From 745ed8cfa979d5b2c9b5c2ac109b36409de6ee97 Mon Sep 17 00:00:00 2001 From: Chris Richardson Date: Fri, 24 Jan 2025 10:29:28 -0500 Subject: [PATCH] add next round --- apps/bitwarden/bitwarden-deployment.yaml | 67 +++++++++++++++ apps/bitwarden/bitwarden-ingress.yaml | 25 ++++++ apps/bitwarden/bitwarden-secrets.yaml | 8 ++ apps/bitwarden/bitwarden-service.yaml | 17 ++++ apps/bitwarden/bitwarden-storage.yaml | 12 +++ .../home-assistance-deploy.yaml | 55 +++++++++++++ .../home-assistance-ingress.yaml | 25 ++++++ .../home-assistance-service.yaml | 12 +++ .../home-assistance-storage.yaml | 12 +++ apps/nzbget/nzbget-deployment.yaml | 82 +++++++++++++++++++ apps/nzbget/nzbget-service.yaml | 12 +++ apps/nzbget/nzbget-storage.yaml | 26 ++++++ apps/radarr/radarr-deployment.yaml | 58 +++++++++++++ apps/radarr/radarr-service.yaml | 12 +++ apps/radarr/radarr-storage.yaml | 12 +++ apps/sonarr/sonnarr-deployment.yaml | 68 +++++++++++++++ apps/sonarr/sonnarr-service.yaml | 12 +++ apps/sonarr/sonnarr-storage.yaml | 40 +++++++++ apps/technitium/technitium-deploymet.yaml | 57 +++++++++++++ apps/technitium/technitium-service.yaml | 22 +++++ apps/technitium/technitium-storage.yaml | 12 +++ apps/usb/usb.yaml | 25 ++++++ 22 files changed, 671 insertions(+) create mode 100644 apps/bitwarden/bitwarden-deployment.yaml create mode 100644 apps/bitwarden/bitwarden-ingress.yaml create mode 100644 apps/bitwarden/bitwarden-secrets.yaml create mode 100644 apps/bitwarden/bitwarden-service.yaml create mode 100644 apps/bitwarden/bitwarden-storage.yaml create mode 100644 apps/home-assistant/home-assistance-deploy.yaml create mode 100644 apps/home-assistant/home-assistance-ingress.yaml create mode 100644 apps/home-assistant/home-assistance-service.yaml create mode 100644 apps/home-assistant/home-assistance-storage.yaml create mode 100644 apps/nzbget/nzbget-deployment.yaml create mode 100644 apps/nzbget/nzbget-service.yaml create mode 100644 apps/nzbget/nzbget-storage.yaml create mode 100644 apps/radarr/radarr-deployment.yaml create mode 100644 apps/radarr/radarr-service.yaml create mode 100644 apps/radarr/radarr-storage.yaml create mode 100644 apps/sonarr/sonnarr-deployment.yaml create mode 100644 apps/sonarr/sonnarr-service.yaml create mode 100644 apps/sonarr/sonnarr-storage.yaml create mode 100644 apps/technitium/technitium-deploymet.yaml create mode 100644 apps/technitium/technitium-service.yaml create mode 100644 apps/technitium/technitium-storage.yaml create mode 100644 apps/usb/usb.yaml diff --git a/apps/bitwarden/bitwarden-deployment.yaml b/apps/bitwarden/bitwarden-deployment.yaml new file mode 100644 index 0000000..59131db --- /dev/null +++ b/apps/bitwarden/bitwarden-deployment.yaml @@ -0,0 +1,67 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: bitwarden + name: bitwarden-deployment + namespace: default +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: bitwarden + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + app: bitwarden + spec: + containers: + - env: + - name: SIGNUPS_ALLOWED + value: "false" + - name: INVITATIONS_ALLOWED + value: "true" + - name: ADMIN_TOKEN + valueFrom: + secretKeyRef: + key: admin_token + name: bitwarden + image: vaultwarden/server:latest + imagePullPolicy: IfNotPresent + name: bitwarden + ports: + - containerPort: 80 + protocol: TCP + - containerPort: 3012 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: bitwarden-data + - mountPath: /persistentvolumes + name: nfs-client-root + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 0 + runAsGroup: 0 + runAsUser: 0 + terminationGracePeriodSeconds: 30 + volumes: + - name: bitwarden-data + persistentVolumeClaim: + claimName: bitwarden + - name: nfs-client-root + nfs: + path: /volume1/k8s + server: 192.168.1.176 diff --git a/apps/bitwarden/bitwarden-ingress.yaml b/apps/bitwarden/bitwarden-ingress.yaml new file mode 100644 index 0000000..531f8a4 --- /dev/null +++ b/apps/bitwarden/bitwarden-ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + acme.cert-manager.io/http01-edit-in-place: "true" + cert-manager.io/issuer: letsencrypt-prod + kubernetes.io/ingress.class: nginx + name: bitwarden-ingress + namespace: default +spec: + rules: + - host: bitwarden.lilpenguins.com + http: + paths: + - backend: + service: + name: bitwarden-service + port: + number: 80 + path: / + pathType: Prefix + tls: + - hosts: + - bitwarden.lilpenguins.com + secretName: bitwarden-tls-prod diff --git a/apps/bitwarden/bitwarden-secrets.yaml b/apps/bitwarden/bitwarden-secrets.yaml new file mode 100644 index 0000000..1a999e8 --- /dev/null +++ b/apps/bitwarden/bitwarden-secrets.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +data: + admin_token: VkxCMGRmSUdwMGp4QzE0YzA2QUdvTmI0c1VURmFRU3FCYjF6OW83WXZqbnJTYldyRFVqbE1rOGs2QmVOVElYaw== +kind: Secret +metadata: + name: bitwarden + namespace: default +type: Opaque diff --git a/apps/bitwarden/bitwarden-service.yaml b/apps/bitwarden/bitwarden-service.yaml new file mode 100644 index 0000000..e9a392f --- /dev/null +++ b/apps/bitwarden/bitwarden-service.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: bitwarden-service +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 80 + - name: notification + port: 3012 + protocol: TCP + targetPort: 3012 + selector: + app: bitwarden diff --git a/apps/bitwarden/bitwarden-storage.yaml b/apps/bitwarden/bitwarden-storage.yaml new file mode 100644 index 0000000..2cbfc05 --- /dev/null +++ b/apps/bitwarden/bitwarden-storage.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: bitwarden + namespace: default +spec: + storageClassName: synology-iscsi-storage-custom + accessModes: + - ReadWriteMany + resources: + requests: + storage: 5Gi diff --git a/apps/home-assistant/home-assistance-deploy.yaml b/apps/home-assistant/home-assistance-deploy.yaml new file mode 100644 index 0000000..a578a3b --- /dev/null +++ b/apps/home-assistant/home-assistance-deploy.yaml @@ -0,0 +1,55 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: home-assistants + name: home-assistants-deployment + namespace: default +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: home-assistants + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + app: home-assistants + spec: + containers: + - image: lscr.io/linuxserver/homeassistant:latest + imagePullPolicy: Always + name: home-assistants + env: + - name: TZ + value: Etcd/New_York + ports: + - containerPort: 8123 + protocol: TCP + resources: + requests: + akri.sh/akri-ha-insteon: "1" + akri.sh/akri-ha-zigbee: "1" + limits: + akri.sh/akri-ha-insteon: "1" + akri.sh/akri-ha-zigbee: "1" + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: home-assistants-config + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: home-assistants-config + persistentVolumeClaim: + claimName: home-assistants-config diff --git a/apps/home-assistant/home-assistance-ingress.yaml b/apps/home-assistant/home-assistance-ingress.yaml new file mode 100644 index 0000000..afb7085 --- /dev/null +++ b/apps/home-assistant/home-assistance-ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + acme.cert-manager.io/http01-edit-in-place: "true" + cert-manager.io/issuer: letsencrypt-prod + kubernetes.io/ingress.class: nginx + name: home-assistants-ingress + namespace: default +spec: + rules: + - host: ha.lilpenguins.com + http: + paths: + - backend: + service: + name: home-assistants-service + port: + number: 7123 + path: / + pathType: Prefix + tls: + - hosts: + - ha.lilpenguins.com + secretName: home-assistants-tls-prod diff --git a/apps/home-assistant/home-assistance-service.yaml b/apps/home-assistant/home-assistance-service.yaml new file mode 100644 index 0000000..66f852b --- /dev/null +++ b/apps/home-assistant/home-assistance-service.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: home-assistants-service +spec: + ports: + - port: 7123 + targetPort: 8123 + name: web + selector: + app: home-assistants diff --git a/apps/home-assistant/home-assistance-storage.yaml b/apps/home-assistant/home-assistance-storage.yaml new file mode 100644 index 0000000..a5345fc --- /dev/null +++ b/apps/home-assistant/home-assistance-storage.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: home-assistants-config + namespace: default +spec: + storageClassName: synology-iscsi-storage-custom + accessModes: + - ReadWriteMany + resources: + requests: + storage: 5Gi diff --git a/apps/nzbget/nzbget-deployment.yaml b/apps/nzbget/nzbget-deployment.yaml new file mode 100644 index 0000000..c4205f3 --- /dev/null +++ b/apps/nzbget/nzbget-deployment.yaml @@ -0,0 +1,82 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: nzbget + name: nzbget-deployment + namespace: default +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: nzbget + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + app: nzbget + spec: + containers: + - command: + - /bin/sh + - -c + - /init + env: + - name: TZ + value: America/New_York + image: linuxserver/nzbget + imagePullPolicy: Always + name: nzbget + ports: + - containerPort: 6789 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: nzbget-config + - mountPath: /downloads + name: nzbget-downloads + - mountPath: /tv + name: nfs-tv + - mountPath: /movies + name: nfs-movies + - mountPath: /books + name: nfs-books + - mountPath: /persistentvolumes + name: nfs-client-root + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: nzbget-config + persistentVolumeClaim: + claimName: nzbget-config + - name: nzbget-downloads + emptyDir: + sizeLimit: 200Gi + - name: nfs-tv + nfs: + path: /volume2/vol2/TV/ + server: 192.168.1.78 + - name: nfs-movies + nfs: + path: /volume1/Movies + server: 192.168.1.176 + - name: nfs-books + nfs: + path: /volume2/vol2/Ebooks/ + server: 192.168.1.78 + - name: nfs-client-root + nfs: + path: /volume1/k8s + server: 192.168.1.176 diff --git a/apps/nzbget/nzbget-service.yaml b/apps/nzbget/nzbget-service.yaml new file mode 100644 index 0000000..dbab874 --- /dev/null +++ b/apps/nzbget/nzbget-service.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: nzbget-service +spec: + ports: + - port: 6789 + targetPort: 6789 + name: http + selector: + app: nzbget diff --git a/apps/nzbget/nzbget-storage.yaml b/apps/nzbget/nzbget-storage.yaml new file mode 100644 index 0000000..45fdc76 --- /dev/null +++ b/apps/nzbget/nzbget-storage.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: nzbget-config + namespace: default +spec: + storageClassName: synology-iscsi-storage + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: nzbget-downloads + namespace: default +spec: + storageClassName: synology-iscsi-storage + accessModes: + - ReadWriteMany + resources: + requests: + storage: 500Gi diff --git a/apps/radarr/radarr-deployment.yaml b/apps/radarr/radarr-deployment.yaml new file mode 100644 index 0000000..05327e1 --- /dev/null +++ b/apps/radarr/radarr-deployment.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: radarr + name: radarr-deployment + namespace: default +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: radarr + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + app: radarr + spec: + containers: + - image: ghcr.io/linuxserver/radarr:latest + imagePullPolicy: Always + name: radarr + ports: + - containerPort: 7878 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: radarr-config + - mountPath: /movies + name: nfs-movies + - mountPath: /persistentvolumes + name: nfs-client-root + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: radarr-config + persistentVolumeClaim: + claimName: radarr-config + - name: nfs-movies + nfs: + path: /volume1/Movies + server: 192.168.1.176 + - name: nfs-client-root + nfs: + path: /volume1/k8s + server: 192.168.1.176 diff --git a/apps/radarr/radarr-service.yaml b/apps/radarr/radarr-service.yaml new file mode 100644 index 0000000..d5bda58 --- /dev/null +++ b/apps/radarr/radarr-service.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: radarr-service +spec: + ports: + - port: 7878 + targetPort: 7878 + name: http + selector: + app: radarr diff --git a/apps/radarr/radarr-storage.yaml b/apps/radarr/radarr-storage.yaml new file mode 100644 index 0000000..42de56a --- /dev/null +++ b/apps/radarr/radarr-storage.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: radarr-config + namespace: default +spec: + storageClassName: synology-iscsi-storage-custom + accessModes: + - ReadWriteMany + resources: + requests: + storage: 5Gi diff --git a/apps/sonarr/sonnarr-deployment.yaml b/apps/sonarr/sonnarr-deployment.yaml new file mode 100644 index 0000000..d795918 --- /dev/null +++ b/apps/sonarr/sonnarr-deployment.yaml @@ -0,0 +1,68 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: sonarr + name: sonarr-deployment + namespace: default +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: sonarr + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + app: sonarr + spec: + containers: + - image: ghcr.io/linuxserver/sonarr:latest + imagePullPolicy: Always + name: sonarr + ports: + - containerPort: 8989 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /downloads + name: downloads + - mountPath: /sonarBK + name: sonar + - mountPath: /config + name: sonar-config + - mountPath: /tv + name: nfs-tv + - mountPath: /persistentvolumes + name: nfs-client-root + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: downloads + persistentVolumeClaim: + claimName: sonarr-downloads + - name: sonar + persistentVolumeClaim: + claimName: sonarr + - name: sonar-config + persistentVolumeClaim: + claimName: sonarr-config + - name: nfs-tv + nfs: + path: /volume2/vol2/TV/ + server: 192.168.1.78 + - name: nfs-client-root + nfs: + path: /volume1/k8s + server: 192.168.1.176 diff --git a/apps/sonarr/sonnarr-service.yaml b/apps/sonarr/sonnarr-service.yaml new file mode 100644 index 0000000..b8701a6 --- /dev/null +++ b/apps/sonarr/sonnarr-service.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: sonarr-service +spec: + ports: + - port: 8989 + targetPort: 8989 + name: http + selector: + app: sonarr diff --git a/apps/sonarr/sonnarr-storage.yaml b/apps/sonarr/sonnarr-storage.yaml new file mode 100644 index 0000000..6f09582 --- /dev/null +++ b/apps/sonarr/sonnarr-storage.yaml @@ -0,0 +1,40 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: sonarr + namespace: default +spec: + storageClassName: synology-iscsi-storage-custom + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: sonarr-config + namespace: default +spec: + storageClassName: synology-iscsi-storage-custom + accessModes: + - ReadWriteMany + resources: + requests: + storage: 2Gi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: sonarr-downloads + namespace: default +spec: + storageClassName: synology-iscsi-storage-custom + accessModes: + - ReadWriteMany + resources: + requests: + storage: 50Gi diff --git a/apps/technitium/technitium-deploymet.yaml b/apps/technitium/technitium-deploymet.yaml new file mode 100644 index 0000000..1f1a213 --- /dev/null +++ b/apps/technitium/technitium-deploymet.yaml @@ -0,0 +1,57 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: technitium + name: technitium-deployment + namespace: default +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: technitium + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + app: technitium + spec: + containers: + - image: technitium/dns-server:latest + imagePullPolicy: Always + name: technitium + env: + - name: TZ + value: Etcd/New_York + - name: DNS_SERVER_DOMAIN + value: dns-server + - name: DNS_SERVER_ADMIN_PASSWORD + value: "Nb4^vo9Gg*MFoJ" + ports: + - containerPort: 5380 + protocol: TCP + - containerPort: 53 + protocol: TCP + - containerPort: 53 + protocol: UDP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: technitium-config + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: technitium-config + persistentVolumeClaim: + claimName: technitium-config diff --git a/apps/technitium/technitium-service.yaml b/apps/technitium/technitium-service.yaml new file mode 100644 index 0000000..f2e3b43 --- /dev/null +++ b/apps/technitium/technitium-service.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: technitium-service +spec: + ports: + - port: 5380 + targetPort: 5380 + name: web-admin + - port: 53 + protocol: TCP + targetPort: 53 + name: dns-tcp + - port: 53 + protocol: UDP + targetPort: 53 + name: dns-udp + selector: + app: technitium + sessionAffinity: None + type: LoadBalancer diff --git a/apps/technitium/technitium-storage.yaml b/apps/technitium/technitium-storage.yaml new file mode 100644 index 0000000..de86a79 --- /dev/null +++ b/apps/technitium/technitium-storage.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: technitium-config + namespace: default +spec: + storageClassName: synology-iscsi-storage-custom + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi diff --git a/apps/usb/usb.yaml b/apps/usb/usb.yaml new file mode 100644 index 0000000..9c0a21b --- /dev/null +++ b/apps/usb/usb.yaml @@ -0,0 +1,25 @@ +apiVersion: akri.sh/v0 +kind: Configuration +metadata: + name: akri-ha-insteon +spec: + capacity: 1 + discoveryHandler: + discoveryDetails: | + groupRecursive: true # Recommended unless using very exact udev rules + udevRules: + - ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001" + name: udev +--- +apiVersion: akri.sh/v0 +kind: Configuration +metadata: + name: akri-ha-zigbee +spec: + capacity: 1 + discoveryHandler: + discoveryDetails: | + groupRecursive: true # Recommended unless using very exact udev rules + udevRules: + - ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="8a2a" + name: udev