admin/homelab-manifests
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d54e2c7d5d20413035ae6aecb1bdc2f47f25852e
homelab-manifests/tandoor-system/tandoor.yaml
T
kisfenyo d54e2c7d5d added outline, tandoor, uptimekuma, vaultwarden
2025-12-18 19:37:10 +01:00

368 lines
9.3 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: Namespace
metadata:
name: tandoor-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
app.kubernetes.io/version: 2.3.6
name: tandoor
namespace: tandoor-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
app.kubernetes.io/version: 2.3.6
spec:
initContainers:
- name: create-superuser
image: vabene1111/recipes:2.3.6
workingDir: /opt/recipes
command:
- /bin/sh
- -c
- |
. /opt/recipes/venv/bin/activate
echo "Waiting for database..."
while ! python -c "import socket; socket.create_connection(('tandoor-postgres', 5432), timeout=5)" 2>/dev/null; do
sleep 2
done
echo "Database is ready. Running migrations..."
python manage.py migrate --noinput
echo "Collecting static files..."
python manage.py collectstatic --noinput
echo "Creating superuser if not exists..."
python manage.py shell -c "
from django.contrib.auth import get_user_model
User = get_user_model()
import os
username = os.environ.get('DJANGO_SUPERUSER_USERNAME', 'admin')
if not User.objects.filter(username=username).exists():
User.objects.create_superuser(
username=username,
email=os.environ.get('DJANGO_SUPERUSER_EMAIL', ''),
password=os.environ.get('DJANGO_SUPERUSER_PASSWORD', 'admin')
)
print(f'Superuser {username} created successfully')
else:
print(f'Superuser {username} already exists')
"
volumeMounts:
- name: staticfiles
mountPath: /opt/recipes/staticfiles
env:
- name: DB_ENGINE
value: django.db.backends.postgresql
- name: POSTGRES_HOST
value: tandoor-postgres
- name: POSTGRES_PORT
value: "5432"
- name: POSTGRES_DB
value: tandoor
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: tandoor-db
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: tandoor-db
key: password
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: tandoor-app
key: secret-key
- name: DJANGO_SUPERUSER_USERNAME
valueFrom:
secretKeyRef:
name: tandoor-admin
key: username
- name: DJANGO_SUPERUSER_PASSWORD
valueFrom:
secretKeyRef:
name: tandoor-admin
key: password
- name: DJANGO_SUPERUSER_EMAIL
valueFrom:
secretKeyRef:
name: tandoor-admin
key: email
containers:
- name: tandoor
image: vabene1111/recipes:2.3.6
imagePullPolicy: IfNotPresent
env:
- name: TZ
value: Europe/Budapest
- name: DEBUG
value: "0"
- name: ALLOWED_HOSTS
value: "*"
- name: CSRF_TRUSTED_ORIGINS
value: "https://tandoor.dooplex.hu,https://tandoor.home"
- name: SECURE_PROXY_SSL_HEADER
value: "HTTP_X_FORWARDED_PROTO,https"
- name: DB_ENGINE
value: django.db.backends.postgresql
- name: POSTGRES_HOST
value: tandoor-postgres
- name: POSTGRES_PORT
value: "5432"
- name: POSTGRES_DB
value: tandoor
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: tandoor-db
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: tandoor-db
key: password
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: tandoor-app
key: secret-key
- name: GUNICORN_MEDIA
value: "1"
- name: ENABLE_SIGNUP
value: "0"
- name: ENABLE_METRICS
value: "1"
- name: TANDOOR_PORT
value: "8080"
ports:
- containerPort: 8080
name: http
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 5
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
resources:
limits:
cpu: "1"
memory: 1Gi
requests:
cpu: 100m
memory: 256Mi
volumeMounts:
- name: staticfiles
mountPath: /opt/recipes/staticfiles
- name: mediafiles
mountPath: /opt/recipes/mediafiles
volumes:
- name: staticfiles
persistentVolumeClaim:
claimName: tandoor-staticfiles
- name: mediafiles
hostPath:
path: /mnt/4_hdd/data/tandoor/mediafiles
type: DirectoryOrCreate
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
name: tandoor-postgres
namespace: tandoor-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
spec:
containers:
- name: postgres
image: postgres:16-alpine
imagePullPolicy: IfNotPresent
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: tandoor-db
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: tandoor-db
key: password
- name: POSTGRES_DB
value: tandoor
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
ports:
- containerPort: 5432
name: postgres
protocol: TCP
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
subPath: data
securityContext:
fsGroup: 999
volumes:
- name: data
persistentVolumeClaim:
claimName: tandoor-postgres
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
app.kubernetes.io/version: 2.3.6
name: tandoor
namespace: tandoor-system
spec:
type: ClusterIP
ports:
- name: http
port: 8080
protocol: TCP
targetPort: http
selector:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
name: tandoor-postgres
namespace: tandoor-system
spec:
type: ClusterIP
ports:
- name: postgres
port: 5432
protocol: TCP
targetPort: postgres
selector:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
external-dns.alpha.kubernetes.io/hostname: tandoor.dooplex.hu,tandoor.home
nginx.ingress.kubernetes.io/proxy-body-size: 128m
nginx.ingress.kubernetes.io/ssl-redirect: "true"
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
name: tandoor
namespace: tandoor-system
spec:
ingressClassName: nginx-internal
rules:
- host: tandoor.dooplex.hu
http:
paths:
- backend:
service:
name: tandoor
port:
number: 8080
path: /
pathType: Prefix
- host: tandoor.home
http:
paths:
- backend:
service:
name: tandoor
port:
number: 8080
path: /
pathType: Prefix
tls:
- hosts:
- tandoor.dooplex.hu
secretName: tandoor-tls
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: tandoor
name: tandoor-staticfiles
namespace: tandoor-system
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: longhorn
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: tandoor
app.kubernetes.io/name: postgres
name: tandoor-postgres
namespace: tandoor-system
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: longhorn
---
Reference in New Issue View Git Blame Copy Permalink