badjware
/
home-stack-kustomize
1
0
Fork 0
Code Releases Activity

Compare commits

base: badjware:f7f3daac801c923d1cc2ef4a6b689f0d84ef7dcf
Branches Tags
badjware:master
...
compare: badjware:7060126ca7fec0ae48a4506d211b974e78a9d103
Branches Tags
badjware:master

3 Commits
f7f3daac80 ... 7060126ca7

Author SHA1 Message Date
Massaki Archambault 7060126ca7 cleanup 2024-08-08 23:03:52 -04:00
Massaki Archambault befd75b371 fix deluge daemon port 2024-08-08 22:51:20 -04:00
Massaki Archambault 75005a04ce pin sillytavern version 2024-08-08 22:45:07 -04:00
35 changed files with 5 additions and 967 deletions
Show Stats Expand all files Collapse all files

4
kustomize/bases/deluge/deluge-deployment.yaml
View File

@ -26,8 +26,8 @@ spec:
hostPort: 58846 hostPort: 58846
containerPort: 58846 containerPort: 58846
- name: torrent - name: torrent
containerPort: 6881
hostPort: 6881 hostPort: 6881
containerPort: 6881
resources: resources:
requests: requests:
cpu: 1500m cpu: 1500m
@ -97,5 +97,5 @@ spec:
app.kubernetes.io/name: deluge app.kubernetes.io/name: deluge
ports: ports:
- port: 6881 - port: 6881
targetPort: deluge-daemon targetPort: torrent
nodePort: 31001 nodePort: 31001

99
kustomize/bases/drone-runner/drone-runner-deployment.yaml
View File

@ -1,99 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: drone-runner
labels:
app.kubernetes.io/name: drone
app.kubernetes.io/component: runner
spec:
selector:
matchLabels:
app.kubernetes.io/name: drone
app.kubernetes.io/component: runner
template:
metadata:
labels:
app.kubernetes.io/name: drone
app.kubernetes.io/component: runner
spec:
containers:
- name: drone
image: drone/drone-runner-kube
env:
- name: DRONE_NAMESPACE_DEFAULT
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: DRONE_RPC_HOST
value: drone-server.gitea.svc.cluster.local # TODO: not hardcode
- name: DRONE_RPC_PROTO
value: http
- name: DRONE_RPC_SECRET
valueFrom:
secretKeyRef:
name: drone-secret
key: rpc_secret
ports:
- name: http
containerPort: 3000
resources:
requests:
cpu: 100m
memory: 100Mi
limits:
cpu: 100m
memory: 100Mi
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: drone-runner-role
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- delete
- apiGroups:
- ""
resources:
- pods
- pods/log
verbs:
- get
- create
- delete
- list
- watch
- update
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: drone-runner-rolebinding
subjects:
- kind: ServiceAccount
name: default
roleRef:
kind: Role
name: drone-runner-role
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Service
metadata:
name: drone-runner
labels:
app.kubernetes.io/name: drone
app.kubernetes.io/component: runner
# monitor: prometheus
spec:
selector:
app.kubernetes.io/name: drone
app.kubernetes.io/component: runner
ports:
- name: http
port: 3000
targetPort: http

6
kustomize/bases/drone-runner/kustomization.yaml
View File

@ -1,6 +0,0 @@
resources:
- drone-runner-deployment.yaml
commonLabels:
app.kubernetes.io/name: drone
app.kubernetes.io/component: runner

98
kustomize/bases/drone-server/drone-server-deployment.yaml
View File

@ -1,98 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: drone-server
labels:
app.kubernetes.io/name: drone
app.kubernetes.io/component: server
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: drone
app.kubernetes.io/component: server
template:
metadata:
labels:
app.kubernetes.io/name: drone
app.kubernetes.io/component: server
spec:
containers:
- name: drone
image: drone/drone
env:
- name: DRONE_GITEA_SERVER
value: https://${GITEA_EXTERNAL_HOST}
- name: DRONE_SERVER_HOST
value: ${DRONE_EXTERNAL_HOST}
- name: DRONE_SERVER_PORT
value: ":80"
- name: DRONE_SERVER_PROTO
value: https
- name: DRONE_GITEA_CLIENT_ID
valueFrom:
secretKeyRef:
name: drone-gitea-oauth-secret
key: client_id
- name: DRONE_GITEA_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: drone-gitea-oauth-secret
key: client_secret
- name: DRONE_RPC_SECRET
valueFrom:
secretKeyRef:
name: drone-secret
key: rpc_secret
- name: DRONE_DATABASE_SECRET
valueFrom:
secretKeyRef:
name: drone-secret
key: database_secret
ports:
- name: http
containerPort: 80
resources:
requests:
cpu: 250m
memory: 100Mi
limits:
cpu: 250m
memory: 100Mi
volumeMounts:
- mountPath: /data
name: drone-server-pv
volumes:
- name: drone-server-pv
persistentVolumeClaim:
claimName: drone-server-pvc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: drone-server-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: Service
metadata:
name: drone-server
labels:
app.kubernetes.io/name: drone
app.kubernetes.io/component: server
# monitor: prometheus
spec:
selector:
app.kubernetes.io/name: drone
app.kubernetes.io/component: server
ports:
- name: http
port: 80
targetPort: http

45
kustomize/bases/drone-server/drone-server-externalsecret.yaml
View File

@ -1,45 +0,0 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: drone-secret
spec:
secretStoreRef:
name: aws-parameters-store
kind: ClusterSecretStore
target:
name: drone-secret
template:
metadata:
labels:
app.kubernetes.io/managed-by: external-secret
annotations: {}
data:
- secretKey: rpc_secret
remoteRef:
key: /k3s/prod/drone/gitea/rpc_secret
- secretKey: database_secret
remoteRef:
key: /k3s/prod/drone/gitea/database_secret
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: drone-gitea-oauth-secret
spec:
secretStoreRef:
name: aws-parameters-store
kind: ClusterSecretStore
target:
name: drone-gitea-oauth-secret
template:
metadata:
labels:
app.kubernetes.io/managed-by: external-secret
annotations: {}
data:
- secretKey: client_id
remoteRef:
key: /k3s/prod/drone/gitea/client_id
- secretKey: client_secret
remoteRef:
key: /k3s/prod/drone/gitea/client_secret

19
kustomize/bases/drone-server/drone-server-ingress.yaml
View File

@ -1,19 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: drone
labels:
app.kubernetes.io/name: drone
probe: blackbox-http
spec:
rules:
- host: ${DRONE_EXTERNAL_HOST}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: drone-server
port:
name: http

8
kustomize/bases/drone-server/kustomization.yaml
View File

@ -1,8 +0,0 @@
resources:
- drone-server-deployment.yaml
- drone-server-ingress.yaml
- drone-server-externalsecret.yaml
commonLabels:
app.kubernetes.io/name: drone
app.kubernetes.io/component: server

22
kustomize/bases/gitea/gitea-deployment.yaml
View File

@ -30,8 +30,6 @@ spec:
configMapKeyRef: configMapKeyRef:
name: kustomize-generated-config name: kustomize-generated-config
key: GITEA_EXTERNAL_URL key: GITEA_EXTERNAL_URL
# - name: GITEA__WEBHOOK_ALLOWED_HOST_LIST
# value: ${DRONE_EXTERNAL_HOST}
- name: GITEA__DEFAULT__APP_NAME - name: GITEA__DEFAULT__APP_NAME
value: Badjware's code stash value: Badjware's code stash
- name: GITEA__SERVICE__DISABLE_REGISTRATION - name: GITEA__SERVICE__DISABLE_REGISTRATION
@ -64,22 +62,6 @@ spec:
- name: gitea-pv - name: gitea-pv
persistentVolumeClaim: persistentVolumeClaim:
claimName: server-pvc claimName: server-pvc
# ---
# apiVersion: v1
# kind: PersistentVolume
# metadata:
# name: gitea-data-nfs
# labels:
# app.kubernetes.io/name: gitea
# spec:
# accessModes:
# - ReadWriteMany
# capacity:
# storage: 100Mi
# nfs:
# server: nfs-localhost
# path: /gitea
# mountOptions: ["vers=4"]
--- ---
apiVersion: v1 apiVersion: v1
kind: PersistentVolumeClaim kind: PersistentVolumeClaim
@ -88,15 +70,11 @@ metadata:
labels: labels:
app.kubernetes.io/name: gitea app.kubernetes.io/name: gitea
spec: spec:
# storageClassName: ""
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
resources: resources:
requests: requests:
storage: 20Gi storage: 20Gi
# selector:
# matchLabels:
# app.kubernetes.io/name: gitea
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service

11
kustomize/bases/home-assistant/configurations/configuration.yaml
View File

@ -1,11 +0,0 @@
default_config:
frontend:
themes: !include_dir_merge_named themes
automation: !include automations.yaml
http:
use_x_forwarded_for: true
trusted_proxies:
- 10.0.0.0/8

97
kustomize/bases/home-assistant/home-assistant-deployment.yaml
View File

@ -1,97 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: server
labels:
app.kubernetes.io/name: home-assistant
app.kubernetes.io/component: server
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: home-assistant
app.kubernetes.io/component: server
template:
metadata:
labels:
app.kubernetes.io/name: home-assistant
app.kubernetes.io/component: server
spec:
affinity:
nodeAffinity:
# TODO: eviction policy
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
# need a zigbee receiver
- key: badjware.dev/zigbee-receiver
operator: Exists
initContainers:
- image: busybox:1.36.1
name: cp-config
command: ["cp", "/server-config/configuration.yaml", "/config"]
volumeMounts:
- name: home-assistant-pv
mountPath: /config
- name: server-config
mountPath: /server-config
readOnly: true
containers:
- image: homeassistant/home-assistant
name: home-assistant
securityContext:
privileged: true
ports:
- name: http
containerPort: 8123
resources:
requests:
cpu: 250m
memory: 500Mi
limits:
cpu: 250m
memory: 500Mi
volumeMounts:
- name: home-assistant-pv
mountPath: /config
- name: zigbee-receiver
mountPath: /dev/ttyUSB0
volumes:
- name: zigbee-receiver
hostPath:
path: /dev/ttyUSB0
- name: home-assistant-pv
persistentVolumeClaim:
claimName: server-pvc
- name: server-config
configMap:
name: server-config
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: server-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
---
apiVersion: v1
kind: Service
metadata:
name: server
labels:
app.kubernetes.io/name: home-assistant
app.kubernetes.io/component: server
spec:
selector:
app.kubernetes.io/name: home-assistant
app.kubernetes.io/component: server
ports:
- name: http
port: 80
targetPort: http

19
kustomize/bases/home-assistant/home-assistant-ingress.yaml
View File

@ -1,19 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: server
labels:
app.kubernetes.io/name: home-assistant
probe: blackbox-http
spec:
rules:
- host: ${HOMEASSISTANT_EXTERNAL_HOST}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: server
port:
name: http

28
kustomize/bases/home-assistant/kustomization.yaml
View File

@ -1,28 +0,0 @@
resources:
- home-assistant-deployment.yaml
- home-assistant-ingress.yaml
namePrefix: home-assistant-
commonLabels:
app.kubernetes.io/name: home-assistant
configMapGenerator:
- name: server-config
files:
- configuration.yaml=configurations/configuration.yaml
- name: kustomize-generated-config
literals:
- HOMEASSISTANT_EXTERNAL_HOST=hass.badjware.dev
replacements:
- source:
kind: ConfigMap
name: kustomize-generated-config
fieldPath: data.HOMEASSISTANT_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: server
fieldPaths:
- spec.rules.0.host

16
kustomize/bases/kubernetes-dashboard/dashboard-admin-user.yaml
View File

@ -1,16 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user

19
kustomize/bases/kubernetes-dashboard/dashboard-ingress.yaml
View File

@ -1,19 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: kubernetes-dashboard
labels:
app.kubernetes.io/name: kubernetes-dashboard
probe: blackbox-http
spec:
rules:
- host: ${KUBERNETES_DASHBOARD_EXTERNAL_HOST}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 443

9
kustomize/bases/kubernetes-dashboard/kustomization.yaml
View File

@ -1,9 +0,0 @@
resources:
- https://raw.githubusercontent.com/kubernetes/dashboard/v2.3.1/aio/deploy/recommended.yaml
- dashboard-admin-user.yaml
- dashboard-ingress.yaml
commonLabels:
app.kubernetes.io/name: kubernetes-dashboard
namespace: kubernetes-dashboard

29
kustomize/bases/librechat/kustomization.yaml
View File

@ -1,29 +0,0 @@
resources:
- ../mongodb
- ../litellm
- librechat-deployment.yaml
- librechat-externalsecret.yaml
- librechat-ingress.yaml
namePrefix: librechat-
configMapGenerator:
- name: kustomize-generated-config
literals:
- LIBRECHAT_EXTERNAL_HOST=chat.badjware.dev
- LIBRECHAT_EXTERNAL_URL=https://chat.badjware.dev
- name: server-config
literals:
- librechat.yaml=
replacements:
- source:
kind: ConfigMap
name: kustomize-generated-config
fieldPath: data.LIBRECHAT_EXTERNAL_HOST
targets:
- select:
kind: Ingress
name: server
fieldPaths:
- spec.rules.0.host

162
kustomize/bases/librechat/librechat-deployment.yaml
View File

@ -1,162 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: server
labels:
app.kubernetes.io/name: librechat
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: librechat
template:
metadata:
labels:
app.kubernetes.io/name: librechat
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
# Image only supports amd64
- key: kubernetes.io/arch
operator: In
values:
- amd64
containers:
- name: librechat
image: ghcr.io/danny-avila/librechat
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: DOMAIN_CLIENT
valueFrom:
configMapKeyRef:
name: kustomize-generated-config
key: LIBRECHAT_EXTERNAL_URL
- name: DOMAIN_SERVER
valueFrom:
configMapKeyRef:
name: kustomize-generated-config
key: LIBRECHAT_EXTERNAL_URL
- name: MONGO_URI
value: mongodb://librechat-mongodb.$(NAMESPACE).svc:27017/LibreChat
- name: SEARCH
value: 'false' # TODO
- name: DEBUG_LOGGING
value: 'true'
# Models
- name: OPENAI_API_KEY
value: user_provided
# Secrets
- name: CREDS_KEY
valueFrom:
secretKeyRef:
name: server-tokens
key: creds_key
- name: CREDS_IV
valueFrom:
secretKeyRef:
name: server-tokens
key: creds_iv
- name: JWT_SECRET
valueFrom:
secretKeyRef:
name: server-tokens
key: jwt_secret
- name: JWT_REFRESH_SECRET
valueFrom:
secretKeyRef:
name: server-tokens
key: jwt_refresh_secret
# Login configuration
- name: ALLOW_EMAIL_LOGIN
value: 'false'
- name: ALLOW_REGISTRATION
value: 'false'
- name: ALLOW_SOCIAL_LOGIN
value: 'true'
- name: ALLOW_SOCIAL_REGISTRATION
value: 'true'
- name: OPENID_CLIENT_ID
valueFrom:
secretKeyRef:
name: server-openid-config
key: openid_client_id
- name: OPENID_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: server-openid-config
key: openid_client_secret
- name: OPENID_ISSUER
valueFrom:
secretKeyRef:
name: server-openid-config
key: openid_issuer
- name: OPENID_SESSION_SECRET
valueFrom:
secretKeyRef:
name: server-openid-config
key: openid_session_secret
- name: OPENID_SCOPE
value: openid profile email
- name: OPENID_CALLBACK_URL
value: /oauth/openid/callback
ports:
- name: http
containerPort: 3080
resources:
requests:
cpu: 250m
memory: 500Mi
limits:
cpu: 1000m
memory: 500Mi
volumeMounts:
- name: server-images-pv
mountPath: /app/client/public/images
- name: server-config
mountPath: /app/librechat.yaml
subPath: librechat.yaml
volumes:
- name: server-images-pv
persistentVolumeClaim:
claimName: server-images-pvc
- name: server-config
configMap:
name: server-config
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: server-images-pvc
labels:
app.kubernetes.io/name: librechat
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: Service
metadata:
name: server
labels:
app.kubernetes.io/name: librechat
spec:
selector:
app.kubernetes.io/name: librechat
ports:
- name: http
port: 3080
targetPort: http

57
kustomize/bases/librechat/librechat-externalsecret.yaml
View File

@ -1,57 +0,0 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: server-tokens
spec:
secretStoreRef:
name: aws-parameters-store
kind: ClusterSecretStore
target:
name: server-tokens
template:
metadata:
labels:
app.kubernetes.io/managed-by: external-secret
annotations: {}
data:
- secretKey: creds_key
remoteRef:
key: /k3s/prod/llm/librechat/creds_key
- secretKey: creds_iv
remoteRef:
key: /k3s/prod/llm/librechat/creds_iv
- secretKey: jwt_secret
remoteRef:
key: /k3s/prod/llm/librechat/jwt_secret
- secretKey: jwt_refresh_secret
remoteRef:
key: /k3s/prod/llm/librechat/jwt_refresh_secret
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: server-openid-config
spec:
secretStoreRef:
name: aws-parameters-store
kind: ClusterSecretStore
target:
name: server-openid-config
template:
metadata:
labels:
app.kubernetes.io/managed-by: external-secret
annotations: {}
data:
- secretKey: openid_client_id
remoteRef:
key: /k3s/prod/llm/librechat/openid_client_id
- secretKey: openid_client_secret
remoteRef:
key: /k3s/prod/llm/librechat/openid_client_secret
- secretKey: openid_issuer
remoteRef:
key: /k3s/prod/llm/librechat/openid_issuer
- secretKey: openid_session_secret
remoteRef:
key: /k3s/prod/llm/librechat/openid_session_secret

19
kustomize/bases/librechat/librechat-ingress.yaml
View File

@ -1,19 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: server
labels:
app.kubernetes.io/name: librechat
probe: blackbox-http
spec:
rules:
- host: ${LIBRECHAT_EXTERNAL_HOST}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: server
port:
name: http

6
kustomize/bases/node-exporter/kustomization.yaml
View File

@ -1,6 +0,0 @@
resources:
- node-exporter-daemonset.yaml
commonLabels:
app.kubernetes.io/name: node-exporter
app.kubernetes.io/part-of: monitoring

66
kustomize/bases/node-exporter/node-exporter-daemonset.yaml
View File

@ -1,66 +0,0 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: node-exporter
namespace: kube-monitoring
labels:
app.kubernetes.io/name: node-exporter
spec:
selector:
matchLabels:
app.kubernetes.io/name: node-exporter
template:
metadata:
name: node-exporter
labels:
app.kubernetes.io/name: node-exporter
spec:
hostNetwork: true
hostPID: true
containers:
- name: node-exporter
image: prom/node-exporter
args:
- "--path.procfs=/host/proc"
- "--path.sysfs=/host/sys"
ports:
- containerPort: 9100
name: http-metrics
resources:
requests:
memory: 20Mi
cpu: 100m
limits:
memory: 20Mi
cpu: 100m
volumeMounts:
- name: proc
readOnly: true
mountPath: /host/proc
- name: sys
readOnly: true
mountPath: /host/sys
tolerations:
- effect: NoSchedule
operator: Exists
volumes:
- name: proc
hostPath:
path: /proc
- name: sys
hostPath:
path: /sys
---
apiVersion: v1
kind: Service
metadata:
name: nodes-exporter
labels:
app.kubernetes.io/name: node-exporter
spec:
selector:
app.kubernetes.io/name: node-exporter
ports:
- name: http-metrics
port: 9100
targetPort: http-metrics

16
kustomize/env/prod/configurations/home-assistant/configuration.yaml vendored
View File

@ -1,16 +0,0 @@
default_config:
frontend:
themes: !include_dir_merge_named themes
automation: !include automations.yaml
http:
use_x_forwarded_for: true
trusted_proxies:
- 10.0.0.0/8
sonos:
media_player:
hosts:
- 192.168.30.50

5
kustomize/env/prod/configurations/litellm/config.yaml vendored
View File

@ -1,5 +0,0 @@
model_list:
- model_name: "*"
litellm_params:
model: "ollama_chat/*"
api_base: http://ollama-server:11434

42
kustomize/env/prod/kustomization.yaml vendored
View File

@ -1,21 +1,13 @@
resources: resources:
- ../../overlays/system - ../../overlays/system
# - ../../namespaces/kubernetes-dashboard
- ../../overlays/gitea - ../../overlays/gitea
# - ../../overlays/woodpecker
# - ../../overlays/gitlab
- ../../overlays/monitoring - ../../overlays/monitoring
- ../../overlays/nextcloud - ../../overlays/nextcloud
# - ../../overlays/home-assistant
- ../../overlays/jellyfin - ../../overlays/jellyfin
- ../../overlays/deluge - ../../overlays/deluge
- ../../overlays/actual - ../../overlays/actual
- ../../overlays/llm - ../../overlays/llm
- probes/snmp-exporter.yaml
# resources:
# - probes/external-services-bobcat-miner.yaml
buildMetadata: buildMetadata:
- originAnnotations - originAnnotations
@ -25,23 +17,14 @@ images:
newTag: 1.21.11 newTag: 1.21.11
- name: grafana/grafana - name: grafana/grafana
newTag: 11.1.0 newTag: 11.1.0
# - name: prom/node-exporter
# newTag: v0.18.1
- name: prom/blackbox-exporter - name: prom/blackbox-exporter
# newName: badjware/blackbox-exporter-tweak
newTag: v0.24.0 newTag: v0.24.0
# - name: drone/drone
# newTag: 2.14.0
# - name: drone/drone-runner-kube
# newTag: 1.0.0-rc.3
- name: nextcloud - name: nextcloud
newTag: 29.0.3 newTag: 29.0.3
- name: collabora/code - name: collabora/code
newTag: 23.05.5.4.1 newTag: 23.05.5.4.1
- name: nextcloud/aio-imaginary - name: nextcloud/aio-imaginary
newTag: 20230613_120442-latest-arm64 newTag: 20230613_120442-latest-arm64
# - name: homeassistant/home-assistant
# newTag: 2023.10.2
- name: jellyfin/jellyfin - name: jellyfin/jellyfin
newTag: 10.9.7 newTag: 10.9.7
- name: lscr.io/linuxserver/deluge - name: lscr.io/linuxserver/deluge
@ -58,24 +41,8 @@ images:
newTag: main-v1.43.1 newTag: main-v1.43.1
- name: ghcr.io/open-webui/open-webui - name: ghcr.io/open-webui/open-webui
newTag: v0.3.10 # https://github.com/open-webui/open-webui/discussions/4331 newTag: v0.3.10 # https://github.com/open-webui/open-webui/discussions/4331
- name: ghcr.io/sillytavern/sillytavern
newTag: 1.12.4
configMapGenerator:
# - name: litellm-proxy-config
# namespace: llm
# behavior: replace
# files:
# - config.yaml=./configurations/litellm/config.yaml
# - name: home-assistant-server-config
# namespace: home-assistant
# behavior: replace
# files:
# - configuration.yaml=configurations/home-assistant/configuration.yaml
# - name: ecommerce-exporter-config
# namespace: monitoring
# behavior: replace
# files:
# - ecommerce-exporter.yml=configurations/ecommerce-exporter/ecommerce-exporter.yml
secretGenerator: secretGenerator:
- name: prometheus-additional-scrape-configs - name: prometheus-additional-scrape-configs
@ -105,11 +72,6 @@ patches:
kind: Deployment kind: Deployment
name: deluge-server name: deluge-server
path: patches/deluge-deployment-patch.yaml path: patches/deluge-deployment-patch.yaml
# - target:
# version: v1
# kind: Prometheus
# name: prometheus
# path: patches/prometheus-patch.yaml
# patchesStrategicMerge: # patchesStrategicMerge:
# - patches/blackbox-exporter-probe-patch.yaml # - patches/blackbox-exporter-probe-patch.yaml

8
kustomize/env/prod/patches/librechat-deployment-patch.yaml vendored
View File

@ -1,8 +0,0 @@
- op: add
path: /spec/template/spec/containers/0/env/-
value:
name: LITELLM_MASTER_KEY
valueFrom:
secretKeyRef:
name: litellm-config
key: master_key

13
kustomize/env/prod/patches/librechat-ingress-patch.yaml vendored
View File

@ -1,13 +0,0 @@
- op: add
path: /metadata/annotations/traefik.ingress.kubernetes.io~1router.middlewares
value: llm-litellm-stripprefix@kubernetescrd
- op: add
path: /spec/rules/0/http/paths/-
value:
path: /api2
pathType: Prefix
backend:
service:
name: librechat-litellm
port:
name: http

8
kustomize/env/prod/patches/litellm-deployment-patch.yaml vendored
View File

@ -1,8 +0,0 @@
- op: add
path: /spec/template/spec/containers/0/env/-
value:
name: MASTER_KEY
valueFrom:
secretKeyRef:
name: litellm-config
key: master_key

3
kustomize/env/prod/patches/prometheus-patch.yaml vendored
View File

@ -1,3 +0,0 @@
- op: replace
path: /spec/remoteWrite/0/url
value: https://prometheus-prod-10-prod-us-central-0.grafana.net/api/prom/push

4
kustomize/env/prod/patches/prometheus/prometheus-additional.yaml vendored
View File

@ -1,4 +0,0 @@
- job_name: additional/bastion-haproxy
static_configs:
- targets: ["192.168.20.10:8080"]

20
kustomize/env/prod/resources/litellm-externalsecret.yaml vendored
View File

@ -1,20 +0,0 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: litellm-config
namespace: llm
spec:
secretStoreRef:
name: aws-parameters-store
kind: ClusterSecretStore
target:
name: litellm-config
template:
metadata:
labels:
app.kubernetes.io/managed-by: external-secret
annotations: {}
data:
- secretKey: master_key
remoteRef:
key: /k3s/prod/llm/litellm/master_key

5
kustomize/overlays/home-assistant/kustomization.yaml
View File

@ -1,5 +0,0 @@
resources:
- namespace.yaml
- ../../bases/home-assistant
namespace: home-assistant

4
kustomize/overlays/home-assistant/namespace.yaml
View File

@ -1,4 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: home-assistant

4
kustomize/overlays/kubernetes-dashboard/kustomization.yaml
View File

@ -1,4 +0,0 @@
resources:
- ../../bases/kubernetes-dashboard
namespace: kubernetes-dashboard

1
kustomize/overlays/monitoring/kustomization.yaml
View File

@ -17,5 +17,6 @@ resources:
# - servicemonitors/node-exporter.yaml # - servicemonitors/node-exporter.yaml
- podmonitors/traefik.yaml - podmonitors/traefik.yaml
- probes/blackbox-exporter.yaml - probes/blackbox-exporter.yaml
- probes/snmp-exporter.yaml
namespace: monitoring namespace: monitoring

0
kustomize/env/prod/probes/snmp-exporter.yaml → kustomize/overlays/monitoring/probes/snmp-exporter.yaml
View File