# Homarr - Personal Dashboards # Version: v1.49.1 # Features: PostgreSQL (shared), Redis, Authentik OIDC # URL: home.dooplex.hu --- apiVersion: v1 kind: Namespace metadata: name: homarr-system labels: app.kubernetes.io/name: homarr --- # ============================================================================= # REDIS - Required for Homarr in Kubernetes # ============================================================================= apiVersion: apps/v1 kind: Deployment metadata: name: homarr-redis namespace: homarr-system labels: app.kubernetes.io/name: homarr-redis app.kubernetes.io/instance: homarr app.kubernetes.io/component: cache spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: homarr-redis app.kubernetes.io/instance: homarr strategy: type: Recreate template: metadata: labels: app.kubernetes.io/name: homarr-redis app.kubernetes.io/instance: homarr app.kubernetes.io/component: cache spec: containers: - name: redis image: redis:7-alpine imagePullPolicy: IfNotPresent command: - redis-server - --appendonly - "yes" - --maxmemory - "128mb" - --maxmemory-policy - "allkeys-lru" ports: - containerPort: 6379 name: redis protocol: TCP resources: requests: cpu: 25m memory: 64Mi limits: cpu: 200m memory: 192Mi livenessProbe: exec: command: - sh - -c - redis-cli ping | grep PONG initialDelaySeconds: 10 periodSeconds: 10 failureThreshold: 3 timeoutSeconds: 5 readinessProbe: exec: command: - sh - -c - redis-cli ping | grep PONG initialDelaySeconds: 5 periodSeconds: 5 failureThreshold: 3 timeoutSeconds: 3 volumeMounts: - name: data mountPath: /data volumes: - name: data persistentVolumeClaim: claimName: homarr-redis --- apiVersion: v1 kind: Service metadata: name: homarr-redis namespace: homarr-system labels: app.kubernetes.io/name: homarr-redis app.kubernetes.io/instance: homarr spec: type: ClusterIP ports: - name: redis port: 6379 targetPort: redis selector: app.kubernetes.io/name: homarr-redis app.kubernetes.io/instance: homarr --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: homarr-redis namespace: homarr-system labels: app.kubernetes.io/name: homarr-redis app.kubernetes.io/instance: homarr spec: accessModes: - ReadWriteOnce storageClassName: longhorn resources: requests: storage: 1Gi --- # ============================================================================= # HOMARR APPLICATION # ============================================================================= apiVersion: v1 kind: PersistentVolumeClaim metadata: name: homarr-data namespace: homarr-system labels: app.kubernetes.io/name: homarr app.kubernetes.io/instance: homarr recurring-job-group.longhorn.io/needbackup: enabled recurring-job.longhorn.io/source: enabled spec: accessModes: - ReadWriteOnce storageClassName: longhorn resources: requests: storage: 5Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: homarr namespace: homarr-system labels: app.kubernetes.io/name: homarr app.kubernetes.io/instance: homarr app.kubernetes.io/version: v1.49.1 spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: homarr app.kubernetes.io/instance: homarr strategy: type: Recreate template: metadata: labels: app.kubernetes.io/name: homarr app.kubernetes.io/instance: homarr app.kubernetes.io/version: v1.49.1 spec: containers: - name: homarr image: ghcr.io/homarr-labs/homarr:v1.49.1 imagePullPolicy: IfNotPresent env: # =================== # General Settings # =================== - name: TZ value: "Europe/Budapest" - name: LOG_LEVEL value: "info" # =================== # URLs # =================== - name: BASE_URL value: "https://home.dooplex.hu" - name: NEXTAUTH_URL value: "https://home.dooplex.hu" # =================== # Security # =================== - name: SECRET_ENCRYPTION_KEY valueFrom: secretKeyRef: name: homarr-secrets key: SECRET_ENCRYPTION_KEY # =================== # Database - PostgreSQL (shared cluster) # =================== - name: DB_DRIVER value: "node-postgres" - name: DB_DIALECT value: "postgresql" - name: DB_HOST value: "postgresql-rw.database-system.svc.cluster.local" - name: DB_PORT value: "5432" - name: DB_NAME value: "homarr" - name: DB_USER valueFrom: secretKeyRef: name: homarr-db key: username - name: DB_PASSWORD valueFrom: secretKeyRef: name: homarr-db key: password # =================== # Redis (external for K8s) # =================== - name: REDIS_IS_EXTERNAL value: "true" - name: REDIS_HOST value: "homarr-redis" - name: REDIS_PORT value: "6379" # =================== # Authentication - Authentik OIDC # =================== - name: AUTH_PROVIDERS value: "oidc" - name: AUTH_OIDC_ISSUER value: "https://authentik.dooplex.hu/application/o/homarr/" - name: AUTH_OIDC_CLIENT_ID valueFrom: secretKeyRef: name: homarr-secrets key: AUTH_OIDC_CLIENT_ID - name: AUTH_OIDC_CLIENT_SECRET valueFrom: secretKeyRef: name: homarr-secrets key: AUTH_OIDC_CLIENT_SECRET - name: AUTH_OIDC_CLIENT_NAME value: "Authentik" - name: AUTH_OIDC_SCOPE_OVERWRITE value: "openid email profile groups" - name: AUTH_OIDC_GROUPS_ATTRIBUTE value: "groups" - name: AUTH_LOGOUT_REDIRECT_URL value: "https://authentik.dooplex.hu/application/o/homarr/end-session/" # Auto-login with OIDC (skip login page) - name: AUTH_OIDC_AUTO_LOGIN value: "true" ports: - containerPort: 7575 name: http protocol: TCP resources: requests: cpu: 50m memory: 256Mi limits: cpu: 500m memory: 1Gi livenessProbe: httpGet: path: / port: http initialDelaySeconds: 30 periodSeconds: 30 timeoutSeconds: 10 failureThreshold: 3 readinessProbe: httpGet: path: / port: http initialDelaySeconds: 15 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 volumeMounts: - name: data mountPath: /appdata volumes: - name: data persistentVolumeClaim: claimName: homarr-data --- apiVersion: v1 kind: Service metadata: name: homarr namespace: homarr-system labels: app.kubernetes.io/name: homarr app.kubernetes.io/instance: homarr spec: type: ClusterIP ports: - name: http port: 7575 targetPort: http selector: app.kubernetes.io/name: homarr app.kubernetes.io/instance: homarr --- # ============================================================================= # INGRESS - External and Internal access # ============================================================================= apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: homarr namespace: homarr-system labels: app.kubernetes.io/name: homarr app.kubernetes.io/instance: homarr annotations: cert-manager.io/cluster-issuer: letsencrypt-prod external-dns.alpha.kubernetes.io/hostname: home.dooplex.hu nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/proxy-body-size: "50m" # Proxy buffer settings for OIDC nginx.ingress.kubernetes.io/proxy-buffer-size: "16k" nginx.ingress.kubernetes.io/proxy-buffers-number: "4" nginx.ingress.kubernetes.io/proxy-busy-buffers-size: "32k" spec: ingressClassName: nginx-internal rules: - host: home.dooplex.hu http: paths: - path: / pathType: Prefix backend: service: name: homarr port: number: 7575 tls: - hosts: - home.dooplex.hu secretName: homarr-tls