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 30
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
startupProbe:
failureThreshold: 10
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
restartPolicy: Always
volumes:
- name: transmission-data
persistentVolumeClaim:
claimName: transmission-config-pvc
- name: downloads-data
nfs:
path: "/volume1/k3s/media/downloads"
server: "192.168.1.39"
---
apiVersion: v1
kind: Service
metadata:
name: transmission
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: transmission
app.kubernetes.io/name: transmission
ports:
- name: transmission
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/media/values.yaml
================================================
---
storage:
transmission:
config: 1Gi
downloads: 200Gi
kavita:
config: 5Gi
overseer:
config: 5Gi
radarr:
config: 5Gi
sonarr:
config: 5Gi
prowlarr:
config: 10Gi
flaresolverr:
image: ghcr.io/flaresolverr/flaresolverr:v3.4.6
port: 8191
resources:
requests:
cpu: 512m
memory: 1Gi
transmission:
image: lscr.io/linuxserver/transmission:4.1.1
port: 9091
username: username
password: password
resources:
requests:
cpu: 250m
memory: 1Gi
limits:
cpu: 2
memory: 2Gi
prowlarr:
replicas: 1
image: ghcr.io/linuxserver/prowlarr:2.3.5
port: 9696
resources:
requests:
cpu: 500m
memory: 1Gi
limits:
cpu: 2
memory: 2Gi
radarr:
image: ghcr.io/linuxserver/radarr:6.1.1
port: 7878
resources:
requests:
cpu: 10m
memory: 50Mi
overseerr:
image: lscr.io/linuxserver/overseerr:1.35.0
port: 5055
replicas: 1
resources:
requests:
cpu: 10m
memory: 50Mi
sonarr:
image: lscr.io/linuxserver/sonarr:4.0.17
port: 8989
resources:
requests:
cpu: 1
memory: 1Gi
limits:
cpu: 2
kavita:
image: ghcr.io/linuxserver/kavita:0.9.0
port: 5000
replicas: 1
resources:
requests:
cpu: 100m
memory: 500Mi
================================================
FILE: Helm/apps/n8n/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/n8n/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install n8n
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: n8n
type: application
version: 2.0.0
================================================
FILE: Helm/apps/n8n/README.md
================================================
This chart is used to install n8n
================================================
FILE: Helm/apps/n8n/templates/deployment.yaml
================================================
---
{{- with .Values.n8n }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: n8n
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: n8n
app.kubernetes.io/name: n8n
spec:
replicas: {{ .replicas }}
strategy:
rollingUpdate:
maxUnavailable: 0
selector:
matchLabels:
app.kubernetes.io/instance: n8n
app.kubernetes.io/name: n8n
template:
metadata:
labels:
app.kubernetes.io/instance: n8n
app.kubernetes.io/name: n8n
spec:
containers:
- name: n8n
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
env:
- name: N8N_BASIC_AUTH_ACTIVE
value: "true"
- name: N8N_BASIC_AUTH_USER
valueFrom:
secretKeyRef:
name: app
key: username
- name: N8N_BASIC_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: app
key: password
- name: DB_POSTGRESDB_HOST
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: host
- name: DB_POSTGRESDB_DATABASE
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: dbname
- name: DB_POSTGRESDB_PORT
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: port
- name: DB_POSTGRESDB_USER
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: user
- name: DB_POSTGRESDB_PASSWORD
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: password
- name: DB_TYPE
valueFrom:
secretKeyRef:
name: app
key: type
- name: N8N_PORT
value: "{{ .port }}"
- name: N8N_ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: app
key: encryption_key
- name: N8N_PAYLOAD_SIZE_MAX
valueFrom:
secretKeyRef:
name: app
key: maxFileSizeMb
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: data
mountPath: /home/node
- name: nas
mountPath: /nas
restartPolicy: Always
volumes:
- name: data
persistentVolumeClaim:
claimName: n8n-pvc
- name: nas
nfs:
path: "{{ .nasPath }}"
server: "{{ .nasIp }}"
---
apiVersion: v1
kind: Service
metadata:
name: n8n
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: n8n
app.kubernetes.io/name: n8n
ports:
- name: n8n
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/n8n/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: n8n-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Low-code automation
gethomepage.dev/group: Automation
gethomepage.dev/icon: n8n
gethomepage.dev/name: N8N
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "n8n.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: n8n
port: {{ .Values.n8n.port }}
================================================
FILE: Helm/apps/n8n/templates/storage.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: n8n-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.n8n.dataSize }}
================================================
FILE: Helm/apps/n8n/values.yaml
================================================
---
n8n:
image: n8nio/n8n:2.19.2
dataSize: 10Gi
port: 5678
replicas: 1
nasIp: 192.168.1.39
nasPath: /volume1/k3s
resources:
requests:
cpu: 10m
memory: 250Mi
================================================
FILE: Helm/apps/nodered/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/nodered/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install nodered
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: nodered
type: application
version: 3.0.0
================================================
FILE: Helm/apps/nodered/README.md
================================================
This chart is used to install nodered
================================================
FILE: Helm/apps/nodered/templates/deployment.yaml
================================================
---
{{- with .Values.nodered }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: nodered
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: nodered
app.kubernetes.io/name: nodered
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: nodered
app.kubernetes.io/name: nodered
template:
metadata:
annotations:
backup.velero.io/backup-volumes: data-config
labels:
app.kubernetes.io/instance: nodered
app.kubernetes.io/name: nodered
spec:
containers:
- name: nodered
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: data-config
mountPath: /data
- name: nas
mountPath: /nas
livenessProbe:
periodSeconds: 60
tcpSocket:
port: {{ .port }}
startupProbe:
initialDelaySeconds: 60
tcpSocket:
port: {{ .port }}
restartPolicy: Always
volumes:
- name: data-config
persistentVolumeClaim:
claimName: nodered-pvc
- name: nas
nfs:
path: "/volume1/k3s"
server: "192.168.1.39"
---
apiVersion: v1
kind: Service
metadata:
name: nodered
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: nodered
app.kubernetes.io/name: nodered
ports:
- name: nodered
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/nodered/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: nodered-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Low-code automation
gethomepage.dev/group: Automation
gethomepage.dev/icon: node-red
gethomepage.dev/name: NodeRed
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "nodered.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: nodered
port: {{ .Values.nodered.port }}
================================================
FILE: Helm/apps/nodered/templates/nodered-pvc.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nodered-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.configSize }}
================================================
FILE: Helm/apps/nodered/values.yaml
================================================
---
nodered:
image: nodered/node-red:3.1.15-16
port: 1880
resources:
requests:
cpu: 100m
memory: 512Mi
limits:
memory: 2Gi
storage:
configSize: 5Gi
================================================
FILE: Helm/apps/openbooks/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/openbooks/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install openbooks
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: openbooks
type: application
version: 3.0.0
================================================
FILE: Helm/apps/openbooks/README.md
================================================
This chart is used to install openbooks
================================================
FILE: Helm/apps/openbooks/templates/deployment.yaml
================================================
---
{{- with .Values.openbooks }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: openbooks
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: openbooks
app.kubernetes.io/name: openbooks
spec:
strategy:
rollingUpdate:
maxUnavailable: 0
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: openbooks
app.kubernetes.io/name: openbooks
template:
metadata:
labels:
app.kubernetes.io/instance: openbooks
app.kubernetes.io/name: openbooks
spec:
containers:
- name: openbooks
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
privileged: false
allowPrivilegeEscalation: false
args:
- --persist
- -n stefan-g-home
- -d /config
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: data-config
mountPath: /config
livenessProbe:
failureThreshold: 2
initialDelaySeconds: 30
timeoutSeconds: 2
httpGet:
path: /
port: {{ .port }}
startupProbe:
failureThreshold: 5
timeoutSeconds: 2
httpGet:
path: /
port: {{ .port }}
restartPolicy: Always
volumes:
- name: data-config
persistentVolumeClaim:
claimName: openbooks-pvc
---
apiVersion: v1
kind: Service
metadata:
name: openbooks
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: openbooks
app.kubernetes.io/name: openbooks
ports:
- name: openbooks
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/openbooks/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: openbooks-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: IRC Book Downloader
gethomepage.dev/group: Media
gethomepage.dev/icon: https://raw.githubusercontent.com/evan-buss/openbooks/master/server/app/public/favicon-32x32.png
gethomepage.dev/name: OpenBooks
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "openbooks.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: openbooks
port: {{ .Values.openbooks.port }}
================================================
FILE: Helm/apps/openbooks/templates/storage.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: openbooks-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.configSize }}
================================================
FILE: Helm/apps/openbooks/values.yaml
================================================
---
openbooks:
image: ghcr.io/evan-buss/openbooks:4.5.0
port: 80
resources:
requests:
cpu: 10m
memory: 256Mi
storage:
configSize: 1Gi
================================================
FILE: Helm/apps/reactiveresume/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/reactiveresume/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install reactiveresume
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: reactiveresume
type: application
version: 3.0.0
================================================
FILE: Helm/apps/reactiveresume/README.md
================================================
This chart installs reactiveresume
================================================
FILE: Helm/apps/reactiveresume/templates/deployment.yaml
================================================
---
{{- with .Values.reactiveresume }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: reactiveresume
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: reactiveresume
app.kubernetes.io/name: reactiveresume
spec:
replicas: 1
strategy:
rollingUpdate:
maxUnavailable: 0
selector:
matchLabels:
app.kubernetes.io/instance: reactiveresume
app.kubernetes.io/name: reactiveresume
template:
metadata:
labels:
app.kubernetes.io/instance: reactiveresume
app.kubernetes.io/name: reactiveresume
spec:
containers:
{{- with .api }}
- name: api
image: {{ .image }}
securityContext:
capabilities:
drop:
- ALL
envFrom:
- secretRef:
name: app
env:
- name: PUBLIC_FLAG_DISABLE_SIGNUPS
value: "true"
- name: POSTGRES_HOST
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: host
- name: POSTGRES_PORT
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: port
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: dbname
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: password
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: user
imagePullPolicy: IfNotPresent
volumeMounts:
- name: uploads
mountPath: /app/server/dist/assets/uploads
livenessProbe:
initialDelaySeconds: 30
failureThreshold: 5
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
startupProbe:
failureThreshold: 10
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
ports:
- containerPort: {{ .port }}
name: api
protocol: TCP
{{- end }}
{{- with .frontend }}
- name: frontend
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
env:
- name: PUBLIC_FLAG_DISABLE_SIGNUPS
value: "true"
- name: PUBLIC_URL
valueFrom:
secretKeyRef:
name: app
key: PUBLIC_URL
- name: PUBLIC_SERVER_URL
valueFrom:
secretKeyRef:
name: app
key: PUBLIC_SERVER_URL
livenessProbe:
initialDelaySeconds: 30
failureThreshold: 5
timeoutSeconds: 2
httpGet:
path: /
port: {{ .port }}
startupProbe:
failureThreshold: 10
timeoutSeconds: 2
httpGet:
path: /
port: {{ .port }}
ports:
- containerPort: {{ .port }}
name: frontend
protocol: TCP
{{- end }}
volumes:
- name: uploads
persistentVolumeClaim:
claimName: reactiveresume-uploads-pvc
---
apiVersion: v1
kind: Service
metadata:
name: reactiveresume
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: reactiveresume
app.kubernetes.io/name: reactiveresume
ports:
- name: frontend
protocol: TCP
port: {{ .frontend.port }}
- name: api
protocol: TCP
port: {{ .api.port }}
{{- end }}
================================================
FILE: Helm/apps/reactiveresume/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: reactiveresume-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Build your own CV
gethomepage.dev/group: Personal
gethomepage.dev/icon: https://raw.githubusercontent.com/AmruthPillai/Reactive-Resume/5513b909e79d2560b3ba313facb984d2457ef602/apps/artboard/public/favicon.svg
gethomepage.dev/name: Reactive Resume
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "resume.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: reactiveresume
port: 3000
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: reactiveresume-api-internal
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "resume-api.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: reactiveresume
port: 3100
================================================
FILE: Helm/apps/reactiveresume/templates/storage.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: reactiveresume-uploads-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.uploadSize }}
================================================
FILE: Helm/apps/reactiveresume/values.yaml
================================================
---
reactiveresume:
api:
image: amruthpillai/reactive-resume:server-3.6.18
port: 3100
frontendUrl: https://reactiveresume.sgenov.dev
frontend:
image: amruthpillai/reactive-resume:client-3.6.18
port: 3000
storage:
uploadSize: 5Gi
================================================
FILE: Helm/apps/storage/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/storage/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install storage
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: storage
type: application
version: 2.0.0
================================================
FILE: Helm/apps/storage/README.md
================================================
This chart is used to install syncthing and server emulator
================================================
FILE: Helm/apps/storage/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: syncthing-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: File synchronization
gethomepage.dev/group: Storage
gethomepage.dev/icon: syncthing
gethomepage.dev/name: Syncthing
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "syncthing.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: syncthing
port: {{ .Values.syncthing.port }}
================================================
FILE: Helm/apps/storage/templates/storage-pvc.yaml
================================================
{{- with .Values.syncthing }}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: syncthing-config-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ $.Values.storage.syncthingConfigSize }}
{{- end }}
================================================
FILE: Helm/apps/storage/templates/syncthing.yaml
================================================
---
{{- with .Values.syncthing }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: syncthing
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: syncthing
app.kubernetes.io/name: syncthing
spec:
replicas: {{ .replicas }}
strategy:
rollingUpdate:
maxUnavailable: 0
selector:
matchLabels:
app.kubernetes.io/instance: syncthing
app.kubernetes.io/name: syncthing
template:
metadata:
annotations:
backup.velero.io/backup-volumes: app-config
labels:
app.kubernetes.io/instance: syncthing
app.kubernetes.io/name: syncthing
spec:
containers:
- name: syncthing
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
add:
- CHOWN
- SETGID
- SETUID
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
- name: tcp
containerPort: 22000
protocol: TCP
- name: udp
containerPort: 22000
protocol: UDP
- name: udp2
containerPort: 21027
protocol: UDP
volumeMounts:
- name: app-config
mountPath: /config
- name: data-volume
mountPath: /data
restartPolicy: Always
volumes:
- name: app-config
persistentVolumeClaim:
claimName: syncthing-config-pvc
- name: data-volume
nfs:
path: "/volume1/k3s/syncthing"
server: {{ $.Values.storage.nasIp }}
---
apiVersion: v1
kind: Service
metadata:
name: syncthing
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: syncthing
app.kubernetes.io/name: syncthing
ports:
- name: syncthing
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/storage/values.yaml
================================================
---
syncthing:
image: lscr.io/linuxserver/syncthing:2.0.16
replicas: 1
port: 8384
resources:
requests:
cpu: 10m
memory: 50Mi
storage:
syncthingConfigSize: 1Gi
nasIp: 192.168.1.39
================================================
FILE: Helm/apps/uptimekuma/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/uptimekuma/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install uptimekuma
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: uptimekuma
type: application
version: 4.0.0
================================================
FILE: Helm/apps/uptimekuma/README.md
================================================
This chart is used to install uptimekuma
================================================
FILE: Helm/apps/uptimekuma/templates/deployment.yaml
================================================
---
{{- with .Values.uptimekuma }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: uptimekuma
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: uptimekuma
app.kubernetes.io/name: uptimekuma
spec:
replicas: {{ .replicas }}
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/instance: uptimekuma
app.kubernetes.io/name: uptimekuma
template:
metadata:
annotations:
backup.velero.io/backup-volumes: app-data
labels:
app.kubernetes.io/instance: uptimekuma
app.kubernetes.io/name: uptimekuma
spec:
containers:
- name: uptimekuma
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
add:
- SETUID
- SETGID
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
volumeMounts:
- name: app-data
mountPath: /app/data
livenessProbe:
failureThreshold: 5
tcpSocket:
port: {{ .port }}
startupProbe:
failureThreshold: 5
initialDelaySeconds: 10
tcpSocket:
port: {{ .port }}
restartPolicy: Always
volumes:
- name: app-data
persistentVolumeClaim:
claimName: uptimekuma-pvc
---
apiVersion: v1
kind: Service
metadata:
name: uptimekuma
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: uptimekuma
app.kubernetes.io/name: uptimekuma
ports:
- name: uptimekuma
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/uptimekuma/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: uptimekuma-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Uptime Monitor
gethomepage.dev/group: Monitoring
gethomepage.dev/icon: uptime-kuma
gethomepage.dev/name: Uptime Kuma
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "uptimekuma.sgenov.dev"
- "uptime.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: uptimekuma
port: {{ .Values.uptimekuma.port }}
================================================
FILE: Helm/apps/uptimekuma/templates/uptime-kuma-pvc.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: uptimekuma-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.size }}
================================================
FILE: Helm/apps/uptimekuma/values.yaml
================================================
---
uptimekuma:
image: louislam/uptime-kuma:1.23.17-debian
replicas: 1
port: 3001
resources:
requests:
cpu: 10m
memory: 512Mi
storage:
size: 10Gi
================================================
FILE: Helm/apps/vikunja/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/vikunja/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install vikunja
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: vikunja
type: application
version: 4.0.0
================================================
FILE: Helm/apps/vikunja/README.md
================================================
This chart installs vikunja
================================================
FILE: Helm/apps/vikunja/templates/deployment.yaml
================================================
---
{{- with .Values.vikunja }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: vikunja
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: vikunja
app.kubernetes.io/name: vikunja
spec:
replicas: 1
revisionHistoryLimit: 3
selector:
matchLabels:
app.kubernetes.io/instance: vikunja
app.kubernetes.io/name: vikunja
template:
metadata:
annotations:
backup.velero.io/backup-volumes: data
labels:
app.kubernetes.io/instance: vikunja
app.kubernetes.io/name: vikunja
name: vikunja
spec:
containers:
- name: vikunja
image: {{ .image }}
securityContext:
capabilities:
drop:
- ALL
env:
- name: VIKUNJA_SERVICE_FRONTENDURL
value: "{{ .frontendUrl }}"
- name: VIKUNJA_DATABASE_TYPE
value: "postgres"
- name: VIKUNJA_SERVICE_JWTSECRET
valueFrom:
secretKeyRef:
name: app
key: JWT_SECRET
- name: VIKUNJA_MAILER_ENABLED
value: "false"
- name: VIKUNJA_DATABASE_HOST
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: host
- name: VIKUNJA_DATABASE_USER
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: username
- name: VIKUNJA_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: password
- name: VIKUNJA_DATABASE_DATABASE
valueFrom:
secretKeyRef:
name: cluster-postgres-app
key: dbname
imagePullPolicy: IfNotPresent
volumeMounts:
- name: data
mountPath: /app/vikunja/files
livenessProbe:
failureThreshold: 10
initialDelaySeconds: 30
tcpSocket:
port: {{ .port }}
timeoutSeconds: 2
startupProbe:
failureThreshold: 20
timeoutSeconds: 2
tcpSocket:
port: {{ .port }}
ports:
- containerPort: {{ .port }}
name: api
protocol: TCP
volumes:
- name: data
persistentVolumeClaim:
claimName: vikunja-pvc
---
apiVersion: v1
kind: Service
metadata:
name: vikunja
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: vikunja
app.kubernetes.io/name: vikunja
ports:
- name: api
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/vikunja/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: vikunja-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Tasks
gethomepage.dev/group: Knowledge
gethomepage.dev/icon: vikunja
gethomepage.dev/name: Vikunja
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "vikunja.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: vikunja
port: {{ .Values.vikunja.port }}
================================================
FILE: Helm/apps/vikunja/templates/storage.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: vikunja-pvc
namespace: {{ $.Release.Namespace }}
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.dataSize }}
================================================
FILE: Helm/apps/vikunja/values.yaml
================================================
---
vikunja:
image: vikunja/vikunja:0.24.6
port: 3456
frontendUrl: https://vikunja.sgenov.dev
storage:
dataSize: 5Gi
================================================
FILE: Helm/apps/wallabag/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/wallabag/CHANGELOG.md
================================================
#### [v2.0.0]
- Using Gateway API
#### [v1.3.0]
* Moved Env to simplesecret
* Improved security
#### [v1.2.1]
* Added probes for wallabag so it will automatically fix itself if failed
#### [v1.2.0]
* Added ingress
#### [V1.1.0]
* Moved resources to values.yaml
#### [V1.0.0]
* Initial Deployment
================================================
FILE: Helm/apps/wallabag/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install wallabag
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: wallabag
type: application
version: 2.0.0
================================================
FILE: Helm/apps/wallabag/README.md
================================================
This chart is used to install wallabag.
================================================
FILE: Helm/apps/wallabag/templates/database.yaml
================================================
---
{{- with .Values.postgres }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: postgres
app.kubernetes.io/name: postgres
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: postgres
app.kubernetes.io/name: postgres
template:
metadata:
annotations:
backup.velero.io/backup-volumes: postgresql-data
labels:
app.kubernetes.io/instance: postgres
app.kubernetes.io/name: postgres
spec:
securityContext:
fsGroup: 999
containers:
- name: postgresql
image: {{ .image }}
imagePullPolicy: IfNotPresent
envFrom:
- secretRef:
name: db
securityContext:
runAsUser: 999 # postgres UID in the image
runAsGroup: 999
allowPrivilegeEscalation: false
privileged: false
capabilities:
drop:
- "ALL"
add:
- CHOWN
- SETUID
- SETGID
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: db
containerPort: {{ .port }}
volumeMounts:
- mountPath: /var/lib/postgresql/data
subPath: data
name: postgresql-data
- name: shm-empty
mountPath: /dev/shm
livenessProbe:
exec:
command:
- /bin/bash
- -c
- pg_isready
- -U
- $POSTGRES_USER
- -d
- $POSTGRES_DB
failureThreshold: 2
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
startupProbe:
exec:
command:
- /bin/bash
- -c
- pg_isready
- -U
- $POSTGRES_USER
- -d
- $POSTGRES_DB
failureThreshold: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
restartPolicy: Always
volumes:
- name: postgresql-data
persistentVolumeClaim:
claimName: postgresql-pvc
- name: shm-empty
emptyDir:
medium: Memory
---
apiVersion: v1
kind: Service
metadata:
name: postgres
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: postgres
app.kubernetes.io/name: postgres
ports:
- name: postgres
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/wallabag/templates/deployment.yaml
================================================
---
{{- with .Values.wallabag }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: wallabag
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: wallabag
app.kubernetes.io/name: wallabag
spec:
replicas: {{ .replicas }}
selector:
matchLabels:
app.kubernetes.io/instance: wallabag
app.kubernetes.io/name: wallabag
template:
metadata:
labels:
app.kubernetes.io/instance: wallabag
app.kubernetes.io/name: wallabag
spec:
restartPolicy: Always
containers:
- name: wallabag
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
privileged: false
allowPrivilegeEscalation: false
envFrom:
- secretRef:
name: app
optional: false
env:
- name: PUID
value: "1000"
- name: GUID
value: "1000"
- name: SYMFONY__ENV__DOMAIN_NAME
value: {{ .domainName }}
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
livenessProbe:
failureThreshold: 10
initialDelaySeconds: 60
timeoutSeconds: 5
httpGet:
port: {{ .port }}
path: /login
startupProbe:
failureThreshold: 10
periodSeconds: 5
httpGet:
port: {{ .port }}
path: /login
{{- end }}
================================================
FILE: Helm/apps/wallabag/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: wallabag-external
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: external
namespace: istio-gateway
hostnames:
- "wallabag.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: wallabag
port: {{ .Values.wallabag.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: wallabag-internal
namespace: {{ $.Release.Namespace }}
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: Self-Hosted Pocket
gethomepage.dev/group: Knowledge
gethomepage.dev/icon: wallabag
gethomepage.dev/name: Wallabag
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "wallabag.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: wallabag
port: {{ .Values.wallabag.port }}
================================================
FILE: Helm/apps/wallabag/templates/pdb.yaml
================================================
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: wallabag
spec:
minAvailable: 1
selector:
matchLabels:
app.kubernetes.io/instance: wallabag
app.kubernetes.io/name: wallabag
================================================
FILE: Helm/apps/wallabag/templates/service.yaml
================================================
---
{{- with .Values.wallabag }}
apiVersion: v1
kind: Service
metadata:
name: wallabag
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: wallabag
app.kubernetes.io/name: wallabag
ports:
- name: wallabag
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/wallabag/templates/storage.yaml
================================================
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgresql-pvc
labels:
app.kubernetes.io/instance: postgres
app.kubernetes.io/name: postgres
app.kubernetes.io/component: database
app.kubernetes.io/part-of: wallabag
app.kubernetes.io/managed-by: helm
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: {{ .Values.storage.postgresqlSize }}
================================================
FILE: Helm/apps/wallabag/values.yaml
================================================
---
wallabag:
image: wallabag/wallabag:2.6.14
replicas: 1
port: 80
domainName: https://wallabag.sgenov.dev
resources:
requests:
cpu: 100m
memory: 500Mi
postgres:
image: postgres:16.13
port: 5432
resources:
requests:
cpu: 10m
memory: 256Mi
storage:
postgresqlSize: 5Gi
================================================
FILE: Helm/apps/website/.helmignore
================================================
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
================================================
FILE: Helm/apps/website/CHANGELOG.md
================================================
#### [v4.0.0]
- Using Gateway API
#### [v3.0.0]
- Better selectors
- Better probes
#### [V2.0.0]
* Migrated to ghcr.io
#### [V1.1.0]
* Updated security
#### [V1.0.0]
* Initial Deployment
================================================
FILE: Helm/apps/website/Chart.yaml
================================================
---
apiVersion: v2
appVersion: 1.0.0
description: This chart is used to install website
maintainers:
- email: sgenov94@gmail.com
name: Stefan Genov
name: website
type: application
version: 4.0.0
================================================
FILE: Helm/apps/website/README.md
================================================
This chart is used to install my personal website https://github.com/Michaelpalacce/personal-website-vue
================================================
FILE: Helm/apps/website/templates/deployment.yaml
================================================
---
{{- with .Values.website }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: website
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/instance: website
app.kubernetes.io/name: website
spec:
replicas: {{ .replicas }}
selector:
matchLabels:
app.kubernetes.io/instance: website
app.kubernetes.io/name: website
template:
metadata:
labels:
app.kubernetes.io/instance: website
app.kubernetes.io/name: website
spec:
restartPolicy: Always
securityContext:
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
priorityClassName: critical-priority
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: website
namespaces:
- {{ $.Release.Namespace }}
topologyKey: kubernetes.io/hostname
weight: 1
containers:
- name: website
image: {{ .image }}
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
privileged: false
allowPrivilegeEscalation: false
{{- if .resources }}
resources:
{{ toYaml .resources | indent 22 }}
{{- end }}
ports:
- name: web
containerPort: {{ .port }}
envFrom:
- secretRef:
name: website
optional: false
env:
- name: CV_PATH
value: "/cv/CV.pdf"
volumeMounts:
- name: cv
mountPath: /cv
livenessProbe:
failureThreshold: 2
initialDelaySeconds: 10
timeoutSeconds: 2
httpGet:
path: /
port: {{ .port }}
startupProbe:
failureThreshold: 5
timeoutSeconds: 2
httpGet:
path: /
port: {{ .port }}
volumes:
- name: cv
nfs:
path: "/volume1/k3s/CV"
server: "192.168.1.39"
{{- end }}
================================================
FILE: Helm/apps/website/templates/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: website-external
namespace: {{ $.Release.Namespace }}
spec:
parentRefs:
- name: external
namespace: istio-gateway
hostnames:
- "sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: website
port: {{ .Values.website.port }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: website-internal
namespace: {{ $.Release.Namespace }}
annotations:
# nginx.ingress.kubernetes.io/proxy-body-size: "100m"
gethomepage.dev/enabled: "true"
gethomepage.dev/description: My Website
gethomepage.dev/group: Personal
gethomepage.dev/icon: https://sgenov.dev/favicon.ico
gethomepage.dev/name: Website
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "sgenov.dev"
- "website.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: website
port: {{ .Values.website.port }}
================================================
FILE: Helm/apps/website/templates/pdb.yaml
================================================
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: website
spec:
minAvailable: 1
selector:
matchLabels:
app.kubernetes.io/instance: website
app.kubernetes.io/name: website
================================================
FILE: Helm/apps/website/templates/service.yaml
================================================
---
{{- with .Values.website }}
apiVersion: v1
kind: Service
metadata:
name: website
namespace: {{ $.Release.Namespace }}
spec:
selector:
app.kubernetes.io/instance: website
app.kubernetes.io/name: website
ports:
- name: website
protocol: TCP
port: {{ .port }}
{{- end }}
================================================
FILE: Helm/apps/website/values.yaml
================================================
---
website:
image: ghcr.io/michaelpalacce/website:v2.25.0
port: 80
replicas: 3
resources:
requests:
cpu: 500m
memory: 512Mi
================================================
FILE: README.md
================================================
# Preface
<img src="https://raw.githubusercontent.com/kubernetes/kubernetes/master/logo/logo.png" width="150px" alt="">
This repository contains basic HELM local charts for application installation as well as FluxCD2 HelmReleases for GitOps.
I'm not going to move away from the local helm charts where possible as they make this repository pretty beginner-friendly.
Also, big warning, this repo is things I've done on the side with time taken away from my family.
# :open_book: Check out the Documentation
* [Documentation](./docs)
# Main tools used
1. **FluxCD 2** - GitOps for my HomeLab.
2. **Renovate** - Checks for updates to actions, helm charts, helm releases, docker containers.
3. **Istio + Gateway API** - Reverse proxy + SSL termination for services
4. **cert-manager + reflector** - cert-manager generates certificates for my services and reflector duplicates the generated ssl
certificate secret to all the namespaces. The secret is called `ingress`.
5. **Longhorn** - K8S native storage.
6. **Ansible** - Used to provision the architecture
7. **Velero** - K8S and PVC backup. Free and open source by VMware
8. **MetalLB** - LoadBalancer for bare-metal k8s clusters
9. **tofu-controller** - Gitops for Terraform
# GitOps :construction:
GitOps is applied wherever possible using Flux2.
CI/CD is done by bootstrapping flux into my cluster. Flux polls GitHub for changes and applies them automatically on my server.
It is currently pretty stable.
# Image updates
Image updates are done via Renovate Bot :robot:. Renovate bot does periodic scans for new image versions and submits pull request for each change.
# Accessing services ( istio, cert-manager )
Apps are currently exposed by Istio with Gateway API and have SSL certificates provided by cert-manager.
A wildcard certificate is issued for my domain `*.sgenov.dev` and when the secret is created
it is replicated in all namespace as `ingress` to be consumed by the ingress resources. This replication is
needed because `Let's encrypt` rate limits certificate requests.
## :desktop_computer: Exposing Apps
As a legacy approach I used to expose my apps via NodePort. This ability is removed but can be easily enabled by
removing the commented out nodePort values in the Helm Charts, and I also try to add this functionality to future apps
and services I install.
# Control Plane Load Balancing
I use DNS load balancing for the control plane. This is done by creating an A record for the control plane and pointing it to the IPs of the control plane nodes.
This is done because I don't have a load balancer in my homelab and I don't want to expose the control plane on a single node.
# Storage ( Longhorn )
Longhorn is a great replicated storage option with a great UI for better visualisation. It's fast and tailor made for
k8s. Developed by the same people responsible for k3s/rancher and other great tools. [Official site](https://longhorn.io/)
# Backup ( Velero )
Velero allows me to back up selected namespaces and ( with the help of restic ) ship the data to different sources.
In my case I'm using the velero AWS plugin.
The velero backup runs on a schedule every day during the evening hours and I pay around ~ $7 each month, mainly due to Wasabi pricing for
1TB as a minimum.
Check the docs for more information about velero, but overall I try to backup everything.
# Infrastructure as code
`tofu-controller` is a tool by the team behind FluxCD2 and allows me to continuously reconcile a git repo and apply changes when a change or drift is detected. I'm not handling VM creation yet, as that has proven to be a nuisance with the Terraform provider. Security is the main focus of this.
# What if I don't want to use Flux
Well it's absolutely fine. You can go to `Helm/apps` and install any app you want ( e.g. `helm install media media -n media --create-namespace` ).
However things like ingress, cert-management, longhorn are handled only via Flux. Information on the helm chart that is
used can be found in the `helm-release.yaml` for the specific service. Let's look at an example:
~~~yaml
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: longhorn-system # What to call the deployment
namespace: longhorn-system # Where to install the helm chart
spec:
interval: 10m # How often do we poll for changes
install:
createNamespace: true # Same as --create-namespace
chart:
spec:
chart: longhorn # Which chart to use
version: 1.2.4 # Which version of the chart
interval: 10m
# Where to find information for this chart ( in my case I have a HelmRepository defined in cluster/homelab/helm/longhorn-system
sourceRef:
kind: HelmRepository
name: longhorn-system
namespace: flux-system
# Overwriting some values
values:
ingress:
enabled: true
host: longhorn.sgenov.dev
ingressClassName: nginx
tls: true
tlsSecret: ingress
service:
ui:
type: NodePort
nodePort: 30030
~~~
This would be the same as:
1. Creating a new file with the content:
`values.yaml`:
~~~yaml
ingress:
enabled: true
host: longhorn.sgenov.dev
ingressClassName: nginx
tls: true
tlsSecret: ingress
service:
ui:
type: NodePort
nodePort: 30030
~~~
2. Running: `helm repo add longhorn https://charts.longhorn.io; helm repo update` to add the longhorn helm repo
3. Running: `helm install longhorn/longhorn --name longhorn --create-namespace -n longhorn-system -f values.yaml`
================================================
FILE: TODOS.md
================================================
# TODOs
## Fixes
- [ ] Fix paperless-ngx redis:latest... broadcom...
## Security
- [ ] Network Policies For External Services
## Infrastructure
- [ ] Strip down the K3S Nodes of unused services and packages
## Service Specifics
## Upgrades
- [ ] Migrate to newest postgresql
- [ ] postgresql instances should be a statefulset
================================================
FILE: ansible/hosts/group_vars/master/k3s-config.yaml
================================================
---
k3s_control_node: true
k3s_server:
node-ip: "{{ ansible_default_ipv4.address }}"
kubelet-arg:
- "image-gc-high-threshold=75"
- "image-gc-low-threshold=60"
tls-san:
- "{{ k3s_registration_address }}"
docker: false
disable:
- traefik
- local-storage
- servicelb
disable-network-policy: false
disable-cloud-controller: true
write-kubeconfig-mode: "644"
cluster-cidr: "10.40.0.0/16"
service-cidr: "10.96.0.0/16"
etcd-expose-metrics: true
================================================
FILE: ansible/hosts/group_vars/workers/k3s-config.yaml
================================================
---
k3s_control_node: false
k3s_agent:
node-ip: "{{ ansible_default_ipv4.address }}"
kubelet-arg:
- "image-gc-high-threshold=75"
- "image-gc-low-threshold=60"
================================================
FILE: ansible/hosts/inventory
================================================
[master]
192.168.1.78
192.168.1.83
192.168.1.242
[workers]
192.168.1.55
192.168.1.89
192.168.1.247
192.168.1.79
[extra]
# 192.168.1.20
# 192.168.1.42
# 192.168.1.22
# This group has all the servers
[all:children]
master
workers
extra
#Variables for all the servers
[all:vars]
ansible_connection=ssh
ansible_user=stefan
ansible_ssh_common_args='-o StrictHostKeyChecking=no'
================================================
FILE: ansible/playbooks/install/files/allContainerLogs
================================================
/var/logs/containers/*.log {
rotate 2
copytruncate
missingok
notifempty
compress
maxsize 10M
dateext
dateformat -%Y%m%d-%s
create 0644 root root
}
================================================
FILE: ansible/playbooks/install/files/cleanUpOrphanedPods.py
================================================
import subprocess
import select
import re
import shutil
f = subprocess.Popen(['tail', '-F', '/var/log/syslog'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
p = select.poll()
p.register(f.stdout)
while True:
if p.poll(1):
line = f.stdout.readline().decode('utf-8')
result = re.search('orphaned pod \\\\"([0-9a-zA-Z-]*)\\\\"', line)
if result:
toDelete = '/var/lib/kubelet/pods/' + result.group(1)
try:
shutil.rmtree(toDelete)
print(toDelete + " was deleted")
except:
print(toDelete + " could not be deleted")
================================================
FILE: ansible/playbooks/install/files/cniLogs
================================================
/var/logs/calico/cni/*.log {
rotate 2
copytruncate
missingok
notifempty
compress
maxsize 10M
dateext
dateformat -%Y%m%d-%s
create 0644 root root
}
================================================
FILE: ansible/playbooks/install/files/multipath.conf
================================================
blacklist {
devnode "^sd[a-z0-9]+"
}
================================================
FILE: ansible/playbooks/install/files/podLogs
================================================
/var/logs/pods/*/*/*.log {
rotate 2
copytruncate
missingok
notifempty
compress
maxsize 10M
dateext
dateformat -%Y%m%d-%s
create 0644 root root
}
================================================
FILE: ansible/playbooks/install/main.yml
================================================
---
- hosts: all
name: Setup sudoers
gather_facts: false
become: true
tags:
- preflight
- preflight-sudoers
vars_files:
- "./vars/main.yml"
tasks:
- name: Show current Ansible user
debug:
var: ansible_user
- name: Enable passwordless sudo for user
copy:
dest: "/etc/sudoers.d/10-{{ ansible_user }}"
content: "{{ ansible_user }} ALL=(ALL) NOPASSWD:ALL"
owner: root
group: root
mode: "0440"
- hosts: all
name: Setup Logs and log sizes
gather_facts: false
become: true
tags:
- preflight
- preflight-logs
vars_files:
- "./vars/main.yml"
tasks:
- name: Logrotate
copy:
dest: "{{ item.dest }}"
src: "{{ item.src }}"
with_items:
- dest: /etc/logrotate.d/allContainerLogs
src: allContainerLogs
- dest: /etc/logrotate.d/cniLogs
src: cniLogs
- dest: /etc/logrotate.d/podLogs
src: podLogs
- name: Check if logrotate is daily
stat: path=/etc/cron.daily/logrotate
register: logrotate_stat
- name: Move logrotate to hourly if daily
command: mv /etc/cron.daily/logrotate /etc/cron.hourly/logrotate
when: logrotate_stat.stat.exists
- name: Ensure persistent journal is enabled
lineinfile:
path: /etc/systemd/journald.conf
regexp: "^#?SystemMaxUse="
line: "SystemMaxUse={{ journalctl_vaccum_size }}"
state: present
notify: restart systemd-journald
- name: Reload systemd-journald configuration
command: systemctl daemon-reload
handlers:
- name: restart systemd-journald
service:
name: systemd-journald
state: restarted
- hosts: all
name: Setup limits
gather_facts: false
become: true
tags:
- preflight
- preflight-limits
vars_files:
- "./vars/main.yml"
tasks:
- name: Set soft nofile limit for all users
lineinfile:
path: /etc/security/limits.conf
insertafter: EOF
line: "* soft nofile 65535"
state: present
- name: Set hard nofile limit for all users
lineinfile:
path: /etc/security/limits.conf
insertafter: EOF
line: "* hard nofile 65535"
state: present
- name: Ensure pam_limits is enabled
lineinfile:
path: /etc/pam.d/common-session
regexp: "^#?session required pam_limits.so"
line: "session required pam_limits.so"
state: present
- name: Reload the limits configuration
shell: ulimit -n 65535
- hosts: all
name: Setup Storage dependencies
become: true
gather_facts: false
tags:
- preflight
- preflight-storage-dependencies
vars_files:
- "./vars/main.yml"
tasks:
- name: Ensure dependencies are installed
apt:
name: "{{ packages }}"
state: present
vars:
packages:
- open-iscsi
- nfs-common
- jq
- hosts:
- master
- workers
become: true
any_errors_fatal: true
tags:
- setup
- setup-k3s
vars_files:
- "./vars/main.yml"
roles:
- xanmanning.k3s
- hosts: master
name: Setup master k3s and fetch config
become: true
tags:
- setup
- setup-init-master
vars_files:
- "./vars/main.yml"
tasks:
- name: Setup k3s
shell: "{{ item }}"
with_items:
- mkdir -p ~/.kube
- cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
- name: Copy output to local files
fetch:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
flat: true
with_items:
- src: /etc/rancher/k3s/k3s.yaml
dest: "{{ output_dir }}/config"
- name: Fix Config URL
hosts: localhost
connection: local
gather_facts: false
become: true
tags:
- setup
- setup-fix-kubeconfig
vars_files:
- "./vars/main.yml"
tasks:
- replace:
path: ./output/config
regexp: "127.0.0.1"
replace: "{{ k3s_registration_address }}"
backup: true
- hosts: all
name: Fix Multipath
become: true
tags:
- setup
- setup-multipath
tasks:
- name: Make sure multipath conf file is missing
file:
path: /etc/multipath.conf
state: absent
- name: Copy Multipath File
copy:
src: ./files/multipath.conf
dest: /etc/multipath.conf
- name: Restart multipath service
systemd:
state: restarted
name: multipathd
- hosts: all
name: Load Kernel Modules
become: true
tags:
- setup
- setup-kernel
tasks:
- name: Enable kernel modules now
community.general.modprobe:
name: "{{ item }}"
state: present
loop: [br_netfilter, ip_vs, ip_vs_rr]
- name: Enable kernel modules on boot
ansible.builtin.copy:
mode: 0644
dest: "/etc/modules-load.d/{{ item }}.conf"
content: "{{ item }}"
loop: [br_netfilter, ip_vs, ip_vs_rr, dm_crypt]
- hosts: all
become: true
tags:
- unattended_upgrades
systemctl
roles:
- role: hifis.toolkit.unattended_upgrades
unattended_automatic_reboot: true
- hosts: all
become: true
tags:
- qemu
tasks:
- name: Install qemu-guest-agent
apt:
name: "{{ packages }}"
state: present
vars:
packages:
- qemu-guest-agent
- name: Start and enable qemu-guest-agent
systemd_service:
name: qemu-guest-agent
enabled: true
state: started
================================================
FILE: ansible/playbooks/install/requirements.yml
================================================
---
collections:
- name: kubernetes.core
version: 6.3.0
- name: community.general
version: 12.5.0
- name: hifis.toolkit
version: 6.3.2
roles:
- src: xanmanning.k3s
================================================
FILE: ansible/playbooks/install/vars/main.yml
================================================
---
arch: amd64 # architecture
output_dir: ./output # Where to output files generated by the playbook
journalctl_vaccum_size: 200M # After what size should journalctl logs be cleaned up
k3s_release_version: "v1.34.1+k3s1"
k3s_install_hard_links: true # For system-upgrader
k3s_become: true
k3s_debug: false
k3s_etcd_datastore: true
k3s_use_unsupported_config: true
k3s_registration_address: 192.168.1.78 # Master node ip
================================================
FILE: cluster/homelab/age.agekey.public
================================================
age1mq6usjzvvxvcp7tl03yjdqd0kgjhhvhz48kmg86p43nhx0jc75jssw0kfn
================================================
FILE: cluster/homelab/apps/adminer/deployment.yaml
================================================
apiVersion: apps/v1
kind: Deployment
metadata:
name: adminer
labels:
app.kubernetes.io/instance: adminer
app.kubernetes.io/name: adminer
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: adminer
app.kubernetes.io/name: adminer
template:
metadata:
labels:
app.kubernetes.io/instance: adminer
app.kubernetes.io/name: adminer
spec:
containers:
- name: adminer
image: adminer:latest
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 8080
resources:
requests:
cpu: 100m
memory: 100Mi
limits:
cpu: 200m
memory: 200Mi
================================================
FILE: cluster/homelab/apps/adminer/gateway-api.yaml
================================================
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: adminer-internal
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "adminer.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: adminer
port: 80
================================================
FILE: cluster/homelab/apps/adminer/kustomization.yaml
================================================
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: adminer
resources:
- namespace.yaml
- deployment.yaml
- service.yaml
- gateway-api.yaml
================================================
FILE: cluster/homelab/apps/adminer/namespace.yaml
================================================
apiVersion: v1
kind: Namespace
metadata:
name: adminer
================================================
FILE: cluster/homelab/apps/adminer/service.yaml
================================================
apiVersion: v1
kind: Service
metadata:
name: adminer
spec:
selector:
app.kubernetes.io/instance: adminer
app.kubernetes.io/name: adminer
ports:
- name: http
protocol: TCP
port: 80
targetPort: http
================================================
FILE: cluster/homelab/apps/bentopdf/deployment.yaml
================================================
apiVersion: apps/v1
kind: Deployment
metadata:
name: bentopdf
labels:
app.kubernetes.io/instance: bentopdf
app.kubernetes.io/name: bentopdf
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: bentopdf
app.kubernetes.io/name: bentopdf
template:
metadata:
labels:
app.kubernetes.io/instance: bentopdf
app.kubernetes.io/name: bentopdf
spec:
restartPolicy: Always
containers:
- name: bentopdf
image: ghcr.io/alam00000/bentopdf:2.8.4
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 512m
memory: 512Mi
ports:
- name: web
containerPort: 8080
securityContext:
capabilities:
drop:
- "ALL"
add:
- CHOWN
- SETUID
- SETGID
env:
- name: PUID
value: "1000"
- name: PGID
value: "1000"
- name: TZ
value: "Europe/Sofia"
livenessProbe:
failureThreshold: 10
initialDelaySeconds: 30
tcpSocket:
port: 8080
timeoutSeconds: 2
startupProbe:
failureThreshold: 20
timeoutSeconds: 2
tcpSocket:
port: 8080
================================================
FILE: cluster/homelab/apps/bentopdf/gateway-api.yaml
================================================
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: bentopdf-internal
annotations:
gethomepage.dev/enabled: "true"
gethomepage.dev/description: PDF Tools
gethomepage.dev/group: Tools
gethomepage.dev/icon: https://bentopdf.sgenov.dev/favicon.ico
gethomepage.dev/name: BentoPDF
spec:
parentRefs:
- name: internal
namespace: istio-gateway
hostnames:
- "bentopdf.sgenov.dev"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: bentopdf
port: 8080
================================================
FILE: cluster/homelab/apps/bentopdf/kustomization.yaml
================================================
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: bentopdf
resources:
- namespace.yaml
- deployment.yaml
- service.yaml
- gateway-api.yaml
================================================
FILE: cluster/homelab/apps/bentopdf/namespace.yaml
================================================
---
apiVersion: v1
kind: Namespace
metadata:
name: bentopdf
================================================
FILE: cluster/homelab/apps/bentopdf/service.yaml
================================================
apiVersion: v1
kind: Service
metadata:
name: bentopdf
spec:
selector:
app.kubernetes.io/instance: bentopdf
app.kubernetes.io/name: bentopdf
ports:
- name: web
protocol: TCP
port: 8080
================================================
FILE: cluster/homelab/apps/cert-manager/issuer.yaml
================================================
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt
namespace: cert-manager
spec:
acme:
email: stefantigro@gmail.com
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: issuer-account-key
solvers:
- dns01:
cloudflare:
email: stefantigro@gmail.com
apiTokenSecretRef:
name: cloudflare
key: apikey
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
namespace: cert-manager
spec:
acme:
email: stefantigro@gmail.com
server: https://acme-staging-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: issuer-account-key
solvers:
- dns01:
cloudflare:
email: stefantigro@gmail.com
apiTokenSecretRef:
name: cloudflare
key: apikey
================================================
FILE: cluster/homelab/apps/cert-manager/kustomization.yaml
================================================
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- issuer.yaml
- wildcard-certificate.yaml
================================================
FILE: cluster/homelab/apps/cert-manager/wildcard-certificate.yaml
================================================
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: ingress
namespace: cert-manager
spec:
secretTemplate:
annotations:
reflector.v1.k8s.emberstack.com/reflection-auto-enabled: "true"
reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
secretName: ingress
issuerRef:
name: letsencrypt
kind: ClusterIssuer
commonName: "*.sgenov.dev"
dnsNames:
- "*.sgenov.dev"
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: adygenova-cert
namespace: cert-manager
spec:
secretTemplate:
annotations:
reflector.v1.k8s.emberstack.com/reflection-auto-enabled: "true"
reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
secretName: adygenova-cert
issuerRef:
name: letsencrypt
kind: ClusterIssuer
commonName: "*.adygenova.com"
dnsNames:
- "*.adygenova.com"
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: replacedby-cert
namespace: cert-manager
spec:
secretTemplate:
annotations:
reflector.v1.k8s.emberstack.com/reflection-auto-enabled: "true"
reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
secretName: replacedby-cert
issuerRef:
name: letsencrypt
kind: ClusterIssuer
commonName: "*.replacedby.net"
dnsNames:
- "*.replacedby.net"
================================================
FILE: cluster/homelab/apps/changedetection/helm-release.yaml
================================================
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: changedetection
namespace: changedetection
spec:
interval: 10m
install:
createNamespace: true
chart:
spec:
chart: ./Helm/apps/changedetection
reconcileStrategy: Revision
sourceRef:
kind: GitRepository
name: flux-system
namespace: flux-system
values:
image: dgtlmoon/changedetection.io:0.55.3
================================================
FILE: cluster/homelab/apps/changedetection/kustomization.yaml
================================================
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helm-release.yaml
- namespace.yaml
================================================
FILE: cluster/homelab/apps/changedetection/namespace.yaml
================================================
---
apiVersion: v1
kind: Namespace
metadata:
name: changedetection
================================================
FILE: cluster/homelab/apps/cyberchef/helm-release.yaml
================================================
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: cyberchef
namespace: cyberchef
spec:
interval: 10m
install:
createNamespace: true
chart:
spec:
chart: ./Helm/apps/cyberchef
reconcileStrategy: Revision
sourceRef:
kind: GitRepository
name: flux-system
namespace: flux-system
values:
cyberchef:
image: mpepping/cyberchef:v10.24.0
================================================
FILE: cluster/homelab/apps/cyberchef/kustomization.yaml
================================================
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helm-release.yaml
- namespace.yaml
================================================
FILE: cluster/homelab/apps/cyberchef/namespace.yaml
================================================
---
apiVersion: v1
kind: Namespace
metadata:
name: cyberchef
================================================
FILE: cluster/homelab/apps/diagrams/helm-release.yaml
================================================
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: diagrams
namespace: diagrams
spec:
interval: 10m
install:
createNamespace: true
chart:
spec:
chart: ./Helm/apps/diagrams
reconcileStrategy: Revision
sourceRef:
kind: GitRepository
name: flux-system
namespace: flux-system
================================================
FILE: cluster/homelab/apps/diagrams/kustomization.yaml
================================================
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helm-release.yaml
- namespace.yaml
================================================
FILE: cluster/homelab/apps/diagrams/namespace.yaml
================================================
---
apiVersion: v1
kind: Namespace
metadata:
name: diagrams
================================================
FILE: cluster/homelab/apps/firefly/cnpg.yaml
================================================
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: cluster-postgres
annotations:
backup.velero.io/backup-volumes: pgdata
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.1
storage:
size: 10Gi
podSecurityContext:
runAsNonRoot: true
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
- CHOWN
- FOWNER
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
================================================
FILE: cluster/homelab/apps/firefly/gateway-api.sensitive.yaml
================================================
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: firefly-internal
annotations:
gethomepage.dev/enabled: ENC[AES256_GCM,data:t+20kQ==,iv:p8Opyq1QUKUvAKSyU+qD1uUEoMBqXtlNJoajE2acRUo=,tag:Ue6njGAknFa4urpgXZnPmg==,type:str]
gethomepage.dev/description: ENC[AES256_GCM,data:q/XSINQkdZQZWwduDQ==,iv:LGHKlrlyZxMy00Q/KSz3L54bMsxG4DLpIDUMKBqcY9s=,tag:XpwDkSMfKedBQ69DiqK2aQ==,type:str]
gethomepage.dev/group: ENC[AES256_GCM,data:O75eHVHlgMs=,iv:5fdD2j9bKz3yh/qSE6El42LOg+XxFd9mdyMxu/H7B+o=,tag:ix2dZV5lVIgUDj192vCY2w==,type:str]
gethomepage.dev/icon: ENC[AES256_GCM,data:178Nv5PrxA==,iv:l91hn6pM+xLZtCsKREP2davQ66mjXyDVyXsUMkOR/a0=,tag:2YXL3dUuAuyqh/A0qMHERg==,type:str]
gethomepage.dev/name: ENC[AES256_GCM,data:ZUZi6zDny0vMSOc=,iv:9TtR1NcZ4osTVvJGQCK45fTD6W/WjPyycyPrD+tIPkY=,tag:uPJFwM2D0PcK3nJ0azTKuw==,type:str]
gethomepage.dev/widget.type: ENC[AES256_GCM,data:Ms3+Oq/frQ==,iv:jSuKAhhGw1J8iseGw4fR2ZTCjvxFWLAfK7zwY/l+RQo=,tag:vO+KfSAYJZSPUVuYBB+oMQ==,type:str]
gethomepage.dev/widget.url: ENC[AES256_GCM,data:xqqZ1Uz+xeB129mlwLMwPJv+8PU3kanHBg==,iv:WTcVvoYbwTRmxI+DgRn4QiL3Mpwjsx+OuW5v7B+XYM4=,tag:Y/04+cnaltjOyKVWCMqAWQ==,type:str]
gethomepage.dev/widget.key: ENC[AES256_GCM,data:aQQ34DvJ3RHXbvnVMANchlXl68t1PMNlGpPP2jtrfFI23bOf972aQFqhcx7UHIPZxPmoEte25qkx8WbAxu1M0/rSBhUJ6SUsAzDEkak+pOdF68XnMEEr83uzmijrO0KJRawV4uyBDtaOW3EAOxGtbEUmi7F9EuqoNbR1n7UhCD2bcJL5A62E6XzoDAqDmgjWyhEV3R7thP8zzwvwDY8AFSMcS9WTMagGfqOh9ymCFpPrf4ESJDYukp0DUCMsd96u+xgDiTfZJVQ2vl32ixYVyWb8R4eOJFe3CYvw9LWB5XoWfds5AcCcVAyPOcim+6k3YCyXR3hKoW/ePhQl88YNXcpkoG8MU8Yg014EJhuvIHodWc1PLY0veNaGT0gJUU+nESOyqDqFFn/lcIAiG+KVDqAEjWmjYh1XRWCjG52Y3f9I3Lc8bjmoO8Y3eC35GY8mPjO0bNxL5/X1VHMogv260NINTLJMX1vBD4eQZ4V9dg9jqX1rs7HIdZmKsKsd7cCfI/BTx+S3Cd46nJFogpzmczm89kUvfwD4VZKnH0paHW0qD0sWgFUuN+pUAEl/0HmkNsjS9uYXD+e1fveoptP/RfQaWWSGzX78XZ8TYMzSQs5YV3vCOXrqFYgAJi9b7iSDWeVc1Q8lZ0bipOrJAzO7gKAfNoQ2dIx/+gduE4FZjug2SE1+pBfo7UEDneWT8mFtHAipgL4gg1do/ppmZ5CvXJ6dg996gDYaGsxprj6YRJVZR1DABrZfqomOEd8XlfTIhl55Dg57uWg0Cea+H9dK8m61NaqoES8EJ2Q74SWuPjjEBXoVhtltSm80f43FJT7f5mVIoE0bztiYMCWTr6Y3cqf1TdfBVT2vl0Omltqc6Q50C8bPzai0q1r0a51YDSzundSrOWxoKRilkn5cWEUTSonnjzwWrla0VMIwvbGLS5yYKP6s+CKFavEktCcq37o4x6Qa0wPmXeIQnHfVCzACy/vrTlrjwqbrwLj2dX3T5jdRtjtyOVj+pQYiOSVv3eYT2sqGnM7JT7CMD0sEtKii1W2pGWaXNtqLRhl8hZAAxN6lsBSMGjI27Gegdn5g77FecKOvg04/VtQySvREFKYqkzgR+dSsMxuZPXYJrxucOD0OqXJTl948FLznfl1NFKUoUFAz8EzuEkcbEweIanP6vRXGfAnFI5w3ecuClr/OIZN5B7cbffXAwIrVKUJuqySYwYmvyxaoWhgcCNVToL4Hf4NzTHrtf4OgvaCZmTjkZhlj+T7pKuVsBXHTlPFqSKKRv3w1TtsvdxBL+PfQAHWtbn2rRs6c4dpr,iv:qPV5l7n6VRzT9qmHIcERaLbwqFF7uvJKE61XriktbUU=,tag:FId4jYC6/ee1eOmrLFaz/Q==,type:str]
sops:
age:
- recipient: age1mq6usjzvvxvcp7tl03yjdqd0kgjhhvhz48kmg86p43nhx0jc75jssw0kfn
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRSVVWWE9CaFk3RncxTUpW
UEkxblNraVlMdjVodzFiNzJ1K012TzhZNUY4CjVLSVVpbGhuRWFVcEdQV3QwSjgr
MXlySHZNanlXMmF6TmMwSXQ5V2JaR3MKLS0tIDQzMUVNeDdjZk44anBzYTBNakUy
OU5OV3FCOG9oUmkxanFOb1ROR2ZhMTAKAWjRBhvleX72BbS01DeDX+cQzE2U5lAd
UmBCmNE6S5R4gP7cWO1WDSNRjYEGT0XMv5zr3whX2U2QQJvsxqCTeA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-01-19T21:02:02Z"
mac: ENC[AES256_GCM,data:DKD3lc5HNFyuUynHzwO6nco+jCovKuSdu7andnOi/atznqSQAPAGfdUswG81ZqP3vBEhBFnnbHBZZTpGe+PP+NKvTrhzAEQQ/R4UvUJ2KouDPYGTKL86I4suiq/xx3JezTnF7H32Tfer80UeaCLX37zeyTYaQ1eiU3Lfu9J/3cg=,iv:hxd1k9BVsQx39h6yHm/PdUTxzL4BVW2HIFrhfoEcYmU=,tag:pWUVZt9RQimRgyRlNxyvug==,type:str]
encrypted_regex: ^(rules|annotations|)$
version: 3.11.0
================================================
FILE: cluster/homelab/apps/firefly/helm-release.yaml
================================================
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: firefly
spec:
interval: 10m
install:
createNamespace: true
chart:
spec:
chart: ./Helm/apps/firefly
reconcileStrategy: Revision
sourceRef:
kind: GitRepository
name: flux-system
namespace: flux-system
================================================
FILE: cluster/homelab/apps/firefly/kustomization.yaml
================================================
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: firefly
resources:
- helm-release.yaml
- namespace.yaml
- secret.sops.yaml
- gateway-api.sensitive.yaml
- cnpg.yaml
================================================
FILE: cluster/homelab/apps/firefly/namespace.yaml
================================================
---
apiVersion: v1
kind: Namespace
metadata:
name: firefly
================================================
FILE: cluster/homelab/apps/firefly/secret.sops.yaml
================================================
kind: Secret
apiVersion: v1
type: Opaque
metadata:
name: bot-env
data:
BOT_TOKEN: ENC[AES256_GCM,data:xuvnXdR1NZweB+BfkqWze92Vw81b2A055f7a7WszRyjVqm+GaPnDTr42XauyphIgbxbzhq26CZ6eDhFus75K0Q==,iv:5EOSLAZvQH4NfbY9pP5rExuB1i8YRomZk5BV3cZ0xGw=,tag:Un5a/PKYvGmTol0ISYNQog==,type:str]
sops:
age:
- recipient: age1mq6usjzvvxvcp7tl03yjdqd0kgjhhvhz48kmg86p43nhx0jc75jssw0kfn
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkR1hQTk9pWFZMYlQzKzNG
WnlMcGYxZEhNOTB2TnEzOFhxTVY4SDhubVZBCmN6c1BLbmYxTU1zUHJOMTlIeDU2
T2tuT0M3ZXlxSW5pWTRtOUdBYjZlUFEKLS0tIFVBT3F4a1RwejJpdE9uWENLWWxE
UHZSNFUzQ1ZvN3Q1ODJEWmRJMHRhNkUKI3gsgABTCJo6KKiimfT7W7xOFzwnjUwR
33TH2eoZhjsEKCnjiLfp7VES+DQXwNOyaH08BHhQx1zBvZZDDW9XGA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-01-19T21:02:34Z"
mac: ENC[AES256_GCM,data:xLm9Mks2x8EH9CT8PHiNG8RVpe7LdtplZKoWqzeYKNgrGckAyDgY1E65N8Y3rMAN9lDOGlfp3xzBHQOeEKwQzgiN29uJaa1QV8AGb73Osg54fEys0hy1o0FftGKnL9IzoU7i77tF2zrPdqY8zpd7CCS7kL+7dn1p1aWqoxW+wWQ=,iv:b7/We1YriVr1X0bsHq0Xfz3YJ+jT3pp35TcTDU7r79w=,tag:Xp9MmUCZgoheyPW3wsMadg==,type:str]
encrypted_regex: ^(data|stringData|annotations|)$
version: 3.11.0
---
kind: Secret
apiVersion: v1
type: Opaque
metadata:
name: app
data:
key: ENC[AES256_GCM,data:2SIGAGsK/RSNQcu3UR58bwKpc9cK7sJXOh2yMlZxNhOWuQSpCEBMT8N4tic=,iv:owyv8n8511tLV6C30N+Nj3RrwOaLvIgK+vYE9pf1YZc=,tag:bopeYUOEajH0C/LSGm+bKQ==,type:str]
API_KEY: ENC[AES256_GCM,data:PtcrOqfl6stqDpsTham9hSX5vcJlHu4v7Px7Ko9hR16gCgHuWk+nSk2kud8J60FgtqLOQ6G23YBssQ3TEEPduHLv+XifafDX0TYjHh61+LSiQzpPpdyWGX5tqcULMKBBR+sUafTIBH9eUCj99LCe69P22rcI70b+sMte/dk3IGjCvswdObCLZeODodHghYscnGCDlxvWuh4Q8H8NZj8waALQ8DcudOA9+1dEZyfMT3vRK6+dyW1c1WC1lhI6ylhw81FcXVOs8Wju9vMNHQZ1JMdyNgbeFTiP9DhjALPyJBt8huUGhblzJw9N9Gefrd4u/X51pdgY66JT+Ny87cbeQMiHVDz6fclh9wc9GdM7dWbIUQjQq3ZsSb1bYZPnH1e0ggndUBptxjuGJcRLS/uhVKMTYjkb8V5UgMo9EFPAGQZv7uyffnP0Ztd/EUhCEoU2O1ctdmJ2aPbpd2Ig/QTcKKVec0dyhJ5LG+x3cOMGtxu15ROsb/LG8zDYVAwmRPy1+jc6equFxp50IJWQ0ZxmnMARVZPhLnap/ndyt6dOwefOGKnj9jw4lp01UUzEvwSA+jhFt57h6QLvSeGEM69L9P+HBYsOBqTwDE+nDvPbSKRgeRc7oR9A2RoNZElxVe1UMb1DwTyBXSoxgIWvzBgkTaHgS+G5lncEkIbtAxl7WvvZ3sN6UCE9n3WA373UPMA6CecIgmD+CkoAGOY9UqmGZ1SQXNlRbgPQEolk+WS/j237YwV4PwBNQNZ6EpYFmGZ6yQ7jurgAIwCOu0lpbzBs6MuUAbdbriMZWYyWK89ogp3vXYY9ymM6bwasy0DlYmlCz5IuKepruP+vN8nj+HhbA5i9ODZIiq+sA2L8h97hOovqL6JEQuLWOIC0WUesgFTcAZgpn6IyT8BKQNxNR6s4n07Y2B1bA+kdLx/tB+/A/utWRGJrs9gZayYAlJfJFMRPJQr3+I+YaZbX+UTuEJM/dVY/C8QsxWdSowQMkYyBisw8IHlIMYRcC34VtPWOB0o43Cy4Soc9YAwdMJPJWaLidoxDELfQ858fV/zmVYzeE79pCLRenzsjmH9arrn2q+Ok1VqqC63Qmlvxbu8Qw1JDBuvYbCbsjfIPQs8jeizf2psEl2hbyO+ZKclW6jnxvhRXwQLK7NA7y9cGBFunQi7uad0zscwQ8etNhYbBjrlVklb4saW2zwj7KL1E1o5hdUb2V4UtaIhYayY83sQiASeLLLfHTzGcYR0sZf4GQNXZ88sSO/fCvJGTCUoSCeiIGEyPCeTTXrLQyWZ4Jf/jmeaMd8n1nUk/L8NNGqaEnLgacjxxC+PJ7FGfsw4mlrOhlNkEmhvbTt7U6WJ1JICjV8ePin1Qb6tz6aIHtPOTWQCFirdZ2LFFwJhR1Et5cGvjrmaLtCNL1dNVPruAnLfDh81TRV0mIOvb6lw89wRM8OqDjRVMJ3KCSshC1aDOOEi5wZLBNzwtkOvzJdZvwtsLYWHYa50pE6fV9IFe5v62i2R5mbdUPsglhPJjwsQpZjoBUC4ktWpLjbFOe8+27dpSEzBm+Ht8KrcZvvRjIl2ERgtrhjoOrdwZZ/h87qDDoU8dyqVBAQJjkVFBKnXEcOkftvdTd2+XvdlZEejq1eqwOmpMBpvC1KK1d+bK6qbZXGgmdXxyy0NRuUftXB/kb24qCWqg1ev5Qu1wayHdEvWG4T4WWCHCKD15iTK9tAQd2ymnGjE+2nlQLvuATgZLxLMI,iv:4r3cUqQtQam0l5SUgtDUgSpdY1Rd8kbqNU9oclSMHl4=,tag:iM4TNQTpzgpsQkkc++YVGg==,type:str]
sops:
age:
- recipient: age1mq6usjzvvxvcp7tl03yjdqd0kgjhhvhz48kmg86p43nhx0jc75jssw0kfn
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkR1hQTk9pWFZMYlQzKzNG
WnlMcGYxZEhNOTB2TnEzOFhxTVY4SDhubVZBCmN6c1BLbmYxTU1zUHJOMTlIeDU2
T2tuT0M3ZXlxSW5pWTRtOUdBYjZlUFEKLS0tIFVBT3F4a1RwejJpdE9uWENLWWxE
UHZSNFUzQ1ZvN3Q1ODJEWmRJMHRhNkUKI3gsgABTCJo6KKiimfT7W7xOFzwnjUwR
33TH2eoZhjsEKCnjiLfp7VES+DQXwNOyaH08BHhQx1zBvZZDDW9XGA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-01-19T21:02:34Z"
mac: ENC[AES256_GCM,data:xLm9Mks2x8EH9CT8PHiNG8RVpe7LdtplZKoWqzeYKNgrGckAyDgY1E65N8Y3rMAN9lDOGlfp3xzBHQOeEKwQzgiN29uJaa1QV8AGb73Osg54fEys0hy1o0FftGKnL9IzoU7i77tF2zrPdqY8zpd7CCS7kL+7dn1p1aWqoxW+wWQ=,iv:b7/We1YriVr1X0bsHq0Xfz3YJ+jT3pp35TcTDU7r79w=,tag:Xp9MmUCZgoheyPW3wsMadg==,type:str]
encrypted_regex: ^(data|stringData|annotations|)$
version: 3.11.0
================================================
FILE: cluster/homelab/apps/foldingathome/helm-release.yaml
================================================
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: foldingathome
namespace: foldingathome
spec:
interval: 10m
install:
createNamespace: true
chart:
spec:
chart: ./Helm/apps/foldingathome
reconcileStrategy: Revision
sourceRef:
kind: GitRepository
name: flux-system
namespace: flux-system
================================================
FILE: cluster/homelab/apps/foldingathome/kustomization.yaml
================================================
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- helm-release.yaml
- secret.sops.yaml
================================================
FILE: cluster/homelab/apps/foldingathome/namespace.yaml
========================
gitextract_h1nphho3/
├── .github/
│ ├── CODEOWNERS
│ ├── ISSUE_TEMPLATE/
│ │ ├── bug-report.md
│ │ ├── feature-request.md
│ │ └── question.md
│ ├── PULL_REQUEST_TEMPLATE.md
│ ├── linters/
│ │ ├── .markdownlint.yaml
│ │ ├── .prettierignore
│ │ ├── .prettierrc.yaml
│ │ ├── .tflint.hcl
│ │ └── .yamllint.yaml
│ ├── renovate.json5
│ └── workflows/
│ ├── dependency.yaml
│ └── lint.yaml
├── .gitignore
├── .gitmodules
├── Helm/
│ └── apps/
│ ├── changedetection/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── cyberchef/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── diagrams/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── firefly/
│ │ ├── .helmignore
│ │ ├── CHANGELOG.md
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── firefly-bot-deployment.yaml
│ │ │ ├── firefly-pvc.yaml
│ │ │ └── gateway-api.yaml
│ │ └── values.yaml
│ ├── foldingathome/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── gateway-api.yaml
│ │ │ └── statefulset.yaml
│ │ └── values.yaml
│ ├── freshrss/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── homebox/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── it-tools/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── pdb.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── linkwarden/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── mazanoke/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── mealie/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── service.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── media/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── flaresolverr.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kavita.yaml
│ │ │ ├── media-pvc.yaml
│ │ │ ├── overseer.yaml
│ │ │ ├── prowlarr.yaml
│ │ │ ├── radarr.yaml
│ │ │ ├── sonarr.yaml
│ │ │ └── transmission.yaml
│ │ └── values.yaml
│ ├── n8n/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── nodered/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── nodered-pvc.yaml
│ │ └── values.yaml
│ ├── openbooks/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── reactiveresume/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── storage/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── gateway-api.yaml
│ │ │ ├── storage-pvc.yaml
│ │ │ └── syncthing.yaml
│ │ └── values.yaml
│ ├── uptimekuma/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── uptime-kuma-pvc.yaml
│ │ └── values.yaml
│ ├── vikunja/
│ │ ├── .helmignore
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ ├── wallabag/
│ │ ├── .helmignore
│ │ ├── CHANGELOG.md
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates/
│ │ │ ├── database.yaml
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── pdb.yaml
│ │ │ ├── service.yaml
│ │ │ └── storage.yaml
│ │ └── values.yaml
│ └── website/
│ ├── .helmignore
│ ├── CHANGELOG.md
│ ├── Chart.yaml
│ ├── README.md
│ ├── templates/
│ │ ├── deployment.yaml
│ │ ├── gateway-api.yaml
│ │ ├── pdb.yaml
│ │ └── service.yaml
│ └── values.yaml
├── README.md
├── TODOS.md
├── ansible/
│ ├── hosts/
│ │ ├── group_vars/
│ │ │ ├── master/
│ │ │ │ └── k3s-config.yaml
│ │ │ └── workers/
│ │ │ └── k3s-config.yaml
│ │ └── inventory
│ └── playbooks/
│ └── install/
│ ├── files/
│ │ ├── allContainerLogs
│ │ ├── cleanUpOrphanedPods.py
│ │ ├── cniLogs
│ │ ├── multipath.conf
│ │ └── podLogs
│ ├── main.yml
│ ├── requirements.yml
│ └── vars/
│ └── main.yml
├── cluster/
│ └── homelab/
│ ├── age.agekey.public
│ ├── apps/
│ │ ├── adminer/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── service.yaml
│ │ ├── bentopdf/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── service.yaml
│ │ ├── cert-manager/
│ │ │ ├── issuer.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── wildcard-certificate.yaml
│ │ ├── changedetection/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── cyberchef/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── diagrams/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── firefly/
│ │ │ ├── cnpg.yaml
│ │ │ ├── gateway-api.sensitive.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── foldingathome/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── freshrss/
│ │ │ ├── cnpg.yaml
│ │ │ ├── gateway-api.sops.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── garden/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ ├── pdb.yaml
│ │ │ └── service.yaml
│ │ ├── go-ddns-controller/
│ │ │ ├── configMaps.sops.yaml
│ │ │ ├── git-repo-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ ├── notifier.yaml
│ │ │ ├── provider.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── gotenberg/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── homebox/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── homepage/
│ │ │ ├── gateway-api.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── homepage-config.sops.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── it-tools/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── koffan/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ ├── secret.sops.yaml
│ │ │ ├── service.yaml
│ │ │ └── storage.yaml
│ │ ├── kustomization.yaml
│ │ ├── linkwarden/
│ │ │ ├── cnpg.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── mazanoke/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── mealie/
│ │ │ ├── gateway-api.sops.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── media/
│ │ │ ├── gateway-api.sops.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── shelfmark/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── service.yaml
│ │ │ └── storage.yaml
│ │ ├── n8n/
│ │ │ ├── cnpg.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── networking-toolbox/
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── service.yaml
│ │ ├── nodered/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── observeability/
│ │ │ ├── helm-release.sensitive.sops.yaml
│ │ │ ├── kubernetes-server-metrics.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── loki-helm-release.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── trivy.yaml
│ │ ├── openbooks/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── paperless-ngx/
│ │ │ ├── gateway-api.sensitive.yaml
│ │ │ ├── helm-release.yaml
│ │ │ └── kustomization.yaml
│ │ ├── reactiveresume/
│ │ │ ├── cnpg.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── replacedby/
│ │ │ ├── database.yaml
│ │ │ ├── deployment.yaml
│ │ │ ├── gateway-api.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── service.yaml
│ │ ├── storage/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── tika/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── uptimekuma/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── vikunja/
│ │ │ ├── cnpg.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── wallabag/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ └── website/
│ │ ├── helm-release.yaml
│ │ ├── kustomization.yaml
│ │ ├── namespace.yaml
│ │ └── secret.sops.yaml
│ ├── base/
│ │ ├── .sops.yaml
│ │ ├── apps.yaml
│ │ ├── configs.yaml
│ │ ├── core.yaml
│ │ ├── crds.yaml
│ │ ├── flux-system/
│ │ │ ├── gotk-components.yaml
│ │ │ ├── gotk-patch.yaml
│ │ │ ├── gotk-sync.yaml
│ │ │ └── kustomization.yaml
│ │ ├── helm.yaml
│ │ └── terraform.yaml
│ ├── configs/
│ │ ├── flux/
│ │ │ ├── alert.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── notification.sops.yaml
│ │ ├── istio/
│ │ │ ├── external-gateway-adygenova.yaml
│ │ │ ├── external-gateway-replacedby.yaml
│ │ │ ├── external-gateway.yaml
│ │ │ ├── internal-gateway.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── kustomization.yaml
│ │ ├── kyverno/
│ │ │ ├── cleanup-empty-replicasets.yaml
│ │ │ ├── default-network-policy.yaml
│ │ │ ├── disallow-default.yaml
│ │ │ ├── disallow-helm-tiller.yaml
│ │ │ ├── disallow-latest-tag.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── inject-image-pull-secrets.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── no-privileged.yaml
│ │ │ ├── require-drop-all.yaml
│ │ │ ├── restrict-node-port.yaml
│ │ │ └── restrict-service-external-ips.yaml
│ │ ├── metallb/
│ │ │ ├── ip-pool.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── l2-advertisement.yaml
│ │ ├── system-upgrade/
│ │ │ ├── README.md
│ │ │ ├── kustomization.yaml
│ │ │ └── plans/
│ │ │ ├── latest/
│ │ │ │ ├── agent.yaml
│ │ │ │ ├── kustomization.yaml
│ │ │ │ └── server.yaml
│ │ │ └── stable/
│ │ │ ├── agent.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── server.yaml
│ │ └── velero/
│ │ ├── kustomization.yaml
│ │ └── schedule.yaml
│ ├── core/
│ │ ├── archive/
│ │ │ ├── cgroup-gc/
│ │ │ │ ├── helm-release.yaml
│ │ │ │ ├── kustomization.yaml
│ │ │ │ └── namespace.yaml
│ │ │ └── kube-vip/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── cert-manager/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── secret.sops.yaml
│ │ ├── cluster-critical/
│ │ │ ├── kustomization.yaml
│ │ │ └── priority-classes.yaml
│ │ ├── cnpg/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── descheduler/
│ │ │ ├── helm-release.yaml
│ │ │ └── kustomization.yaml
│ │ ├── istio/
│ │ │ ├── cni-helm-release.yaml
│ │ │ ├── control-plane-helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── ztunnel-helm-release.yaml
│ │ ├── kured/
│ │ │ ├── helm-release.sops.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── kustomization.yaml
│ │ ├── kyverno/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── longhorn-system/
│ │ │ ├── db-storageclass.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── mariadb-operator/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── metallb/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── reflector/
│ │ │ ├── helm-release.yaml
│ │ │ ├── image_pull_secret.sops.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── rook-ceph/
│ │ │ ├── helm-release.yaml
│ │ │ └── kustomization.yaml
│ │ ├── system-upgrade/
│ │ │ └── kustomization.yaml
│ │ ├── tofu-controller/
│ │ │ ├── helm-release.yaml
│ │ │ └── kustomization.yaml
│ │ ├── trivy/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ └── velero/
│ │ ├── helm-release.yaml
│ │ ├── kustomization.yaml
│ │ ├── namespace.yaml
│ │ └── secret.sops.yaml
│ ├── crds/
│ │ ├── external-snapshotter/
│ │ │ ├── crds.yaml
│ │ │ └── kustomization.yaml
│ │ ├── gateway-api/
│ │ │ ├── crds.yaml
│ │ │ └── kustomization.yaml
│ │ ├── istio/
│ │ │ ├── helm-release.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── namespace.yaml
│ │ ├── kustomization.yaml
│ │ └── mariadb-operator/
│ │ ├── helm-release.yaml
│ │ ├── kustomization.yaml
│ │ └── namespace.yaml
│ ├── helm/
│ │ ├── aqua/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── bjw-s/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── cert-manager/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── cnpg/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── descheduler/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── gabe565/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── go-ddns-controller/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── istio/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── k8s-at-home/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── kube-vip/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── kubereboot/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── kustomization.yaml
│ │ ├── kyverno/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── longhorn-system/
│ │ │ ├── kustomization.yaml
│ │ │ └── longhorn-repo.yaml
│ │ ├── maikumori/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── mariadb-operator/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── metallb/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── metrics-server/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── observability/
│ │ │ ├── kube-prometheus-stack.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── loki-stack.yaml
│ │ ├── reflector/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── rook/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── tika/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── tofu-controller/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ ├── unofficial/
│ │ │ ├── jameswynn.yaml
│ │ │ └── kustomization.yaml
│ │ ├── velero/
│ │ │ ├── kustomization.yaml
│ │ │ └── repo.yaml
│ │ └── wger/
│ │ ├── kustomization.yaml
│ │ └── repo.yaml
│ ├── storage/
│ │ ├── kustomization.yaml
│ │ └── rook-ceph-cluster/
│ │ ├── helm-release.yaml
│ │ └── kustomization.yaml
│ ├── template.secret.yaml
│ └── terraform/
│ ├── homelab-iac-secrets.sops.yaml
│ ├── homelab-iac.yaml
│ └── kustomization.yaml
├── docs/
│ ├── Backups.md
│ ├── Flux.md
│ ├── Getting Started.md
│ ├── Longhorn.md
│ ├── SettingUpCertManager.md
│ ├── SettingUpRenovate.md
│ ├── Sops.md
│ ├── Troubleshooting.md
│ └── tofu.md
├── local/
│ └── docker-compose.yaml
└── upgrades/
└── v1.35.0+k3s1.yaml
Condensed preview — 523 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (1,893K chars).
[
{
"path": ".github/CODEOWNERS",
"chars": 116,
"preview": "# https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners\n* @Michaelpalacce\n"
},
{
"path": ".github/ISSUE_TEMPLATE/bug-report.md",
"chars": 507,
"preview": "---\nname: Bug report\nabout: Create a report to help us improve\ntitle: ''\nlabels: kind/bug\nassignees: ''\n\n---\n\n# Details\n"
},
{
"path": ".github/ISSUE_TEMPLATE/feature-request.md",
"chars": 477,
"preview": "---\nname: Feature request\nabout: Suggest an idea for this project\ntitle: ''\nlabels: kind/enhancement\nassignees: ''\n\n---\n"
},
{
"path": ".github/ISSUE_TEMPLATE/question.md",
"chars": 428,
"preview": "---\nname: Question\nabout: Ask a question to the maintainer\ntitle: ''\nlabels: kind/question\nassignees: ''\n\n---\n\n# Details"
},
{
"path": ".github/PULL_REQUEST_TEMPLATE.md",
"chars": 518,
"preview": "**Description of the change**\n\n<!-- Describe the scope of your change - i.e. what the change does. -->\n\n**Benefits**\n\n<!"
},
{
"path": ".github/linters/.markdownlint.yaml",
"chars": 511,
"preview": "---\ndefault: true\n\n# MD013/line-length - Line length\nMD013:\n # Number of characters\n line_length: 240\n # Number"
},
{
"path": ".github/linters/.prettierignore",
"chars": 30,
"preview": "*.sops.*\ngotk-components.yaml\n"
},
{
"path": ".github/linters/.prettierrc.yaml",
"chars": 66,
"preview": "---\ntrailingComma: es5\ntabWidth: 2\nsemi: false\nsingleQuote: false\n"
},
{
"path": ".github/linters/.tflint.hcl",
"chars": 0,
"preview": ""
},
{
"path": ".github/linters/.yamllint.yaml",
"chars": 367,
"preview": "---\nignore: |\n gotk-*.yaml\n *jenkins*\nextends: default\nrules:\n truthy: false\n comments:\n min-spaces-f"
},
{
"path": ".github/renovate.json5",
"chars": 3550,
"preview": "{\n extends: [\n ':enableRenovate',\n 'config:recommended',\n ':disableRateLimiting',\n ':dependencyDashboard',\n"
},
{
"path": ".github/workflows/dependency.yaml",
"chars": 344,
"preview": "name: 'Dependency Review'\n\non:\n pull_request:\n\n\npermissions:\n contents: read\n\njobs:\n dependency-review:\n runs-on"
},
{
"path": ".github/workflows/lint.yaml",
"chars": 879,
"preview": "---\nname: Lint\n\non: # yamllint disable-line rule:truthy\n workflow_dispatch:\n pull_request:\n branches:\n - mast"
},
{
"path": ".gitignore",
"chars": 163,
"preview": ".idea\r\nTestingEnv\r\noutput/\r\n.secret\r\ntesting\r\nansible/playbooks/restore/files/backup\r\nvelero-credentials\r\ntemp\r\n*.tfvars"
},
{
"path": ".gitmodules",
"chars": 103,
"preview": "[submodule \"HomeLab-IaC\"]\n\tpath = HomeLab-IaC\n\turl = https://github.com/Michaelpalacce/HomeLab-IaC.git\n"
},
{
"path": "Helm/apps/changedetection/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/changedetection/Chart.yaml",
"chars": 217,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install changedetection\nmaintainers:\n - email: "
},
{
"path": "Helm/apps/changedetection/README.md",
"chars": 46,
"preview": "This chart is used to install changedetection\n"
},
{
"path": "Helm/apps/changedetection/templates/deployment.yaml",
"chars": 5386,
"preview": "---\n{{- with .Values.changedetection }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: changedetection\n na"
},
{
"path": "Helm/apps/changedetection/templates/gateway-api.yaml",
"chars": 930,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: changedetection-internal\n namespace:"
},
{
"path": "Helm/apps/changedetection/templates/storage.yaml",
"chars": 252,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: changedetection-pvc\nspec:\n accessModes:\n - "
},
{
"path": "Helm/apps/changedetection/values.yaml",
"chars": 410,
"preview": "---\nchangedetection:\n image: dgtlmoon/changedetection.io:0.55.3\n port: 5000\n baseUrl: changedetection.sgenov.de"
},
{
"path": "Helm/apps/cyberchef/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/cyberchef/Chart.yaml",
"chars": 205,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install cyberchef\nmaintainers:\n - email: sgenov"
},
{
"path": "Helm/apps/cyberchef/README.md",
"chars": 42,
"preview": "This chart is used to install cyberchef. \n"
},
{
"path": "Helm/apps/cyberchef/templates/deployment.yaml",
"chars": 1583,
"preview": "---\n{{- with .Values.cyberchef }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: cyberchef\n namespace: {{ "
},
{
"path": "Helm/apps/cyberchef/templates/gateway-api.yaml",
"chars": 651,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: cyberchef-internal\n namespace: {{ $."
},
{
"path": "Helm/apps/cyberchef/templates/service.yaml",
"chars": 342,
"preview": "---\n{{- with .Values.cyberchef }}\napiVersion: v1\nkind: Service\nmetadata:\n name: cyberchef\n namespace: {{ $.Release"
},
{
"path": "Helm/apps/cyberchef/values.yaml",
"chars": 148,
"preview": "---\ncyberchef:\n image: mpepping/cyberchef:v10.24.0\n port: 8000\n resources:\n requests:\n cpu: 1"
},
{
"path": "Helm/apps/diagrams/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/diagrams/Chart.yaml",
"chars": 203,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install diagrams\nmaintainers:\n - email: sgenov9"
},
{
"path": "Helm/apps/diagrams/README.md",
"chars": 159,
"preview": "This chart is used to install diagrams.\n\nDiagrams or draw.io is a free online diagram software for making flowcharts, \np"
},
{
"path": "Helm/apps/diagrams/templates/deployment.yaml",
"chars": 1171,
"preview": "---\n{{- with .Values.diagrams }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: diagrams\n namespace: {{ $."
},
{
"path": "Helm/apps/diagrams/templates/gateway-api.yaml",
"chars": 641,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: diagrams-internal\n namespace: {{ $.R"
},
{
"path": "Helm/apps/diagrams/templates/service.yaml",
"chars": 343,
"preview": "---\n{{- with .Values.diagrams }}\napiVersion: v1\nkind: Service\nmetadata:\n name: diagrams\n namespace: {{ $.Release.N"
},
{
"path": "Helm/apps/diagrams/values.yaml",
"chars": 140,
"preview": "---\ndiagrams:\n image: jgraph/drawio:29.7.9\n port: 8080\n resources:\n requests:\n cpu: 10m\n "
},
{
"path": "Helm/apps/firefly/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/firefly/CHANGELOG.md",
"chars": 192,
"preview": "#### [v4.0.0]\n- Better Selector\n\n#### [v3.0.0]\n* Added firefly-iii-bot\n\n#### [V2.0.0]\n* Added simplesecrets\n\n#### [V1.1."
},
{
"path": "Helm/apps/firefly/Chart.yaml",
"chars": 205,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install firefly\nmaintainers:\n - email: sgenov"
},
{
"path": "Helm/apps/firefly/README.md",
"chars": 38,
"preview": "This chart is used to install firefly\n"
},
{
"path": "Helm/apps/firefly/templates/deployment.yaml",
"chars": 4276,
"preview": "---\n{{- with .Values.firefly }}\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: firefly\n namespace: {{ $.Rel"
},
{
"path": "Helm/apps/firefly/templates/firefly-bot-deployment.yaml",
"chars": 1576,
"preview": "---\n{{- with .Values.fireflybot }}\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: fireflybot\n namespace: {{"
},
{
"path": "Helm/apps/firefly/templates/firefly-pvc.yaml",
"chars": 497,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: firefly-pvc\nspec:\n accessModes:\n - ReadWrit"
},
{
"path": "Helm/apps/firefly/templates/gateway-api.yaml",
"chars": 790,
"preview": "# ---\n# apiVersion: gateway.networking.k8s.io/v1\n# kind: HTTPRoute\n# metadata:\n# name: firefly-external\n# namesp"
},
{
"path": "Helm/apps/firefly/values.yaml",
"chars": 337,
"preview": "---\nfirefly:\n image: fireflyiii/core:version-6.2.10\n port: 8080\n appUrl: https://firefly.sgenov.dev\n resources:\n "
},
{
"path": "Helm/apps/foldingathome/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/foldingathome/Chart.yaml",
"chars": 213,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install foldingathome\nmaintainers:\n - email: sg"
},
{
"path": "Helm/apps/foldingathome/README.md",
"chars": 44,
"preview": "This chart is used to install foldingathome\n"
},
{
"path": "Helm/apps/foldingathome/templates/gateway-api.yaml",
"chars": 419,
"preview": "apiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: foldingathome-internal\n namespace: {{ $."
},
{
"path": "Helm/apps/foldingathome/templates/statefulset.yaml",
"chars": 2617,
"preview": "\n---\n{{- with .Values.foldingathome }}\n\napiVersion: apps/v1\nkind: StatefulSet\nmetadata:\n name: foldingathome\n namespac"
},
{
"path": "Helm/apps/foldingathome/values.yaml",
"chars": 251,
"preview": "---\nfoldingathome:\n image: lscr.io/linuxserver/foldingathome:8.5.5\n port: 7396\n replicas: 0 # One for each server\n r"
},
{
"path": "Helm/apps/freshrss/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/freshrss/Chart.yaml",
"chars": 203,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install freshrss\nmaintainers:\n - email: sgenov9"
},
{
"path": "Helm/apps/freshrss/README.md",
"chars": 39,
"preview": "This chart is used to install freshrss\n"
},
{
"path": "Helm/apps/freshrss/templates/deployment.yaml",
"chars": 2280,
"preview": "---\n{{- with .Values.freshrss }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: freshrss\n namespace: {{ $."
},
{
"path": "Helm/apps/freshrss/templates/gateway-api.yaml",
"chars": 806,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: freshrss-external\n namespace: {{ $.R"
},
{
"path": "Helm/apps/freshrss/templates/storage.yaml",
"chars": 245,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: freshrss-pvc\nspec:\n accessModes:\n - ReadWri"
},
{
"path": "Helm/apps/freshrss/values.yaml",
"chars": 161,
"preview": "---\nfreshrss:\n image: lscr.io/linuxserver/freshrss:1.28.1\n port: 80\n resources:\n requests:\n cpu: 200m\n m"
},
{
"path": "Helm/apps/homebox/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/homebox/Chart.yaml",
"chars": 201,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install homebox\nmaintainers:\n - email: sgenov94"
},
{
"path": "Helm/apps/homebox/README.md",
"chars": 38,
"preview": "This chart is used to install homebox\n"
},
{
"path": "Helm/apps/homebox/templates/deployment.yaml",
"chars": 2675,
"preview": "---\n{{- with .Values.homebox }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: homebox\n namespace: {{ $.Re"
},
{
"path": "Helm/apps/homebox/templates/gateway-api.yaml",
"chars": 623,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: homebox-internal\n namespace: {{ $.Re"
},
{
"path": "Helm/apps/homebox/templates/storage.yaml",
"chars": 239,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: data-pvc\nspec:\n accessModes:\n - ReadWriteMa"
},
{
"path": "Helm/apps/homebox/values.yaml",
"chars": 194,
"preview": "---\nhomebox:\n image: ghcr.io/hay-kot/homebox:v0.10.3\n port: 7745\n replicas: 1\n resources:\n requests:\n"
},
{
"path": "Helm/apps/it-tools/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/it-tools/Chart.yaml",
"chars": 203,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install it-tools\nmaintainers:\n - email: sgenov9"
},
{
"path": "Helm/apps/it-tools/README.md",
"chars": 40,
"preview": "This chart is used to install it-tools.\n"
},
{
"path": "Helm/apps/it-tools/templates/deployment.yaml",
"chars": 1311,
"preview": "---\n{{- with .Values.ittools }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: it-tools\n namespace: {{ $.R"
},
{
"path": "Helm/apps/it-tools/templates/gateway-api.yaml",
"chars": 1048,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: it-tools-external\n namespace: {{ $.R"
},
{
"path": "Helm/apps/it-tools/templates/pdb.yaml",
"chars": 214,
"preview": "---\napiVersion: policy/v1\nkind: PodDisruptionBudget\nmetadata:\n name: it-tools\nspec:\n minAvailable: 1\n selector:\n m"
},
{
"path": "Helm/apps/it-tools/templates/service.yaml",
"chars": 342,
"preview": "---\n{{- with .Values.ittools }}\napiVersion: v1\nkind: Service\nmetadata:\n name: it-tools\n namespace: {{ $.Release.Na"
},
{
"path": "Helm/apps/it-tools/values.yaml",
"chars": 195,
"preview": "---\nittools:\n replicas: 1\n image: ghcr.io/corentinth/it-tools:nightly # The project doesn't have good docker tag hygie"
},
{
"path": "Helm/apps/linkwarden/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/linkwarden/Chart.yaml",
"chars": 211,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install linkwarden\nmaintainers:\n - email: sge"
},
{
"path": "Helm/apps/linkwarden/README.md",
"chars": 41,
"preview": "This chart is used to install linkwarden\n"
},
{
"path": "Helm/apps/linkwarden/templates/deployment.yaml",
"chars": 2919,
"preview": "---\n{{- with .Values.linkwarden }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: linkwarden\n namespace: {"
},
{
"path": "Helm/apps/linkwarden/templates/gateway-api.yaml",
"chars": 1049,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: linkwarden-external\n namespace: {{ $"
},
{
"path": "Helm/apps/linkwarden/templates/storage.yaml",
"chars": 247,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: linkwarden-pvc\nspec:\n accessModes:\n - ReadW"
},
{
"path": "Helm/apps/linkwarden/values.yaml",
"chars": 181,
"preview": "---\nlinkwarden:\n replicas: 1\n image: ghcr.io/linkwarden/linkwarden:v2.14.1\n port: 3000\n resources:\n requests:\n "
},
{
"path": "Helm/apps/mazanoke/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/mazanoke/Chart.yaml",
"chars": 203,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install mazanoke\nmaintainers:\n - email: sgenov9"
},
{
"path": "Helm/apps/mazanoke/README.md",
"chars": 40,
"preview": "This chart is used to install mazanoke.\n"
},
{
"path": "Helm/apps/mazanoke/templates/deployment.yaml",
"chars": 1341,
"preview": "---\n{{- with .Values.mazanoke }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: mazanoke\n namespace: {{ $."
},
{
"path": "Helm/apps/mazanoke/templates/gateway-api.yaml",
"chars": 700,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: mazanoke-internal\n namespace: {{ $.R"
},
{
"path": "Helm/apps/mazanoke/templates/service.yaml",
"chars": 343,
"preview": "---\n{{- with .Values.mazanoke }}\napiVersion: v1\nkind: Service\nmetadata:\n name: mazanoke\n namespace: {{ $.Release.N"
},
{
"path": "Helm/apps/mazanoke/values.yaml",
"chars": 151,
"preview": "---\nmazanoke:\n image: ghcr.io/civilblur/mazanoke:v1.1.5\n port: 80\n resources:\n requests:\n cpu"
},
{
"path": "Helm/apps/mealie/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/mealie/Chart.yaml",
"chars": 199,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install mealie\nmaintainers:\n - email: sgenov94@"
},
{
"path": "Helm/apps/mealie/README.md",
"chars": 37,
"preview": "This chart is used to install mealie\n"
},
{
"path": "Helm/apps/mealie/templates/deployment.yaml",
"chars": 2718,
"preview": "---\n{{- with .Values.mealie }}\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: mealie\n namespace: {{ $.Relea"
},
{
"path": "Helm/apps/mealie/templates/gateway-api.yaml",
"chars": 790,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: mealie-external\n namespace: {{ $.Rel"
},
{
"path": "Helm/apps/mealie/templates/service.yaml",
"chars": 328,
"preview": "{{- with .Values.mealie }}\n\napiVersion: v1\nkind: Service\nmetadata:\n name: mealie\n namespace: {{ $.Release.Namespac"
},
{
"path": "Helm/apps/mealie/templates/storage.yaml",
"chars": 239,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: data-pvc\nspec:\n accessModes:\n - ReadWriteMa"
},
{
"path": "Helm/apps/mealie/values.yaml",
"chars": 210,
"preview": "---\nmealie:\n replicas: 1\n image: ghcr.io/mealie-recipes/mealie:v3.16.0\n port: 9000\n baseUrl: https://mealie.sgenov.d"
},
{
"path": "Helm/apps/media/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/media/Chart.yaml",
"chars": 216,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install different media services\nmaintainers:\n "
},
{
"path": "Helm/apps/media/README.md",
"chars": 322,
"preview": "This chart is used to install different media components.\n\nSince I use sonarr a lot, and it's the only one struggling re"
},
{
"path": "Helm/apps/media/templates/flaresolverr.yaml",
"chars": 2184,
"preview": "---\n{{- with .Values.flaresolverr }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: flaresolverr\n namespac"
},
{
"path": "Helm/apps/media/templates/gateway-api.yaml",
"chars": 2833,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: flaresolverr-internal\n namespace: {{"
},
{
"path": "Helm/apps/media/templates/kavita.yaml",
"chars": 3005,
"preview": "---\n{{- with .Values.kavita }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: kavita\n namespace: {{ $.Rele"
},
{
"path": "Helm/apps/media/templates/media-pvc.yaml",
"chars": 1543,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: transmission-config-pvc\nspec:\n accessModes:\n "
},
{
"path": "Helm/apps/media/templates/overseer.yaml",
"chars": 2745,
"preview": "---\n{{- with .Values.overseerr }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: overseerr\n namespace: {{ "
},
{
"path": "Helm/apps/media/templates/prowlarr.yaml",
"chars": 2670,
"preview": "---\n{{- with .Values.prowlarr }}\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: prowlarr\n namespace: {{ $.R"
},
{
"path": "Helm/apps/media/templates/radarr.yaml",
"chars": 3171,
"preview": "---\n{{- with .Values.radarr }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: radarr\n namespace: {{ $.Rele"
},
{
"path": "Helm/apps/media/templates/sonarr.yaml",
"chars": 3149,
"preview": "---\n{{- with .Values.sonarr }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: sonarr\n namespace: {{ $.Rele"
},
{
"path": "Helm/apps/media/templates/transmission.yaml",
"chars": 3443,
"preview": "---\n{{- with .Values.transmission }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: transmission\n namespac"
},
{
"path": "Helm/apps/media/values.yaml",
"chars": 1307,
"preview": "---\nstorage:\n transmission:\n config: 1Gi\n downloads: 200Gi\n kavita:\n config: 5Gi\n overseer:\n config: 5Gi\n"
},
{
"path": "Helm/apps/n8n/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/n8n/Chart.yaml",
"chars": 193,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install n8n\nmaintainers:\n - email: sgenov94@gma"
},
{
"path": "Helm/apps/n8n/README.md",
"chars": 34,
"preview": "This chart is used to install n8n\n"
},
{
"path": "Helm/apps/n8n/templates/deployment.yaml",
"chars": 4424,
"preview": "---\n{{- with .Values.n8n }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: n8n\n namespace: {{ $.Release.Na"
},
{
"path": "Helm/apps/n8n/templates/gateway-api.yaml",
"chars": 607,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: n8n-internal\n namespace: {{ $.Releas"
},
{
"path": "Helm/apps/n8n/templates/storage.yaml",
"chars": 234,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: n8n-pvc\nspec:\n accessModes:\n - ReadWriteMan"
},
{
"path": "Helm/apps/n8n/values.yaml",
"chars": 187,
"preview": "---\nn8n:\n image: n8nio/n8n:2.19.2\n dataSize: 10Gi\n port: 5678\n replicas: 1\n nasIp: 192.168.1.39\n nasPath: /volume1"
},
{
"path": "Helm/apps/nodered/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/nodered/Chart.yaml",
"chars": 201,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install nodered\nmaintainers:\n - email: sgenov94"
},
{
"path": "Helm/apps/nodered/README.md",
"chars": 38,
"preview": "This chart is used to install nodered\n"
},
{
"path": "Helm/apps/nodered/templates/deployment.yaml",
"chars": 2224,
"preview": "---\n{{- with .Values.nodered }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: nodered\n namespace: {{ $.Re"
},
{
"path": "Helm/apps/nodered/templates/gateway-api.yaml",
"chars": 632,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: nodered-internal\n namespace: {{ $.Re"
},
{
"path": "Helm/apps/nodered/templates/nodered-pvc.yaml",
"chars": 244,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: nodered-pvc\nspec:\n accessModes:\n - ReadWrit"
},
{
"path": "Helm/apps/nodered/values.yaml",
"chars": 216,
"preview": "---\nnodered:\n image: nodered/node-red:3.1.15-16\n port: 1880\n resources:\n requests:\n cpu: 100m"
},
{
"path": "Helm/apps/openbooks/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/openbooks/Chart.yaml",
"chars": 205,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install openbooks\nmaintainers:\n - email: sgenov"
},
{
"path": "Helm/apps/openbooks/README.md",
"chars": 40,
"preview": "This chart is used to install openbooks\n"
},
{
"path": "Helm/apps/openbooks/templates/deployment.yaml",
"chars": 2437,
"preview": "---\n{{- with .Values.openbooks }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: openbooks\n namespace: {{ "
},
{
"path": "Helm/apps/openbooks/templates/gateway-api.yaml",
"chars": 725,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: openbooks-internal\n namespace: {{ $."
},
{
"path": "Helm/apps/openbooks/templates/storage.yaml",
"chars": 246,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: openbooks-pvc\nspec:\n accessModes:\n - ReadWr"
},
{
"path": "Helm/apps/openbooks/values.yaml",
"chars": 183,
"preview": "---\nopenbooks:\n image: ghcr.io/evan-buss/openbooks:4.5.0\n port: 80\n resources:\n requests:\n cp"
},
{
"path": "Helm/apps/reactiveresume/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/reactiveresume/Chart.yaml",
"chars": 215,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install reactiveresume\nmaintainers:\n - email: s"
},
{
"path": "Helm/apps/reactiveresume/README.md",
"chars": 35,
"preview": "This chart installs reactiveresume\n"
},
{
"path": "Helm/apps/reactiveresume/templates/deployment.yaml",
"chars": 5229,
"preview": "---\n{{- with .Values.reactiveresume }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: reactiveresume\n name"
},
{
"path": "Helm/apps/reactiveresume/templates/gateway-api.yaml",
"chars": 1153,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: reactiveresume-internal\n namespace: "
},
{
"path": "Helm/apps/reactiveresume/templates/storage.yaml",
"chars": 259,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: reactiveresume-uploads-pvc\nspec:\n accessModes:\n "
},
{
"path": "Helm/apps/reactiveresume/values.yaml",
"chars": 256,
"preview": "---\nreactiveresume:\n api:\n image: amruthpillai/reactive-resume:server-3.6.18\n port: 3100\n frontendUrl: https:/"
},
{
"path": "Helm/apps/storage/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/storage/Chart.yaml",
"chars": 201,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install storage\nmaintainers:\n - email: sgenov94"
},
{
"path": "Helm/apps/storage/README.md",
"chars": 60,
"preview": "This chart is used to install syncthing and server emulator\n"
},
{
"path": "Helm/apps/storage/templates/gateway-api.yaml",
"chars": 641,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: syncthing-internal\n namespace: {{ $."
},
{
"path": "Helm/apps/storage/templates/storage-pvc.yaml",
"chars": 306,
"preview": "\n{{- with .Values.syncthing }}\n\n---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: syncthing-config-pvc\n"
},
{
"path": "Helm/apps/storage/templates/syncthing.yaml",
"chars": 2656,
"preview": "---\n{{- with .Values.syncthing }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: syncthing\n namespace: {{ "
},
{
"path": "Helm/apps/storage/values.yaml",
"chars": 236,
"preview": "---\nsyncthing:\n image: lscr.io/linuxserver/syncthing:2.0.16\n replicas: 1\n port: 8384\n resources:\n req"
},
{
"path": "Helm/apps/uptimekuma/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/uptimekuma/Chart.yaml",
"chars": 207,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install uptimekuma\nmaintainers:\n - email: sgeno"
},
{
"path": "Helm/apps/uptimekuma/README.md",
"chars": 41,
"preview": "This chart is used to install uptimekuma\n"
},
{
"path": "Helm/apps/uptimekuma/templates/deployment.yaml",
"chars": 2234,
"preview": "---\n{{- with .Values.uptimekuma }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: uptimekuma\n namespace: {"
},
{
"path": "Helm/apps/uptimekuma/templates/gateway-api.yaml",
"chars": 672,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: uptimekuma-internal\n namespace: {{ $"
},
{
"path": "Helm/apps/uptimekuma/templates/uptime-kuma-pvc.yaml",
"chars": 241,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: uptimekuma-pvc\nspec:\n accessModes:\n - ReadW"
},
{
"path": "Helm/apps/uptimekuma/values.yaml",
"chars": 199,
"preview": "---\nuptimekuma:\n image: louislam/uptime-kuma:1.23.17-debian\n replicas: 1\n port: 3001\n resources:\n req"
},
{
"path": "Helm/apps/vikunja/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/vikunja/Chart.yaml",
"chars": 201,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install vikunja\nmaintainers:\n - email: sgenov94"
},
{
"path": "Helm/apps/vikunja/README.md",
"chars": 28,
"preview": "This chart installs vikunja\n"
},
{
"path": "Helm/apps/vikunja/templates/deployment.yaml",
"chars": 3574,
"preview": "---\n{{- with .Values.vikunja }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: vikunja\n namespace: {{ $.Re"
},
{
"path": "Helm/apps/vikunja/templates/gateway-api.yaml",
"chars": 616,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: vikunja-internal\n namespace: {{ $.Re"
},
{
"path": "Helm/apps/vikunja/templates/storage.yaml",
"chars": 283,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: vikunja-pvc\n namespace: {{ $.Release.Namespace }}\n"
},
{
"path": "Helm/apps/vikunja/values.yaml",
"chars": 126,
"preview": "---\nvikunja:\n image: vikunja/vikunja:0.24.6\n port: 3456\n frontendUrl: https://vikunja.sgenov.dev\n\nstorage:\n dataSize"
},
{
"path": "Helm/apps/wallabag/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/wallabag/CHANGELOG.md",
"chars": 301,
"preview": "#### [v2.0.0]\n- Using Gateway API\n\n#### [v1.3.0]\n* Moved Env to simplesecret\n* Improved security\n\n#### [v1.2.1]\n* Added "
},
{
"path": "Helm/apps/wallabag/Chart.yaml",
"chars": 203,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install wallabag\nmaintainers:\n - email: sgenov9"
},
{
"path": "Helm/apps/wallabag/README.md",
"chars": 40,
"preview": "This chart is used to install wallabag.\n"
},
{
"path": "Helm/apps/wallabag/templates/database.yaml",
"chars": 3426,
"preview": "---\n{{- with .Values.postgres }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: postgres\n namespace: {{ $."
},
{
"path": "Helm/apps/wallabag/templates/deployment.yaml",
"chars": 2104,
"preview": "---\n{{- with .Values.wallabag }}\n\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: wallabag\n namespace: {{ $."
},
{
"path": "Helm/apps/wallabag/templates/gateway-api.yaml",
"chars": 1038,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: wallabag-external\n namespace: {{ $.R"
},
{
"path": "Helm/apps/wallabag/templates/pdb.yaml",
"chars": 214,
"preview": "---\napiVersion: policy/v1\nkind: PodDisruptionBudget\nmetadata:\n name: wallabag\nspec:\n minAvailable: 1\n selector:\n m"
},
{
"path": "Helm/apps/wallabag/templates/service.yaml",
"chars": 344,
"preview": "---\n{{- with .Values.wallabag }}\n\napiVersion: v1\nkind: Service\nmetadata:\n name: wallabag\n namespace: {{ $.Release."
},
{
"path": "Helm/apps/wallabag/templates/storage.yaml",
"chars": 482,
"preview": "---\napiVersion: v1\nkind: PersistentVolumeClaim\nmetadata:\n name: postgresql-pvc\n labels:\n app.kubernetes.io/"
},
{
"path": "Helm/apps/wallabag/values.yaml",
"chars": 320,
"preview": "---\nwallabag:\n image: wallabag/wallabag:2.6.14\n replicas: 1\n port: 80\n domainName: https://wallabag.sgenov.dev\n res"
},
{
"path": "Helm/apps/website/.helmignore",
"chars": 349,
"preview": "# Patterns to ignore when building packages.\n# This supports shell glob matching, relative path matching, and\n# negation"
},
{
"path": "Helm/apps/website/CHANGELOG.md",
"chars": 191,
"preview": "#### [v4.0.0]\n- Using Gateway API\n\n#### [v3.0.0]\n- Better selectors\n- Better probes\n\n#### [V2.0.0]\n* Migrated to ghcr.io"
},
{
"path": "Helm/apps/website/Chart.yaml",
"chars": 201,
"preview": "---\napiVersion: v2\nappVersion: 1.0.0\ndescription: This chart is used to install website\nmaintainers:\n - email: sgenov94"
},
{
"path": "Helm/apps/website/README.md",
"chars": 105,
"preview": "This chart is used to install my personal website https://github.com/Michaelpalacce/personal-website-vue\n"
},
{
"path": "Helm/apps/website/templates/deployment.yaml",
"chars": 2956,
"preview": "---\n{{- with .Values.website }}\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: website\n namespace: {{ $.Rel"
},
{
"path": "Helm/apps/website/templates/gateway-api.yaml",
"chars": 1115,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: website-external\n namespace: {{ $.Re"
},
{
"path": "Helm/apps/website/templates/pdb.yaml",
"chars": 211,
"preview": "---\napiVersion: policy/v1\nkind: PodDisruptionBudget\nmetadata:\n name: website\nspec:\n minAvailable: 1\n selector:\n ma"
},
{
"path": "Helm/apps/website/templates/service.yaml",
"chars": 338,
"preview": "---\n{{- with .Values.website }}\napiVersion: v1\nkind: Service\nmetadata:\n name: website\n namespace: {{ $.Release.Nam"
},
{
"path": "Helm/apps/website/values.yaml",
"chars": 149,
"preview": "---\nwebsite:\n image: ghcr.io/michaelpalacce/website:v2.25.0\n port: 80\n replicas: 3\n resources:\n requests:\n c"
},
{
"path": "README.md",
"chars": 5729,
"preview": "# Preface\n<img src=\"https://raw.githubusercontent.com/kubernetes/kubernetes/master/logo/logo.png\" width=\"150px\" alt=\"\">\n"
},
{
"path": "TODOS.md",
"chars": 335,
"preview": "# TODOs\n\n## Fixes\n\n- [ ] Fix paperless-ngx redis:latest... broadcom...\n\n## Security\n\n- [ ] Network Policies For External"
},
{
"path": "ansible/hosts/group_vars/master/k3s-config.yaml",
"chars": 485,
"preview": "---\nk3s_control_node: true\n\nk3s_server:\n node-ip: \"{{ ansible_default_ipv4.address }}\"\n kubelet-arg:\n - \"image-gc-h"
},
{
"path": "ansible/hosts/group_vars/workers/k3s-config.yaml",
"chars": 180,
"preview": "---\nk3s_control_node: false\n\nk3s_agent:\n node-ip: \"{{ ansible_default_ipv4.address }}\"\n kubelet-arg:\n - \"imag"
},
{
"path": "ansible/hosts/inventory",
"chars": 378,
"preview": "[master]\n192.168.1.78\n192.168.1.83\n192.168.1.242\n\n[workers]\n192.168.1.55\n192.168.1.89\n192.168.1.247\n192.168.1.79\n\n[extra"
},
{
"path": "ansible/playbooks/install/files/allContainerLogs",
"chars": 164,
"preview": "/var/logs/containers/*.log {\n rotate 2\n copytruncate\n missingok\n notifempty\n compress\n maxsize 10M\n dateext\n dat"
},
{
"path": "ansible/playbooks/install/files/cleanUpOrphanedPods.py",
"chars": 626,
"preview": "import subprocess\nimport select\nimport re\nimport shutil\n\nf = subprocess.Popen(['tail', '-F', '/var/log/syslog'], stdout="
},
{
"path": "ansible/playbooks/install/files/cniLogs",
"chars": 164,
"preview": "/var/logs/calico/cni/*.log {\n rotate 2\n copytruncate\n missingok\n notifempty\n compress\n maxsize 10M\n dateext\n dat"
},
{
"path": "ansible/playbooks/install/files/multipath.conf",
"chars": 40,
"preview": "blacklist {\n devnode \"^sd[a-z0-9]+\"\n}"
},
{
"path": "ansible/playbooks/install/files/podLogs",
"chars": 162,
"preview": "/var/logs/pods/*/*/*.log {\n rotate 2\n copytruncate\n missingok\n notifempty\n compress\n maxsize 10M\n dateext\n datef"
},
{
"path": "ansible/playbooks/install/main.yml",
"chars": 5505,
"preview": "---\n- hosts: all\n name: Setup sudoers\n gather_facts: false\n become: true\n tags:\n - preflight\n - preflight-sudo"
},
{
"path": "ansible/playbooks/install/requirements.yml",
"chars": 198,
"preview": "---\ncollections:\n - name: kubernetes.core\n version: 6.3.0\n - name: community.general\n version: 12.5.0\n "
},
{
"path": "ansible/playbooks/install/vars/main.yml",
"chars": 424,
"preview": "---\narch: amd64 # architecture\n\noutput_dir: ./output # Where to output files generated by the playbook\n\njournalctl_vaccu"
},
{
"path": "cluster/homelab/age.agekey.public",
"chars": 62,
"preview": "age1mq6usjzvvxvcp7tl03yjdqd0kgjhhvhz48kmg86p43nhx0jc75jssw0kfn"
},
{
"path": "cluster/homelab/apps/adminer/deployment.yaml",
"chars": 769,
"preview": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: adminer\n labels:\n app.kubernetes.io/instance: adminer\n app"
},
{
"path": "cluster/homelab/apps/adminer/gateway-api.yaml",
"chars": 356,
"preview": "apiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: adminer-internal\nspec:\n parentRefs:\n - na"
},
{
"path": "cluster/homelab/apps/adminer/kustomization.yaml",
"chars": 171,
"preview": "apiVersion: kustomize.config.k8s.io/v1beta1\nkind: Kustomization\nnamespace: adminer\nresources:\n - namespace.yaml\n - dep"
},
{
"path": "cluster/homelab/apps/adminer/namespace.yaml",
"chars": 57,
"preview": "apiVersion: v1\nkind: Namespace\nmetadata:\n name: adminer\n"
},
{
"path": "cluster/homelab/apps/adminer/service.yaml",
"chars": 233,
"preview": "apiVersion: v1\nkind: Service\nmetadata:\n name: adminer\nspec:\n selector:\n app.kubernetes.io/instance: adminer\n app"
},
{
"path": "cluster/homelab/apps/bentopdf/deployment.yaml",
"chars": 1425,
"preview": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: bentopdf\n labels:\n app.kubernetes.io/instance: bentopdf\n a"
},
{
"path": "cluster/homelab/apps/bentopdf/gateway-api.yaml",
"chars": 593,
"preview": "---\napiVersion: gateway.networking.k8s.io/v1\nkind: HTTPRoute\nmetadata:\n name: bentopdf-internal\n annotations:\n geth"
},
{
"path": "cluster/homelab/apps/bentopdf/kustomization.yaml",
"chars": 176,
"preview": "---\napiVersion: kustomize.config.k8s.io/v1beta1\nkind: Kustomization\nnamespace: bentopdf\nresources:\n - namespace.yaml\n "
},
{
"path": "cluster/homelab/apps/bentopdf/namespace.yaml",
"chars": 62,
"preview": "---\napiVersion: v1\nkind: Namespace\nmetadata:\n name: bentopdf\n"
}
]
// ... and 323 more files (download for full content)
About this extraction
This page contains the full source code of the Michaelpalacce/HomeLab GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 523 files (1.7 MB), approximately 361.5k tokens. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.