diff --git a/README.md b/README.md index fc6b1ac..f64ac1a 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,3 @@ -# alpine-server +# Alpine-server -Configuration files of my server Alpine Linux operating system. +Guides and configuration files of my Alpine server install. \ No newline at end of file diff --git a/bin/backup b/bin/backup deleted file mode 100755 index 446e732..0000000 --- a/bin/backup +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -host="" -user="" -serverdir="" - -clientdirs="$HOME/.local/etc $HOME/.local/bin $HOME/.config $HOME/.volumes $HOME/.dump" -command="/usr/bin/restic" - -exec $command -r sftp:${user}@${host}:/${serverdir} -v backup $clientdirs diff --git a/bin/checkpod b/bin/checkpod old mode 100755 new mode 100644 diff --git a/bin/dump b/bin/dump old mode 100755 new mode 100644 index 8b9ff7a..dfb9e8a --- a/bin/dump +++ b/bin/dump @@ -2,6 +2,7 @@ command="/usr/bin/podman" + # Dumps databases postgres_databases="" @@ -11,11 +12,12 @@ do $command exec -it ${database}-pod-postgres sh -c "pg_dumpall -U postgres | gzip > /dump/${database}.sql.gz" done + # Exports volumes volumes="" for volume in $volumes do - $command volume export $volume --output /home/neutrino/.volumes/${volume}.tar + $command volume export $volume --output /.volumes/${volume}.tar done diff --git a/bin/load b/bin/load new file mode 100644 index 0000000..7ab81c5 --- /dev/null +++ b/bin/load @@ -0,0 +1,23 @@ +#!/bin/sh + +command="/usr/bin/podman" + + +# Loads dumped databases + +postgres_databases="gitea" + +for database in $postgres_databases +do + exec $command exec -it ${database}-pod-postgres sh -c "gunzip -c /dump/${database}.sql.gz | psql -U postgres" +done + + +# Imports volumes + +volumes="gitea-pod-gitea-data" + +for volume in $volumes +do + exec $command volume import $volume /.volumes/${volume}.tar +done diff --git a/bin/load-databases b/bin/load-databases deleted file mode 100755 index df6d3b0..0000000 --- a/bin/load-databases +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh - -command="/usr/bin/podman" - -# Loads dumped databases - -postgres_databases="" - -for database in $postgres_databases -do - $command exec -it ${database}-pod-postgres sh -c "gunzip -c /dump/${database}.sql.gz | psql -U postgres" -done diff --git a/bin/load-volumes b/bin/load-volumes deleted file mode 100755 index 04f7958..0000000 --- a/bin/load-volumes +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh - -command="/usr/bin/podman" - -# Imports volumes - -volumes="" - -for volume in $volumes -do - $command volume import $volume /home/neutrino/.volumes/${volume}.tar -done diff --git a/caddy/caddyfile b/caddy/caddyfile new file mode 100644 index 0000000..7c79291 --- /dev/null +++ b/caddy/caddyfile @@ -0,0 +1,49 @@ +{ + email +} + +vault.bijl.us { + reverse_proxy :1080 +} + +git.bijl.us { + reverse_proxy :2080 +} + +docs.bijl.us { + reverse_proxy :2180 +} + +wiki.bijl.us { + reverse_proxy :2280 +} + +matrix.bijl.us { + handle /_matrix/* { + reverse_proxy :3080 + } + + handle /.well-known/matrix/server { + respond {"m.server":"matrix.bijl.us:443"} + } + + handle /.well-known/matrix/client { + respond {"m.homeserver":{"base_url":"https://matrix.bijl.us"}} + } +} + +element.bijl.us { + reverse_proxy :3180 +} + +notes.bijl.us { + reverse_proxy :4080 +} + +share.bijl.us { + reverse_proxy :5080 +} + +smarthome.bijl.us { + reverse_proxy :6080 +} \ No newline at end of file diff --git a/containerfiles/git-mkdocs-wiki/default.conf.env b/containerfiles/git-mkdocs-wiki/default.conf.env new file mode 100644 index 0000000..5111323 --- /dev/null +++ b/containerfiles/git-mkdocs-wiki/default.conf.env @@ -0,0 +1,15 @@ +server { + listen $PORT; + listen [::]:${PORT}; + server_name localhost; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + } + + error_page 500 502 503 504 /50x.html; + location = /50.html { + root /usr/share/nginx/html; + } +} \ No newline at end of file diff --git a/containerfiles/git-mkdocs-wiki/git-mkdocs-wiki b/containerfiles/git-mkdocs-wiki/git-mkdocs-wiki new file mode 100644 index 0000000..e9a7dc5 --- /dev/null +++ b/containerfiles/git-mkdocs-wiki/git-mkdocs-wiki @@ -0,0 +1,10 @@ +#!/bin/sh + +exec 2>&1 +find /mkdocs/repo || git clone $GIT_REPO_URL /mkdocs/repo +cd /mkdocs/repo && git pull + +for lang in $WIKI_LANG +do + mkdocs build -f /mkdocs/repo/config/${lang}/mkdocs.yml -d /usr/share/nginx/html/${lang} +done \ No newline at end of file diff --git a/containerfiles/git-mkdocs-wiki/git-mkdocs-wiki.containerfile b/containerfiles/git-mkdocs-wiki/git-mkdocs-wiki.containerfile new file mode 100644 index 0000000..dbbf612 --- /dev/null +++ b/containerfiles/git-mkdocs-wiki/git-mkdocs-wiki.containerfile @@ -0,0 +1,25 @@ +FROM nginx:alpine + +ENV PORT="80" +COPY default.conf.env /etc/nginx/conf.d/default.conf.env + +RUN apk add envsubst \ + && touch /docker-entrypoint.d/port.sh \ + && echo "exec envsubst < /etc/nginx/conf.d/default.conf.env > /etc/nginx/conf.d/default.conf && nginx -s reload" > /docker-entrypoint.d/port.sh \ + && chmod 776 /docker-entrypoint.d/port.sh + +RUN apk add git \ + && apk add mkdocs \ + && apk add mkdocs-material \ + && apk add py3-regex + +RUN mkdir /mkdocs +WORKDIR /mkdocs + +COPY root /etc/crontabs/root +COPY git-mkdocs-wiki /bin/git-mkdocs-wiki +RUN chmod 744 /bin/git-mkdocs-wiki + +RUN touch /docker-entrypoint.d/cron.sh \ + && echo "exec crond" > /docker-entrypoint.d/cron.sh \ + && chmod 776 /docker-entrypoint.d/cron.sh \ No newline at end of file diff --git a/containerfiles/git-mkdocs-wiki/root b/containerfiles/git-mkdocs-wiki/root new file mode 100644 index 0000000..aace2f3 --- /dev/null +++ b/containerfiles/git-mkdocs-wiki/root @@ -0,0 +1,3 @@ +# do daily/weekly/monthly maintanance +# min hour day month weekday command +* * * * * git-mkdocs-wiki \ No newline at end of file diff --git a/containerfiles/git-mkdocs/default.conf.env b/containerfiles/git-mkdocs/default.conf.env new file mode 100644 index 0000000..5111323 --- /dev/null +++ b/containerfiles/git-mkdocs/default.conf.env @@ -0,0 +1,15 @@ +server { + listen $PORT; + listen [::]:${PORT}; + server_name localhost; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + } + + error_page 500 502 503 504 /50x.html; + location = /50.html { + root /usr/share/nginx/html; + } +} \ No newline at end of file diff --git a/containerfiles/git-mkdocs/git-mkdocs b/containerfiles/git-mkdocs/git-mkdocs new file mode 100644 index 0000000..60a65d9 --- /dev/null +++ b/containerfiles/git-mkdocs/git-mkdocs @@ -0,0 +1,6 @@ +#!/bin/sh + +exec 2>&1 +find /mkdocs/repo || git clone $GIT_REPO_URL /mkdocs/repo +cd /mkdocs/repo && git pull +exec mkdocs build -f /mkdocs/repo/mkdocs.yml -d /usr/share/nginx/html \ No newline at end of file diff --git a/containerfiles/git-mkdocs/git-mkdocs.containerfile b/containerfiles/git-mkdocs/git-mkdocs.containerfile new file mode 100644 index 0000000..1d02ab4 --- /dev/null +++ b/containerfiles/git-mkdocs/git-mkdocs.containerfile @@ -0,0 +1,25 @@ +FROM nginx:alpine + +ENV PORT="80" +COPY default.conf.env /etc/nginx/conf.d/default.conf.env + +RUN apk add envsubst \ + && touch /docker-entrypoint.d/port.sh \ + && echo "exec envsubst < /etc/nginx/conf.d/default.conf.env > /etc/nginx/conf.d/default.conf && nginx -s reload" > /docker-entrypoint.d/port.sh \ + && chmod 776 /docker-entrypoint.d/port.sh + +RUN apk add git \ + && apk add mkdocs \ + && apk add mkdocs-material \ + && apk add py3-regex + +RUN mkdir /mkdocs +WORKDIR /mkdocs + +COPY root /etc/crontabs/root +COPY git-mkdocs /bin/git-mkdocs +RUN chmod 744 /bin/git-mkdocs + +RUN touch /docker-entrypoint.d/cron.sh \ + && echo "exec crond" > /docker-entrypoint.d/cron.sh \ + && chmod 776 /docker-entrypoint.d/cron.sh \ No newline at end of file diff --git a/containerfiles/git-mkdocs/root b/containerfiles/git-mkdocs/root new file mode 100644 index 0000000..d260f99 --- /dev/null +++ b/containerfiles/git-mkdocs/root @@ -0,0 +1,3 @@ +# do daily/weekly/monthly maintanance +# min hour day month weekday command +* * * * * git-mkdocs \ No newline at end of file diff --git a/dotconfig/caddy/caddyfile b/dotconfig/caddy/caddyfile deleted file mode 100644 index 4c35ce7..0000000 --- a/dotconfig/caddy/caddyfile +++ /dev/null @@ -1,73 +0,0 @@ -hs.bijl.us { - reverse_proxy : -} - -vault.bijl.us { - reverse_proxy : -} - -matrix.bijl.us { - handle /_matrix/* { - reverse_proxy : - } - - handle /.well-known/matrix/server { - respond {"m.server":"matrix.bijl.us:443"} - } - - handle /.well-known/matrix/client { - respond {"m.homeserver":{"base_url":"https://matrix.bijl.us"}} - } -} - -smarthome.bijl.us { - reverse_proxy : -} - -share.bijl.us { - reverse_proxy : -} - -media.bijl.us { - reverse_proxy : -} - -ampel.dev { - reverse_proxy : -} - -git.ampel.dev { - reverse_proxy : -} - -docs.ampel.dev { - reverse_proxy : -} - -blog.ampel.dev { - reverse_proxy : -} - -notes.ampel.dev { - reverse_proxy : -} - -lucbijl.nl { - reverse_proxy : -} - -git.lucbijl.nl { - reverse_proxy : -} - -wiki.lucbijl.nl { - reverse_proxy : -} - -blog.lucbijl.nl { - reverse_proxy : -} - -notes.lucbijl.nl { - reverse_proxy : -} diff --git a/dotconfig/pods/ampel/ampel-pod.yml b/dotconfig/pods/ampel/ampel-pod.yml deleted file mode 100644 index d0c2798..0000000 --- a/dotconfig/pods/ampel/ampel-pod.yml +++ /dev/null @@ -1,174 +0,0 @@ -apiversion: v1 -kind: Pod -metadata: - name: ampel-pod - annotations: - io.podman.annotations.infra.name: ampel-pod-infra -spec: - containers: -# - name: root -# image: -# env: -# - name: PORT -# value: 3000 -# ports: -# - containerport: 3000 -# hostport: -# protocol: TCP -# volumemounts: -# - name: localtime -# mountpath: /etc/localtime -# readonly: true - - - name: git - image: codeberg.org/forgejo/forgejo:9 - env: - - name: USER_UID - value: "1000" - - name: USER_GID - value: "1000" - - name: FORGEJO__database__DB_TYPE - value: "postgres" - - name: FORGEJO__database__HOST - value: "ampel-pod-postgres" - - name: FORGEJO__database__USER - value: "postgres" - - name: FORGEJO__database__PASSWD - valuefrom: - secretkeyref: - name: ampel-secrets - key: postgres-password - - name: FORGEJO__database__NAME - value: "forgejo" - ports: - - containerport: 3100 - hostport: - protocol: TCP - volumemounts: - - name: git-data - mountpath: /data - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: tailscale - image: ghcr.io/tailscale/tailscale:latest - env: - - name: TS_HOSTNAME - value: "ampel-pod" - - name: TS_AUTHKEY - value: "" - - name: TS_STATE_DIR - value: "/var/lib/tailscale" - - name: TS_EXTRA_ARGS - value: "--login-server=" - volumemounts: - - name: tailscale-lib - mountpath: /var/lib/tailscale - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: docs - image: git.ampel.dev/ampel/mkdocs-git:latest - env: - - name: GIT_REPO_URL - value: "" - - name: PORT - value: 3200 - ports: - - containerport: 3200 - hostport: - protocol: TCP - volumemounts: - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: blog - image: git.ampel.dev/ampel/mkdocs-git:latest - env: - - name: GIT_REPO_URL - value: "" - - name: PORT - value: 3300 - ports: - - containerport: 3300 - hostport: - protocol: TCP - volumemounts: - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: notes - image: quay.io/hedgedoc/hedgedoc:alpine - env: - - name: CMD_DB_URL - valuefrom: - secretkeyref: - name: ampel-secrets - key: postgres-url - - name: CMD_PORT - value: 3400 - - name: CMD_ALLOW_EMAIL_REGISTER - value: true - - name: CMD_DOMAIN - value: "" - - name: CMD_PROTOCOL_USESSL - value: true - - name: NODE_ENV - value: production - - name: CMD_IMAGE_UPLOAD_TYPE - value: filesystem - - name: UPLOADS_MODE - value: 0700 - ports: - - containerport: 3400 - hostport: - protocol: TCP - volumemounts: - - name: notes-uploads - mountpath: /hedgedoc/public/uploads - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: postgres - image: docker.io/library/postgres:16-alpine - env: - - name: POSTGRES_PASSWORD - valuefrom: - secretkeyref: - name: ampel-secrets - key: postgres-password - volumemounts: - - name: postgres-dump - mountpath: /dump - - name: postgres-data - mountpath: /var/lib/postgresql/data - - name: localtime - mountpath: /etc/localtime - readonly: true - - volumes: - - name: git-data - persistentvolumeclaim: - claimname: ampel-pod-git-data - - name: tailscale-lib - persistentvolumeclaim: - claimname: ampel-pod-tailscale-lib - - name: notes-uploads - persistentvolumeclaim: - claimname: ampel-pod-notes-uploads - - name: postgres-dump - hostpath: - path: $HOME/.dump/ampel - type: Directory - - name: postgres-data - persistentvolumeclaim: - claimname: ampel-pod-postgres-data - - name: localtime - hostpath: - path: /etc/localtime - type: File diff --git a/dotconfig/pods/ampel/ampel-secrets.yml b/dotconfig/pods/ampel/ampel-secrets.yml deleted file mode 100644 index 75453f0..0000000 --- a/dotconfig/pods/ampel/ampel-secrets.yml +++ /dev/null @@ -1,8 +0,0 @@ -apiversion: v1 -data: - postgres-password: - postgres-url: -kind: Secret -metadata: - creationtimestamp: null - name: ampel-secrets diff --git a/dotconfig/pods/bitwarden/bitwarden-secrets.yml b/dotconfig/pods/bitwarden/bitwarden-secrets.yml deleted file mode 100644 index 14e3375..0000000 --- a/dotconfig/pods/bitwarden/bitwarden-secrets.yml +++ /dev/null @@ -1,8 +0,0 @@ -apiversion: v1 -data: - postgres-password: - postgres-url: -kind: Secret -metadata: - creationtimestamp: null - name: bitwarden-secrets diff --git a/dotconfig/pods/luc/luc-pod.yml b/dotconfig/pods/luc/luc-pod.yml deleted file mode 100644 index 920164b..0000000 --- a/dotconfig/pods/luc/luc-pod.yml +++ /dev/null @@ -1,134 +0,0 @@ -apiversion: v1 -kind: Pod -metadata: - name: luc-pod - annotations: - io.podman.annotations.infra.name: luc-pod-infra -spec: - containers: -# - name: root -# image: -# env: -# - name: PORT -# value: 3000 -# ports: -# - containerport: 3000 -# hostport: -# protocol: TCP -# volumemounts: -# - name: localtime -# mountpath: /etc/localtime -# readonly: true - - - name: git - image: codeberg.org/forgejo/forgejo:9 - env: - - name: USER_UID - value: "1000" - - name: USER_GID - value: "1000" - - name: FORGEJO__database__DB_TYPE - value: "postgres" - - name: FORGEJO__database__HOST - value: "luc-pod-postgres" - - name: FORGEJO__database__USER - value: "postgres" - - name: FORGEJO__database__PASSWD - valuefrom: - secretkeyref: - name: luc-secrets - key: postgres-password - - name: FORGEJO__database__NAME - value: "forgejo" - ports: - - containerport: 3100 - hostport: - protocol: TCP - volumemounts: - - name: git-data - mountpath: /data - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: tailscale - image: ghcr.io/tailscale/tailscale:latest - env: - - name: TS_HOSTNAME - value: "luc-pod" - - name: TS_AUTHKEY - value: "" - - name: TS_STATE_DIR - value: "/var/lib/tailscale" - - name: TS_EXTRA_ARGS - value: "--login-server=" - volumemounts: - - name: tailscale-lib - mountpath: /var/lib/tailscale - - name: localtime - mountpath: /etc/localtime - readonly: true - -# - name: wiki -# image: git.ampel.dev/git-mkdocs:latest -# env: -# - name: GIT_REPO_URL -# value: "" -# - name: PORT -# value: 3200 -# ports: -# - containerport: 3200 -# hostport: -# protocol: TCP -# volumemounts: -# - name: localtime -# mountpath: /etc/localtime -# readonly: true - -# - name: blog -# ports: -# - containerport: 3300 -# hostport: -# protocol: TCP - -# - name: notes -# ports: -# - containerport: 3400 -# hostport: -# protocol: TCP - - - name: postgres - image: docker.io/library/postgres:16-alpine - env: - - name: POSTGRES_PASSWORD - valuefrom: - secretkeyref: - name: luc-secrets - key: postgres-password - volumemounts: - - name: postgres-dump - mountpath: /dump - - name: postgres-data - mountpath: /var/lib/postgresql/data - - name: localtime - mountpath: /etc/localtime - readonly: true - - volumes: - - name: git-data - persistentvolumeclaim: - claimname: luc-pod-git-data - - name: tailscale-lib - persistentvolumeclaim: - claimname: luc-pod-tailscale-lib - - name: postgres-dump - hostpath: - path: $HOME/.dump/luc - type: Directory - - name: postgres-data - persistentvolumeclaim: - claimname: luc-pod-postgres-data - - name: localtime - hostpath: - path: /etc/localtime - type: File diff --git a/dotconfig/pods/luc/luc-secrets.yml b/dotconfig/pods/luc/luc-secrets.yml deleted file mode 100644 index 686b484..0000000 --- a/dotconfig/pods/luc/luc-secrets.yml +++ /dev/null @@ -1,7 +0,0 @@ -apiversion: v1 -data: - postgres-password: -kind: Secret -metadata: - creationtimestamp: null - name: luc-secrets diff --git a/dotconfig/pods/matrix/matrix-pod.yml b/dotconfig/pods/matrix/matrix-pod.yml deleted file mode 100644 index 9a924fe..0000000 --- a/dotconfig/pods/matrix/matrix-pod.yml +++ /dev/null @@ -1,112 +0,0 @@ -apiversion: v1 -kind: Pod -metadata: - name: matrix-pod - annotations: - io.podman.annotations.infra.name: matrix-pod-infra -spec: - containers: - - name: dendrite - image: ghcr.io/element-hq/dendrite-monolith:latest - ports: - - containerport: 8008 - hostport: - protocol: TCP - - containerport: 8448 - hostport: 8448 - protocol: TCP - volumemounts: - - name: dendrite-config - mountpath: /etc/dendrite - - name: dendrite-media - mountpath: /var/dendrite/media - - name: dendrite-jetstream - mountpath: /var/dendrite/jetstream - - name: dendrite-searchindex - mountpath: /var/dendrite/searchindex - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: mautrix-whatsapp - image: dock.mau.dev/mautrix/whatsapp:latest - command: - - /usr/bin/mautrix-whatsapp - - -c - - /data/config.yaml - - -r - - /data/registration.yaml - - --ignore-unsupported-server - volumemounts: - - name: mautrix-whatsapp-config - mountpath: /data - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: mautrix-signal - image: dock.mau.dev/mautrix/signal:latest - command: - - /usr/bin/mautrix-signal - - -c - - /data/config.yaml - - -r - - /data/registration.yaml - - --ignore-unsupported-server - volumemounts: - - name: mautrix-signal-config - mountpath: /data - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: postgres - image: docker.io/library/postgres:16-alpine - env: - - name: POSTGRES_PASSWORD - valuefrom: - secretkeyref: - name: matrix-secrets - key: postgres-password - volumemounts: - - name: postgres-dump - mountpath: /dump - - name: postgres-data - mountpath: /var/lib/postgresql/data - - name: localtime - mountpath: /etc/localtime - readonly: true - - volumes: - - name: dendrite-config - hostpath: - path: $HOME/.config/pods/matrix/dendrite-config - type: Directory - - name: dendrite-media - persistentvolumeclaim: - claimname: matrix-pod-dendrite-media - - name: dendrite-jetstream - persistentvolumeclaim: - claimname: matrix-pod-dendrite-jetstream - - name: dendrite-searchindex - persistentvolumeclaim: - claimname: matrix-pod-dendrite-searchindex - - name: mautrix-whatsapp-config - hostpath: - path: $HOME/.config/pods/matrix/mautrix-whatsapp-config - type: Directory - - name: mautrix-signal-config - hostpath: - path: $HOME/.config/pods/matrix/mautrix-signal-config - type: Directory - - name: postgres-dump - hostpath: - path: $HOME/.dump/matrix - type: Directory - - name: postgres-data - persistentvolumeclaim: - claimname: matrix-pod-postgres-data - - name: localtime - hostpath: - path: /etc/localtime - type: File diff --git a/dotconfig/pods/media/media-pod.yml b/dotconfig/pods/media/media-pod.yml deleted file mode 100644 index c838b73..0000000 --- a/dotconfig/pods/media/media-pod.yml +++ /dev/null @@ -1,47 +0,0 @@ -apiversion: v1 -kind: Pod -metadata: - name: media-pod - annotations: - io.podman.annotations.infra.name: media-pod-infra -spec: - containers: - - name: jellyfin - image: docker.io/jellyfin/jellyfin:latest - securitycontext: - runasgroup: 1000 - runasuser: 1000 - env: - - name: JELLYFIN_PublishedServerUrl - value: "" - ports: - - containerport: 8096 - hostport: - protocol: TCP - volumemounts: - - name: jellyfin-config - mountpath: /config - - name: jellyfin-cache - mountpath: /cache - - name: jellyfin-media - mountpath: /media - readonly: true - - name: localtime - mountpath: /etc/localtime - readonly: true - - volumes: - - name: jellyfin-config - persistentvolumeclaim: - claimname: media-pod-jellyfin-config - - name: jellyfin-media - hostpath: - path: $HOME/.local/share/media - type: Directory - - name: jellyfin-cache - persistentvolumeclaim: - claimname: media-pod-jellyfin-cache - - name: localtime - hostpath: - path: /etc/localtime - type: File diff --git a/dotconfig/pods/share/share-secrets.yml b/dotconfig/pods/share/share-secrets.yml deleted file mode 100644 index eeaab7d..0000000 --- a/dotconfig/pods/share/share-secrets.yml +++ /dev/null @@ -1,7 +0,0 @@ -apiversion: v1 -data: - picoshare-password: -kind: Secret -metadata: - creationtimestamp: null - name: share-secrets diff --git a/dotconfig/pods/smarthome/smarthome-pod.yml b/dotconfig/pods/smarthome/smarthome-pod.yml deleted file mode 100644 index 40bf07b..0000000 --- a/dotconfig/pods/smarthome/smarthome-pod.yml +++ /dev/null @@ -1,112 +0,0 @@ -apiversion: v1 -kind: Pod -metadata: - name: smarthome-pod - annotations: - io.podman.annotations.infra.name: smarthome-pod-infra - run.oci.keep_original_groups: 1 -spec: - containers: - - name: home-assistant - image: ghcr.io/home-assistant/home-assistant:latest - ports: - - containerport: 3000 - hostport: - protocol: TCP - volumemounts: - - name: home-assistant-config - mountpath: /config - - name: home-assistant-usb0 - mountpath: /dev/ttyUSB0 - - name: home-assistant-usb1 - mountpath: /dev/ttyUSB1 - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: mosquitto - image: docker.io/eclipse-mosquitto:latest - ports: - - containerport: 1883 - hostport: 1883 - protocol: TCP - volumemounts: - - name: mosquitto-config - mountpath: /mosquitto/config - - name: mosquitto-data - mountpath: /mosquitto/data - - name: mosquitto-log - mountpath: /mosquitto/log - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: esphome - image: docker.io/esphome/esphome:latest - env: - - name: USERNAME - value: "" - - name: PASSWORD - value: "" - ports: - - containerport: 6052 - hostport: 6052 - protocol: TCP - volumemounts: - - name: esphome-config - mountpath: /config - - name: localtime - mountpath: /etc/localtime - readonly: true - - - name: postgres - image: docker.io/library/postgres:16-alpine - env: - - name: POSTGRES_PASSWORD - valuefrom: - secretkeyref: - name: smarthome-secrets - key: postgres-password - volumemounts: - - name: postgres-dump - mountpath: /dump - - name: postgres-data - mountpath: /var/lib/postgresql/data - - name: localtime - mountpath: /etc/localtime - readonly: true - - volumes: - - name: home-assistant-config - hostpath: - path: $HOME/.config/pods/smarthome/home-assistant-config - type: Directory - - name: home-assistant-usb0 - hostpath: - path: /dev/ttyUSB0 - type: File - - name: home-assistant-usb1 - hostpath: - path: /dev/ttyUSB1 - type: File - - name: mosquitto-config - hostpath: - path: $HOME/.config/pods/smarthome/mosquitto-config - type: Directory - - name: mosquitto-data - persistentvolumeclaim: - claimname: smarthome-pod-mosquitto-data - - name: mosquitto-log - persistentvolumeclaim: - claimname: smarthome-pod-mosquitto-log - - name: postgres-dump - hostpath: - path: $HOME/.dump/smarthome - type: Directory - - name: postgres-data - persistentvolumeclaim: - claimname: smarthome-pod-postgres-data - - name: localtime - hostpath: - path: /etc/localtime - type: File diff --git a/dotconfig/pods/tailscale/tailscale-pod.yml b/dotconfig/pods/tailscale/tailscale-pod.yml deleted file mode 100644 index 6d0da1a..0000000 --- a/dotconfig/pods/tailscale/tailscale-pod.yml +++ /dev/null @@ -1,38 +0,0 @@ -apiversion: v1 -kind: Pod -metadata: - name: tailscale-pod - annotations: - io.podman.annotations.infra.name: tailscale-pod-infra -spec: - containers: - - name: headscale - image: docker.io/headscale/headscale:0.26 - command: - - headscale - - serve - ports: - - containerport: 8080 - hostport: - protocol: TCP - volumemounts: - - name: headscale-config - mountpath: /etc/headscale - - name: headscale-lib - mountpath: /var/lib/headscale - - name: localtime - mountpath: /etc/localtime - readonly: true - - volumes: - - name: headscale-config - hostpath: - path: $HOME/.config/pods/tailscale/headscale-config - type: Directory - - name: headscale-lib - persistentvolumeclaim: - claimname: tailscale-pod-headscale-lib - - name: localtime - hostpath: - path: /etc/localtime - type: File diff --git a/dotconfig/sv/ampel/conf b/dotconfig/sv/ampel/conf deleted file mode 100755 index c1e86eb..0000000 --- a/dotconfig/sv/ampel/conf +++ /dev/null @@ -1,5 +0,0 @@ -name="ampel" -pod_location="${HOME}/.config/pods/ampel" -bin_location="${HOME}/.local/bin" -command="/usr/bin/podman" -command_args="--network=pasta --replace" diff --git a/dotconfig/sv/ampel/finish b/dotconfig/sv/ampel/finish deleted file mode 100755 index a0a58d5..0000000 --- a/dotconfig/sv/ampel/finish +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -exec $command kube down ${pod_location}/${name}-pod.yml \ No newline at end of file diff --git a/dotconfig/sv/ampel/run b/dotconfig/sv/ampel/run deleted file mode 100755 index c5ec5d3..0000000 --- a/dotconfig/sv/ampel/run +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -$command kube play $command_args ${pod_location}/${name}-pod.yml -exec ${bin_location}/checkpod \ No newline at end of file diff --git a/dotconfig/sv/bitwarden/conf b/dotconfig/sv/bitwarden/conf deleted file mode 100755 index ece9073..0000000 --- a/dotconfig/sv/bitwarden/conf +++ /dev/null @@ -1,5 +0,0 @@ -name="bitwarden" -pod_location="${HOME}/.config/pods/bitwarden" -bin_location="${HOME}/.local/bin" -command="/usr/bin/podman" -command_args="--network=pasta --replace" diff --git a/dotconfig/sv/bitwarden/finish b/dotconfig/sv/bitwarden/finish deleted file mode 100755 index a0a58d5..0000000 --- a/dotconfig/sv/bitwarden/finish +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -exec $command kube down ${pod_location}/${name}-pod.yml \ No newline at end of file diff --git a/dotconfig/sv/bitwarden/run b/dotconfig/sv/bitwarden/run deleted file mode 100755 index c5ec5d3..0000000 --- a/dotconfig/sv/bitwarden/run +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -$command kube play $command_args ${pod_location}/${name}-pod.yml -exec ${bin_location}/checkpod \ No newline at end of file diff --git a/dotconfig/sv/caddy/run b/dotconfig/sv/caddy/run deleted file mode 100755 index 4102ebe..0000000 --- a/dotconfig/sv/caddy/run +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -command="/usr/sbin/caddy" -command_args="run --config ${HOME}/.config/caddy/caddy.json" - -exec ps | grep '[${command}] ${command_args}' > /dev/null - -if [ $? != 0 ]; then - exec 2>&1 - exec $command $command_args -fi diff --git a/dotconfig/sv/dump/run b/dotconfig/sv/dump/run deleted file mode 100755 index b93cf31..0000000 --- a/dotconfig/sv/dump/run +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -exec 2>&1 -exec snooze -H0-3,5-23 -M0 ${HOME}/.local/bin/dump diff --git a/dotconfig/sv/luc/conf b/dotconfig/sv/luc/conf deleted file mode 100755 index 98321fa..0000000 --- a/dotconfig/sv/luc/conf +++ /dev/null @@ -1,5 +0,0 @@ -name="luc" -pod_location="${HOME}/.config/pods/luc" -bin_location="${HOME}/.local/bin" -command="/usr/bin/podman" -command_args="--network=pasta --replace" diff --git a/dotconfig/sv/luc/finish b/dotconfig/sv/luc/finish deleted file mode 100755 index a0a58d5..0000000 --- a/dotconfig/sv/luc/finish +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -exec $command kube down ${pod_location}/${name}-pod.yml \ No newline at end of file diff --git a/dotconfig/sv/luc/run b/dotconfig/sv/luc/run deleted file mode 100755 index c5ec5d3..0000000 --- a/dotconfig/sv/luc/run +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -$command kube play $command_args ${pod_location}/${name}-pod.yml -exec ${bin_location}/checkpod \ No newline at end of file diff --git a/dotconfig/sv/matrix/conf b/dotconfig/sv/matrix/conf deleted file mode 100755 index 30938fd..0000000 --- a/dotconfig/sv/matrix/conf +++ /dev/null @@ -1,5 +0,0 @@ -name="matrix" -pod_location="${HOME}/.config/pods/matrix" -bin_location="${HOME}/.local/bin" -command="/usr/bin/podman" -command_args="--network=pasta --replace" diff --git a/dotconfig/sv/matrix/finish b/dotconfig/sv/matrix/finish deleted file mode 100755 index a0a58d5..0000000 --- a/dotconfig/sv/matrix/finish +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -exec $command kube down ${pod_location}/${name}-pod.yml \ No newline at end of file diff --git a/dotconfig/sv/matrix/run b/dotconfig/sv/matrix/run deleted file mode 100755 index c5ec5d3..0000000 --- a/dotconfig/sv/matrix/run +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -$command kube play $command_args ${pod_location}/${name}-pod.yml -exec ${bin_location}/checkpod \ No newline at end of file diff --git a/dotconfig/sv/media/conf b/dotconfig/sv/media/conf deleted file mode 100755 index 405397c..0000000 --- a/dotconfig/sv/media/conf +++ /dev/null @@ -1,5 +0,0 @@ -name="media" -pod_location="${HOME}/.config/pods/media" -bin_location="${HOME}/.local/bin" -command="/usr/bin/podman" -command_args="--network=pasta --replace" diff --git a/dotconfig/sv/media/finish b/dotconfig/sv/media/finish deleted file mode 100755 index a0a58d5..0000000 --- a/dotconfig/sv/media/finish +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -exec $command kube down ${pod_location}/${name}-pod.yml \ No newline at end of file diff --git a/dotconfig/sv/media/run b/dotconfig/sv/media/run deleted file mode 100755 index c5ec5d3..0000000 --- a/dotconfig/sv/media/run +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -$command kube play $command_args ${pod_location}/${name}-pod.yml -exec ${bin_location}/checkpod \ No newline at end of file diff --git a/dotconfig/sv/share/conf b/dotconfig/sv/share/conf deleted file mode 100755 index b5fbeac..0000000 --- a/dotconfig/sv/share/conf +++ /dev/null @@ -1,5 +0,0 @@ -name="share" -pod_location="${HOME}/.config/pods/share" -bin_location="${HOME}/.local/bin" -command="/usr/bin/podman" -command_args="--network=pasta --replace" diff --git a/dotconfig/sv/share/finish b/dotconfig/sv/share/finish deleted file mode 100755 index a0a58d5..0000000 --- a/dotconfig/sv/share/finish +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -exec $command kube down ${pod_location}/${name}-pod.yml \ No newline at end of file diff --git a/dotconfig/sv/share/run b/dotconfig/sv/share/run deleted file mode 100755 index c5ec5d3..0000000 --- a/dotconfig/sv/share/run +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -$command kube play $command_args ${pod_location}/${name}-pod.yml -exec ${bin_location}/checkpod \ No newline at end of file diff --git a/dotconfig/sv/smarthome/conf b/dotconfig/sv/smarthome/conf deleted file mode 100755 index 9530aae..0000000 --- a/dotconfig/sv/smarthome/conf +++ /dev/null @@ -1,5 +0,0 @@ -name="smarthome" -pod_location="${HOME}/.config/pods/smarthome" -bin_location="${HOME}/.local/bin" -command="/usr/bin/podman" -command_args="--network=pasta --replace" diff --git a/dotconfig/sv/smarthome/finish b/dotconfig/sv/smarthome/finish deleted file mode 100755 index a0a58d5..0000000 --- a/dotconfig/sv/smarthome/finish +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -exec $command kube down ${pod_location}/${name}-pod.yml \ No newline at end of file diff --git a/dotconfig/sv/smarthome/run b/dotconfig/sv/smarthome/run deleted file mode 100755 index c5ec5d3..0000000 --- a/dotconfig/sv/smarthome/run +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -$command kube play $command_args ${pod_location}/${name}-pod.yml -exec ${bin_location}/checkpod \ No newline at end of file diff --git a/dotconfig/sv/tailscale/conf b/dotconfig/sv/tailscale/conf deleted file mode 100755 index bec42d7..0000000 --- a/dotconfig/sv/tailscale/conf +++ /dev/null @@ -1,5 +0,0 @@ -name="tailscale" -pod_location="${HOME}/.config/pods/tailscale" -bin_location="${HOME}/.local/bin" -command="/usr/bin/podman" -command_args="--network=pasta --replace" diff --git a/dotconfig/sv/tailscale/finish b/dotconfig/sv/tailscale/finish deleted file mode 100755 index a0a58d5..0000000 --- a/dotconfig/sv/tailscale/finish +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -exec $command kube down ${pod_location}/${name}-pod.yml \ No newline at end of file diff --git a/dotconfig/sv/tailscale/run b/dotconfig/sv/tailscale/run deleted file mode 100755 index c5ec5d3..0000000 --- a/dotconfig/sv/tailscale/run +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -. ./conf - -exec 2>&1 -$command kube play $command_args ${pod_location}/${name}-pod.yml -exec ${bin_location}/checkpod \ No newline at end of file diff --git a/dotconfig/pods/bitwarden/bitwarden-pod.yml b/pods/bitwarden/bitwarden-pod.yml similarity index 56% rename from dotconfig/pods/bitwarden/bitwarden-pod.yml rename to pods/bitwarden/bitwarden-pod.yml index 259a18c..61572dd 100644 --- a/dotconfig/pods/bitwarden/bitwarden-pod.yml +++ b/pods/bitwarden/bitwarden-pod.yml @@ -7,23 +7,23 @@ metadata: spec: containers: - name: vaultwarden - image: docker.io/vaultwarden/server:latest-alpine + image: docker.io/vaultwarden/server:alpine env: - name: SIGNUPS_ALLOWED value: false - name: DATABASE_URL - value: "" + value: "postgresql://postgres:@bitwarden-pod-postgres/vaultwarden" - name: ROCKET_PORT value: 3000 ports: - containerport: 3000 - hostport: + hostport: 1080 protocol: TCP volumemounts: - - name: vaultwarden-data - mountpath: /data - - name: localtime - mountpath: /etc/localtime + - mountpath: /data + name: vaultwarden-data + - mountpath: /etc/localtime + name: localtime readonly: true - name: postgres @@ -35,26 +35,26 @@ spec: name: bitwarden-secrets key: postgres-password volumemounts: - - name: postgres-dump - mountpath: /dump - - name: postgres-data - mountpath: /var/lib/postgresql/data - - name: localtime - mountpath: /etc/localtime + - mountpath: /dump + name: postgres-dump + - mountpath: /var/lib/postgresql/data + name: postgres-data + - mountpath: /etc/localtime + name: localtime readonly: true volumes: - - name: vaultwarden-data - persistentvolumeclaim: + - persistentvolumeclaim: claimname: bitwarden-pod-vaultwarden-data - - name: postgres-dump - hostpath: - path: $HOME/.dump/bitwarden + name: vaultwarden-data + - hostpath: + path: /.dump/bitwarden type: Directory - - name: postgres-data - persistentvolumeclaim: + name: postgres-dump + - persistentvolumeclaim: claimname: bitwarden-pod-postgres-data - - name: localtime - hostPath: + name: postgres-data + - hostPath: path: /etc/localtime type: File + name: localtime \ No newline at end of file diff --git a/pods/bitwarden/bitwarden-secrets.yml b/pods/bitwarden/bitwarden-secrets.yml new file mode 100644 index 0000000..091a46c --- /dev/null +++ b/pods/bitwarden/bitwarden-secrets.yml @@ -0,0 +1,8 @@ +apiversion: v1 +data: + postgres-password: + postgres-url: +kind: Secret +metadata: + creationtimestamp: null + name: bitwarden-secrets \ No newline at end of file diff --git a/pods/git/git-pod.yml b/pods/git/git-pod.yml new file mode 100644 index 0000000..8f6e9ad --- /dev/null +++ b/pods/git/git-pod.yml @@ -0,0 +1,101 @@ +apiversion: v1 +kind: Pod +metadata: + name: git-pod + annotations: + io.podman.annotations.infra.name: git-pod-infra +spec: + containers: + - name: gitea + image: docker.io/gitea/gitea:latest + env: + - name: USER_UID + value: "1000" + - name: USER_GID + value: "1000" + - name: GITEA__database__HOST + value: "git-pod-postgres" + - name: GITEA__database__USER + value: "postgres" + - name: GITEA__database__PASSWD + valuefrom: + secretkeyref: + name: git-secrets + key: postgres-password + - name: GITEA__database__NAME + value: "gitea" + ports: + - containerport: 3000 + hostport: 2080 + protocol: TCP + volumemounts: + - mountpath: /data + name: gitea-data + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: documentation + image: git-mkdocs:latest + env: + - name: GIT_REPO_URL + value: "https://git.bijl.us/lnco/documentation.git" + - name: PORT + value: 3100 + - containerport: 3100 + hostport: 2180 + protocol: TCP + volumemounts: + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: wiki + image: git-mkdocs-wiki:latest + env: + - name: GIT_REPO_URL + value: "https://git.bijl.us/luc/mathematics-physics-wiki.git" + - name: WIKI_LANG + value: "en nl" + - name: PORT + value: 3200 + - containerport: 3200 + hostport: 2280 + protocol: TCP + volumemounts: + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: postgres + image: docker.io/library/postgres:16-alpine + env: + - name: POSTGRES_PASSWORD + valuefrom: + secretkeyref: + name: git-secrets + key: postgres-password + volumemounts: + - mountpath: /dump + name: postgres-dump + - mountpath: /var/lib/postgresql/data + name: postgres-data + - mountpath: /etc/localtime + name: localtime + readonly: true + + volumes: + - persistentvolumeclaim: + claimname: git-pod-gitea-data + name: gitea-data + - hostpath: + path: /.dump/git + type: Directory + name: postgres-dump + - persistentvolumeclaim: + claimname: git-pod-postgres-data + name: postgres-data + - hostpath: + path: /etc/localtime + type: File + name: localtime diff --git a/dotconfig/pods/smarthome/smarthome-secrets.yml b/pods/git/git-secrets.yml similarity index 55% rename from dotconfig/pods/smarthome/smarthome-secrets.yml rename to pods/git/git-secrets.yml index b46a1e1..5dba2b0 100644 --- a/dotconfig/pods/smarthome/smarthome-secrets.yml +++ b/pods/git/git-secrets.yml @@ -1,7 +1,7 @@ apiversion: v1 data: - postgres-password: + postgres-password: kind: Secret metadata: creationtimestamp: null - name: smarthome-secrets + name: git-secrets \ No newline at end of file diff --git a/pods/matrix/matrix-pod.yml b/pods/matrix/matrix-pod.yml new file mode 100644 index 0000000..8744339 --- /dev/null +++ b/pods/matrix/matrix-pod.yml @@ -0,0 +1,129 @@ +apiversion: v1 +kind: Pod +metadata: + name: matrix-pod + annotations: + io.podman.annotations.infra.name: matrix-pod-infra +spec: + containers: + - name: dendrite + image: matrixdotorg/dendrite-monolith:latest + ports: + - containerport: 8008 + hostport: 3080 + protocol: TCP + - containerport: 8448 + hostport: 8448 + protocol: TCP + volumemounts: + - mountpath: /etc/dendrite + name: dendrite-config + - mountpath: /var/dendrite/media + name: dendrite-media + - mountpath: /var/dendrite/jetstream + name: dendrite-jetstream + - mountpath: /var/dendrite/searchindex + name: dendrite-searchindex + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: mautrix-whatsapp + image: dock.mau.dev/mautrix/whatsapp:latest + command: + - /usr/bin/mautrix-whatsapp + - -c + - /data/config.yaml + - -r + - /data/registration.yaml + - --ignore-unsupported-server + volumemounts: + - mountpath: /data + name: mautrix-whatsapp-config + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: mautrix-signal + image: dock.mau.dev/mautrix/signal:latest + command: + - /usr/bin/mautrix-signal + - -c + - /data/config.yaml + - -r + - /data/registration.yaml + - --ignore-unsupported-server + volumemounts: + - mountpath: /data + name: mautrix-signal-config + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: element + image: vectorim/element-web:latest + ports: + - containerport: 80 + hostport: 3180 + protocol: TCP + volumemounts: + - mountpath: /app/config.json + name: element-config + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: postgres + image: docker.io/library/postgres:16-alpine + env: + - name: POSTGRES_PASSWORD + valuefrom: + secretkeyref: + name: matrix-secrets + key: postgres-password + volumemounts: + - mountpath: /dump + name: postgres-dump + - mountpath: /var/lib/postgresql/data + name: postgres-data + - mountpath: /etc/localtime + name: localtime + readonly: true + + volumes: + - hostpath: + path: /.config/pods/matrix/dendrite-config + type: Directory + name: dendrite-config + - persistentvolumeclaim: + claimname: matrix-pod-dendrite-media + name: dendrite-media + - persistentvolumeclaim: + claimname: matrix-pod-dendrite-jetstream + name: dendrite-jetstream + - persistentvolumeclaim: + claimname: matrix-pod-dendrite-searchindex + name: dendrite-searchindex + - hostpath: + path: /.config/pods/matrix/mautrix-whatsapp-config + type: Directory + name: mautrix-whatsapp-config + - hostpath: + path: /.config/pods/matrix/mautrix-signal-config + type: Directory + name: mautrix-signal-config + - hostpath: + path: /.config/pods/matrix/element-config/config.json + type: File + name: element-config + - hostpath: + path: /.dump/matrix + type: Directory + name: postgres-dump + - persistentvolumeclaim: + claimname: matrix-pod-postgres-data + name: postgres-data + - hostpath: + path: /etc/localtime + type: File + name: localtime diff --git a/dotconfig/pods/matrix/matrix-secrets.yml b/pods/matrix/matrix-secrets.yml similarity index 54% rename from dotconfig/pods/matrix/matrix-secrets.yml rename to pods/matrix/matrix-secrets.yml index 16d3430..101a814 100644 --- a/dotconfig/pods/matrix/matrix-secrets.yml +++ b/pods/matrix/matrix-secrets.yml @@ -1,7 +1,7 @@ apiversion: v1 data: - postgres-password: + postgres-password: kind: Secret metadata: creationtimestamp: null - name: matrix-secrets + name: matrix-secrets \ No newline at end of file diff --git a/pods/notes/notes-pod.yml b/pods/notes/notes-pod.yml new file mode 100644 index 0000000..7efdd4b --- /dev/null +++ b/pods/notes/notes-pod.yml @@ -0,0 +1,73 @@ +apiversion: v1 +kind: Pod +metadata: + name: notes-pod + annotations: + io.podman.annotations.infra.name: notes-pod-infra +spec: + containers: + - name: hedgedoc + image: quay.io/hedgedoc/hedgedoc:alpine + env: + - name: CMD_DB_URL + valuefrom: + secretkeyref: + name: notes-secrets + key: postgres-url + - name: CMD_ALLOW_EMAIL_REGISTER + value: true + - name: CMD_DOMAIN + value: "notes.bijl.us" + - name: CMD_PROTOCOL_USESSL + value: true + - name: CMD_URL_ADDPORT + value: false + - name: NODE_ENV + value: production + - name: CMD_IMAGE_UPLOAD_TYPE + value: filesystem + - name: UPLOADS_MODE + value: 0700 + ports: + - containerport: 3000 + hostport: 4080 + protocol: TCP + volumemounts: + - mountpath: /hedgedoc/public/uploads + name: hedgedoc-uploads + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: postgres + image: docker.io/library/postgres:16-alpine + env: + - name: POSTGRES_PASSWORD + valuefrom: + secretkeyref: + name: notes-secrets + key: postgres-password + volumemounts: + - mountpath: /dump + name: postgres-dump + - mountpath: /var/lib/postgresql/data + name: postgres-data + - mountpath: /etc/localtime + name: localtime + readonly: true + + volumes: + - persistentvolumeclaim: + claimname: notes-pod-hedgedoc-uploads + name: hedgedoc-uploads + - hostpath: + path: /.dump/notes + type: Directory + name: postgres-dump + - persistentvolumeclaim: + claimname: notes-pod-postgres-data + name: postgres-data + - hostPath: + path: /etc/localtime + type: File + name: localtime \ No newline at end of file diff --git a/pods/notes/notes-secrets.yml b/pods/notes/notes-secrets.yml new file mode 100644 index 0000000..00140de --- /dev/null +++ b/pods/notes/notes-secrets.yml @@ -0,0 +1,8 @@ +apiversion: v1 +data: + postgres-password: + postgres-url: +kind: Secret +metadata: + creationtimestamp: null + name: notes-secrets \ No newline at end of file diff --git a/dotconfig/pods/share/share-pod.yml b/pods/share/share-pod.yml similarity index 66% rename from dotconfig/pods/share/share-pod.yml rename to pods/share/share-pod.yml index 4c4c935..b4da767 100644 --- a/dotconfig/pods/share/share-pod.yml +++ b/pods/share/share-pod.yml @@ -10,25 +10,25 @@ spec: image: docker.io/mtlynch/picoshare:latest env: - name: PS_SHARED_SECRET - value: "" + value: "" - name: PORT value: 3000 ports: - containerport: 3000 - hostport: + hostport: 5080 protocol: TCP volumemounts: - - name: picoshare-data - mountpath: /data - - name: localtime - mountpath: /etc/localtime + - mountpath: /data + name: picoshare-data + - mountpath: /etc/localtime + name: localtime readonly: true volumes: - - name: picoshare-data - persistentvolumeclaim: + - persistentvolumeclaim: claimname: share-pod-picoshare-data - - name: localtime - hostpath: + name: picoshare-data + - hostPath: path: /etc/localtime type: File + name: localtime \ No newline at end of file diff --git a/pods/smarthome/smarthome-pod.yml b/pods/smarthome/smarthome-pod.yml new file mode 100644 index 0000000..59272b4 --- /dev/null +++ b/pods/smarthome/smarthome-pod.yml @@ -0,0 +1,171 @@ +apiversion: v1 +kind: Pod +metadata: + name: smarthome-pod + annotations: + io.podman.annotations.infra.name: smarthome-pod-infra + run.oci.keep_original_groups: 1 +spec: + containers: + - name: home-assistant + image: ghcr.io/home-assistant/home-assistant:latest + ports: + - containerport: 3000 + hostport: 6080 + protocol: TCP + volumemounts: + - mountpath: /config + name: home-assistant-config + - mountpath: /dev/ttyUSB0 + name: home-assistant-usb0 + - mountpath: /dev/ttyUSB1 + name: home-assistant-usb1 + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: mosquitto + image: docker.io/eclipse-mosquitto:latest + ports: + - containerport: 1883 + hostport: 1883 + protocol: TCP + volumemounts: + - mountpath: /mosquitto/config + name: mosquitto-config + - mountpath: /mosquitto/data + name: mosquitto-data + - mountpath: /mosquitto/log + name: mosquitto-log + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: esphome + image: docker.io/esphome/esphome:stable + env: + - name: USERNAME + value: "" + - name: PASSWORD + value: "" + ports: + - containerport: 6052 + hostport: 6052 + protocol: TCP + volumemounts: + - mountpath: /config + name: esphome-config + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: ecowitt + image: docker.io/bachya/ecowitt2mqtt:latest + env: + - name: ECOWITT2MQTT_MQTT_BROKER + value: "smarthome-pod-mosquitto" + - name: ECOWITT2MQTT_MQTT_USERNAME + value: "" + - name: ECOWITT2MQTT_MQTT_PASSWORD + value: "" + - name: ECOWITT2MQTT_PORT + value: 8181 + - name: ECOWITT2MQTT_HASS_DISCOVERY + value: true + - name: ECOWITT2MQTT_INPUT_UNIT_SYSTEM + value: "imperial" + - name: ECOWITT2MQTT_OUTPUT_UNIT_SYSTEM + value: "metric" + - name: ECOWITT2MQTT_PRECISION + value: 1 + ports: + - containerport: 8181 + hostport: 8181 + protocol: TCP + volumemounts: + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: volvo + image: ghcr.io/dielee/volvo2mqtt:latest + env: + - name: CONF_updateInterval + value: 300 + - name: CONF_babelLocale + value: "nl" + - name: CONF_mqtt + valuefrom: + secretkeyref: + name: smarthome-secrets + key: volvo-mosquitto + - name: CONF_volvoData + valuefrom: + secretkeyref: + name: smarthome-secrets + key: volvo-url + volumemounts: + - mountpath: /volvoAAOS2mqtt + name: volvo-data + - mountpath: /etc/localtime + name: localtime + readonly: true + + - name: postgres + image: docker.io/library/postgres:16-alpine + env: + - name: POSTGRES_PASSWORD + valuefrom: + secretkeyref: + name: smarthome-secrets + key: postgres-password + volumemounts: + - mountpath: /dump + name: postgres-dump + - mountpath: /var/lib/postgresql/data + name: postgres-data + - mountpath: /etc/localtime + name: localtime + readonly: true + + volumes: + - hostpath: + path: /.config/pods/smarthome/home-assistant-config + type: Directory + name: home-assistant-config + - hostpath: + path: /dev/ttyUSB0 + type: File + name: home-assistant-usb0 + - hostpath: + path: /dev/ttyUSB1 + type: File + name: home-assistant-usb1 + - hostpath: + path: /.config/pods/smarthome/mosquitto-config + type: Directory + name: mosquitto-config + - persistentvolumeclaim: + claimname: smarthome-pod-mosquitto-data + name: mosquitto-data + - persistentvolumeclaim: + claimname: smarthome-pod-mosquitto-log + name: mosquitto-log + - hostpath: + path: /.config/pods/smarthome/esphome-config + type: Directory + name: esphome-config + - persistentvolumeclaim: + claimname: smarthome-pod-volvo-data + name: volvo-data + - hostpath: + path: /.dump/smarthome + type: Directory + name: postgres-dump + - persistentvolumeclaim: + claimname: smarthome-pod-postgres-data + name: postgres-data + - hostpath: + path: /etc/localtime + type: File + name: localtime diff --git a/pods/smarthome/smarthome-secrets.yml b/pods/smarthome/smarthome-secrets.yml new file mode 100644 index 0000000..109b448 --- /dev/null +++ b/pods/smarthome/smarthome-secrets.yml @@ -0,0 +1,9 @@ +apiversion: v1 +data: + volvo-mosquitto: + volvo-url: + postgres-password: +kind: Secret +metadata: + creationtimestamp: null + name: smarthome-secrets \ No newline at end of file