Big changes

2022-04-08 17:19:32 +03:00
parent cb600f8368
commit a727f0e4d3
10 changed files with 87 additions and 21 deletions
@@ -4,8 +4,3 @@ description: Deploy a fancy home environment!
 type: application
 version: 0.1.0
 appVersion: "1.16.0"
 dependencies:
 - name: kubernetes-secret-generator
  repository: "https://helm.mittwald.de"
  version: ">= 1.0.0"
@@ -7,7 +7,7 @@ A home environment for everyone!
 Install using
 #+begin_src bash
-
+helm upgrade --install homey . -n homey
 #+end_src
 * Backing up
@@ -21,8 +21,8 @@ spec:
          image: cytopia/bind
          imagePullPolicy: "Always"
          env:
-            - name: WILDCARD_DNS
+            - name: DNS_A
-              value: "{{ .Values.homey.url }}={{ .Values.homey.ip }}"
+              value: "*.{{ .Values.homey.url }}={{ .Values.homey.ip }}, {{ .Values.homey.url }}={{ .Values.homey.ip }}"
            - name: DNS_FORWARDER
              value: "8.8.8.8,8.8.4.4"
            - name: ALLOW_RECURSION
@@ -42,3 +42,19 @@ spec:
    protocol: UDP
    name: dns-udp
    nodePort: 32053
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: bind-dns-tcp
 spec:
  type: NodePort
  selector:
    app: bind
  ports:
  - port: 53
    targetPort: 53
    protocol: TCP
    name: dns-tcp
    nodePort: 32054
 ---
@@ -4,7 +4,13 @@ kind: Secret
 metadata:
  name: gitea-admin-pass
  annotations:
-    secret-generator.v1.mittwald.de/autogenerate: password
+    "helm.sh/resource-policy": "keep"
 type: Opaque
 data:
  {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "gitea-admin-pass") | default dict }}
  {{- $secretData := (get $secretObj "data") | default dict }}
  {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }}
  password: {{ $pass | quote }}
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -49,6 +49,20 @@ spec:
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: jellyfin-web-nodeport
 spec:
  type: NodePort
  selector:
    app: jellyfin
  ports:
  - port: 80
    targetPort: 8096
    nodePort: 30096
    name: jellyfin-web
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: jellyfin-external-ports
 spec:
@@ -4,21 +4,39 @@ kind: Secret
 metadata:
  name: openldap-admin
  annotations:
-    secret-generator.v1.mittwald.de/autogenerate: password
+    "helm.sh/resource-policy": "keep"
 type: Opaque
 data:
  {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "openldap-admin") | default dict }}
  {{- $secretData := (get $secretObj "data") | default dict }}
  {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }}
  password: {{ $pass | quote }}
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: openldap-config
  annotations:
-    secret-generator.v1.mittwald.de/autogenerate: password
+    "helm.sh/resource-policy": "keep"
 type: Opaque
 data:
  {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "openldap-config") | default dict }}
  {{- $secretData := (get $secretObj "data") | default dict }}
  {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }}
  password: {{ $pass | quote }}
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: openldap-ro
  annotations:
-    secret-generator.v1.mittwald.de/autogenerate: password
+    "helm.sh/resource-policy": "keep"
 type: Opaque
 data:
  {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "openldap-ro") | default dict }}
  {{- $secretData := (get $secretObj "data") | default dict }}
  {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }}
  password: {{ $pass | quote }}
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -4,7 +4,13 @@ kind: Secret
 metadata:
  name: nefarious-admin
  annotations:
-    secret-generator.v1.mittwald.de/autogenerate: password
+    "helm.sh/resource-policy": "keep"
 type: Opaque
 data:
  {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "nefarious-admin") | default dict }}
  {{- $secretData := (get $secretObj "data") | default dict }}
  {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }}
  password: {{ $pass | quote }}
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -4,7 +4,13 @@ kind: Secret
 metadata:
  name: nextcloud-postgres-pass
  annotations:
-    secret-generator.v1.mittwald.de/autogenerate: password
+    "helm.sh/resource-policy": "keep"
 type: Opaque
 data:
  {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "nextcloud-postgres-pass") | default dict }}
  {{- $secretData := (get $secretObj "data") | default dict }}
  {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }}
  password: {{ $pass | quote }}
 ---
 # apiVersion: extensions/v1beta1
 apiVersion: v1
@@ -4,7 +4,13 @@ kind: Secret
 metadata:
  name: photoprism-admin
  annotations:
-    secret-generator.v1.mittwald.de/autogenerate: password
+    "helm.sh/resource-policy": "keep"
 type: Opaque
 data:
  {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "photoprism-admin") | default dict }}
  {{- $secretData := (get $secretObj "data") | default dict }}
  {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }}
  password: {{ $pass | quote }}
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -54,8 +54,7 @@ ingress:
  #    hosts:
  #      - chart-example.local
-resources: {}
+resources: {} # We usually recommend not to specify default resources and to leave this as a conscious
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
@@ -82,8 +81,8 @@ affinity: {}
 homey:
    organization: "Zakobar Home Server"
    storage:
-        ip: "192.168.0.10"
+        ip: "192.168.1.2"
        storageCapacity: 450Gi
-    url: home.zakobar.io
+    url: zakobar.com
-    ip: 192.168.0.10
+    ip: 192.168.1.2