acmcarther/yesod-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
yesod-mirror/k8s/configs/environments/home/main.jsonnet

269 lines
12 KiB
Jsonnet
Raw Permalink Normal View History

Project import generated by Copybara. GitOrigin-RevId: 6370f6ea785709295b6abcf9c60717cacf3ac432
2026-01-20 13:24:59 -08:00
local base = import "k8s/configs/base.libsonnet";
local secrets = import "k8s/configs/environments/home/secrets.json";
local images = import "k8s/configs/images.libsonnet";
local mosquitto = import "k8s/configs/templates/core/pubsub/eclipse-mosquitto.libsonnet";
local nginxIngress = import "k8s/configs/templates/core/network/nginx-ingress.libsonnet";
local frigate = import "k8s/configs/templates/personal/home/frigate-nvr.libsonnet";
local grocy = import "k8s/configs/templates/personal/home/grocy.libsonnet";
local homeAssistant = import "k8s/configs/templates/personal/home/home-assistant.libsonnet";
local paperlessNg = import "k8s/configs/templates/personal/home/paperless-ng.libsonnet";
local kiwix = import "k8s/configs/templates/personal/media/kiwix.libsonnet";
local bookstack = import "k8s/configs/templates/personal/media/bookstack.libsonnet";
local rclone = import "k8s/configs/templates/dev/tools/rclone.libsonnet";
local focalboard = import "k8s/configs/templates/dev/organization/focalboard.libsonnet";
local nocodb = import "k8s/configs/templates/core/storage/nocodb.libsonnet";
local postgres = import "k8s/configs/templates/core/storage/postgres.libsonnet";
local mariadb = import "k8s/configs/templates/core/storage/mariadb.libsonnet";
local redis = import "k8s/configs/templates/core/storage/redis.libsonnet";
local namespace = "home";
local ctx = base.NewContext(base.helm);
{
namespace: {
apiVersion: "v1",
kind: "Namespace",
metadata: {
name: namespace,
},
},
secrets: {
bookstack: mariadb.Secret(mariadb.SecretParams{
name: "bookstack",
namespace: "home",
rootPassword: secrets.bookstack_mariadb_root_db_pwd,
password: secrets.bookstack_mariadb_db_pwd,
}) {
data+: {
"bookstack-app-key": secrets.bookstack_app_key,
},
},
nocodb: base.Secret("home", "nocodb-secret") {
type: "Opaque",
data: {
"nocodb-metadata-db-pwd": secrets.nocodb_pwd,
"nocodb-metadata-db-url": secrets.nocodb_db_url,
},
},
paperless: base.Secret("home", "paperless-secret") {
type: "Opaque",
data: {
"paperless-db-pwd": secrets.paperless_db_pwd,
},
},
},
apps: {
/*
focalboard: {
dataPvc: base.RecoverableSimpleManyPvc(namespace, "focalboard-data", "nfs-client", "20Gi", {
nfsServer: "apollo1.dominion.lan",
volumeName: "pvc-bbe88409-1751-4de1-a4a7-332f97a1273a",
nfsPath: "/volume3/fs/home-focalboard-data-pvc-bbe88409-1751-4de1-a4a7-332f97a1273a",
}),
app: focalboard.App(focalboard.Params {
namespace: namespace,
name: "focalboard",
filePath: std.thisFile,
dataClaimName: "focalboard-data",
}),
ingress: nginxIngress.Ingress(nginxIngress.IngressParams {
namespace: namespace,
name: "focalboard",
hosts: [
"focal.csbx.dev",
],
serviceName: "focalboard-ui",
annotations: nginxIngress.KubeCsbxOauthProxyAnnotations,
}),
},
*/
frigate: {
dbPvc: base.RecoverableSimpleManyPvc(namespace, "frigate-db", "nfs-client", "50Gi", {
nfsServer: "apollo1.dominion.lan",
volumeName: "pvc-af5280f0-330e-496c-a125-35c8e834a107",
nfsPath: "/volume3/fs/home-frigate-db-pvc-af5280f0-330e-496c-a125-35c8e834a107",
}),
configPvc: base.RecoverableSimpleManyPvc(namespace, "frigate-config", "nfs-client", "50Gi", {
nfsServer: "apollo1.dominion.lan",
volumeName: "pvc-92a06096-0cb3-4df5-abe4-d6c832e95e9f",
nfsPath: "/volume3/fs/home-frigate-config-pvc-92a06096-0cb3-4df5-abe4-d6c832e95e9f",
}),
storagePvc: base.RecoverableSimpleManyPvc(namespace, "frigate-storage", "nfs-bulk", "500Gi", {
nfsServer: "apollo2.dominion.lan",
volumeName: "pvc-2afd5369-c177-4663-bd69-e8caa634650f",
nfsPath: "/volume4/fs-bulk/home-frigate-storage-pvc-2afd5369-c177-4663-bd69-e8caa634650f",
}),
mosquittoPvc: base.RecoverableSimpleManyPvc(namespace, "mosquitto-frigate", "nfs-client", "5Gi", {
nfsServer: "apollo1.dominion.lan",
volumeName: "pvc-e616229c-3fe6-4db0-84c1-b8cf77256ff4",
nfsPath: "/volume3/fs/home-mosquitto-frigate-pvc-e616229c-3fe6-4db0-84c1-b8cf77256ff4",
}),
mosquito: mosquitto.App(mosquitto.Params {
namespace: namespace,
name: "mosquitto-frigate",
filePath: std.thisFile,
mosquittoDataClaimName: "mosquitto-frigate",
}),
app: frigate.App(frigate.Params {
namespace: namespace,
name: "frigate",
filePath: std.thisFile,
// Defined in "home"
dbClaimName: "frigate-db",
storageClaimName: "frigate-storage",
configClaimName: "frigate-config",
mqttAddress: "mosquitto-frigate-api.home.svc.cluster.local",
rtspNodePort: 32702,
frigateRtspPwd: secrets.frigate_rtsp_pwd,
frigateGarageSourceRtsp: secrets.frigate_garage_source_rtsp,
}),
ingress: nginxIngress.Ingress(nginxIngress.IngressParams {
namespace: namespace,
name: "frigate",
hosts: [
"frigate.cheapassbox.com",
],
serviceName: "frigate-ui",
annotations: nginxIngress.KubeOauthProxyAnnotations,
}),
ingress2: nginxIngress.Ingress(nginxIngress.IngressParams {
namespace: namespace,
name: "frigate-csbx",
hosts: [
"frigate.csbx.dev",
],
serviceName: "frigate-ui",
annotations: nginxIngress.KubeCsbxOauthProxyAnnotations,
}),
},
grocy: {
dataPvc: base.RecoverableSimpleManyPvc(namespace, "grocy-data", "nfs-client", "50Gi", {
nfsServer: "apollo1.dominion.lan",
volumeName: "pvc-a251012c-4ef7-4224-87dd-0e39d87c3491",
nfsPath: "/volume3/fs/home-grocy-data-pvc-a251012c-4ef7-4224-87dd-0e39d87c3491",
}),
app: grocy.App(grocy.Params {
namespace: namespace,
name: "grocy",
filePath: std.thisFile,
// Defined in "home"
dataClaimName: "grocy-data",
ingressHost: 'grocy.cheapassbox.com',
}),
ingress: nginxIngress.Ingress(nginxIngress.IngressParams {
namespace: namespace,
name: "grocy-csbx",
hosts: [
"grocy.csbx.dev",
],
serviceName: "grocy-ui",
annotations: nginxIngress.KubeCsbxOauthProxyAnnotations,
}),
},
homeAssistant: {
pvc: base.RecoverableSimpleManyPvc(namespace, "home-assistant-files2", "nfs-client", "5Gi", {
nfsServer: "apollo1.dominion.lan",
volumeName: "pvc-99f5c928-499b-4206-b301-d25f5eb7279d",
nfsPath: "/volume3/fs/home-home-assistant-files-pvc-99f5c928-499b-4206-b301-d25f5eb7279d",
}),
app: homeAssistant.App(homeAssistant.Params {
namespace: namespace,
name: "home-assistant",
filePath: std.thisFile,
filesClaimName: "home-assistant-files2",
}),
ingress: nginxIngress.Ingress(nginxIngress.IngressParams {
namespace: namespace,
name: "home-assistant",
hosts: [
"ha.cheapassbox.com",
],
serviceName: "home-assistant-ui",
annotations: nginxIngress.KubeOauthProxyAnnotations,
}),
ingress2: nginxIngress.Ingress(nginxIngress.IngressParams {
namespace: namespace,
name: "home-assistant-csbx",
hosts: [
"ha.csbx.dev",
],
serviceName: "home-assistant-ui",
annotations: nginxIngress.KubeCsbxOauthProxyAnnotations,
}),
},
paperlessNg: {
configPvc: base.RecoverableSimpleManyPvc(namespace, "paperless-config", "nfs-client", "15Gi", {
nfsServer: "apollo1.dominion.lan",
volumeName: "pvc-919bde50-5063-4c7c-8684-4e0c1b70a266",
nfsPath: "/volume3/fs/home-paperless-config-pvc-919bde50-5063-4c7c-8684-4e0c1b70a266",
}),
pg17Pvc: base.RecoverableSimpleManyPvc(namespace, "paperless-pg-17", "nfs-client", "16Gi", {
nfsServer: "apollo1.dominion.lan",
volumeName: "pvc-d05b4ff0-30d1-4891-830e-3ba1ddb83756",
nfsPath: "/volume3/fs/home-paperless-pg-17-pvc-d05b4ff0-30d1-4891-830e-3ba1ddb83756",
}),
dataPvc: base.RecoverableSimpleManyPvc(namespace, "paperless-data", "nfs-bulk", "100Gi", {
nfsServer: "apollo2.dominion.lan",
volumeName: "pvc-1818cac4-34ec-470a-9c28-f13c96bf1f44",
nfsPath: "/volume4/fs-bulk/home-paperless-data-pvc-1818cac4-34ec-470a-9c28-f13c96bf1f44",
}),
rclonePvc: base.RecoverableSimpleManyPvc(namespace, "rclone-paperless-config", "nfs-client", "1Gi", {
nfsServer: "apollo1.dominion.lan",
volumeName: "pvc-62035a35-84ba-4f3a-82bc-3bccd31b749a",
nfsPath: "/volume3/fs/home-rclone-paperless-config-pvc-62035a35-84ba-4f3a-82bc-3bccd31b749a"
}),
db17App: postgres.App(postgres.Params {
namespace: namespace,
name: "paperless-pg-17",
filePath: std.thisFile,
// TODO:
image: "docker.io/bitnami/postgresql:17.2.0",
// Defined in "//kube/cfg/secrets/media.jsonnet"
dataClaimName: "paperless-pg-17",
dbName: "paperless",
dbUser: "paperless",
// Defined in "//kube/cfg/secrets/media.jsonnet"
dbPwdSecret: "paperless-secret",
dbPwdSecretKey: "paperless-db-pwd",
}),
redis: redis.App(redis.Params {
namespace: namespace,
name: "paperless-ng-redis",
filePath: std.thisFile,
}),
app: paperlessNg.App(paperlessNg.Params {
namespace: namespace,
name: "paperless-ng",
filePath: std.thisFile,
redisHost: "redis://paperless-ng-redis-ui.home.svc.cluster.local:80",
postgresHost: "paperless-pg-17.home.svc.cluster.local",
configClaimName: "paperless-config",
dataClaimName: "paperless-data",
postgresPwdSecret: "paperless-secret",
postgresPwdSecretKey: "paperless-db-pwd",
}),
rcloneCron: rclone.Cron(rclone.Params {
schedule: "0,20,40 * * * *",
namespace: namespace,
name: "rclone-paperless",
filePath: std.thisFile,
// Defined in "home"
configClaimName: "rclone-paperless-config",
dataClaimName: "paperless-data",
}),
ingress: nginxIngress.Ingress(nginxIngress.IngressParams {
namespace: namespace,
name: "paperless-ng",
hosts: [
"paperless.csbx.dev",
],
serviceName: "paperless-ng-ui",
}),
},
},
}
Reference in a new issue Copy permalink