admin/homelab-manifests
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
785d76912f1309bbde8cc2807e8d30f91ae24e1a
homelab-manifests/homepage-system/homepage.yaml
T
admin caea65812d added zipline
2026-01-07 10:51:07 +01:00

1161 lines
36 KiB
YAML
Raw Blame History

# =============================================================================
# Homepage - Application Dashboard
# Version: v1.8.0
# Namespace: homepage-system
# Domain: homepage.dooplex.hu
# Authentication: Authentik Proxy (Forward Auth)
# =============================================================================
#
# PREREQUISITES - Create in Authentik:
# 1. Create Proxy Provider:
# - Name: homepage-proxy
# - Authorization flow: default-provider-authorization-implicit-consent
# - Mode: Forward auth (single application)
# - External host: https://homepage.dooplex.hu
#
# 2. Create Application:
# - Name: Homepage
# - Slug: homepage
# - Provider: (select the proxy provider created above)
# - Launch URL: https://homepage.dooplex.hu
#
# 3. Create Outpost (or add to existing):
# - Name: homepage-outpost (or use existing proxy outpost)
# - Type: Proxy
# - Applications: Add the Homepage application
#
# After deployment, Authentik will auto-create the outpost deployment.
# Update the ingress auth-url annotation with the correct outpost service name.
#
# =============================================================================
---
apiVersion: v1
kind: Namespace
metadata:
name: homepage-system
labels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: homepage
namespace: homepage-system
labels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
secrets:
- name: homepage
---
apiVersion: v1
kind: Secret
metadata:
name: homepage
namespace: homepage-system
labels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
annotations:
kubernetes.io/service-account.name: homepage
type: kubernetes.io/service-account-token
---
# ClusterRole for Homepage to discover services and get cluster metrics
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: homepage
labels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
rules:
# Core resources for service discovery
- apiGroups: [""]
resources:
- namespaces
- pods
- nodes
- services
- endpoints
- configmaps
- secrets
verbs: ["get", "list", "watch"]
# Apps resources for pod discovery
- apiGroups: ["apps"]
resources:
- deployments
- replicasets
- statefulsets
- daemonsets
verbs: ["get", "list", "watch"]
# Networking for ingress discovery
- apiGroups: ["networking.k8s.io"]
resources:
- ingresses
verbs: ["get", "list", "watch"]
# Traefik IngressRoute CRD (if used)
- apiGroups: ["traefik.containo.us", "traefik.io"]
resources:
- ingressroutes
verbs: ["get", "list", "watch"]
# Gateway API (if used)
- apiGroups: ["gateway.networking.k8s.io"]
resources:
- httproutes
- gateways
verbs: ["get", "list", "watch"]
# Metrics
- apiGroups: ["metrics.k8s.io"]
resources:
- nodes
- pods
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: homepage
labels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: homepage
subjects:
- kind: ServiceAccount
name: homepage
namespace: homepage-system
---
apiVersion: v1
kind: ConfigMap
metadata:
name: homepage-config
namespace: homepage-system
labels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
data:
# Kubernetes connection configuration
kubernetes.yaml: |
mode: cluster
ingress: true
# Global settings
settings.yaml: |
title: Dooplex Dashboard
favicon: https://nextcloud.dooplex.hu/s/9H89T5kgNRpkQDP/download
theme: dark
color: slate
headerStyle: clean
layout:
Infrastructure:
style: row
columns: 5
Media:
style: row
columns: 5
Productivity:
style: row
columns: 5
Monitoring:
style: row
columns: 5
Other:
style: row
columns: 5
providers:
longhorn:
url: http://192.168.0.209
# Services configuration - customize as needed
services.yaml: |
- Infrastructure:
- ArgoCD:
icon: argo-cd.png
href: https://argocd.dooplex.hu
description: GitOps Deployment
namespace: argocd
app: argocd-server
- Authentik:
icon: authentik.png
href: https://authentik.dooplex.hu
description: Identity Provider
- Code-server:
icon: https://nextcloud.dooplex.hu/s/Mmse7Eso2Ny8wQi/download
href: https://code.dooplex.hu
description: VS Code in a browser
- Longhorn:
icon: longhorn.png
href: http://192.168.0.209
description: Storage Management
- Gitea:
icon: gitea.png
href: https://gitea.dooplex.hu
description: Git Repository
- Termix:
icon: termix.png
href: https://termix.dooplex.hu
description: Web-based Server Management
- Pi-hole:
icon: pi-hole.png
href: https://pihole.dooplex.hu/admin
description: DNS Sinkhole (Adblock)
widget:
type: pihole
url: http://pihole-web.pihole-system
version: 6
- qBittorrent:
icon: qbittorrent.png
href: https://qbittorrent.dooplex.hu
description: Torrent
widget:
type: qbittorrent
url: http://qbittorrent.servarr-system.svc.cluster.local:8080
username: "{{HOMEPAGE_VAR_QBITTORRENT_USER}}"
password: "{{HOMEPAGE_VAR_QBITTORRENT_PASS}}"
enableLeechProgress: true # optional, defaults to false
enableLeechSize: true # optional, defaults to false
- Media:
- Arcade:
icon: romm.png
href: https://arcade.dooplex.hu
description: Retro Games
widget:
type: romm
url: http://romm.arcade-system.svc.cluster.local:8080
- AudioBookshelf:
icon: audiobookshelf.png
href: https://audiobookshelf.dooplex.hu
description: AudioBooks
widget:
type: audiobookshelf
url: http://audiobookshelf.audiobookshelf-system.svc.cluster.local
key: "{{HOMEPAGE_VAR_AUDIOBOOKSHELF_API_KEY}}"
- Calibre-Web:
icon: calibre-web.png
href: https://books.dooplex.hu
description: eBooks
widget:
type: calibreweb
url: http://calibre-web.calibre-system.svc.cluster.local:8083
username: "{{HOMEPAGE_VAR_CALIBREWEB_USER}}"
password: "{{HOMEPAGE_VAR_CALIBREWEB_PASS}}"
- Immich:
icon: immich.png
href: https://photos.dooplex.hu
description: Photos
widget:
type: immich
url: http://immich-server.immich-system.svc.cluster.local:2283
key: "{{HOMEPAGE_VAR_IMMICH_API_KEY}}"
version: 2
- Plex:
icon: plex.png
href: https://plex.dooplex.hu
description: Media Server
- Sonarr:
icon: sonarr.png
href: https://sonarr.dooplex.hu
description: TV Shows
widget:
type: sonarr
url: http://sonarr.servarr-system.svc.cluster.local:8989
key: "{{HOMEPAGE_VAR_SONARR_API_KEY}}"
- Radarr:
icon: radarr.png
href: https://radarr.dooplex.hu
description: Movies
widget:
type: radarr
url: http://radarr.servarr-system.svc.cluster.local:7878
key: "{{HOMEPAGE_VAR_RADARR_API_KEY}}"
- RadarrKids:
icon: https://nextcloud.dooplex.hu/s/E3LB8dJTTpyDSge/download
href: https://radarrkids.dooplex.hu
description: Kids Movies
widget:
type: radarr
url: http://radarrkids.servarr-system.svc.cluster.local:7879
key: "{{HOMEPAGE_VAR_RADARRKIDS_API_KEY}}"
- Prowlarr:
icon: prowlarr.png
href: https://prowlarr.dooplex.hu
description: Indexer Manager
widget:
type: prowlarr
url: http://prowlarr.servarr-system.svc.cluster.local:9696
key: "{{HOMEPAGE_VAR_PROWLARR_API_KEY}}"
- Seerr:
icon: overseerr.png
href: https://seerr.dooplex.hu
description: Movie, TV Show Request
widget:
type: overseerr
url: http://seerr.servarr-system.svc.cluster.local:5055
key: "{{HOMEPAGE_VAR_SEERR_API_KEY}}"
- Productivity:
- ActialBudget:
icon: actual-budget.png
href: https://actualbudget.dooplex.hu
description: Finance Manager
- Bookstack:
icon: bookstack.png
href: https://bookstack.dooplex.hu
description: Documentation, Wiki
- Nextcloud:
icon: nextcloud.png
href: https://nextcloud.dooplex.hu
description: Cloud Storage
- Outline:
icon: outline.png
href: https://outline.dooplex.hu
description: Team Wiki, Documentation
- Paperless:
icon: paperless-ngx.png
href: https://paperless.dooplex.hu
description: Document Management
- Tandoor:
icon: tandoor-recipes.png
href: https://tandoor.dooplex.hu
description: Recipe Manager
widget:
type: tandoor
url: http://tandoor.tandoor-system.svc.cluster.local:8080
key: "{{HOMEPAGE_VAR_TANDOOR_API_KEY}}"
- Vaultwarden:
icon: bitwarden.png
href: https://vaultwarden.dooplex.hu
description: Password Manager
- Other:
- Adventurelog:
icon: adventure-log.png
href: https://adventures.dooplex.hu
description: Documenting Travels
- Fileshare:
icon: https://nextcloud.dooplex.hu/s/89PfscLdHoykWrZ/download
href: https://fileshare.dooplex.hu
description: Drag&Drop Fileshare
- Pastes:
icon: opengist.png
href: https://paste.dooplex.hu
description: Pastes (opengist)
- Privatebin:
icon: privatebin.png
href: https://privatebin.dooplex.hu
description: Pastebin (secure)
- Plantit:
icon: plant-it.png
href: https://plantit.dooplex.hu
description: Gardening companion
- Wanderer:
icon: wanderer.png
href: https://wanderer.dooplex.hu
description: Trail database
- Workout:
icon: wger.png
href: https://workout.dooplex.hu
description: Workout and fitness manager
- Zipline:
icon: zipline-diced.png.png
href: https://zipline.dooplex.hu
description: Image and file sharing
- Monitoring:
- Grafana:
icon: grafana.png
href: https://grafana.dooplex.hu
description: Dashboards & Metrics
widget:
type: grafana
url: http://grafana.mon-system.svc.cluster.local:3000
username: "{{HOMEPAGE_VAR_GRAFANA_USER}}"
password: "{{HOMEPAGE_VAR_GRAFANA_PASS}}"
- Prometheus:
icon: prometheus.png
href: http://prometheus.home
description: Metrics Collection (LAN Only)
- Uptime Kuma:
icon: uptime-kuma.png
href: https://uptimekuma.dooplex.hu
description: Uptime Monitoring
widget:
type: uptimekuma
url: http://uptimekuma.uptimekuma-system.svc.cluster.local:3001
slug: homepage
# Widgets configuration
widgets.yaml: |
- logo:
icon: https://nextcloud.dooplex.hu/s/sD9GdyEZNFdxRns/download
- greeting:
text_size: xl
text: ""
- datetime:
text_size: l
format:
dateStyle: long
timeStyle: short
hour12: false
- kubernetes:
cluster:
show: true
cpu: true
memory: true
showLabel: true
label: "dooplex"
nodes:
show: true
cpu: true
memory: true
showLabel: true
- longhorn:
expanded: true
total: true
labels: true
nodes: false
- search:
provider: duckduckgo
target: _blank
# Bookmarks
bookmarks.yaml: |
- Developer:
- GitHub:
- abbr: GH
href: https://github.com
icon: github.png
- Gitea:
- abbr: GT
href: https://gitea.dooplex.hu
icon: gitea.png
- Documentation:
- Kubernetes:
- abbr: K8s
href: https://kubernetes.io/docs
icon: kubernetes.png
- ArgoCD:
- abbr: Argo
href: https://argo-cd.readthedocs.io
icon: argo-cd.png
# Docker settings (not used in k8s mode)
docker.yaml: ""
# Custom CSS
custom.css: |
/* Make the logo widget container bigger */
#information-widgets .information-widget-logo {
min-height: 100px !important;
display: flex !important;
align-items: center !important;
}
/* Make the image fill it */
#information-widgets .information-widget-logo img {
max-height: 100px !important;
height: 100px !important;
width: auto !important;
object-fit: contain !important;
}
# Custom JS
custom.js: ""
---
apiVersion: v1
kind: ConfigMap
metadata:
name: homepage-user-config
namespace: homepage-system
labels:
app.kubernetes.io/name: homepage-user
app.kubernetes.io/instance: homepage-user
data:
# Kubernetes connection configuration
kubernetes.yaml: |
mode: cluster
ingress: false
# Global settings
settings.yaml: |
title: Dooplex Dashboard
favicon: https://nextcloud.dooplex.hu/s/9H89T5kgNRpkQDP/download
theme: dark
color: slate
headerStyle: clean
layout:
Media:
style: row
columns: 3
Productivity:
style: row
columns: 3
Other:
style: row
columns: 3
providers:
longhorn:
url: http://192.168.0.209
# Services configuration - customize as needed
services.yaml: |
- Media:
- Arcade:
icon: romm.png
href: https://arcade.dooplex.hu
description: Retro Games
widget:
type: romm
url: http://romm.arcade-system.svc.cluster.local:8080
- AudioBookshelf:
icon: audiobookshelf.png
href: https://audiobookshelf.dooplex.hu
description: AudioBooks
widget:
type: audiobookshelf
url: http://audiobookshelf.audiobookshelf-system.svc.cluster.local
key: "{{HOMEPAGE_VAR_AUDIOBOOKSHELF_API_KEY}}"
- Calibre-Web:
icon: calibre-web.png
href: https://books.dooplex.hu
description: eBooks
widget:
type: calibreweb
url: http://calibre-web.calibre-system.svc.cluster.local:8083
username: "{{HOMEPAGE_VAR_CALIBREWEB_USER}}"
password: "{{HOMEPAGE_VAR_CALIBREWEB_PASS}}"
- Immich:
icon: immich.png
href: https://photos.dooplex.hu
description: Photos
widget:
type: immich
url: http://immich-server.immich-system.svc.cluster.local:2283
key: "{{HOMEPAGE_VAR_IMMICH_API_KEY}}"
version: 2
- Plex:
icon: plex.png
href: https://plex.dooplex.hu
description: Media Server
- Sonarr:
icon: sonarr.png
href: https://sonarr.dooplex.hu
description: TV Shows
widget:
type: sonarr
url: http://sonarr.servarr-system.svc.cluster.local:8989
key: "{{HOMEPAGE_VAR_SONARR_API_KEY}}"
- Radarr:
icon: radarr.png
href: https://radarr.dooplex.hu
description: Movies
widget:
type: radarr
url: http://radarr.servarr-system.svc.cluster.local:7878
key: "{{HOMEPAGE_VAR_RADARR_API_KEY}}"
- RadarrKids:
icon: https://nextcloud.dooplex.hu/s/E3LB8dJTTpyDSge/download
href: https://radarrkids.dooplex.hu
description: Kids Movies
widget:
type: radarr
url: http://radarrkids.servarr-system.svc.cluster.local:7879
key: "{{HOMEPAGE_VAR_RADARRKIDS_API_KEY}}"
- Prowlarr:
icon: prowlarr.png
href: https://prowlarr.dooplex.hu
description: Indexer Manager
widget:
type: prowlarr
url: http://prowlarr.servarr-system.svc.cluster.local:9696
key: "{{HOMEPAGE_VAR_PROWLARR_API_KEY}}"
- Seerr:
icon: overseerr.png
href: https://seerr.dooplex.hu
description: Movie, TV Show Request
widget:
type: overseerr
url: http://seerr.servarr-system.svc.cluster.local:5055
key: "{{HOMEPAGE_VAR_SEERR_API_KEY}}"
- Productivity:
- ActialBudget:
icon: actual-budget.png
href: https://actualbudget.dooplex.hu
description: Finance Manager
- Bookstack:
icon: bookstack.png
href: https://bookstack.dooplex.hu
description: Documentation, Wiki
- Nextcloud:
icon: nextcloud.png
href: https://nextcloud.dooplex.hu
description: Cloud Storage
- Outline:
icon: outline.png
href: https://outline.dooplex.hu
description: Team Wiki, Documentation
- Paperless:
icon: paperless-ngx.png
href: https://paperless.dooplex.hu
description: Document Management
- Tandoor:
icon: tandoor-recipes.png
href: https://tandoor.dooplex.hu
description: Recipe Manager
widget:
type: tandoor
url: http://tandoor.tandoor-system.svc.cluster.local:8080
key: "{{HOMEPAGE_VAR_TANDOOR_API_KEY}}"
- Vaultwarden:
icon: bitwarden.png
href: https://vaultwarden.dooplex.hu
description: Password Manager
- Other:
- Adventurelog:
icon: adventure-log.png
href: https://adventures.dooplex.hu
description: Documenting Travels
- Fileshare:
icon: https://nextcloud.dooplex.hu/s/89PfscLdHoykWrZ/download
href: https://fileshare.dooplex.hu
description: Drag&Drop Fileshare
- Pastes:
icon: opengist.png
href: https://paste.dooplex.hu
description: Pastes (opengist)
- Privatebin:
icon: privatebin.png
href: https://privatebin.dooplex.hu
description: Pastebin (secure)
- Plantit:
icon: plant-it.png
href: https://plantit.dooplex.hu
description: Gardening companion
- Wanderer:
icon: wanderer.png
href: https://wanderer.dooplex.hu
description: Trail database
- Workout:
icon: wger.png
href: https://workout.dooplex.hu
description: Workout and fitness manager
- Zipline:
icon: zipline-diced.png.png
href: https://zipline.dooplex.hu
description: Image and file sharing
# Widgets configuration
widgets.yaml: |
- logo:
icon: https://nextcloud.dooplex.hu/s/sD9GdyEZNFdxRns/download
- datetime:
text_size: l
format:
dateStyle: long
timeStyle: short
hour12: false
# Bookmarks
bookmarks.yaml: |
- Developer:
- GitHub:
- abbr: GH
href: https://github.com
icon: github.png
- Gitea:
- abbr: GT
href: https://gitea.dooplex.hu
icon: gitea.png
- Documentation:
- Kubernetes:
- abbr: K8s
href: https://kubernetes.io/docs
icon: kubernetes.png
- ArgoCD:
- abbr: Argo
href: https://argo-cd.readthedocs.io
icon: argo-cd.png
# Docker settings (not used in k8s mode)
docker.yaml: ""
# Custom CSS
custom.css: |
/* Make the logo widget container bigger */
#information-widgets .information-widget-logo {
min-height: 100px !important;
display: flex !important;
align-items: center !important;
}
/* Make the image fill it */
#information-widgets .information-widget-logo img {
max-height: 100px !important;
height: 100px !important;
width: auto !important;
object-fit: contain !important;
}
# Custom JS
custom.js: ""
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: homepage
namespace: homepage-system
labels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
app.kubernetes.io/version: "v1.8.0"
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
template:
metadata:
labels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
app.kubernetes.io/version: "v1.8.0"
spec:
serviceAccountName: homepage
automountServiceAccountToken: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
containers:
- name: homepage
image: ghcr.io/gethomepage/homepage:v1.8.0
imagePullPolicy: IfNotPresent
env:
# Required for external access
- name: HOMEPAGE_ALLOWED_HOSTS
value: "*"
# Timezone
- name: TZ
value: "Europe/Budapest"
# Optional: Widget API keys (create secret with these if needed)
- name: HOMEPAGE_VAR_TANDOOR_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: tandoor-api-key
- name: HOMEPAGE_VAR_PROWLARR_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: prowlarr-api-key
- name: HOMEPAGE_VAR_SONARR_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: sonarr-api-key
- name: HOMEPAGE_VAR_RADARR_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: radarr-api-key
- name: HOMEPAGE_VAR_RADARRKIDS_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: radarrkids-api-key
- name: HOMEPAGE_VAR_SEERR_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: seerr-api-key
- name: HOMEPAGE_VAR_IMMICH_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: immich-api-key
- name: HOMEPAGE_VAR_AUDIOBOOKSHELF_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: audiobookshelf-api-key
- name: HOMEPAGE_VAR_GRAFANA_USER
valueFrom:
secretKeyRef:
name: homepage-secrets
key: grafana-user
- name: HOMEPAGE_VAR_GRAFANA_PASS
valueFrom:
secretKeyRef:
name: homepage-secrets
key: grafana-pass
- name: HOMEPAGE_VAR_QBITTORRENT_USER
valueFrom:
secretKeyRef:
name: homepage-secrets
key: qbittorrent-user
- name: HOMEPAGE_VAR_QBITTORRENT_PASS
valueFrom:
secretKeyRef:
name: homepage-secrets
key: qbittorrent-pass
- name: HOMEPAGE_VAR_CALIBREWEB_USER
valueFrom:
secretKeyRef:
name: homepage-secrets
key: calibreweb-user
- name: HOMEPAGE_VAR_CALIBREWEB_PASS
valueFrom:
secretKeyRef:
name: homepage-secrets
key: calibreweb-pass
ports:
- name: http
containerPort: 3000
protocol: TCP
livenessProbe:
httpGet:
path: /api/healthcheck
port: http
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /api/healthcheck
port: http
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
resources:
requests:
cpu: 50m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
volumeMounts:
- name: config
mountPath: /app/config/kubernetes.yaml
subPath: kubernetes.yaml
- name: config
mountPath: /app/config/settings.yaml
subPath: settings.yaml
- name: config
mountPath: /app/config/services.yaml
subPath: services.yaml
- name: config
mountPath: /app/config/widgets.yaml
subPath: widgets.yaml
- name: config
mountPath: /app/config/bookmarks.yaml
subPath: bookmarks.yaml
- name: config
mountPath: /app/config/docker.yaml
subPath: docker.yaml
- name: config
mountPath: /app/config/custom.css
subPath: custom.css
- name: config
mountPath: /app/config/custom.js
subPath: custom.js
volumes:
- name: config
configMap:
name: homepage-config
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: homepage-user
namespace: homepage-system
labels:
app.kubernetes.io/name: homepage-user
app.kubernetes.io/instance: homepage-user
app.kubernetes.io/version: "v1.8.0"
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: homepage-user
app.kubernetes.io/instance: homepage-user
template:
metadata:
labels:
app.kubernetes.io/name: homepage-user
app.kubernetes.io/instance: homepage-user
app.kubernetes.io/version: "v1.8.0"
spec:
serviceAccountName: homepage
automountServiceAccountToken: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
containers:
- name: homepage
image: ghcr.io/gethomepage/homepage:v1.8.0
imagePullPolicy: IfNotPresent
env:
# Required for external access
- name: HOMEPAGE_ALLOWED_HOSTS
value: "*"
# Timezone
- name: TZ
value: "Europe/Budapest"
# Optional: Widget API keys (create secret with these if needed)
- name: HOMEPAGE_VAR_TANDOOR_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: tandoor-api-key
- name: HOMEPAGE_VAR_PROWLARR_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: prowlarr-api-key
- name: HOMEPAGE_VAR_SONARR_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: sonarr-api-key
- name: HOMEPAGE_VAR_RADARR_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: radarr-api-key
- name: HOMEPAGE_VAR_RADARRKIDS_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: radarrkids-api-key
- name: HOMEPAGE_VAR_SEERR_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: seerr-api-key
- name: HOMEPAGE_VAR_IMMICH_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: immich-api-key
- name: HOMEPAGE_VAR_AUDIOBOOKSHELF_API_KEY
valueFrom:
secretKeyRef:
name: homepage-secrets
key: audiobookshelf-api-key
- name: HOMEPAGE_VAR_CALIBREWEB_USER
valueFrom:
secretKeyRef:
name: homepage-secrets
key: calibreweb-user
- name: HOMEPAGE_VAR_CALIBREWEB_PASS
valueFrom:
secretKeyRef:
name: homepage-secrets
key: calibreweb-pass
ports:
- name: http
containerPort: 3000
protocol: TCP
livenessProbe:
httpGet:
path: /api/healthcheck
port: http
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /api/healthcheck
port: http
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
resources:
requests:
cpu: 50m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
volumeMounts:
- name: config
mountPath: /app/config/kubernetes.yaml
subPath: kubernetes.yaml
- name: config
mountPath: /app/config/settings.yaml
subPath: settings.yaml
- name: config
mountPath: /app/config/services.yaml
subPath: services.yaml
- name: config
mountPath: /app/config/widgets.yaml
subPath: widgets.yaml
- name: config
mountPath: /app/config/bookmarks.yaml
subPath: bookmarks.yaml
- name: config
mountPath: /app/config/docker.yaml
subPath: docker.yaml
- name: config
mountPath: /app/config/custom.css
subPath: custom.css
- name: config
mountPath: /app/config/custom.js
subPath: custom.js
volumes:
- name: config
configMap:
name: homepage-user-config
---
apiVersion: v1
kind: Service
metadata:
name: homepage
namespace: homepage-system
labels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
spec:
type: ClusterIP
ports:
- name: http
port: 3000
targetPort: http
protocol: TCP
selector:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
---
apiVersion: v1
kind: Service
metadata:
name: homepage-user
namespace: homepage-system
labels:
app.kubernetes.io/name: homepage-user
app.kubernetes.io/instance: homepage-user
spec:
type: ClusterIP
ports:
- name: http
port: 3000
targetPort: http
protocol: TCP
selector:
app.kubernetes.io/name: homepage-user
app.kubernetes.io/instance: homepage-user
---
# Ingress WITH Authentik proxy authentication
# Update the auth-url annotation with your actual outpost service name after Authentik creates it
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: homepage
namespace: homepage-system
labels:
app.kubernetes.io/name: homepage
app.kubernetes.io/instance: homepage
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
external-dns.alpha.kubernetes.io/hostname: homepage.dooplex.hu,homepage.home
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-buffer-size: "16k"
nginx.ingress.kubernetes.io/proxy-buffers-number: "4"
nginx.ingress.kubernetes.io/proxy-busy-buffers-size: "32k"
# Authentik Forward Auth annotations
# Update 'homepage-outpost' with your actual outpost name
nginx.ingress.kubernetes.io/auth-url: http://ak-outpost-homepage-outpost.auth-system.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx
nginx.ingress.kubernetes.io/auth-signin: https://homepage.dooplex.hu/outpost.goauthentik.io/start?rd=$escaped_request_uri
nginx.ingress.kubernetes.io/auth-response-headers: Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email
nginx.ingress.kubernetes.io/auth-snippet: |
proxy_set_header X-Forwarded-Host $http_host;
# Homepage auto-discovery annotation
gethomepage.dev/enabled: "true"
gethomepage.dev/name: "Homepage"
gethomepage.dev/description: "Application Dashboard"
gethomepage.dev/group: "Infrastructure"
gethomepage.dev/icon: "homepage.png"
spec:
ingressClassName: nginx-internal
rules:
- host: homepage.dooplex.hu
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: homepage
port:
number: 3000
- host: homepage.home
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: homepage
port:
number: 3000
tls:
- hosts:
- homepage.dooplex.hu
secretName: homepage-tls
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: homepage-user
namespace: homepage-system
labels:
app.kubernetes.io/name: homepage-user
app.kubernetes.io/instance: homepage-user
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
external-dns.alpha.kubernetes.io/hostname: dooplex.hu
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-buffer-size: "16k"
nginx.ingress.kubernetes.io/proxy-buffers-number: "4"
nginx.ingress.kubernetes.io/proxy-busy-buffers-size: "32k"
# Authentik Forward Auth annotations
# Update 'homepage-outpost' with your actual outpost name
nginx.ingress.kubernetes.io/auth-url: http://ak-outpost-homepage-user-outpost.auth-system.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx
nginx.ingress.kubernetes.io/auth-signin: https://dooplex.hu/outpost.goauthentik.io/start?rd=$escaped_request_uri
nginx.ingress.kubernetes.io/auth-response-headers: Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email
nginx.ingress.kubernetes.io/auth-snippet: |
proxy_set_header X-Forwarded-Host $http_host;
# Homepage auto-discovery annotation
gethomepage.dev/enabled: "true"
gethomepage.dev/name: "Homepage"
gethomepage.dev/description: "Application Dashboard"
gethomepage.dev/group: "Infrastructure"
gethomepage.dev/icon: "homepage.png"
spec:
ingressClassName: nginx-internal
rules:
- host: dooplex.hu
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: homepage-user
port:
number: 3000
tls:
- hosts:
- dooplex.hu
secretName: homepage-user-tls
---
Reference in New Issue View Git Blame Copy Permalink