admin/homelab-manifests
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

added outline, tandoor, uptimekuma, vaultwarden

Browse Source
This commit is contained in:
kisfenyo
2025-12-18 19:37:10 +01:00
parent 5aacc121d7
commit d54e2c7d5d
5 changed files with 1343 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
argocd-apps/homelab.yaml
+88
View File
@@ -236,3 +236,91 @@ spec:
- CreateNamespace=true
- PruneLast=true
---
# Outline
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: outline
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: homelab
source:
repoURL: https://gitea.dooplex.hu/admin/homelab-manifests.git
targetRevision: main
path: outline-system
destination:
server: https://kubernetes.default.svc
namespace: outline-system
syncPolicy:
syncOptions:
- CreateNamespace=true
- PruneLast=true
---
# Tandoor
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: tandoor
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: homelab
source:
repoURL: https://gitea.dooplex.hu/admin/homelab-manifests.git
targetRevision: main
path: tandoor-system
destination:
server: https://kubernetes.default.svc
namespace: tandoor-system
syncPolicy:
syncOptions:
- CreateNamespace=true
- PruneLast=true
---
# Uptimekuma
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: uptimekuma
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: homelab
source:
repoURL: https://gitea.dooplex.hu/admin/homelab-manifests.git
targetRevision: main
path: uptimekuma-system
destination:
server: https://kubernetes.default.svc
namespace: uptimekuma-system
syncPolicy:
syncOptions:
- CreateNamespace=true
- PruneLast=true
---
# Vaultwarden
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: vaultwarden
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: vaultwarden
source:
repoURL: https://gitea.dooplex.hu/admin/homelab-manifests.git
targetRevision: main
path: vaultwarden-system
destination:
server: https://kubernetes.default.svc
namespace: vaultwarden-system
syncPolicy:
syncOptions:
- CreateNamespace=true
- PruneLast=true
---
outline-system/outline.yaml
+543
View File
@@ -0,0 +1,543 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: outline-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
app.kubernetes.io/version: 1.1.0
name: outline
namespace: outline-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
app.kubernetes.io/version: 1.1.0
spec:
containers:
- name: outline
image: outlinewiki/outline:1.1.0
imagePullPolicy: IfNotPresent
env:
- name: NODE_ENV
value: production
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: outline-app
key: secret-key
- name: UTILS_SECRET
valueFrom:
secretKeyRef:
name: outline-app
key: utils-secret
- name: DB_USER
valueFrom:
secretKeyRef:
name: outline-db
key: username
- name: DB_PASS
valueFrom:
secretKeyRef:
name: outline-db
key: password
- name: DATABASE_URL
value: postgres://$(DB_USER):$(DB_PASS)@outline-postgres:5432/outline
- name: PGSSLMODE
value: disable
- name: REDIS_URL
value: redis://outline-redis:6379
- name: URL
value: https://outline.dooplex.hu
- name: PORT
value: "3000"
- name: FILE_STORAGE
value: s3
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: outline-minio
key: root-user
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: outline-minio
key: root-password
- name: AWS_REGION
value: us-east-1
- name: AWS_S3_UPLOAD_BUCKET_URL
value: http://outline-minio:9000
- name: AWS_S3_UPLOAD_BUCKET_NAME
value: outline
- name: AWS_S3_FORCE_PATH_STYLE
value: "true"
- name: AWS_S3_ACL
value: private
- name: OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: outline-oidc
key: client-id
- name: OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: outline-oidc
key: client-secret
- name: OIDC_AUTH_URI
value: "https://accounts.google.com/o/oauth2/v2/auth"
- name: OIDC_TOKEN_URI
value: "https://oauth2.googleapis.com/token"
- name: OIDC_USERINFO_URI
value: "https://openidconnect.googleapis.com/v1/userinfo"
- name: OIDC_USERNAME_CLAIM
value: "email"
- name: OIDC_DISPLAY_NAME
value: "Google"
- name: OIDC_SCOPES
value: "openid profile email"
# CRITICAL SECURITY SETTING (Temporary)
#- name: ALLOWED_DOMAINS
# value: "gmail.com"
# SMTP Configuration
- name: SMTP_HOST
valueFrom:
secretKeyRef:
name: smtp-credentials
key: host
- name: SMTP_PORT
valueFrom:
secretKeyRef:
name: smtp-credentials
key: port
- name: SMTP_USERNAME
valueFrom:
secretKeyRef:
name: smtp-credentials
key: username
- name: SMTP_PASSWORD
valueFrom:
secretKeyRef:
name: smtp-credentials
key: password
- name: SMTP_FROM_EMAIL
valueFrom:
secretKeyRef:
name: smtp-credentials
key: from-address
- name: SMTP_SECURE
value: "false"
- name: FORCE_HTTPS
value: "true"
- name: DEFAULT_LANGUAGE
value: en_US
ports:
- containerPort: 3000
name: http
protocol: TCP
livenessProbe:
httpGet:
path: /_health
port: http
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 5
readinessProbe:
httpGet:
path: /_health
port: http
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
resources:
limits:
cpu: "1"
memory: 1Gi
requests:
cpu: 100m
memory: 256Mi
volumes: []
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
name: outline-postgres
namespace: outline-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
spec:
containers:
- name: postgres
image: postgres:16-alpine
imagePullPolicy: IfNotPresent
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: outline-db
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: outline-db
key: password
- name: POSTGRES_DB
value: outline
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
ports:
- containerPort: 5432
name: postgres
protocol: TCP
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
subPath: data
securityContext:
fsGroup: 999
volumes:
- name: data
persistentVolumeClaim:
claimName: outline-postgres
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
name: outline-redis
namespace: outline-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
spec:
containers:
- name: redis
image: redis:7-alpine
imagePullPolicy: IfNotPresent
command:
- redis-server
- --appendonly
- "yes"
ports:
- containerPort: 6379
name: redis
protocol: TCP
livenessProbe:
exec:
command:
- sh
- -c
- redis-cli ping | grep PONG
initialDelaySeconds: 30
periodSeconds: 10
failureThreshold: 3
timeoutSeconds: 5
readinessProbe:
exec:
command:
- sh
- -c
- redis-cli ping | grep PONG
initialDelaySeconds: 5
periodSeconds: 10
failureThreshold: 3
timeoutSeconds: 5
resources:
limits:
cpu: 250m
memory: 256Mi
requests:
cpu: 50m
memory: 64Mi
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
persistentVolumeClaim:
claimName: outline-redis
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: minio
name: outline-minio
namespace: outline-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: minio
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: minio
spec:
containers:
- name: minio
image: minio/minio:latest
imagePullPolicy: IfNotPresent
command:
- minio
- server
- /data
- --console-address
- ":9001"
env:
- name: MINIO_ROOT_USER
valueFrom:
secretKeyRef:
name: outline-minio
key: root-user
- name: MINIO_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: outline-minio
key: root-password
ports:
- containerPort: 9000
name: api
protocol: TCP
- containerPort: 9001
name: console
protocol: TCP
livenessProbe:
httpGet:
path: /minio/health/live
port: api
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /minio/health/ready
port: api
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
hostPath:
path: /mnt/4_hdd/data/outline/minio
type: DirectoryOrCreate
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
app.kubernetes.io/version: 1.1.0
name: outline
namespace: outline-system
spec:
type: ClusterIP
ports:
- name: http
port: 3000
protocol: TCP
targetPort: http
selector:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
name: outline-postgres
namespace: outline-system
spec:
type: ClusterIP
ports:
- name: postgres
port: 5432
protocol: TCP
targetPort: postgres
selector:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
name: outline-redis
namespace: outline-system
spec:
type: ClusterIP
ports:
- name: redis
port: 6379
protocol: TCP
targetPort: redis
selector:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: minio
name: outline-minio
namespace: outline-system
spec:
type: ClusterIP
ports:
- name: api
port: 9000
protocol: TCP
targetPort: api
- name: console
port: 9001
protocol: TCP
targetPort: console
selector:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: minio
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
external-dns.alpha.kubernetes.io/hostname: outline.dooplex.hu,outline.home
nginx.ingress.kubernetes.io/proxy-body-size: 100m
nginx.ingress.kubernetes.io/ssl-redirect: "true"
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
name: outline
namespace: outline-system
spec:
ingressClassName: nginx-internal
rules:
- host: outline.dooplex.hu
http:
paths:
- backend:
service:
name: outline
port:
number: 3000
path: /
pathType: Prefix
- host: outline.home
http:
paths:
- backend:
service:
name: outline
port:
number: 3000
path: /
pathType: Prefix
tls:
- hosts:
- outline.dooplex.hu
secretName: outline-tls
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
name: outline-postgres
namespace: outline-system
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: longhorn
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
name: outline-redis
namespace: outline-system
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: longhorn
---
tandoor-system/tandoor.yaml
+367
View File
@@ -0,0 +1,367 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: tandoor-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
app.kubernetes.io/version: 2.3.6
name: tandoor
namespace: tandoor-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
app.kubernetes.io/version: 2.3.6
spec:
initContainers:
- name: create-superuser
image: vabene1111/recipes:2.3.6
workingDir: /opt/recipes
command:
- /bin/sh
- -c
- |
. /opt/recipes/venv/bin/activate
echo "Waiting for database..."
while ! python -c "import socket; socket.create_connection(('tandoor-postgres', 5432), timeout=5)" 2>/dev/null; do
sleep 2
done
echo "Database is ready. Running migrations..."
python manage.py migrate --noinput
echo "Collecting static files..."
python manage.py collectstatic --noinput
echo "Creating superuser if not exists..."
python manage.py shell -c "
from django.contrib.auth import get_user_model
User = get_user_model()
import os
username = os.environ.get('DJANGO_SUPERUSER_USERNAME', 'admin')
if not User.objects.filter(username=username).exists():
User.objects.create_superuser(
username=username,
email=os.environ.get('DJANGO_SUPERUSER_EMAIL', ''),
password=os.environ.get('DJANGO_SUPERUSER_PASSWORD', 'admin')
)
print(f'Superuser {username} created successfully')
else:
print(f'Superuser {username} already exists')
"
volumeMounts:
- name: staticfiles
mountPath: /opt/recipes/staticfiles
env:
- name: DB_ENGINE
value: django.db.backends.postgresql
- name: POSTGRES_HOST
value: tandoor-postgres
- name: POSTGRES_PORT
value: "5432"
- name: POSTGRES_DB
value: tandoor
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: tandoor-db
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: tandoor-db
key: password
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: tandoor-app
key: secret-key
- name: DJANGO_SUPERUSER_USERNAME
valueFrom:
secretKeyRef:
name: tandoor-admin
key: username
- name: DJANGO_SUPERUSER_PASSWORD
valueFrom:
secretKeyRef:
name: tandoor-admin
key: password
- name: DJANGO_SUPERUSER_EMAIL
valueFrom:
secretKeyRef:
name: tandoor-admin
key: email
containers:
- name: tandoor
image: vabene1111/recipes:2.3.6
imagePullPolicy: IfNotPresent
env:
- name: TZ
value: Europe/Budapest
- name: DEBUG
value: "0"
- name: ALLOWED_HOSTS
value: "*"
- name: CSRF_TRUSTED_ORIGINS
value: "https://tandoor.dooplex.hu,https://tandoor.home"
- name: SECURE_PROXY_SSL_HEADER
value: "HTTP_X_FORWARDED_PROTO,https"
- name: DB_ENGINE
value: django.db.backends.postgresql
- name: POSTGRES_HOST
value: tandoor-postgres
- name: POSTGRES_PORT
value: "5432"
- name: POSTGRES_DB
value: tandoor
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: tandoor-db
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: tandoor-db
key: password
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: tandoor-app
key: secret-key
- name: GUNICORN_MEDIA
value: "1"
- name: ENABLE_SIGNUP
value: "0"
- name: ENABLE_METRICS
value: "1"
- name: TANDOOR_PORT
value: "8080"
ports:
- containerPort: 8080
name: http
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 5
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
resources:
limits:
cpu: "1"
memory: 1Gi
requests:
cpu: 100m
memory: 256Mi
volumeMounts:
- name: staticfiles
mountPath: /opt/recipes/staticfiles
- name: mediafiles
mountPath: /opt/recipes/mediafiles
volumes:
- name: staticfiles
persistentVolumeClaim:
claimName: tandoor-staticfiles
- name: mediafiles
hostPath:
path: /mnt/4_hdd/data/tandoor/mediafiles
type: DirectoryOrCreate
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
name: tandoor-postgres
namespace: tandoor-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
spec:
containers:
- name: postgres
image: postgres:16-alpine
imagePullPolicy: IfNotPresent
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: tandoor-db
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: tandoor-db
key: password
- name: POSTGRES_DB
value: tandoor
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
ports:
- containerPort: 5432
name: postgres
protocol: TCP
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
subPath: data
securityContext:
fsGroup: 999
volumes:
- name: data
persistentVolumeClaim:
claimName: tandoor-postgres
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
app.kubernetes.io/version: 2.3.6
name: tandoor
namespace: tandoor-system
spec:
type: ClusterIP
ports:
- name: http
port: 8080
protocol: TCP
targetPort: http
selector:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
name: tandoor-postgres
namespace: tandoor-system
spec:
type: ClusterIP
ports:
- name: postgres
port: 5432
protocol: TCP
targetPort: postgres
selector:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
external-dns.alpha.kubernetes.io/hostname: tandoor.dooplex.hu,tandoor.home
nginx.ingress.kubernetes.io/proxy-body-size: 128m
nginx.ingress.kubernetes.io/ssl-redirect: "true"
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
name: tandoor
namespace: tandoor-system
spec:
ingressClassName: nginx-internal
rules:
- host: tandoor.dooplex.hu
http:
paths:
- backend:
service:
name: tandoor
port:
number: 8080
path: /
pathType: Prefix
- host: tandoor.home
http:
paths:
- backend:
service:
name: tandoor
port:
number: 8080
path: /
pathType: Prefix
tls:
- hosts:
- tandoor.dooplex.hu
secretName: tandoor-tls
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
name: tandoor-staticfiles
namespace: tandoor-system
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: longhorn
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
name: tandoor-postgres
namespace: tandoor-system
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: longhorn
---
uptimekuma-system/uptimekuma.yaml
+154
View File
@@ -0,0 +1,154 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: uptimekuma-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: uptimekuma
app.kubernetes.io/name: uptimekuma
app.kubernetes.io/version: 2.0.2
name: uptimekuma
namespace: uptimekuma-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: uptimekuma
app.kubernetes.io/name: uptimekuma
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: uptimekuma
app.kubernetes.io/name: uptimekuma
app.kubernetes.io/version: 2.0.2
spec:
containers:
- name: uptimekuma
image: louislam/uptime-kuma:2.0.2
imagePullPolicy: IfNotPresent
env:
- name: TZ
value: Europe/Budapest
- name: UPTIME_KUMA_PORT
value: "3001"
ports:
- containerPort: 3001
name: http
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 50m
memory: 128Mi
volumeMounts:
- name: data
mountPath: /app/data
volumes:
- name: data
persistentVolumeClaim:
claimName: uptimekuma-data
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: uptimekuma
app.kubernetes.io/name: uptimekuma
app.kubernetes.io/version: 2.0.2
name: uptimekuma
namespace: uptimekuma-system
spec:
type: ClusterIP
ports:
- name: http
port: 3001
protocol: TCP
targetPort: http
selector:
app.kubernetes.io/instance: uptimekuma
app.kubernetes.io/name: uptimekuma
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
external-dns.alpha.kubernetes.io/hostname: uptimekuma.dooplex.hu,uptimekuma.home
nginx.ingress.kubernetes.io/proxy-body-size: 10m
nginx.ingress.kubernetes.io/ssl-redirect: "true"
# WebSocket support for real-time updates
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
labels:
app.kubernetes.io/instance: uptimekuma
app.kubernetes.io/name: uptimekuma
name: uptimekuma
namespace: uptimekuma-system
spec:
ingressClassName: nginx-internal
rules:
- host: uptimekuma.dooplex.hu
http:
paths:
- backend:
service:
name: uptimekuma
port:
number: 3001
path: /
pathType: Prefix
- host: uptimekuma.home
http:
paths:
- backend:
service:
name: uptimekuma
port:
number: 3001
path: /
pathType: Prefix
tls:
- hosts:
- uptimekuma.dooplex.hu
secretName: uptimekuma-tls
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: uptimekuma
app.kubernetes.io/name: uptimekuma
name: uptimekuma-data
namespace: uptimekuma-system
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: longhorn
---
vaultwarde-system/vaultwarden.yaml
+191
View File
@@ -0,0 +1,191 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: vaultwarden-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: vaultwarden
app.kubernetes.io/name: vaultwarden
app.kubernetes.io/version: 1.34.3
name: vaultwarden
namespace: vaultwarden-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: vaultwarden
app.kubernetes.io/name: vaultwarden
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: vaultwarden
app.kubernetes.io/name: vaultwarden
app.kubernetes.io/version: 1.34.3
spec:
containers:
- name: vaultwarden
image: vaultwarden/server:1.34.3
imagePullPolicy: IfNotPresent
env:
- name: TZ
value: Europe/Budapest
- name: DOMAIN
value: https://vaultwarden.dooplex.hu
- name: SIGNUPS_ALLOWED
value: "false"
- name: INVITATIONS_ALLOWED
value: "true"
- name: ADMIN_TOKEN
valueFrom:
secretKeyRef:
name: vaultwarden-admin
key: admin-token
- name: WEBSOCKET_ENABLED
value: "true"
- name: SMTP_HOST
valueFrom:
secretKeyRef:
name: smtp-credentials
key: host
- name: SMTP_PORT
valueFrom:
secretKeyRef:
name: smtp-credentials
key: port
- name: SMTP_SECURITY
value: starttls
- name: SMTP_USERNAME
valueFrom:
secretKeyRef:
name: smtp-credentials
key: username
- name: SMTP_PASSWORD
valueFrom:
secretKeyRef:
name: smtp-credentials
key: password
- name: SMTP_FROM
valueFrom:
secretKeyRef:
name: smtp-credentials
key: from-address
- name: SMTP_FROM_NAME
value: Vaultwarden
ports:
- containerPort: 80
name: http
protocol: TCP
livenessProbe:
httpGet:
path: /alive
port: http
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /alive
port: http
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 50m
memory: 128Mi
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
persistentVolumeClaim:
claimName: vaultwarden-data
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: vaultwarden
app.kubernetes.io/name: vaultwarden
app.kubernetes.io/version: 1.34.3
name: vaultwarden
namespace: vaultwarden-system
spec:
type: ClusterIP
ports:
- name: http
port: 80
protocol: TCP
targetPort: http
selector:
app.kubernetes.io/instance: vaultwarden
app.kubernetes.io/name: vaultwarden
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
external-dns.alpha.kubernetes.io/hostname: vaultwarden.dooplex.hu,vaultwarden.home
nginx.ingress.kubernetes.io/proxy-body-size: 100m
nginx.ingress.kubernetes.io/ssl-redirect: "true"
labels:
app.kubernetes.io/instance: vaultwarden
app.kubernetes.io/name: vaultwarden
name: vaultwarden
namespace: vaultwarden-system
spec:
ingressClassName: nginx-internal
rules:
- host: vaultwarden.dooplex.hu
http:
paths:
- backend:
service:
name: vaultwarden
port:
number: 80
path: /
pathType: Prefix
- host: vaultwarden.home
http:
paths:
- backend:
service:
name: vaultwarden
port:
number: 80
path: /
pathType: Prefix
tls:
- hosts:
- vaultwarden.dooplex.hu
secretName: vaultwarden-tls
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: vaultwarden
app.kubernetes.io/name: vaultwarden
name: vaultwarden-data
namespace: vaultwarden-system
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: longhorn
---