diff options
184 files changed, 464 insertions, 5411 deletions
diff --git a/data.d/k3s-master/helm.d/certmanager.yaml b/data.d/k3s-master/helm.d/certmanager.yaml deleted file mode 100644 index 1b4551c..0000000 --- a/data.d/k3s-master/helm.d/certmanager.yaml +++ /dev/null @@ -1 +0,0 @@ -installCRDs: true diff --git a/data.d/k3s-master/helm.d/mimir.yaml b/data.d/k3s-master/helm.d/mimir.yaml deleted file mode 100644 index 31a8b93..0000000 --- a/data.d/k3s-master/helm.d/mimir.yaml +++ /dev/null @@ -1,6 +0,0 @@ -minio: - enabled: false -ingester: - replicas: 1 - persistentVolume: - storageClass: "local-path" diff --git a/data.d/k3s-master/helm.d/minio.yaml b/data.d/k3s-master/helm.d/minio.yaml deleted file mode 100644 index 3a4731d..0000000 --- a/data.d/k3s-master/helm.d/minio.yaml +++ /dev/null @@ -1,29 +0,0 @@ -mode: standalone -replicas: 1 -ingress: - enabled: true - annotations: - cert-manager.io/cluster-issuer: letsencrypt-production - hosts: - - s3.tyil.nl - tls: - - hosts: - - s3.tyil.nl - secretName: tls-nl.tyil.s3 -consoleIngress: - enabled: true - annotations: - cert-manager.io/cluster-issuer: letsencrypt-production - path: / - hosts: - - minio.tyil.nl - tls: - - hosts: - - minio.tyil.nl - secretName: tls-nl.tyil.minio -persistence: - enabled: true - existingClaim: minio-data -resources: - requests: - memory: 512Mi diff --git a/data.d/k3s-master/helm.d/redis.yaml b/data.d/k3s-master/helm.d/redis.yaml deleted file mode 100644 index 1163194..0000000 --- a/data.d/k3s-master/helm.d/redis.yaml +++ /dev/null @@ -1,15 +0,0 @@ -architecture: standalone -master: - resources: - requests: - memory: 16Mi - limits: - memory: 128Mi -replica: - replicaCount: 0 -auth: - enabled: false - sentinel: false -commonConfiguration: |- - maxmemory 100mb - maxmemory-policy allkeys-lfu diff --git a/data.d/k3s-master/helm.d/seaweedfs-csi-driver.yaml b/data.d/k3s-master/helm.d/seaweedfs-csi-driver.yaml deleted file mode 100644 index 77b6962..0000000 --- a/data.d/k3s-master/helm.d/seaweedfs-csi-driver.yaml +++ /dev/null @@ -1 +0,0 @@ -seaweedfsFiler: "10.57.101.10:8888" diff --git a/data.d/k3s-master/manifests.d/jaomox/cluster-issuers.yaml b/data.d/k3s-master/manifests.d/jaomox/cluster-issuers.yaml deleted file mode 100644 index bb2758e..0000000 --- a/data.d/k3s-master/manifests.d/jaomox/cluster-issuers.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-staging -spec: - acme: - email: root@tyil.net - server: https://acme-staging-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: clusterissuer-letsencrypt-staging - solvers: - - http01: - ingress: - class: traefik - selector: {} -... ---- -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-production -spec: - acme: - email: root@tyil.net - server: https://acme-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: clusterissuer-letsencrypt-production - solvers: - - http01: - ingress: - class: traefik -... diff --git a/data.d/k3s-master/manifests.d/jaomox/namespaces.yaml b/data.d/k3s-master/manifests.d/jaomox/namespaces.yaml deleted file mode 100644 index 2211e87..0000000 --- a/data.d/k3s-master/manifests.d/jaomox/namespaces.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: base-system -... ---- -apiVersion: v1 -kind: Namespace -metadata: - name: personal-services -... diff --git a/data.d/k3s-master/manifests.d/jaomox/persistent-volumes.yaml b/data.d/k3s-master/manifests.d/jaomox/persistent-volumes.yaml deleted file mode 100644 index 5ee32dd..0000000 --- a/data.d/k3s-master/manifests.d/jaomox/persistent-volumes.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: minio-data -spec: - storageClassName: local-path - capacity: - storage: 50Gi - accessModes: - - ReadWriteOnce - hostPath: - path: /srv/personal-services/minio-data -... diff --git a/data.d/k3s-master/manifests.d/jaomox/personal-services/minio/persistent-volume-claim.yaml b/data.d/k3s-master/manifests.d/jaomox/personal-services/minio/persistent-volume-claim.yaml deleted file mode 100644 index ca3ee2b..0000000 --- a/data.d/k3s-master/manifests.d/jaomox/personal-services/minio/persistent-volume-claim.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: minio-data - namespace: personal-services -spec: - storageClassName: local-path - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 50Gi -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/auth-system/keycloak/helm-chart.yaml b/data.d/k3s-master/manifests.d/tyilnet/auth-system/keycloak/helm-chart.yaml deleted file mode 100644 index bfa00c1..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/auth-system/keycloak/helm-chart.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: keycloak - namespace: auth-system -spec: - chart: oci://registry-1.docker.io/bitnamicharts/keycloak - valuesContent: |- - global: - storageClass: longhorn - clusterDomain: k3s.tyil.nl - externalDatabase: - existingSecret: keycloak-database - existingSecretHostKey: host - existingSecretPortKey: port - existingSecretUserKey: user - existingSecretDatabaseKey: database - existingSecretPasswordKey: password - extraEnvVars: - - name: KC_HOSTNAME_URL - value: "https://keycloak.tyil.nl" - - name: KC_HOSTNAME_ADMIN_URL - value: "https://keycloak.tyil.nl" - - name: KC_PROXY - value: "edge" - resources: - requests: - cpu: 100m - memory: 512Mi - limits: - cpu: 200m - memory: 1024Mi - ingress: - enabled: true - certManager: true - tls: true - hostname: keycloak.tyil.nl - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd - ingressClassName: traefik - metrics: - enabled: true - serviceMonitor: - enabled: true - postgresql: - enabled: false -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/deployment.yaml deleted file mode 100644 index 26f46ef..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/deployment.yaml +++ /dev/null @@ -1,58 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: lldap - namespace: auth-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lldap - app.kubernetes.io/part-of: auth-system -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lldap - app.kubernetes.io/part-of: auth-system - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lldap - app.kubernetes.io/part-of: auth-system - spec: - nodeName: oolah.tyil.net - containers: - - env: - - name: GID - value: "1001" - - name: TZ - value: Europe/Amsterdam - - name: UID - value: "1001" - image: nitnelave/lldap:stable - name: lldap - ports: - - containerPort: 3890 - - containerPort: 6360 - - containerPort: 17170 - volumeMounts: - - mountPath: /data - name: data - resources: - requests: - memory: 32Mi - limits: - memory: 128Mi - restartPolicy: Always - volumes: - - name: data - hostPath: - path: /etc/lldap -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/ingress.yaml deleted file mode 100644 index 4e32f29..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: lldap - namespace: auth-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lldap - app.kubernetes.io/part-of: auth-system - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - ldap.tyil.nl - secretName: tls-nl.tyil.ldap - rules: - - host: ldap.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: lldap - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/persistent-volume-claim.yaml b/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/persistent-volume-claim.yaml deleted file mode 100644 index 38479d4..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/persistent-volume-claim.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: lldap - namespace: auth-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lldap - app.kubernetes.io/part-of: auth-system -spec: - storageClassName: longhorn - resources: - requests: - storage: "1Mi" - accessModes: - - ReadWriteMany -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/service.yaml deleted file mode 100644 index 76aea0f..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/auth-system/lldap/service.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: lldap - namespace: auth-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lldap - app.kubernetes.io/part-of: auth-system -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lldap - app.kubernetes.io/part-of: auth-system - ports: - - name: http - port: 80 - targetPort: 17170 -... ---- -apiVersion: v1 -kind: Service -metadata: - # This port may _not_ be named "lldap_ldap", as the application itself wants - # to use LLDAP_LDAP_PORT, which Kubernetes will override with a value the - # application can't handle. - name: ldap - namespace: auth-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lldap - app.kubernetes.io/part-of: auth-system -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lldap - app.kubernetes.io/part-of: auth-system - type: LoadBalancer - ports: - - name: ldap - port: 389 - targetPort: 3890 - - name: ldaps - port: 636 - targetPort: 6360 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/base-system/certmanager/helm-chart b/data.d/k3s-master/manifests.d/tyilnet/base-system/certmanager/helm-chart deleted file mode 100644 index 4350177..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/base-system/certmanager/helm-chart +++ /dev/null @@ -1,13 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: certmanager - namespace: kube-system -spec: - repo: https://charts.jetstack.io - chart: cert-manager - targetNamespace: base-system - valuesContent: | - installCRDs: true -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/base-system/certmanager/letsencrypt-production.yaml b/data.d/k3s-master/manifests.d/tyilnet/base-system/certmanager/letsencrypt-production.yaml deleted file mode 100644 index dbff2c2..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/base-system/certmanager/letsencrypt-production.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-production -spec: - acme: - email: root@tyil.net - server: https://acme-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: clusterissuer-letsencrypt-production - solvers: - - http01: - ingress: - class: traefik -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/base-system/certmanager/letsencrypt-staging.yaml b/data.d/k3s-master/manifests.d/tyilnet/base-system/certmanager/letsencrypt-staging.yaml deleted file mode 100644 index 9b0a27d..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/base-system/certmanager/letsencrypt-staging.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-staging -spec: - acme: - email: root@tyil.net - server: https://acme-staging-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: clusterissuer-letsencrypt-staging - solvers: - - http01: - ingress: - class: traefik - selector: {} -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/deployment.yaml deleted file mode 100644 index 68b920f..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/deployment.yaml +++ /dev/null @@ -1,68 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: garage - namespace: base-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: garage - app.kubernetes.io/part-of: base-system -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: garage - app.kubernetes.io/part-of: base-system - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: garage - app.kubernetes.io/part-of: base-system - spec: - nodeName: mieshu.tyil.net - containers: - - image: dxflrs/garage:v0.8.0 - name: garage - ports: - - containerPort: 3900 - - containerPort: 3901 - - containerPort: 3902 - - containerPort: 3903 - - containerPort: 3904 - volumeMounts: - - mountPath: /var/lib/garage/meta - name: meta - - mountPath: /var/lib/garage/data - name: data - - mountPath: /etc/garage.toml - name: config - restartPolicy: Always - volumes: - - name: data - hostPath: - path: /mnt/pool/garage/data - - name: meta - hostPath: - path: /mnt/pool/garage/meta - - name: config - hostPath: - path: /etc/garage.toml - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - garage - topologyKey: "kubernetes.io/hostname" -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/ingress.yaml deleted file mode 100644 index 92458cc..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/ingress.yaml +++ /dev/null @@ -1,35 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: garage - namespace: base-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: s3 - app.kubernetes.io/part-of: garage - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - misskey.s3.tyil.nl - secretName: tls-nl.tyil.s3.misskey - - hosts: - - dist.s3.tyil.nl - secretName: tls-nl-tyil.s3.dist - rules: - - host: "*.s3.tyil.nl" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: garage - port: - number: 3902 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/persistent-volume-claim.yaml b/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/persistent-volume-claim.yaml deleted file mode 100644 index 8e54918..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/persistent-volume-claim.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: garage-data - namespace: base-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: garage-data - app.kubernetes.io/part-of: base-system -spec: - storageClassName: longhorn - resources: - requests: - storage: "10Gi" - accessModes: - - ReadWriteMany -... ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: garage-meta - namespace: base-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: garage-meta - app.kubernetes.io/part-of: base-system -spec: - storageClassName: longhorn - resources: - requests: - storage: "5Gi" - accessModes: - - ReadWriteMany -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/service.yaml deleted file mode 100644 index fa48032..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/base-system/garage/service.yaml +++ /dev/null @@ -1,35 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: garage - namespace: base-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: garage - app.kubernetes.io/part-of: base-system -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: garage - app.kubernetes.io/part-of: base-system - type: LoadBalancer - ports: - - name: s3 - port: 3900 - targetPort: 3900 - - name: s3-rpc - port: 3901 - targetPort: 3901 - - name: s3-web - port: 3902 - targetPort: 3902 - - name: s3-admin - port: 3903 - targetPort: 3903 - - name: s3-k2v - port: 3904 - targetPort: 3904 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/base-system/longhorn/auth-proxy.yaml b/data.d/k3s-master/manifests.d/tyilnet/base-system/longhorn/auth-proxy.yaml deleted file mode 100644 index d3823c1..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/base-system/longhorn/auth-proxy.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: auth-proxy-longhorn - namespace: base-system -spec: - chart: https://git.tyil.nl/helm/oauth2-proxy/snapshot/oauth2-proxy-497a618778ead59ce985b81031a863dda9ff2126.tar.gz - valuesContent: |- - image: - tag: v7.4.0 - secret: - enabled: false - envFrom: - secretRef: - - name: auth-proxy-longhorn - ingress: - enabled: true - ingressClassName: traefik - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd - tls: - - secretName: tls-nl.tyil.longhorn - hosts: - - longhorn.tyil.nl - hosts: - - host: longhorn.tyil.nl - paths: - - path: / - pathType: Prefix diff --git a/data.d/k3s-master/manifests.d/tyilnet/base-system/longhorn/helm-chart.yaml b/data.d/k3s-master/manifests.d/tyilnet/base-system/longhorn/helm-chart.yaml deleted file mode 100644 index e5cce42..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/base-system/longhorn/helm-chart.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: longhorn - namespace: base-system -spec: - repo: https://charts.longhorn.io - chart: longhorn - valuesContent: |- - persistence: - defaultClass: true - defaultFsType: xfs - defaultClassReplicaCount: 1 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/base-system/longhorn/service-monitor.yaml b/data.d/k3s-master/manifests.d/tyilnet/base-system/longhorn/service-monitor.yaml deleted file mode 100644 index 07981b6..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/base-system/longhorn/service-monitor.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: longhorn - namespace: base-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: longhorn - app.kubernetes.io/part-of: base-system -spec: - selector: - matchLabels: - app: longhorn-manager - namespaceSelector: - matchNames: - - base-system - endpoints: - - port: manager -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/chat-system/biboumi/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/chat-system/biboumi/deployment.yaml deleted file mode 100644 index 60f07d7..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/chat-system/biboumi/deployment.yaml +++ /dev/null @@ -1,55 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: biboumi - namespace: chat-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: biboumi - app.kubernetes.io/part-of: chat-system -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: biboumi - app.kubernetes.io/part-of: chat-system - strategy: - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: biboumi - app.kubernetes.io/part-of: chat-system - spec: - containers: - - image: louiz/biboumi:9.0 - name: biboumi - ports: - - containerPort: 5437 - env: - - name: BIBOUMI_ADMIN - value: tyil@chat.tyil.nl - - name: BIBOUMI_DB_NAME - valueFrom: - secretKeyRef: - name: biboumi-config - key: db-name - - name: BIBOUMI_HOSTNAME - value: biboumi.chat.tyil.nl - - name: BIBOUMI_PASSWORD - valueFrom: - secretKeyRef: - name: biboumi-config - key: password - - name: BIBOUMI_XMPP_SERVER_IP - value: prosody - - name: BIBOUMI_PERSISTENT_BY_DEFAULT - value: "true" - restartPolicy: Always -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/configmap.yaml b/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/configmap.yaml deleted file mode 100644 index 64a6e5f..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/configmap.yaml +++ /dev/null @@ -1,159 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: prosody-config - namespace: chat-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prosody - app.kubernetes.io/part-of: chat-system -data: - prosody.cfg.lua: | - -- Information on configuring Prosody can be found on our - -- website at https://prosody.im/doc/configure - - daemonize = false; - - ---------- Server-wide settings ---------- - admins = { - "tyil@chat.tyil.nl", - } - - log = { - { levels = { min = "debug" }, to = "console" }; - } - - plugin_paths = { "/usr/local/lib/prosody/modules" } - - modules_enabled = { - -- Generally required - "disco"; -- Service discovery - "roster"; -- Allow users to have a roster. Recommended ;) - "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. - "tls"; -- Add support for secure TLS on c2s/s2s connections - - -- Not essential, but recommended - "adhoc"; -- XEP-0050 - "blocklist"; -- Allow users to block communications with other users - --"bookmarks"; -- Synchronise the list of open rooms between clients - "carbons"; -- Keep multiple online clients in sync - "dialback"; -- Support for verifying remote servers using DNS - "limits"; -- Enable bandwidth limiting for XMPP connections - "pep"; -- Allow users to store public and private data in their account - "private"; -- Legacy account storage mechanism (XEP-0049) - --"smacks"; -- Stream management and resumption (XEP-0198) - "vcard4"; -- User profiles (stored in PEP) - "vcard_legacy"; -- Conversion between legacy vCard and PEP Avatar, vcard - - -- Nice to have - "csi_simple"; -- Simple but effective traffic optimizations for mobile devices - --"invites"; -- Create and manage invites - --"invites_adhoc"; -- Allow admins/users to create invitations via their client - --"invites_register"; -- Allows invited users to create accounts - "ping"; -- Replies to XMPP pings with pongs - "register"; -- Allow users to register on this server using a client and change passwords - "time"; -- Let others know the time here on this server - "uptime"; -- Report how long server has been running - "version"; -- Replies to server version requests - "mam"; -- Store recent messages to allow multi-device synchronization - --"turn_external"; -- Provide external STUN/TURN service for e.g. audio/video calls - - -- Admin interfaces - "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands - --"admin_shell"; -- Allow secure administration via 'prosodyctl shell' - - -- HTTP modules - --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" - --"http_openmetrics"; -- for exposing metrics to stats collectors - --"websocket"; -- XMPP over WebSockets - - -- Other specific functionality - "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. - --"announce"; -- Send announcement to all online users - --"groups"; -- Shared roster support - --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots. - --"mimicking"; -- Prevent address spoofing - --"motd"; -- Send a message to users when they log in - --"proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use - --"s2s_bidi"; -- Bi-directional server-to-server (XEP-0288) - --"server_contact_info"; -- Publish contact information for this service - --"tombstones"; -- Prevent registration of deleted accounts - --"watchregistrations"; -- Alert admins of registrations - --"welcome"; -- Welcome users who register accounts - } - - modules_disabled = { - -- "offline"; -- Store offline messages - -- "c2s"; -- Handle client connections - -- "s2s"; -- Handle server-to-server connections - } - - s2s_secure_auth = true - - limits = { - c2s = { - rate = "10kb/s"; - }; - s2sin = { - rate = "30kb/s"; - }; - } - - authentication = "internal_hashed" - archive_expires_after = "1w" -- Remove archived messages after 1 week - - -- Audio/video call relay (STUN/TURN) - -- To ensure clients connected to the server can establish connections for - -- low-latency media streaming (such as audio and video calls), it is - -- recommended to run a STUN/TURN server for clients to use. If you do this, - -- specify the details here so clients can discover it. - -- Find more information at https://prosody.im/doc/turn - - -- Specify the address of the TURN service (you may use the same domain as XMPP) - --turn_external_host = "turn.example.com" - - -- This secret must be set to the same value in both Prosody and the TURN server - --turn_external_secret = "your-secret-turn-access-token" - statistics = "internal" - - -- Load configuration from secrets - Include "secrets.d/*" - - -- Configure components - component_ports = { - 5347, - } - component_interfaces = { - "*", - "::", - } - - Include "components.d/*" - - -- Load configuration for additional hosts - Include "hosts.d/*" -... ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: prosody-vhosts - namespace: chat-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prosody - app.kubernetes.io/part-of: chat-system -data: - chat.tyil.nl: | - VirtualHost "chat.tyil.nl" - ssl = { - certificate = "certs.d/chat.tyil.nl/tls.crt"; - key = "certs.d/chat.tyil.nl/tls.key"; - } - - Component "muc.chat.tyil.nl" "muc" - name = "Tyil's Chatrooms" -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/deployment.yaml deleted file mode 100644 index ad91eea..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/deployment.yaml +++ /dev/null @@ -1,66 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: prosody - namespace: chat-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prosody - app.kubernetes.io/part-of: chat-system -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prosody - app.kubernetes.io/part-of: chat-system - strategy: - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prosody - app.kubernetes.io/part-of: chat-system - spec: - containers: - - image: prosody/prosody:0.11 - name: prosody - ports: - - containerPort: 5222 - - containerPort: 5269 - - containerPort: 5347 - volumeMounts: - - mountPath: /etc/prosody - name: config - - mountPath: /etc/prosody/secrets.d - name: config-secret - - mountPath: /etc/prosody/components.d - name: config-components - - mountPath: /etc/prosody/hosts.d - name: config-hosts - - mountPath: /etc/prosody/certs.d/chat.tyil.nl - name: cert-nl-tyil-chat - readOnly: true - restartPolicy: Always - volumes: - - name: config - configMap: - name: prosody-config - - name: config-secret - secret: - secretName: prosody-config - - name: config-components - secret: - secretName: prosody-components - - name: config-hosts - configMap: - name: prosody-vhosts - - name: cert-nl-tyil-chat - secret: - secretName: tls-nl.tyil.chat -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/ingress.yaml deleted file mode 100644 index 64b47c8..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/ingress.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: prosody - namespace: chat-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prosody - app.kubernetes.io/part-of: chat-system - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" -spec: - ingressClassName: traefik - tls: - - hosts: - - chat.tyil.nl - - muc.chat.tyil.nl - - share.chat.tyil.nl - secretName: tls-nl.tyil.chat - rules: - - host: chat.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: prosody - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/service.yaml deleted file mode 100644 index 8ecd4b8..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/chat-system/prosody/service.yaml +++ /dev/null @@ -1,54 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: xmpp - namespace: chat-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: xmpp - app.kubernetes.io/part-of: chat-system -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prosody - app.kubernetes.io/part-of: chat-system - type: NodePort - ports: - - name: xmpp-c2s - port: 5222 - nodePort: 5222 - - name: xmpp-s2s - port: 5269 - nodePort: 5269 -... ---- -apiVersion: v1 -kind: Service -metadata: - name: prosody - namespace: chat-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prosody - app.kubernetes.io/part-of: chat-system -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prosody - app.kubernetes.io/part-of: chat-system - ports: - - name: xmpp-c2s - port: 5222 - targetPort: 5222 - - name: xmpp-s2s - port: 5269 - targetPort: 5269 - - name: components - port: 5347 - targetPort: 5347 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/chat-system/sleamdge/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/chat-system/sleamdge/deployment.yaml deleted file mode 100644 index 7816ab5..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/chat-system/sleamdge/deployment.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: sleamdge - namespace: chat-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: sleamdge - app.kubernetes.io/part-of: chat-system -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: sleamdge - app.kubernetes.io/part-of: chat-system - strategy: - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: sleamdge - app.kubernetes.io/part-of: chat-system - spec: - nodeName: "oolah.tyil.net" - containers: - - image: nicocool84/sleamdge:master - name: sleamdge - args: - - "--secret=$(SECRET)" - - "--jid=$(JID)" - env: - - name: SECRET - value: "rl3iB4RTX8qgX30ECGNyhzQgfbnVpAgkGIlw6UGqNbWfnIuGyYzzuQPQh1CV" - - name: JID - value: "sleamdge.chat.tyil.nl" - volumeMounts: - - name: data - mountPath: /var/lib/slidge - restartPolicy: Always - volumes: - - name: data - hostPath: - path: /var/lib/slidge - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/event-bus.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/event-bus.yaml deleted file mode 100644 index de5b67f..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/event-bus.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: EventBus -metadata: - name: default - namespace: cicd-system -spec: - nats: - native: - replicas: 3 - containerTemplate: - resources: - requests: - cpu: "10m" - memory: "64Mi" - persistence: - storageClassName: longhorn - accessMode: ReadWriteOnce - volumeSize: 1Gi -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/helm-chart.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/helm-chart.yaml deleted file mode 100644 index 3acd2cd..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/helm-chart.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: argo-events - namespace: cicd-system -spec: - repo: https://argoproj.github.io/argo-helm - chart: argo-events - valuesContent: |- - controller: - rbac: - namespaced: true - serviceAccount: - name: argo-events -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-workflows/helm-chart.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-workflows/helm-chart.yaml deleted file mode 100644 index 7978820..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-workflows/helm-chart.yaml +++ /dev/null @@ -1,64 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: argo-workflows - namespace: cicd-system -spec: - repo: https://argoproj.github.io/argo-helm - chart: argo-workflows - valuesContent: |- - artifactRepository: - archiveLogs: true - s3: - bucket: argo - endpoint: 10.57.101.1:3900 - insecure: true - accessKeySecret: - name: credentials - key: garageAccessKey - secretKeySecret: - name: credentials - key: garageSecretKey - controller: - persistence: - archive: true - postgresql: - host: 10.57.101.20 - port: 5432 - database: argo - tableName: argo_workflows - userNameSecret: - name: credentials - key: postgresqlUsername - passwordSecret: - name: credentials - key: postgresqlPassword - workflowDefaults: - spec: - entrypoint: main - serviceAccountName: "argo-runner" - ttlStrategy: - secondsAfterCompletion: 300 - podGC: - strategy: null - singleNamespace: true - server: - extraArgs: - - "--auth-mode=server" - ingress: - enabled: false - ingressClassName: traefik - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd - tls: - - secretName: tls-nl.tyil.ci - hosts: - - ci.tyil.nl - hosts: - - ci.tyil.nl - workflow: - serviceAccount: - create: true -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml deleted file mode 100644 index 3b96bf8..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: auth-proxy-ci - namespace: cicd-system -spec: - chart: https://git.tyil.nl/helm/oauth2-proxy/snapshot/oauth2-proxy-497a618778ead59ce985b81031a863dda9ff2126.tar.gz - valuesContent: |- - image: - tag: v7.4.0 - secret: - enabled: false - envFrom: - secretRef: - - name: auth-proxy-ci - ingress: - enabled: true - ingressClassName: traefik - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd - traefik.ingress.kubernetes.io/router.middlewares: kube-system-headers-argo@kubernetescrd - tls: - - secretName: tls-nl.tyil.ci - hosts: - - ci.tyil.nl - hosts: - - host: ci.tyil.nl - paths: - - path: / - pathType: Prefix -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/ingress.yaml deleted file mode 100644 index 39da576..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/ingress.yaml +++ /dev/null @@ -1,40 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: ci - namespace: cicd-system - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: trigger-bashtard - app.kubernetes.io/part-of: cicd-system - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd - traefik.ingress.kubernetes.io/router.middlewares: kube-system-headers-argo@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - ci.tyil.nl - secretName: tls-nl.tyil.ci - rules: - - host: ci.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: auth-proxy-ci-oauth2-proxy - port: - number: 4180 - - path: /trigger - pathType: Prefix - backend: - service: - name: webhook-eventsource-svc - port: - number: 12000 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/rbac.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/rbac.yaml deleted file mode 100644 index ddca028..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/rbac.yaml +++ /dev/null @@ -1,101 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: argo-runner - namespace: cicd-system -automountServiceAccountToken: true -... ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: argo-runner - namespace: cicd-system -rules: -- apiGroups: - - "" - resources: - - secrets - - persistentvolumeclaims - - pods - verbs: - - get - - list - - create - - update - - delete - - patch - - watch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - apps - resources: - - deployments - verbs: - - get - - list -- apiGroups: - - admissionregistration.k8s.io - resources: - - validatingwebhookconfigurations - verbs: - - get - - list - - create - - update - - delete - - patch - - watch -- apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterroles - verbs: - - get - - list -- apiGroups: - - argoproj.io - resources: - - eventbus - - eventsources - - sensors - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - workflows - - workflowtaskresults - verbs: - - get - - list - - create - - update - - patch - - watch -... ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: argo-runner - namespace: cicd-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argo-runner -subjects: -- kind: ServiceAccount - name: argo-runner - namespace: cicd-system -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-bus/default.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-bus/default.yaml deleted file mode 100644 index de5b67f..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-bus/default.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: EventBus -metadata: - name: default - namespace: cicd-system -spec: - nats: - native: - replicas: 3 - containerTemplate: - resources: - requests: - cpu: "10m" - memory: "64Mi" - persistence: - storageClassName: longhorn - accessMode: ReadWriteOnce - volumeSize: 1Gi -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-sources/webhook.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-sources/webhook.yaml deleted file mode 100644 index 1b901e0..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-sources/webhook.yaml +++ /dev/null @@ -1,28 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: EventSource -metadata: - name: webhook - namespace: cicd-system -spec: - service: - ports: - - port: 12000 - targetPort: 12000 - webhook: - default: - endpoint: /trigger - method: POST - port: "12000" - url: https://ci.tyil.nl - generic-raku: - endpoint: /trigger/generic-raku - method: POST - port: "12000" - url: https://ci.tyil.nl - project-bashtard: - endpoint: /trigger/project-bashtard - method: POST - port: "12000" - url: https://ci.tyil.nl -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/default.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/default.yaml deleted file mode 100644 index b97239c..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/default.yaml +++ /dev/null @@ -1,61 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Sensor -metadata: - name: default - namespace: cicd-system -spec: - template: - serviceAccountName: argo-runner - dependencies: - - name: webhook - eventSourceName: webhook - eventName: generic - triggers: - - template: - name: webhook-workflow-trigger - k8s: - operation: create - source: - resource: - apiVersion: argoproj.io/v1alpha1 - kind: Workflow - metadata: - generateName: generic - spec: - entrypoint: main - arguments: - parameters: - - name: ref - value: "" - - name: repo - value: "" - templates: - - name: main - inputs: - parameters: - - name: ref - value: "{{workflows.parameters.ref}}" - steps: - - - name: main - templateRef: - name: generic - template: main - arguments: - parameters: - - name: ref - value: "{{inputs.parameters.ref}}" - - name: repo - value: "{{inputs.parameters.repo}}" - parameters: - - src: - dependencyName: webhook - dataKey: body.commit - value: "origin/master" - dest: spec.arguments.parameters.0.value - - src: - dependencyName: "webhook" - dataKey: body.repo - value: "" - dest: spec.arguments.parameters.1.value -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/generic-raku.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/generic-raku.yaml deleted file mode 100644 index ca42ce9..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/generic-raku.yaml +++ /dev/null @@ -1,61 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Sensor -metadata: - name: generic-raku - namespace: cicd-system -spec: - template: - serviceAccountName: argo-runner - dependencies: - - name: webhook - eventSourceName: webhook - eventName: project-raku-config-parser-toml - triggers: - - template: - name: webhook-workflow-trigger - k8s: - operation: create - source: - resource: - apiVersion: argoproj.io/v1alpha1 - kind: Workflow - metadata: - generateName: generic-raku- - spec: - entrypoint: main - arguments: - parameters: - - name: ref - value: "" - - name: repo - value: "" - templates: - - name: main - inputs: - parameters: - - name: ref - value: "{{workflows.parameters.ref}}" - steps: - - - name: main - templateRef: - name: generic-raku - template: main - arguments: - parameters: - - name: ref - value: "{{inputs.parameters.ref}}" - - name: repo - value: "{{inputs.parameters.repo}}" - parameters: - - src: - dependencyName: webhook - dataKey: body.commit - value: "origin/master" - dest: spec.arguments.parameters.0.value - - src: - dependencyName: "webhook" - dataKey: body.repo - value: "" - dest: spec.arguments.parameters.1.value -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/project-bashtard.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/project-bashtard.yaml deleted file mode 100644 index 8e77b3a..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/project-bashtard.yaml +++ /dev/null @@ -1,52 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Sensor -metadata: - name: project-bashtard - namespace: cicd-system -spec: - template: - serviceAccountName: argo-runner - dependencies: - - name: webhook - eventSourceName: webhook - eventName: project-bashtard - triggers: - - template: - name: webhook-workflow-trigger - k8s: - operation: create - source: - resource: - apiVersion: argoproj.io/v1alpha1 - kind: Workflow - metadata: - generateName: project-bashtard- - spec: - entrypoint: main - arguments: - parameters: - - name: ref - value: "" - templates: - - name: main - inputs: - parameters: - - name: ref - value: "{{workflows.parameters.ref}}" - steps: - - - name: main - templateRef: - name: project-bashtard - template: main - arguments: - parameters: - - name: ref - value: "{{inputs.parameters.ref}}" - parameters: - - src: - dependencyName: webhook - dataKey: body.commit - value: "master" - dest: spec.arguments.parameters.0.value -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/fetch-git.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/fetch-git.yaml deleted file mode 100644 index 0742e79..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/fetch-git.yaml +++ /dev/null @@ -1,46 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: WorkflowTemplate -metadata: - name: fetch-git - namespace: cicd-system -spec: - arguments: - parameters: - - name: repo - value: "" - - name: ref - value: master - - name: path - value: "/usr/src" - templates: - - name: main - inputs: - parameters: - - name: repo - value: "{{workflow.parameters.repo}}" - - name: ref - value: "{{workflow.parameters.ref}}" - - name: path - value: "{{workflow.parameters.path}}" - outputs: - artifacts: - - name: src - path: "{{inputs.parameters.path}}" - script: - image: debian - command: - - dash - source: | - export DEBIAN_FRONTEND=noninteractive - export GIT_WORK_TREE="{{inputs.parameters.path}}" - export GIT_DIR="$(mktemp -d)" - mkdir -pv -- "$GIT_WORK_TREE" - - apt update && apt install -y git - - git init - git remote add origin "{{inputs.parameters.repo}}" - git fetch origin -a - git reset --hard "{{inputs.parameters.ref}}" -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/generic-raku.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/generic-raku.yaml deleted file mode 100644 index 869c497..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/generic-raku.yaml +++ /dev/null @@ -1,82 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: WorkflowTemplate -metadata: - name: generic-raku - namespace: cicd-system -spec: - entrypoint: main - arguments: - parameters: - - name: dist - value: false - - name: ref - value: origin/master - - name: repo - value: "" - templates: - - name: main - dag: - tasks: - - name: workdir - templateRef: - name: util - template: pvc-create - - name: fetch - templateRef: - name: util - template: fetch-git - arguments: - parameters: - - name: ref - value: "{{workflow.parameters.ref}}" - - name: repo - value: "{{workflow.parameters.repo}}" - - name: workingPVC - value: "{{tasks.workdir.outputs.parameters.name}}" - dependencies: - - workdir - - name: qa-prove - templateRef: - name: util-raku - template: qa-prove - arguments: - parameters: - - name: workingPVC - value: "{{tasks.workdir.outputs.parameters.name}}" - dependencies: - - fetch - - name: qa-reuse - templateRef: - name: util - template: qa-reuse - arguments: - parameters: - - name: workingPVC - value: "{{tasks.workdir.outputs.parameters.name}}" - dependencies: - - fetch - - name: qa-fez - templateRef: - name: util-raku - template: qa-fez - arguments: - parameters: - - name: workingPVC - value: "{{tasks.workdir.outputs.parameters.name}}" - dependencies: - - fetch - - name: dist-fez - templateRef: - name: util-raku - template: dist-fez - arguments: - parameters: - - name: workingPVC - value: "{{tasks.workdir.outputs.parameters.name}}" - dependencies: - - qa-prove - - qa-reuse - - qa-fez - when: "{{workflow.parameters.dist}} == true" -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/generic.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/generic.yaml deleted file mode 100644 index 5e541df..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/generic.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: WorkflowTemplate -metadata: - name: generic - namespace: cicd-system -spec: - entrypoint: main - arguments: - parameters: - - name: ref - value: origin/master - - name: repo - value: "" - - name: vcs - value: "git" - templates: - - name: main - dag: - tasks: - - name: workdir - templateRef: - name: util - template: pvc-create - # TODO: Decide on fetch function - # TODO: Check for Makefile - # TODO: Run make install-deps - # TODO: Run make test - - name: fetch - templateRef: - name: util - template: fetch-git - arguments: - parameters: - - name: ref - value: "{{workflow.parameters.ref}}" - - name: repo - value: "{{workflow.parameters.repo}}" - - name: workingPVC - value: "{{tasks.workdir.outputs.parameters.name}}" - dependencies: - - workdir -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/project-bashtard.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/project-bashtard.yaml deleted file mode 100644 index 0642028..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/project-bashtard.yaml +++ /dev/null @@ -1,90 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: WorkflowTemplate -metadata: - name: project-bashtard - namespace: cicd-system -spec: - arguments: - parameters: - - name: ref - value: origin/master - templates: - - name: main - steps: - - - name: fetch - templateRef: - name: fetch-git - template: main - arguments: - parameters: - - name: ref - value: "{{workflow.parameters.ref}}" - - name: repo - value: "https://git.tyil.nl/bashtard" - - - name: qa-reuse - templateRef: - name: qa-reuse - template: main - arguments: - artifacts: - - name: src - from: "{{steps.fetch.outputs.artifacts.src}}" - - name: qa-shellcheck - template: qa-shellcheck - arguments: - artifacts: - - name: src - from: "{{steps.fetch.outputs.artifacts.src}}" - - - name: dist-tar-gz - template: dist - arguments: - artifacts: - - name: src - from: "{{steps.fetch.outputs.artifacts.src}}" - parameters: - - name: format - value: targz - - name: dist-deb - template: dist - arguments: - artifacts: - - name: src - from: "{{steps.fetch.outputs.artifacts.src}}" - parameters: - - name: format - value: debian - - - name: qa-shellcheck - inputs: - artifacts: - - name: src - path: "/code" - script: - image: pipelinecomponents/shellcheck - command: - - bash - source: |- - shellcheck -s sh bin/bashtard - shellcheck -x -s bash **/*.bash - - - name: dist - inputs: - artifacts: - - name: src - path: "/usr/src/bashtard-{{workflow.parameters.ref}}" - parameters: - - name: format - value: "targz" - script: - image: debian - command: - - dash - source: |- - export DEBIAN_FRONTEND=noninteractive - - cd -- "/usr/src/bashtard-{{workflow.parameters.ref}}" - - apt update && apt install -y make - make pkg-{{inputs.parameters.format}} -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/qa-reuse.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/qa-reuse.yaml deleted file mode 100644 index 7c7d455..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/qa-reuse.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: WorkflowTemplate -metadata: - name: qa-reuse - namespace: cicd-system -spec: - arguments: - parameters: - - name: path - value: "/usr/src" - artifacts: - - name: src - from: "" - templates: - - name: main - inputs: - parameters: - - name: path - value: "{{workflow.parameters.path}}" - artifacts: - - name: src - path: "{{workflow.artifacts.path}}" - container: - image: fsfe/reuse - workdir: "{{inputs.parameters.path}}" - command: - - reuse - args: - - lint -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/util-raku.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/util-raku.yaml deleted file mode 100644 index 2d0f606..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/util-raku.yaml +++ /dev/null @@ -1,216 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: WorkflowTemplate -metadata: - name: util-raku - namespace: cicd-system -spec: - templates: - - name: dist-fez - inputs: - parameters: - - name: fezUsernameSecret - value: "credentials-fez" - - name: fezPasswordSecret - value: "credentials-fez" - - name: fezUsernameSecretKey - value: "username" - - name: fezPasswordSecretKey - value: "password" - - name: workingDir - value: "/work" - - name: workingPVC - value: "" - script: - image: rakudo-star - env: - - name: FEZ_USERNAME - valueFrom: - secretKeyRef: - name: "{{inputs.parameters.fezUsernameSecret}}" - key: "{{inputs.parameters.fezUsernameSecretKey}}" - - name: FEZ_PASSWORD - valueFrom: - secretKeyRef: - name: "{{inputs.parameters.fezPasswordSecret}}" - key: "{{inputs.parameters.fezPasswordSecretKey}}" - command: - - sh - source: | - cd -- "{{inputs.parameters.workingDir}}" - - set -x - - apt update && apt install -y expect - zef install fez --exclude="z" - - expect <<-EOF - set timeout 30 - - spawn fez login - - expect ">>= Username*" { - send -- "$FEZ_USERNAME\r" - } - - expect ">>= Password*" { - log_user 0 - send -- "$FEZ_PASSWORD\r" - log_user 1 - } - - expect { - eof { - exit 0 - } - - "*Failed to login*" { - exit 1 - } - } - - EOF - - printf "\n" - - expect <<-EOF - set timeout 60 - - spawn fez upload -f - - expect { - "Upload anyway*" { - send -- "n\r" - exit 1 - } - eof { - exit 0 - } - } - EOF - volumeMounts: - - name: workdir - mountPath: "{{inputs.parameters.workingDir}}" - volumes: - - name: workdir - persistentVolumeClaim: - claimName: "{{inputs.parameters.workingPVC}}" - - - name: qa-fez - inputs: - parameters: - - name: fezUsernameSecret - value: "credentials-fez" - - name: fezPasswordSecret - value: "credentials-fez" - - name: fezUsernameSecretKey - value: "username" - - name: fezPasswordSecretKey - value: "password" - - name: workingDir - value: "/work" - - name: workingPVC - value: "" - script: - image: rakudo-star - env: - - name: FEZ_USERNAME - valueFrom: - secretKeyRef: - name: "{{inputs.parameters.fezUsernameSecret}}" - key: "{{inputs.parameters.fezUsernameSecretKey}}" - - name: FEZ_PASSWORD - valueFrom: - secretKeyRef: - name: "{{inputs.parameters.fezPasswordSecret}}" - key: "{{inputs.parameters.fezPasswordSecretKey}}" - command: - - sh - source: | - cd -- "{{inputs.parameters.workingDir}}" - - set -x - - apt update && apt install -y expect - zef install fez --exclude="z" - - expect <<-EOF - set timeout 30 - log_user 0 - - spawn fez login - - expect ">>= Username*" { - send -- "$FEZ_USERNAME\r" - } - - expect ">>= Password*" { - send -- "$FEZ_PASSWORD\r" - } - - expect { - eof { - exit 0 - } - - "*Failed to login*" { - exit 1 - } - } - EOF - - printf "\n" - - expect <<-EOF - set timeout 60 - - spawn fez upload --dry-run - - expect { - "*ERROR*" { - exit 1 - } - - eof { - exit 0 - } - } - EOF - fez_exit=$? - - rm -fr -- sdist # Who in their right mind leaves trash on a dry-run - exit $fez_exit - volumeMounts: - - name: workdir - mountPath: "{{inputs.parameters.workingDir}}" - volumes: - - name: workdir - persistentVolumeClaim: - claimName: "{{inputs.parameters.workingPVC}}" - - - name: qa-prove - inputs: - parameters: - - name: workingDir - value: "/work" - - name: workingPVC - value: "" - script: - image: rakudo-star - command: - - sh - source: | - cd -- "{{inputs.parameters.workingDir}}" - - set -x - - zef install . --deps-only - prove6 -lv --timer - volumeMounts: - - name: workdir - mountPath: "{{inputs.parameters.workingDir}}" - volumes: - - name: workdir - persistentVolumeClaim: - claimName: "{{inputs.parameters.workingPVC}}" -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/util.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/util.yaml deleted file mode 100644 index 465311b..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/util.yaml +++ /dev/null @@ -1,107 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: WorkflowTemplate -metadata: - name: util - namespace: cicd-system -spec: - templates: - - name: fetch-git - inputs: - parameters: - - name: repo - value: "" - - name: ref - value: "origin/master" - - name: workingDir - value: "/work" - - name: workingPVC - value: "" - script: - image: debian - command: - - dash - source: | - export DEBIAN_FRONTEND=noninteractive - export GIT_WORK_TREE="{{inputs.parameters.workingDir}}" - export GIT_DIR="$GIT_WORK_TREE/.git" - - apt update && apt install -y git - - git init - git remote add origin "{{inputs.parameters.repo}}" - git fetch origin -a - git reset --hard "{{inputs.parameters.ref}}" - volumeMounts: - - name: workdir - mountPath: "{{inputs.parameters.workingDir}}" - volumes: - - name: workdir - persistentVolumeClaim: - claimName: "{{inputs.parameters.workingPVC}}" - - - name: pvc-create - inputs: - parameters: - - name: size - value: 1Gi - - name: storageClass - value: longhorn - - name: namePrefix - value: argo- - outputs: - parameters: - - name: name - valueFrom: - jsonPath: "{.metadata.name}" - resource: - action: create - setOwnerReference: true - manifest: | - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - generateName: "{{inputs.parameters.namePrefix}}" - spec: - storageClassName: "{{inputs.parameters.storageClass}}" - accessModes: - - ReadWriteMany - resources: - requests: - storage: "{{inputs.parameters.size}}" - - - name: pvc-delete - inputs: - parametes: - - name: name - value: "" - resource: - action: delete - manifest: | - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: "{{inputs.parameters.name}}" - - - name: qa-reuse - inputs: - parameters: - - name: workingDir - value: "/work" - - name: workingPVC - value: "" - script: - image: fsfe/reuse - command: - - sh - source: | - cd -- "{{inputs.parameters.workingDir}}" - reuse lint - volumeMounts: - - name: workdir - mountPath: "{{inputs.parameters.workingDir}}" - volumes: - - name: workdir - persistentVolumeClaim: - claimName: "{{inputs.parameters.workingPVC}}" -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/kube-system/amdgpu-device-plugin/deamon-set.yaml b/data.d/k3s-master/manifests.d/tyilnet/kube-system/amdgpu-device-plugin/deamon-set.yaml deleted file mode 100644 index 9faf539..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/kube-system/amdgpu-device-plugin/deamon-set.yaml +++ /dev/null @@ -1,40 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: amdgpu-device-plugin-daemonset - namespace: kube-system -spec: - selector: - matchLabels: - name: amdgpu-dp-ds - template: - metadata: - labels: - name: amdgpu-dp-ds - spec: - nodeSelector: - kubernetes.io/arch: amd64 - amdgpu: "true" - priorityClassName: system-node-critical - tolerations: - - key: CriticalAddonsOnly - operator: Exists - containers: - - image: rocm/k8s-device-plugin - name: amdgpu-dp-cntr - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: ["ALL"] - volumeMounts: - - name: dp - mountPath: /var/lib/kubelet/device-plugins - - name: sys - mountPath: /sys - volumes: - - name: dp - hostPath: - path: /var/lib/kubelet/device-plugins - - name: sys - hostPath: - path: /sys diff --git a/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/helm-chart-config.yaml b/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/helm-chart-config.yaml deleted file mode 100644 index a9ab6af..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/helm-chart-config.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChartConfig -metadata: - name: traefik - namespace: kube-system -spec: - valuesContent: |- - deployment: - kind: DaemonSet -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-headers-argo.yaml b/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-headers-argo.yaml deleted file mode 100644 index f88167f..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-headers-argo.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: headers-argo - namespace: kube-system -spec: - headers: - stsPreload: true - forceSTSHeader: true - contentSecurityPolicy: >- - default-src - 'self' - 'unsafe-eval' - 'unsafe-inline' - ; - img-src - 'self' - data: - ; - worker-src - * - ; -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-headers-keycloak.yaml b/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-headers-keycloak.yaml deleted file mode 100644 index 8619e15..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-headers-keycloak.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: headers-keycloak - namespace: kube-system -spec: - headers: - stsPreload: true - forceSTSHeader: true - contentSecurityPolicy: >- - default-src - 'self' - ; - style-src - 'unsafe-inline' - ; -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-headers-nextcloud.yaml b/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-headers-nextcloud.yaml deleted file mode 100644 index f013ab2..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-headers-nextcloud.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: headers-nextcloud - namespace: kube-system -spec: - headers: - stsPreload: true - forceSTSHeader: true - contentSecurityPolicy: >- - default-src - 'self' - data: - 'unsafe-inline' - ; - img-src - 'self' - data: - *.tile.openstreetmap.org - nominatim.openstreetmap.org - ; -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-https.yaml b/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-https.yaml deleted file mode 100644 index 0bfb82c..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/kube-system/treafik/middleware-https.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: redirect-https - namespace: kube-system -spec: - redirectScheme: - scheme: https - permanent: true -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/monitoring/grafana/helm-chart.yaml b/data.d/k3s-master/manifests.d/tyilnet/monitoring/grafana/helm-chart.yaml deleted file mode 100644 index 20fc702..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/monitoring/grafana/helm-chart.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: grafana - namespace: kube-system -spec: - repo: https://grafana.github.io/helm-charts - chart: grafana - targetNamespace: monitoring - valuesContent: |- - ingress: - enabled: true - ingressClassName: "traefik" - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - tls: - - hosts: - - grafana.tyil.nl - secretName: tls-nl.tyil.grafana - hosts: - - "grafana.tyil.nl" - envFromSecret: "grafana-env" - grafana.ini: - auth.ldap: - enabled: true - allow_sign_up: true - database: - type: "postgres" - ldap: - enabled: true - existingSecret: grafana-config -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/monitoring/prometheus-exporter-postgresql/helm-chart.yaml b/data.d/k3s-master/manifests.d/tyilnet/monitoring/prometheus-exporter-postgresql/helm-chart.yaml deleted file mode 100644 index 88b237d..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/monitoring/prometheus-exporter-postgresql/helm-chart.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: prometheus-exporter-postgresql - namespace: monitoring -spec: - repo: https://prometheus-community.github.io/helm-charts - chart: prometheus-postgres-exporter - valuesContent: |- - config: - datasourceSecret: - name: prometheus-exporter-postgresql - key: connection-string -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/monitoring/prometheus/auth-proxy.yaml b/data.d/k3s-master/manifests.d/tyilnet/monitoring/prometheus/auth-proxy.yaml deleted file mode 100644 index 8388e3a..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/monitoring/prometheus/auth-proxy.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: auth-proxy-prometheus - namespace: monitoring -spec: - chart: https://git.tyil.nl/helm/oauth2-proxy/snapshot/oauth2-proxy-497a618778ead59ce985b81031a863dda9ff2126.tar.gz - valuesContent: |- - image: - tag: v7.4.0 - secret: - enabled: false - envFrom: - secretRef: - - name: auth-proxy-prometheus - ingress: - enabled: true - ingressClassName: traefik - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd - tls: - - secretName: tls-nl.tyil.prometheus - hosts: - - prometheus.tyil.nl - hosts: - - host: prometheus.tyil.nl - paths: - - path: / - pathType: Prefix diff --git a/data.d/k3s-master/manifests.d/tyilnet/monitoring/prometheus/helm-chart.yaml b/data.d/k3s-master/manifests.d/tyilnet/monitoring/prometheus/helm-chart.yaml deleted file mode 100644 index 43d78b4..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/monitoring/prometheus/helm-chart.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: prometheus - namespace: monitoring -spec: - repo: https://prometheus-community.github.io/helm-charts - chart: kube-prometheus-stack - valuesContent: |- - alertmanager: - enabled: false - grafana: - enabled: false - prometheus: - enabled: true - prometheusSpec: - retention: 10d - serviceMonitorSelectorNilUsesHelmValues: false - storageSpec: - emptyDir: {} -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/namespaces.yaml b/data.d/k3s-master/manifests.d/tyilnet/namespaces.yaml deleted file mode 100644 index 768c5f4..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/namespaces.yaml +++ /dev/null @@ -1,53 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: auth-system -... ---- -apiVersion: v1 -kind: Namespace -metadata: - name: chat-system ---- -apiVersion: v1 -kind: Namespace -metadata: - name: cicd-system -... ---- -apiVersion: v1 -kind: Namespace -metadata: - name: base-system -... ---- -apiVersion: v1 -kind: Namespace -metadata: - name: monitoring -... ---- -apiVersion: v1 -kind: Namespace -metadata: - name: personal-services -... ---- -apiVersion: v1 -kind: Namespace -metadata: - name: public-services -... ---- -apiVersion: v1 -kind: Namespace -metadata: - name: ravenhosting -... ---- -apiVersion: v1 -kind: Namespace -metadata: - name: servarr -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/configmap.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/configmap.yaml deleted file mode 100644 index bdbc8b2..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/configmap.yaml +++ /dev/null @@ -1,68 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: cgit - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: cgit - app.kubernetes.io/part-of: personal-services -data: - cgitrc: | - root-desc=All public repos from tyil - - source-filter=/usr/lib/cgit/filters/syntax-highlighting.sh - about-filter=/usr/lib/cgit/filters/about-formatting.sh - - readme=:INSTALL - readme=:INSTALL.htm - readme=:INSTALL.html - readme=:INSTALL.md - readme=:INSTALL.mkd - readme=:INSTALL.rst - readme=:INSTALL.txt - readme=:README - readme=:README.htm - readme=:README.html - readme=:README.md - readme=:README.mkd - readme=:README.pod6 - readme=:README.rakudoc - readme=:README.rst - readme=:README.txt - readme=:install - readme=:install.htm - readme=:install.html - readme=:install.md - readme=:install.mkd - readme=:install.rst - readme=:install.txt - readme=:readme - readme=:readme.htm - readme=:readme.html - readme=:readme.md - readme=:readme.mkd - readme=:readme.rst - readme=:readme.txt - - css=/cgit-css/cgit.css - logo=/cgit-css/cgit.png - - #cache-root=/var/cache/cgit - #cache-size=1000 - - clone-prefix=https://git.tyil.nl - enable-git-config=1 - enable-index-links=1 - enable-index-owner=0 - enable-log-filecount=1 - enable-log-linecount=1 - remove-suffix=1 - robots=index, follow - scan-path=/srv/git/ - section-from-path=1 - snapshots=tar.gz tar.bz2 - virtual-root=/ -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/deployment.yaml deleted file mode 100644 index 715a3f6..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/deployment.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cgit - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: cgit - app.kubernetes.io/part-of: personal-services -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: cgit - app.kubernetes.io/part-of: personal-services - strategy: - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: cgit - app.kubernetes.io/part-of: personal-services - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: emarcs/nginx-cgit - name: cgit - ports: - - containerPort: 80 - volumeMounts: - - mountPath: /srv/git - name: data - - mountPath: /etc/cgitrc - subPath: cgitrc - name: config - restartPolicy: Always - volumes: - - name: data - hostPath: - path: /mnt/pool/git - type: DirectoryOrCreate - - name: config - configMap: - name: cgit -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/ingress.yaml deleted file mode 100644 index e8b30d3..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/ingress.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: cgit - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: cgit - app.kubernetes.io/part-of: personal-services - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: >- - kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - git.tyil.nl - secretName: tls-nl.tyil.git - rules: - - host: git.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: cgit - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/service.yaml deleted file mode 100644 index ac2ab26..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/cgit/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: cgit - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: cgit - app.kubernetes.io/part-of: personal-services -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: cgit - app.kubernetes.io/part-of: personal-services - ports: - - name: http - port: 80 - targetPort: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/configmap.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/configmap.yaml deleted file mode 100644 index b78a822..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/configmap.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: grocy - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy - app.kubernetes.io/part-of: personal-services -data: - # A custom common.conf is required because the name of the backend service is - # not configurable through conventional means. Instead, I supply my own - # version with the correct backend name and overwrite the one supplied by the - # grocy docker container itself. - common.conf: | - charset utf-8; - - location / { - try_files $uri /index.php$is_args$query_string; - } - - location ~* .(jpg|jpeg|png|gif|ico|css|js)$ { - expires 365d; - } - - location ~ \.php$ { - fastcgi_pass grocy-backend:80; - fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - - location ~ /\.ht { - deny all; - } -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/deployment-backend.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/deployment-backend.yaml deleted file mode 100644 index ef77883..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/deployment-backend.yaml +++ /dev/null @@ -1,60 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: grocy-backend - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy-backend - app.kubernetes.io/part-of: personal-services -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy-backend - app.kubernetes.io/part-of: personal-services - strategy: - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy-backend - app.kubernetes.io/part-of: personal-services - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: grocy/backend:v3.3.2 - name: grocy - env: - - name: GROCY_CURRENCY - value: "EUR" - - name: GROCY_MODE - value: "production" - - name: GROCY_CULTURE - name: "en" - - name: MAX_UPLOAD - value: "50M" - - name: PHP_MAX_FILE_UPLOAD - value: "200" - - name: PHP_MAX_POST - value: "100M" - - name: PHP_MEMORY_LIMIT - value: "512M" - ports: - - containerPort: 9000 - volumeMounts: - - mountPath: /var/www/data - name: data - restartPolicy: Always - volumes: - - name: data - hostPath: - path: /etc/grocy - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/deployment-frontend.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/deployment-frontend.yaml deleted file mode 100644 index 07fbb68..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/deployment-frontend.yaml +++ /dev/null @@ -1,59 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: grocy-frontend - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy-frontend - app.kubernetes.io/part-of: personal-services -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy-frontend - app.kubernetes.io/part-of: personal-services - strategy: - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy-frontend - app.kubernetes.io/part-of: personal-services - spec: - containers: - - image: grocy/frontend:v3.3.2 - name: grocy - env: - - name: GROCY_CURRENCY - value: "EUR" - - name: GROCY_MODE - value: "production" - - name: GROCY_CULTURE - name: "en" - - name: MAX_UPLOAD - value: "50M" - - name: PHP_MAX_FILE_UPLOAD - value: "200" - - name: PHP_MAX_POST - value: "100M" - - name: PHP_MEMORY_LIMIT - value: "512M" - ports: - - containerPort: 8080 - volumeMounts: - - mountPath: /etc/nginx/common.conf - subPath: common.conf - name: config - restartPolicy: Always - volumes: - - name: config - configMap: - name: grocy -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/ingress.yaml deleted file mode 100644 index 80d1089..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: grocy - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy - app.kubernetes.io/part-of: personal-services - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - erp.tyil.nl - secretName: tls-nl.tyil.erp - rules: - - host: erp.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: grocy-frontend - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/service-backend.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/service-backend.yaml deleted file mode 100644 index e9a179d..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/service-backend.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: grocy-backend - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy-backend - app.kubernetes.io/part-of: personal-services -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy-backend - app.kubernetes.io/part-of: personal-services - ports: - - name: http - port: 80 - targetPort: 9000 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/service-frontend.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/service-frontend.yaml deleted file mode 100644 index d9d1e93..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/grocy/service-frontend.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: grocy-frontend - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy-frontend - app.kubernetes.io/part-of: personal-services -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: grocy-frontend - app.kubernetes.io/part-of: personal-services - ports: - - name: http - port: 80 - targetPort: 8080 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-blockdiag.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-blockdiag.yaml deleted file mode 100644 index 6eb7fea..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-blockdiag.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kroki-blockdiag - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-blockdiag - app.kubernetes.io/part-of: personal-services -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-blockdiag - app.kubernetes.io/part-of: personal-services - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-blockdiag - app.kubernetes.io/part-of: personal-services - spec: - containers: - - image: yuzutech/kroki-blockdiag - name: blockdiag - ports: - - containerPort: 8001 - restartPolicy: Always -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-bpmn.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-bpmn.yaml deleted file mode 100644 index 26acd15..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-bpmn.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kroki-bpmn - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-bpmn - app.kubernetes.io/part-of: personal-services -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-bpmn - app.kubernetes.io/part-of: personal-services - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-bpmn - app.kubernetes.io/part-of: personal-services - spec: - containers: - - image: yuzutech/kroki-bpmn - name: bpmn - ports: - - containerPort: 8003 - restartPolicy: Always -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-excalidraw.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-excalidraw.yaml deleted file mode 100644 index d1c6699..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-excalidraw.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kroki-excalidraw - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-excalidraw - app.kubernetes.io/part-of: personal-services -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-excalidraw - app.kubernetes.io/part-of: personal-services - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-excalidraw - app.kubernetes.io/part-of: personal-services - spec: - containers: - - image: yuzutech/kroki-excalidraw - name: excalidraw - ports: - - containerPort: 8004 - restartPolicy: Always -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-mermaid.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-mermaid.yaml deleted file mode 100644 index ee6edaf..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki-mermaid.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kroki-mermaid - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-mermaid - app.kubernetes.io/part-of: personal-services -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-mermaid - app.kubernetes.io/part-of: personal-services - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-mermaid - app.kubernetes.io/part-of: personal-services - spec: - containers: - - image: yuzutech/kroki-mermaid - name: mermaid - ports: - - containerPort: 8002 - restartPolicy: Always diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki.yaml deleted file mode 100644 index f192697..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/deployment-kroki.yaml +++ /dev/null @@ -1,53 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kroki - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki - app.kubernetes.io/part-of: personal-services -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki - app.kubernetes.io/part-of: personal-services - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki - app.kubernetes.io/part-of: personal-services - spec: - containers: - - image: yuzutech/kroki - name: kroki - env: - - name: KROKI_BLOCKDIAG_HOST - value: kroki-blockdiag - - name: KROKI_BLOCKDIAG_PORT - value: "80" - - name: KROKI_BPMN_HOST - value: kroki-bpmn - - name: KROKI_BPMN_PORT - value: "80" - - name: KROKI_EXCALIDRAW_HOST - value: kroki-excalidraw - - name: KROKI_EXCALIDRAW_PORT - value: "80" - - name: KROKI_MERMAID_HOST - value: kroki-mermaid - - name: KROKI_MERMAID_PORT - value: "80" - - name: KROKI_MAX_URI_LENGTH - value: "4096" - ports: - - containerPort: 8000 - restartPolicy: Always -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/ingress-kroki.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/ingress-kroki.yaml deleted file mode 100644 index c33644e..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/ingress-kroki.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: kroki - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki - app.kubernetes.io/part-of: personal-services - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" -spec: - tls: - - hosts: - - kroki.tyil.nl - secretName: tls-nl.tyil.kroki - rules: - - host: kroki.tyil.nl - http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: kroki - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-blockdiag.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-blockdiag.yaml deleted file mode 100644 index 7ac6c4e..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-blockdiag.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: kroki-blockdiag - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-blockdiag - app.kubernetes.io/part-of: personal-services -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-blockdiag - app.kubernetes.io/part-of: personal-services - ports: - - name: http - port: 80 - targetPort: 8001 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-bpmn.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-bpmn.yaml deleted file mode 100644 index 73e2c58..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-bpmn.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: kroki-bpmn - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-bpmn - app.kubernetes.io/part-of: personal-services -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-bpmn - app.kubernetes.io/part-of: personal-services - ports: - - name: http - port: 80 - targetPort: 8003 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-excalidraw.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-excalidraw.yaml deleted file mode 100644 index a011428..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-excalidraw.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: kroki-excalidraw - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-excalidraw - app.kubernetes.io/part-of: personal-services -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-excalidraw - app.kubernetes.io/part-of: personal-services - ports: - - name: http - port: 80 - targetPort: 8004 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-mermaid.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-mermaid.yaml deleted file mode 100644 index 872433c..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki-mermaid.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: kroki-mermaid - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-mermaid - app.kubernetes.io/part-of: personal-services -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki-mermaid - app.kubernetes.io/part-of: personal-services - ports: - - name: http - port: 80 - targetPort: 8002 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki.yaml deleted file mode 100644 index 0c98dc8..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/kroki/service-kroki.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: kroki - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki - app.kubernetes.io/part-of: personal-services -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: kroki - app.kubernetes.io/part-of: personal-services - ports: - - name: http - port: 80 - targetPort: 8000 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/cron.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/cron.yaml deleted file mode 100644 index 1f0b3a1..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/cron.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -apiVersion: batch/v1 -kind: CronJob -metadata: - name: nextcloud - namespace: personal-services -spec: - schedule: "*/5 * * * *" - jobTemplate: - spec: - template: - spec: - securityContext: - runAsUser: 33 - runAsGroup: 33 - nodeName: "mieshu.tyil.net" - containers: - - name: nextcloud - image: nextcloud:27 - command: - - php - args: - - -f - - /var/www/html/cron.php - volumeMounts: - - mountPath: /var/www/html - name: data - restartPolicy: OnFailure - volumes: - - name: data - hostPath: - path: /mnt/pool/nextcloud - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/deployment.yaml deleted file mode 100644 index 250f670..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/deployment.yaml +++ /dev/null @@ -1,45 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nextcloud - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: nextcloud - app.kubernetes.io/part-of: personal-services -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: nextcloud - app.kubernetes.io/part-of: personal-services - strategy: - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: nextcloud - app.kubernetes.io/part-of: personal-services - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: nextcloud:27 - name: nextcloud - ports: - - containerPort: 80 - volumeMounts: - - mountPath: /var/www/html - name: data - restartPolicy: Always - volumes: - - name: data - hostPath: - path: /mnt/pool/nextcloud - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/ingress.yaml deleted file mode 100644 index fca1adc..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/ingress.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: nextcloud - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: nextcloud - app.kubernetes.io/part-of: personal-services - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: >- - kube-system-headers-nextcloud@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - cloud.tyil.nl - secretName: tls-nl.tyil.cloud - rules: - - host: cloud.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: nextcloud - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/service.yaml deleted file mode 100644 index fd9a7d6..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/personal-services/nextcloud/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: nextcloud - namespace: personal-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: nextcloud - app.kubernetes.io/part-of: personal-services -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: nextcloud - app.kubernetes.io/part-of: personal-services - ports: - - name: http - port: 80 - targetPort: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/public-services/invidious/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/public-services/invidious/deployment.yaml deleted file mode 100644 index d910c47..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/public-services/invidious/deployment.yaml +++ /dev/null @@ -1,54 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: invidious - namespace: public-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: invidious - app.kubernetes.io/part-of: public-services -spec: - replicas: 2 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: invidious - app.kubernetes.io/part-of: public-services - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: invidious - app.kubernetes.io/part-of: public-services - spec: - containers: - - name: invidious - image: quay.io/invidious/invidious:latest - ports: - - containerPort: 8080 - env: - - name: INVIDIOUS_CONFIG - valueFrom: - secretKeyRef: - name: invidious-config - key: config.yml - resources: - requests: - memory: 64Mi - limits: - memory: 128Mi - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - invidious - topologyKey: "kubernetes.io/hostname" -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/public-services/invidious/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/public-services/invidious/ingress.yaml deleted file mode 100644 index cb675a9..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/public-services/invidious/ingress.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: invidious - namespace: public-services - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: invidious - app.kubernetes.io/part-of: public-services -spec: - ingressClassName: "traefik" - tls: - - hosts: - - youtube.alt.tyil.nl - secretName: tls-nl.tyil.alt.youtube - rules: - - host: youtube.alt.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: invidious-http - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/public-services/invidious/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/public-services/invidious/service.yaml deleted file mode 100644 index e4f95be..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/public-services/invidious/service.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - # Funfact: if this name is set to "invidious", things will break! - # https://github.com/iv-org/invidious/issues/2970 - name: invidious-http - namespace: public-services - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: invidious - app.kubernetes.io/part-of: public-services -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: invidious - app.kubernetes.io/part-of: public-services - ports: - - protocol: TCP - port: 80 - targetPort: 3000 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/auth-proxy.yaml b/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/auth-proxy.yaml deleted file mode 100644 index 0196271..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/auth-proxy.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: auth-proxy-gollum - namespace: ravenhosting -spec: - chart: https://git.tyil.nl/helm/oauth2-proxy/snapshot/oauth2-proxy-497a618778ead59ce985b81031a863dda9ff2126.tar.gz - valuesContent: |- - image: - tag: v7.4.0 - secret: - enabled: false - envFrom: - secretRef: - - name: auth-proxy-gollum - ingress: - enabled: true - ingressClassName: traefik - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd - tls: - - secretName: tls-eu.ravenhosting.wiki - hosts: - - wiki.ravenhosting.eu - hosts: - - host: wiki.ravenhosting.eu - paths: - - path: / - pathType: Prefix -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/deployment.yaml deleted file mode 100644 index 0a6c7c3..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/deployment.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: gollum - namespace: ravenhosting - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: gollum - app.kubernetes.io/part-of: ravenhosting -spec: - replicas: 2 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: gollum - app.kubernetes.io/part-of: ravenhosting - strategy: - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: gollum - app.kubernetes.io/part-of: ravenhosting - spec: - nodeName: "oolah.tyil.net" - containers: - - name: gollum - image: gollumwiki/gollum:master - args: - - -c - - "/wiki/config.rb" - ports: - - containerPort: 80 - volumeMounts: - - mountPath: /wiki - name: data - restartPolicy: Always - volumes: - - name: data - hostPath: - path: /home/tyil/projects/ravenhosting/docs - type: DirectoryOrCreate -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/ingress.yaml deleted file mode 100644 index efc8e24..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: gollum - namespace: ravenhosting - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: gollum - app.kubernetes.io/part-of: ravenhosting - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - wiki.ravenhosting.eu - secretName: tls-eu.ravenhosting.wiki - rules: - - host: wiki.ravenhosting.eu - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: gollum - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/service.yaml deleted file mode 100644 index fa16a3f..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/gollum/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: gollum - namespace: ravenhosting - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: gollum - app.kubernetes.io/part-of: ravenhosting -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: gollum - app.kubernetes.io/part-of: ravenhosting - ports: - - name: http - port: 80 - targetPort: 4567 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/openproject/helm-chart.yaml b/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/openproject/helm-chart.yaml deleted file mode 100644 index 9dbc8af..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/ravenhosting/openproject/helm-chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: openproject - namespace: ravenhosting -spec: - repo: https://charts.openproject.org - chart: openproject - valuesContent: { } #|- -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/bazarr/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/bazarr/deployment.yaml deleted file mode 100644 index e967412..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/bazarr/deployment.yaml +++ /dev/null @@ -1,78 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: bazarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: bazarr - app.kubernetes.io/part-of: servarr -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: bazarr - app.kubernetes.io/part-of: servarr - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: bazarr - app.kubernetes.io/part-of: servarr - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: hotio/bazarr:testing - name: bazarr - env: - - name: TZ - value: "Europe/Amsterdam" - - name: UMASK - value: "002" - - name: GUID - value: "169" - - name: PUID - value: "169" - ports: - - containerPort: 6767 - volumeMounts: - - mountPath: /mnt/pool/media/anime-series/exported - name: anime-series - - mountPath: /mnt/pool/media/anime-movies/exported - name: anime-movies - - mountPath: /mnt/pool/media/series/exported - name: series - - mountPath: /mnt/pool/media/movies/exported - name: movies - - mountPath: /config - name: config - restartPolicy: Always - volumes: - - name: anime-series - hostPath: - path: /mnt/pool/media/anime-series/exported - type: Directory - - name: anime-movies - hostPath: - path: /mnt/pool/media/anime-movies/exported - type: Directory - - name: series - hostPath: - path: /mnt/pool/media/series/exported - type: Directory - - name: movies - hostPath: - path: /mnt/pool/media/movies/exported - type: Directory - - name: config - hostPath: - path: /etc/servarr/bazarr - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/bazarr/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/bazarr/ingress.yaml deleted file mode 100644 index ff20477..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/bazarr/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: bazarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: bazarr - app.kubernetes.io/part-of: servarr - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - bazarr.arr.tyil.nl - secretName: tls-nl.tyil.arr.bazarr - rules: - - host: bazarr.arr.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: bazarr - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/bazarr/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/bazarr/service.yaml deleted file mode 100644 index 1f3cc23..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/bazarr/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: bazarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: bazarr - app.kubernetes.io/part-of: servarr -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: bazarr - app.kubernetes.io/part-of: servarr - ports: - - name: http - port: 80 - targetPort: 6767 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/dirlist/auth-proxy.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/dirlist/auth-proxy.yaml deleted file mode 100644 index 57ab370..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/dirlist/auth-proxy.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: helm.cattle.io/v1 -kind: HelmChart -metadata: - name: auth-proxy-dirlist - namespace: kube-system -spec: - chart: https://git.tyil.nl/helm/oauth2-proxy/snapshot/oauth2-proxy-497a618778ead59ce985b81031a863dda9ff2126.tar.gz - targetNamespace: servarr - valuesContent: |- - image: - tag: v7.4.0 - secret: - enabled: false - envFrom: - secretRef: - - name: auth-proxy-dirlist - ingress: - enabled: true - ingressClassName: traefik - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd - tls: - - secretName: tls-nl.tyil.media - hosts: - - media.tyil.nl - hosts: - - host: media.tyil.nl - paths: - - path: / - pathType: Prefix diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/dirlist/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/dirlist/deployment.yaml deleted file mode 100644 index e3a3e26..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/dirlist/deployment.yaml +++ /dev/null @@ -1,93 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: dirlist - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: dirlist - app.kubernetes.io/part-of: servarr -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: dirlist - app.kubernetes.io/part-of: servarr - strategy: - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: dirlist - app.kubernetes.io/part-of: servarr - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: docker.io/svenstaro/miniserve:latest - args: - - --enable-tar - - --enable-tar-gz - - --qrcode - - /var/www - name: miniserve - ports: - - containerPort: 8080 - volumeMounts: - - mountPath: /var/www/anime-movies - name: anime-movies - readOnly: true - - mountPath: /var/www/anime-series - name: anime-series - readOnly: true - - mountPath: /var/www/books - name: books - readOnly: true - - mountPath: /var/www/movies - name: movies - readOnly: true - - mountPath: /var/www/music - name: music - readOnly: true - - mountPath: /var/www/porn - name: porn - readOnly: true - - mountPath: /var/www/series - name: series - readOnly: true - restartPolicy: Always - volumes: - - name: anime-series - hostPath: - path: /mnt/pool/media/anime-series/exported - type: Directory - - name: anime-movies - hostPath: - path: /mnt/pool/media/anime-movies/exported - type: Directory - - name: books - hostPath: - path: /mnt/pool/media/books/exported - type: Directory - - name: movies - hostPath: - path: /mnt/pool/media/movies/exported - type: Directory - - name: music - hostPath: - path: /mnt/pool/media/music/exported - type: Directory - - name: porn - hostPath: - path: /mnt/pool/media/porn/exported - type: Directory - - name: series - hostPath: - path: /mnt/pool/media/series/exported - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/dirlist/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/dirlist/service.yaml deleted file mode 100644 index 31f638f..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/dirlist/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: dirlist - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: dirlist - app.kubernetes.io/part-of: servarr -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: dirlist - app.kubernetes.io/part-of: servarr - ports: - - name: http - port: 80 - targetPort: 8080 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyfin/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyfin/deployment.yaml deleted file mode 100644 index 18205c4..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyfin/deployment.yaml +++ /dev/null @@ -1,96 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: jellyfin - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyfin - app.kubernetes.io/part-of: servarr -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyfin - app.kubernetes.io/part-of: servarr - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyfin - app.kubernetes.io/part-of: servarr - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: jellyfin/jellyfin - name: jellyfin - ports: - - containerPort: 8096 - volumeMounts: - - mountPath: /var/media/anime-movies - name: anime-movies - readOnly: true - - mountPath: /var/media/anime-series - name: anime-series - readOnly: true - - mountPath: /var/media/books - name: books - readOnly: true - - mountPath: /var/media/movies - name: movies - readOnly: true - - mountPath: /var/media/music - name: music - readOnly: true - - mountPath: /var/media/series - name: series - readOnly: true - - mountPath: /config - name: config - - mountPath: /cache - name: cache - resources: - limits: - amd.com/gpu: 1 - restartPolicy: Always - volumes: - - name: anime-movies - hostPath: - path: /mnt/pool/media/anime-movies/exported - type: Directory - - name: anime-series - hostPath: - path: /mnt/pool/media/anime-series/exported - type: Directory - - name: books - hostPath: - path: /mnt/pool/media/books/exported - type: Directory - - name: movies - hostPath: - path: /mnt/pool/media/movies/exported - type: Directory - - name: music - hostPath: - path: /mnt/pool/media/music/exported - type: Directory - - name: series - hostPath: - path: /mnt/pool/media/series/exported - type: Directory - - name: cache - hostPath: - path: /var/cache/jellyfin - type: Directory - - name: config - hostPath: - path: /etc/servarr/jellyfin - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyfin/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyfin/ingress.yaml deleted file mode 100644 index b527143..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyfin/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: jellyfin - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyfin - app.kubernetes.io/part-of: servarr - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - tv.tyil.nl - secretName: tls-nl.tyil.tv - rules: - - host: tv.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: jellyfin - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyfin/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyfin/service.yaml deleted file mode 100644 index cc0ae84..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyfin/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: jellyfin - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyfin - app.kubernetes.io/part-of: servarr -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyfin - app.kubernetes.io/part-of: servarr - ports: - - name: http - port: 80 - targetPort: 8096 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyseerr/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyseerr/deployment.yaml deleted file mode 100644 index 217f949..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyseerr/deployment.yaml +++ /dev/null @@ -1,54 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: jellyseerr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyseerr - app.kubernetes.io/part-of: servarr -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyseerr - app.kubernetes.io/part-of: servarr - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyseerr - app.kubernetes.io/part-of: servarr - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: fallenbagel/jellyseerr:latest - name: jellyseerr - env: - - name: TZ - value: "Europe/Amsterdam" - - name: UMASK - value: "002" - - name: GUID - value: "169" - - name: PUID - value: "169" - ports: - - containerPort: 5055 - volumeMounts: - - mountPath: /app/config - name: config - restartPolicy: Always - volumes: - - name: config - hostPath: - path: /etc/servarr/jellyseerr - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyseerr/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyseerr/ingress.yaml deleted file mode 100644 index 11671d7..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyseerr/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: jellyseerr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyseerr - app.kubernetes.io/part-of: servarr - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - jellyseerr.arr.tyil.nl - secretName: tls-nl.tyil.arr.jellyseerr - rules: - - host: jellyseerr.arr.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: jellyseerr - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyseerr/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyseerr/service.yaml deleted file mode 100644 index a8f3b18..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/jellyseerr/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: jellyseerr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyseerr - app.kubernetes.io/part-of: servarr -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: jellyseerr - app.kubernetes.io/part-of: servarr - ports: - - name: http - port: 80 - targetPort: 5055 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/lidarr/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/lidarr/deployment.yaml deleted file mode 100644 index baea1d9..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/lidarr/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: lidarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lidarr - app.kubernetes.io/part-of: servarr -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lidarr - app.kubernetes.io/part-of: servarr - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lidarr - app.kubernetes.io/part-of: servarr - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: hotio/lidarr:release - name: lidarr - env: - - name: TZ - value: "Europe/Amsterdam" - - name: UMASK - value: "002" - - name: GUID - value: "169" - - name: PUID - value: "169" - ports: - - containerPort: 8686 - volumeMounts: - - mountPath: /mnt/pool/media/music - name: music - - mountPath: /config - name: config - restartPolicy: Always - volumes: - - name: music - hostPath: - path: /mnt/pool/media/music - type: Directory - - name: config - hostPath: - path: /etc/servarr/lidarr - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/lidarr/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/lidarr/ingress.yaml deleted file mode 100644 index bff21d5..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/lidarr/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: lidarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lidarr - app.kubernetes.io/part-of: servarr - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - lidarr.arr.tyil.nl - secretName: tls-nl.tyil.arr.lidarr - rules: - - host: lidarr.arr.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: lidarr - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/lidarr/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/lidarr/service.yaml deleted file mode 100644 index f154924..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/lidarr/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: lidarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lidarr - app.kubernetes.io/part-of: servarr -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: lidarr - app.kubernetes.io/part-of: servarr - ports: - - name: http - port: 80 - targetPort: 8686 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/prowlarr/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/prowlarr/deployment.yaml deleted file mode 100644 index 4dcaf31..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/prowlarr/deployment.yaml +++ /dev/null @@ -1,54 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: prowlarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prowlarr - app.kubernetes.io/part-of: servarr -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prowlarr - app.kubernetes.io/part-of: servarr - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prowlarr - app.kubernetes.io/part-of: servarr - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: cr.hotio.dev/hotio/prowlarr:nightly - name: prowlarr - env: - - name: TZ - value: "Europe/Amsterdam" - - name: UMASK - value: "002" - - name: GUID - value: "169" - - name: PUID - value: "169" - ports: - - containerPort: 9696 - volumeMounts: - - mountPath: /config - name: config - restartPolicy: Always - volumes: - - name: config - hostPath: - path: /etc/servarr/prowlarr - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/prowlarr/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/prowlarr/ingress.yaml deleted file mode 100644 index 1043a2d..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/prowlarr/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: prowlarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prowlarr - app.kubernetes.io/part-of: servarr - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - prowlarr.arr.tyil.nl - secretName: tls-nl.tyil.arr.prowlarr - rules: - - host: prowlarr.arr.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: prowlarr - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/prowlarr/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/prowlarr/service.yaml deleted file mode 100644 index ff16907..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/prowlarr/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: prowlarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prowlarr - app.kubernetes.io/part-of: servarr -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: prowlarr - app.kubernetes.io/part-of: servarr - ports: - - name: http - port: 80 - targetPort: 9696 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/radarr/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/radarr/deployment.yaml deleted file mode 100644 index c49ccb0..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/radarr/deployment.yaml +++ /dev/null @@ -1,66 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: radarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: radarr - app.kubernetes.io/part-of: servarr -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: radarr - app.kubernetes.io/part-of: servarr - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: radarr - app.kubernetes.io/part-of: servarr - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: hotio/radarr:release - name: radarr - env: - - name: TZ - value: "Europe/Amsterdam" - - name: UMASK - value: "002" - - name: GUID - value: "169" - - name: PUID - value: "169" - ports: - - containerPort: 8787 - volumeMounts: - - mountPath: /mnt/pool/media/anime-movies - name: anime-movies - - mountPath: /mnt/pool/media/movies - name: movies - - mountPath: /config - name: config - restartPolicy: Always - volumes: - - name: anime-movies - hostPath: - path: /mnt/pool/media/anime-movies - type: Directory - - name: movies - hostPath: - path: /mnt/pool/media/movies - type: Directory - - name: config - hostPath: - path: /etc/servarr/radarr - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/radarr/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/radarr/ingress.yaml deleted file mode 100644 index ace583f..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/radarr/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: radarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: radarr - app.kubernetes.io/part-of: servarr - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - radarr.arr.tyil.nl - secretName: tls-nl.tyil.arr.radarr - rules: - - host: radarr.arr.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: radarr - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/radarr/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/radarr/service.yaml deleted file mode 100644 index 28df782..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/radarr/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: radarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: radarr - app.kubernetes.io/part-of: servarr -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: radarr - app.kubernetes.io/part-of: servarr - ports: - - name: http - port: 80 - targetPort: 7878 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/readarr/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/readarr/deployment.yaml deleted file mode 100644 index a266b8d..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/readarr/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: readarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: readarr - app.kubernetes.io/part-of: servarr -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: readarr - app.kubernetes.io/part-of: servarr - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: readarr - app.kubernetes.io/part-of: servarr - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: hotio/readarr:testing - name: readarr - env: - - name: TZ - value: "Europe/Amsterdam" - - name: UMASK - value: "002" - - name: GUID - value: "169" - - name: PUID - value: "169" - ports: - - containerPort: 8787 - volumeMounts: - - mountPath: /mnt/pool/media/books - name: books - - mountPath: /config - name: config - restartPolicy: Always - volumes: - - name: books - hostPath: - path: /mnt/pool/media/books - type: Directory - - name: config - hostPath: - path: /etc/servarr/readarr - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/readarr/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/readarr/ingress.yaml deleted file mode 100644 index 94aa05e..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/readarr/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: readarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: readarr - app.kubernetes.io/part-of: servarr - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - readarr.arr.tyil.nl - secretName: tls-nl.tyil.arr.readarr - rules: - - host: readarr.arr.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: readarr - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/readarr/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/readarr/service.yaml deleted file mode 100644 index 3d6cdc7..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/readarr/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: readarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: readarr - app.kubernetes.io/part-of: servarr -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: readarr - app.kubernetes.io/part-of: servarr - ports: - - name: http - port: 80 - targetPort: 8787 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/sonarr/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/sonarr/deployment.yaml deleted file mode 100644 index 126acfe..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/sonarr/deployment.yaml +++ /dev/null @@ -1,66 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: sonarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: sonarr - app.kubernetes.io/part-of: servarr -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: sonarr - app.kubernetes.io/part-of: servarr - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: sonarr - app.kubernetes.io/part-of: servarr - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: hotio/sonarr:release - name: sonarr - env: - - name: TZ - value: "Europe/Amsterdam" - - name: UMASK - value: "002" - - name: GUID - value: "169" - - name: PUID - value: "169" - ports: - - containerPort: 8787 - volumeMounts: - - mountPath: /mnt/pool/media/anime-series - name: anime-series - - mountPath: /mnt/pool/media/series - name: series - - mountPath: /config - name: config - restartPolicy: Always - volumes: - - name: anime-series - hostPath: - path: /mnt/pool/media/anime-series - type: Directory - - name: series - hostPath: - path: /mnt/pool/media/series - type: Directory - - name: config - hostPath: - path: /etc/servarr/sonarr - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/sonarr/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/sonarr/ingress.yaml deleted file mode 100644 index e53868a..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/sonarr/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: sonarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: sonarr - app.kubernetes.io/part-of: servarr - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - sonarr.arr.tyil.nl - secretName: tls-nl.tyil.arr.sonarr - rules: - - host: sonarr.arr.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: sonarr - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/sonarr/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/sonarr/service.yaml deleted file mode 100644 index 5251050..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/sonarr/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: sonarr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: sonarr - app.kubernetes.io/part-of: servarr -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: sonarr - app.kubernetes.io/part-of: servarr - ports: - - name: http - port: 80 - targetPort: 8989 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/unpackerr/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/unpackerr/deployment.yaml deleted file mode 100644 index d54c478..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/unpackerr/deployment.yaml +++ /dev/null @@ -1,88 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: unpackerr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: unpackerr - app.kubernetes.io/part-of: servarr -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: unpackerr - app.kubernetes.io/part-of: servarr - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: unpackerr - app.kubernetes.io/part-of: servarr - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: golift/unpackerr:latest - name: unpackerr - env: - - name: TZ - value: "Europe/Amsterdam" - - name: UMASK - value: "002" - - name: GUID - value: "169" - - name: PUID - value: "169" - volumeMounts: - - mountPath: /mnt/pool/media/anime-movies - name: anime-movies - - mountPath: /mnt/pool/media/anime-series - name: anime-series - - mountPath: /mnt/pool/media/books - name: books - - mountPath: /mnt/pool/media/movies - name: movies - - mountPath: /mnt/pool/media/music - name: music - - mountPath: /mnt/pool/media/series - name: series - - mountPath: /config - name: config - restartPolicy: Always - volumes: - - name: anime-series - hostPath: - path: /mnt/pool/media/anime-series - type: Directory - - name: anime-movies - hostPath: - path: /mnt/pool/media/anime-movies - type: Directory - - name: books - hostPath: - path: /mnt/pool/media/books - type: Directory - - name: movies - hostPath: - path: /mnt/pool/media/movies - type: Directory - - name: music - hostPath: - path: /mnt/pool/media/music - type: Directory - - name: series - hostPath: - path: /mnt/pool/media/series - type: Directory - - name: config - hostPath: - path: /etc/servarr/unpackerr - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/whisparr/deployment.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/whisparr/deployment.yaml deleted file mode 100644 index f650a60..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/whisparr/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: whisparr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: whisparr - app.kubernetes.io/part-of: servarr -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: whisparr - app.kubernetes.io/part-of: servarr - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: whisparr - app.kubernetes.io/part-of: servarr - spec: - nodeName: "mieshu.tyil.net" - containers: - - image: cr.hotio.dev/hotio/whisparr:nightly - name: whisparr - env: - - name: TZ - value: "Europe/Amsterdam" - - name: UMASK - value: "002" - - name: GUID - value: "169" - - name: PUID - value: "169" - ports: - - containerPort: 6969 - volumeMounts: - - mountPath: /mnt/pool/media/porn - name: porn - - mountPath: /config - name: config - restartPolicy: Always - volumes: - - name: porn - hostPath: - path: /mnt/pool/media/porn - type: Directory - - name: config - hostPath: - path: /etc/servarr/whisparr - type: Directory -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/whisparr/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/whisparr/ingress.yaml deleted file mode 100644 index a71692c..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/whisparr/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: whisparr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: whisparr - app.kubernetes.io/part-of: servarr - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-production" - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - whisparr.arr.tyil.nl - secretName: tls-nl.tyil.arr.whisparr - rules: - - host: whisparr.arr.tyil.nl - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: whisparr - port: - number: 80 -... diff --git a/data.d/k3s-master/manifests.d/tyilnet/servarr/whisparr/service.yaml b/data.d/k3s-master/manifests.d/tyilnet/servarr/whisparr/service.yaml deleted file mode 100644 index abafcaf..0000000 --- a/data.d/k3s-master/manifests.d/tyilnet/servarr/whisparr/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: whisparr - namespace: servarr - labels: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: whisparr - app.kubernetes.io/part-of: servarr -spec: - selector: - app.kubernetes.io/created-by: tyil - app.kubernetes.io/managed-by: manual - app.kubernetes.io/name: whisparr - app.kubernetes.io/part-of: servarr - ports: - - name: http - port: 80 - targetPort: 6969 -... diff --git a/data.d/k8s-master/manifests.d/base-system/helm-controller.yaml b/data.d/k8s-master/manifests.d/base-system/helm-controller.yaml deleted file mode 100644 index cd5895b..0000000 --- a/data.d/k8s-master/manifests.d/base-system/helm-controller.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: helm-controller - namespace: base-system - labels: - app: helm-controller -spec: - replicas: 1 - selector: - matchLabels: - app: helm-controller - template: - metadata: - labels: - app: helm-controller - spec: - containers: - - name: helm-controller - image: rancher/helm-controller:v0.12.1 - command: ["helm-controller"] -... diff --git a/data.d/k8s-master/manifests.d/namespaces.yaml b/data.d/k8s-master/manifests.d/namespaces.yaml deleted file mode 100644 index 78d7ab7..0000000 --- a/data.d/k8s-master/manifests.d/namespaces.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: base-system -... diff --git a/data.d/vpn-tinc/hosts/caeghi_tyil_net b/data.d/vpn-tinc/hosts/caeghi_tyil_net index 7816713..4638c16 100644 --- a/data.d/vpn-tinc/hosts/caeghi_tyil_net +++ b/data.d/vpn-tinc/hosts/caeghi_tyil_net @@ -1,18 +1,19 @@ Address = 116.202.102.33 Address = 2a01:4f8:c010:ca5::1 -Subnet = 10.57.20.2/32 -Subnet = fd68:1057:1992:3381:0:1:0:1 + +Subnet = 10.57.1.3/32 +Subnet = fd68:1057:1992:3381:0:1:1:1/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA2abFKFB1Dr1YMcAIWcy/2+jJn+suPyiQjz6vgt476P9a/I7SUCta -P5QUPxvS9pZxFVTFKzpmdKxG1pbCAkhArtNg2R1VFEiYCxS+iey+F11pMPEZFVpC -EIXeVDQeBm9UXjrOpcTRIwEO7Q2J2lzRrhGm6Rpb6XbdmtQ3S8XgVsXYwWoV7muf -TE/d5fgtz8Hghti8w86FP9q61iH6AHCREwbHEUyat5hwznmbiNJHyjx+otI63sQo -FS37EazhqCEvt9jyvVSmB7kVTOLnIVATWDaUlPCLLvps09eRsz6aAa7RHCGd3x/W -mRHxDCbeKL4ilpo/FPZhANdQImLmFovOtwZ6xawRWKPcRXhkaL24qQC0MLH9wmnY -oM6EMioWUa0F11iFM99DTK+NF2Pk8vHNzm0Ep5g0SHzqnAIDDzeNTC9ogwsETqL5 -t7VY1GXuKWgta9L2q03X7FMEgjIc3lPgVLc0Ccx11MTgVzcIaLxFQ58oo+xFuc9I -rBqjZgJwg5MTdZiyZesLJuV+YP+yRat3LifAwIZhloSBVPU6YKx/y30BHjDM8FP1 -OM2IzJLrafZDy034XyD4s62YsKrHMcQ3CeoQ80QjvSyWvSlvn2vEqrbWIZADi0d/ -8vgl44gF9g9yN++G6S7BsTJ5PNgv0jrRFu/RpEN1hVOuo+nBqFsvxW8CAwEAAQ== +MIICCgKCAgEA7fatifnB0LfafcNiKG+cZDeBkFynsFSTMA9dDSQOXYoowLSUOcWj +5WW7b0m6ltM3mq2sAB8fTDJcageycjli8e0b6MzrAhmvzdCMlOBJXuE7iIRJU/IR +cHjpLzG3tBNtO1NudbeGccC7uzmJuPrmBqX0lsy7FQqIad447FzkwOK5oqs1AEOk +tgCFoEScQjPVRVG6JhH2DaBMAQ7rXbGmu2+SnZvxmHTA0Daiv0mthv9D4Mm4MIPJ +QnyMVU85t72D1I/xlugjQI64PvAiROi6Ftm0il/YMiTWC9cxbR8hdpaxJJUoci38 +9KylJ87EpNDsgstlRw+MBvOTeL55pnPQXliQRrhpukAjHpTU38kQXRl5D613jzCy +o8YGT6midMXnAk3ppr9DQX5113gCLXAwkUpy5pS/PpdQ7tqe1DcCsegYuomeVs1w +pQlCPH7TJOj+vRaxVbDCvJq3u9wA7mzxoFdS0TiTq9fGIRE0hcCy+iFUEaOA54Fv +g5Q6p5urtrw0AZueF/UCg+A6C1ag0pTOyoVb8VgcMnN80w+QVrxxB+k4VBzIbg7S +gp1IgPkKKavTCbUb8cu4q5sidr8xz2diXanwSUjRwRbd6AcZgHU8rIjnUiYokw8E +5Y2FEYaS4sN6jbZ56AbjmWmTWwo2uYndq4VG4CWYnX38t47HJRQFBtkCAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/edephas_tyil_net b/data.d/vpn-tinc/hosts/edephas_tyil_net index e0e2f3b..3dc161a 100644 --- a/data.d/vpn-tinc/hosts/edephas_tyil_net +++ b/data.d/vpn-tinc/hosts/edephas_tyil_net @@ -1,17 +1,17 @@ -Subnet = 10.57.100.7/32 -Subnet = fd68:1057:1992:3381:0:3317:0:1/128 +Subnet = 10.57.0.1/32 +Subnet = fd68:1057:1992:3381:0:0:3317:1/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEApxmzAXv4Mch5FP5AxHmpvHjkJGxcegbFzdFzHjhdLDJ9MQQZdM1p -PomhyYXB9Gsq4oJIOcjqJJdbp4dchYGJ++eS3V1wwstLMTl/+kWZ4ojI9sb/J5rl -a3gknTjipdUuoOpdkAkXKCbq9AXyFsvLr4Q6WaFpeTuIjNb2QgPOLUmcD1eNCdnn -KcHQAGR3zRh3uu8zMkaJZwQDZAdRLV6b77OLe7PXCsYgQ68qw3uti3JENv8VC80T -UxUmv8He7xgAqRCJbD3FH3WT2O63mK9jpnFj/BKDTm5k4hUDtZRY1O92JUqQAruw -gq3I8mhSqFMkvt+S67u950hRzN4/ZGs7lzxRkDqDqLy+ZISN2cDpbX1i4WmZFfex -zj7ZbmfsVzwSF/+K31AOQrODt79bGGFwjZgAVn9Cny/bysBxrOJy39D2Awioynpc -mjICtRP7utpo959YmSNsEcjfamIHVfUOTsEoIYhYASmWRjrSF6v7j2bbC+aFOWsf -yIRZc0EtH803/Ks++ieIDWFmhB0ydtkqFm8HK2eyqOqnlHTepmrDflkxfao3JTXP -CbldDpUGKBcLZ5FNaJ5hlQHnJGzU+wbnc133cdYtg9vvhFVgameme8ElcOjZZxMJ -fPWXMAWc2Szx3Hs/jlaTSIH2GoX1Rr2HdrrNg0qOG/qhLPNrtmrxH/sCAwEAAQ== +MIICCgKCAgEAoxlT2zGSu5YwG5sgZc5u1ulntwLwqTwjx3jAL1ys8ZMVtzkBu9UZ +2CjLA8XsdwwEnflgO4HpNzXtLwNiNBo6D5NrL+XMZj/XxsIbGMyfumYNhCJEEyTM +5aROf3vuggKKzr5RYdoe7GxNcoIwnse0JZeBA+hhzIGgyWJwyzIzQ5EGioesFIc7 +2wPRloE4sprvP14mOvoZkUSQvrhfnAYw/xTHyjLvQUjrrh1EMj78bcs72qzdFNqd +TbV860+2AXvc2ZU8gV40AfWuNL0fIsGCVXUhWX8+gOD75zLd41jJFqRLgLQmUXC1 +h3wMXe0ckXMMFmiFVXOKnZDZwBYHwFEsU2nt0WPkbzMgzcprvkWXg0xPomtyQ7lF +8Zavohsz/+AjKKNKt+vPNlRQ3kBOdOvlwdcgWAOnVnF75Vct/X7vNxa7kjNdSgGe +bEuLsCvJe/uRgvE9Dl6Ostkf5V/XLIUtXqt7kdizrhAPaUL7D2Y9K9qJ08qzQCpY +yY+STnJ0uKzWI/5sbPmEgY+UTJAnC8bCUN3nZ0xNJwxg8VdELYJ36Z8T5sWHLzcW +pz0jh9OeCAsM6YwapWVX7mqDN1ZF44mb26gfSpOw1Zg3kSoomVg8BNuhl4f/KX8O +7CsF6lxhjyLRtCoFgTpOWfpSa+57yAMWDc5H8KSmahXWMTYYdfD3IXECAwEAAQ== -----END RSA PUBLIC KEY----- -Ed25519PublicKey = 4ABczlbBBLs5WMztIzafWw1ozwKZVkj4/of3Jc6awiO +Ed25519PublicKey = h85o5piU40cj89zoEPcMq3H5ycn2VbNGKOmtLUnVG/M diff --git a/data.d/vpn-tinc/hosts/faiwoo_tyil_net b/data.d/vpn-tinc/hosts/faiwoo_tyil_net index 1a7aeac..869bd4b 100644 --- a/data.d/vpn-tinc/hosts/faiwoo_tyil_net +++ b/data.d/vpn-tinc/hosts/faiwoo_tyil_net @@ -1,18 +1,19 @@ Address = 65.21.5.254 Address = 2a01:4f9:c010:e20c::1 -Subnet = 10.57.20.5/32 -Subnet = fd68:1057:1992:3381:0:1:1:2 + +Subnet = 10.57.1.4/32 +Subnet = fd68:1057:1992:3381:0:1:1:2/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA3nBf2UWehfNWNrR6i4HJp64aPYI5SpV/7LplRwqXcmnJuHmQJ8Ht -Tozv5RHGGUNoSigbDxJSe16RQ0ESAzGNPSUEV6kntySXLvHSYb+SdjFm2wRpL8FI -8t69ZnRF0x+4ZShfa0rgco8sDdkhuPMNrPu8U6bMs+o4Lh8sVTRhDThv2+VfQkxG -T4G9kgdsxP0yi8sq1uflSYY3mYlVl9OPZwSO+vcVO9JFPvkVYFrqDHtvFGFqziQ/ -KvKcjwDTjpNVkFfJD6SIheeVrhysGk8qQIVMYc8yW9I8HGD7uP1BccZ0C/+b310i -y3qkNz/qqtgy0AxrrzbmFsVDgVyiPlwsD2SL+C4m6uEvB0FvYeL2/7vL8fI4RqcJ -ORAcA5G4FgzZRgHdZoZ1W4OB6eUCV4g9l425qbP3VVngJjX9PjPA/puz0i1IB0ZW -6ijGccgYtyj5+ibt3if0+inepT2BJba7pyQ4A92ogfsQKlSg1x27CfvsGKuMZjdo -y/akxYPEqKHQK37smpjcQTLVmLTTbGnf30ObTNW5LOJUmBue9B4fqBA/NV4fM1Gj -Omw/lazjwrJuenwEeGegRQhvjKlBLdjOnzsLoVrCCIe90KK/+RVSC0Mi2D0dzEPE -BNSbD4EJYs+6dJVT7+sneS8iwg9kG9wZ+UjeO4vraEjMrKj9BaKiJ1cCAwEAAQ== +MIICCgKCAgEAz2BqK568OVNM3JWfeFzw4+GYMbXHZH/AiLrAABq5IhW+pAMtsKtS ++7EYGt0n0DpGo/J6XNNbduHbAlYdZa3ybhAaaGzUnHDbygdisSXBm0nZ/7vD4YUe +IoreWyr5VcB8mfegQZRIxbs03ZqI2GGNFAxvT+Ot6HxkpBMq/iVcOkWWzANtP6S7 +njieoLyCTgt3JBX0UCIC2Pnne88HBlgJatbQNRTT+0ltDKNHozUJ6csKYiraWqEw +yF0Khp+nro+XTn19Aj/V16kIL90oJJKVPwWElXUhooPh87PGoQ4d27DPOofkrE30 +cfv8PI+vHc1H4Eclyy81DwYFp3BKlWACHFOswN8F9bjCOS4aEJajHHEVfGCss140 +rsoNCWkR0GB/KnTzNpu5xpa5o7mllu1LfNU8ICdbhI74zOyZurPIhzH34BZLOROw +jqvmnyNMX4jSCNCFhP4IZhL1QlpkA93AjNKIE3KyHWHTSgor+k5RvecSCzo22CDA +5AUaB6lwr//T5XhfB8R94RwMe/zbL0HrtCVXo2tX61czDX22Z+f949LoklAQEtrW +649hcHJhrUev/QLl2FQ+w1C//9P5JpNjByN1ifgJfVukoxsjnaggygvdn5uHIL4V +BsmRe3cZoEGmyyxTTJr9CjyqsO0wC/ID/b0Qzc2TVcKMfe/RuYQOlXUCAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/gaeru_tyil_net b/data.d/vpn-tinc/hosts/gaeru_tyil_net index d947b01..28cd86b 100644 --- a/data.d/vpn-tinc/hosts/gaeru_tyil_net +++ b/data.d/vpn-tinc/hosts/gaeru_tyil_net @@ -1,17 +1,18 @@ Address = 37.48.120.26 -Subnet = 10.57.20.6/32 -Subnet = fd68:1057:1992:3381:0:2:0:1 + +Subnet = 10.57.1.2/32 +Subnet = fd68:1057:1992:3381:0:1:2:1/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEAvoIVYdxmypwYxZh89WAQDjpNWs8TDhn/mQVRy+WPqT39HCkHhOab -6GN8Ktsi6WU6arxL3PKfRzyXJhFbVktfzgHv6fKuBZwWSZM/qQ5T7DmtUkHv4NPB -AaRCDD1vkK0oGjX/BYOVCo9oCfaGWheAg/usw2XLZE+nz3FSb4GBs6vRQV95D7Px -v8/vmBJSfd3dIRvf0C6fvSSLH2Caq2E2cnKB+CG6F/1qbvhbppVnMJTySR+xCbW/ -YQv1pqND5TYZ0KZ8YuPmjxsd23L6roZJBgBbsiUPWktnKyUP2MEjrpZLcpD7Hnj8 -Qs1bkIdpz9Lj1i8g+k02IfoeRsSi0sf+hbyXovjHLfmdDoEeCtwbrL+JMPCtmzuS -S+AMIpWW4x74o0YNKgXFbjj179+BCVBXzGJBjoJ1dS1r/xDi97m5UxVVK6hfocBc -5x42h0Oc/b20lzoQ1Ixk+qRa71gEAa4OQgwDAKgQZnLgnmqq8mSU/x+f7pcRNGf5 -M/Ae6+rnOghLihReYpw09UinZT7Wqcp1MgAnsYqDohsJe5lEMfJkUS9zdLXlzlpv -PnAEknM4Nb2I3xEeHIeAnD0ZfzY81Jp+sfxdArGv+Hu+s9nTChlC8HlpVIsdUOFo -mVD3iOVvNEjR8LqfWexkhlG3qr69bzUUiguRLJicPaKZRJ68IOsX5EsCAwEAAQ== +MIICCgKCAgEAukTWaVQYkx45hOQiXS3XPaEU2HM/FHfqgsW3/0eHkAFPJk642dm6 +IO3xiiF0zEDQMjj2f/t+nLIQ6SgTtH3ajT9OODpvCyixpNPOWbiGeXK0fgDCd/52 +buf+9TJGq5BSqqKYNGWFX36BbZ9AnIJU0Y7lrEGwPUiG/utNJLlXlwfj1u8C0W3T +sg6eEX0WoP+IqnBXE4NA5Hl2wXQj4jMsU0c0ZHkEdU9Y2jnCl5C6H5NLFykc2qmU +TMZzCth989TuyfrKQ+XMJjlueWrDA3x9TRJKuJLc7fEr6MpJiJAGkh/cDHR+o693 +9R3ry4Wt4EjQiJFg4/OhtWXv5v/ELiA6BHNBB68X6x7ByYjvtkIXy1lzbFjR2DhY +dNzZjSbGUjQpIqJUlLWi+/iLQRy93TjxLTqhUwDS0sde7qsxZnzaM5Owc/G/sZ7e +VroltC2b5DZRMs3EbERdYs3RkpwE1quHFrzwVcCy8D1GEROKle/yg5Ksb3TLVs2c +oPoq7rHsP6kud7r3HzNO+BUi0FzuZdCqQiVyp1H5L+ZfWZzGOJksbntb9GYDIOYC +eWZurL8BdajY0zpSyGRcrwzcKFBq6GVdVoCLX5GQFY6rCQey+b0iTlF0rIcZxPtk +q4dZ4DuBeq75HF9plWVoVMmq6LQfkLLphWHO/EP2ux0zRnBvXSSFtFMCAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/jaomox_tyil_net b/data.d/vpn-tinc/hosts/jaomox_tyil_net index c440db1..0ba1c21 100644 --- a/data.d/vpn-tinc/hosts/jaomox_tyil_net +++ b/data.d/vpn-tinc/hosts/jaomox_tyil_net @@ -1,17 +1,18 @@ Address = 163.172.218.246 -Subnet = 10.57.21.1/32 -Subnet = fd68:1057:1992:3381:0:3:3:1 + +Subnet = 10.57.3.2/32 +Subnet = fd68:1057:1992:3381:0:3:3:1/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEAuIBWktCuiEBGV0xDHqXXyUNXjfKf4WWKjCYmA3eFbVMEDinoZef3 -wHTtLuEieJ5kA7xjaYBLCSenaj1RSQQt+tUaLoB2/gARTLteuUCuBjkO4/+h7UOd -+GaqR7+w6mkHaB/03Bl07loEZhgHA6Acrufg2jV0n9krOqv3opk8zrLN3BdwSrXE -+ZWZIqgakDVmQzc57VZEb3O8wZzNHmAZXIiv4gkvKs59sVvSfcPEMywo2cSPPfK9 -UdaZiejjymDY9kbzcp26cwfsksvwxewZk0JKYK9kx96DC97amTZYeEKCkuy4cSZF -qSWcxSfoNkFXYas/UCy7kPegyim9ZMshfzV8dH5HHpvMsaIaMH5674U+LCoViN57 -AD1AabNXSAKuI3KGDJhSC2TDgMbXrj8dV9Sc+hLwwqwi14M6ld7MZBfEQ8Jma+Hz -14Ps2t3p3tZeoeEcySJCvU2nw4i5lkHjsObcgw7g5IaW2u/wYsPi3nprcz1HmUXW -PUHWaOLzLc79xGVq/xKcxyHS0yqrlfa26j6IMc8OaBwIdJW+cyNnlb/xjxwyMEsW -wdGNn2U7FYxatxGfnRWnSn68lJX5RUQsAX0Wnw4cJruyytt3Xq3fZfX0F0dLRiVo -tmfbogj+5ajBKw747CaZgczhMIxWpjzC/JwHXWa0kEuRhC7U90D5mqkCAwEAAQ== +MIICCgKCAgEAwy7NrCkjxHY3kUJB0l+cbhDWmxkPsj8fT57cgP/a2QFUc/N4uqdX +ban2P04KDVzAed9myZ+bRfLNS4umR8TKPY+EB2SbexYowgAaGWzEEfS01YIcGKqf +Cc/CJeSlHo5X3DWong+K4StqZXcqrjJvApzW/Hdg1F5bLC9ENbC1lTR1ppKUELOJ +zosbGKmtNDiaGAg+8qOvIXNjf7B+FcWTpL8PtLWXmoSbd4QundNPsD2lfcz2F8cu +GIbKaV0k0JJGtDdw5XYFgJDGgTewChuvUKYM2q/XP3AtExoGVEMNm440udv/WASE +4oFs+Dk/aUXI92kkcArbG6pCbzTUI26THlc6ukQZgglxNFhkZae6hqXn3GvVl6Ht +aZ3DG32VdNls/mgk857O+xk5aY46Nexcc9UYVpAqmUixb+FOtklsOb9ynD0J91qB +ajL+a3CzDKGC7ICILaZVNSkhP5heOqb/KIIqPk3tRBNmD3uRouo74Leh14EVyA/H +TP+fRVf5fFAp1Qmaq16tZws9QQj7wte/UhOx1IG2A93FygutwcgAHBokCjRhlgZm +V9YkVLcdZr58Os1vrocQyu772XgslVUZXDAUh6cieLbv06cvB5wVdL3MoTSSalyo +cPIrjXsLrWA43OuCGiUKMEUG5ZGQ4/HXX60ajZma1EyAbTwsi3po1VkCAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/mieshu_tyil_net b/data.d/vpn-tinc/hosts/mieshu_tyil_net index 7e3c050..33d0a50 100644 --- a/data.d/vpn-tinc/hosts/mieshu_tyil_net +++ b/data.d/vpn-tinc/hosts/mieshu_tyil_net @@ -1,18 +1,17 @@ -Address = 2a10:3781:2453:1:4950:47ce:f8db:1fed -Subnet = 10.57.101.10/32 -Subnet = fd68:1057:1992:3381:0:3317:3:1/128 +Subnet = 10.57.3.1/32 +Subnet = fd68:1057:1992:3381:0:3:3317:1/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEAtanpLzqjn0nFSeGBxJvVlTsmkXLkXa5QZZkXg4P6xGcXkIq38DV5 -sxpRxHfnL7gWap7K/6VffMmKk/hryob6PRREGjzff2JX72JTskdZh8yXv/9CWD4p -HCaICKz7Rfq6XdrERuSdIDQ+nRTsvQrotbBky7O7BgpT6kHasVpIVRlhjppuZqIM -Vt3U3pTHFR5ltrZlTmHxkuXH2KFlpZuBkqCwfSdrKjkeJke/pJo+BKBPBVJZzE7p -lRxrLJmshdlixoW0A2x5O+kvy75Zd2Nche2si8VJytOaKbOD1frRXZEC0Njz6PtB -Egje+6b49d9v3/EO8va6Gqf83Ef2PDbYc7Ev2aFqCyB+mlkYNUGUM4NXsSUyyY7/ -JroKpchNAVOabFSwdZ05iHsCBG1+IUimT/u2OjQpfcA6jjG5EoY3udgyI0jt8LHj -LnhkKjS+bCxvrfZ7eVY8ZRSGUjKNNG9QuTiVDBqndWCMrZMykuJuLElpchQym7ib -KaMzsrcVpDVqKi6EpkI1lMMT8RuD2reLqp/few5+bnJ28q5EaxdO5HNGb5R/GUMu -20Zl05WAFdlsmyL2K1+1tEUOqphFb3PwfJwLmyZbiNcg4l3E8thz0dRoZtfozNQH -DlsCy8vIsUQrcc10Qe3PtI3zaJbNnFkrLEUv92CmsDRbC6cuTB9cNaUCAwEAAQ== +MIICCgKCAgEAiH7/vpM4Fq2q9MXgirEX/jy72N56xGViuKwo7plT8ObmFxkhL4pI +RifRqv2Oal/VNKfECR5IaHzrLxWA7aunw22sFoUTnvQl6wCApPb1us2fn50J9ei/ +9gxrbQbVAX0VNlGzICk9zgKl+qfPtj/7ANoqE8Oo0cHrucfW+HdDpN3PyeDwhUk+ +GjoGFQuQboZNUzGnmIgcqPK2m3yJEy2l9SK2p5Uub0RZMDJrt8RJip4OesqpwIvX +JGrU4jL2qIVzkhdkV2NyMd3chCdoHIXjXALreSoyZHkSOdJB2d1X/s6QD+aGFicv +bIokJQWdO9hRh6P0lUEv44IABIj5oat6KU/uLtcr4pycnXMeJ73+CGA8hjG0M2uh +Urn+hoi7y1h0G3vcoYz4oaxX2wqczEbJTTQmwxsx4XftCy7Fg6cnNCva/ML1hOwj +1Urs0jfyPZjVzxqBqsia9duKINPnVkhdxWFma/23tEIjzUy4bbFX8T72Y/IcEi6C +88Q59bgIzDKv1nBzM0/OXbNn5A/zI4FB26xd+NkuwYO9vecRE1DMm+kJiY/L9M4q +657gy73FRykDPogS8dvoTEDbGuYQYClKNIt50iqBX7mAPGZ9ajEcCaXkd5ZUpKE/ +koYegL06MnryGeiODgSXAiTOxB5zSYaJIjIsSW6O15kXe3OkVHTKesECAwEAAQ== -----END RSA PUBLIC KEY----- -Ed25519PublicKey = uhJdCV4h/0W+1QWzOlne2BWDX6G/d27QPHdDwNZjUMB +Ed25519PublicKey = z753yL+MnHAouuUKv1pgA40i9dzHp3QIbCHKVNi1NNH diff --git a/data.d/vpn-tinc/hosts/nouki_tyil_net b/data.d/vpn-tinc/hosts/nouki_tyil_net index 1232c0e..cdf93a4 100644 --- a/data.d/vpn-tinc/hosts/nouki_tyil_net +++ b/data.d/vpn-tinc/hosts/nouki_tyil_net @@ -1,18 +1,17 @@ -Address = 2a10:3781:2453:1:b4e0:9393:3c64:7fd8 -Subnet = 10.57.101.20/32 -Subnet = fd68:1057:1992:3381:0:3317:2:1/128 +Subnet = 10.57.2.1/32 +Subnet = fd68:1057:1992:3381:0:2:3317:1/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEAvBBrlZ9vU+LiW30AWQAMfJDMH4IJcr3CuQNWqnYs7xRKtAE3Rqnc -OjMFavgyCnMZd0SAguQYzFRY4jUlM7FtznmeMaf21/9/qfBQRRpCaKB/6frQfieY -NA1eDgE+nfLn5i2l8Of2LBM7YNjhkLGMqgTU1rZUOkD8wv1pn8Z5YpwGISmBAk5o -S4HfbFGq4QpLR4IW33qmmWUUHU5saBHde/MuJyxgff7BtLg6Z5kgaAyG/Oj0NM1W -96KC4u6QjIxeHLVHy4FI298JXMm7txuIGmb3D5hcpFb3Yh5hE9RXAV6aBN3p1s+c -+L8YANlQZTAAlzNveHLF8TKtQa0CVBM3Y4TIpwpFlRGrPpPqExnoAw8pCvjAsUbZ -XvJwNWH6ifo9Snf1Ww3d6zv8at0+ULxIlWAW0AGwDThMJx8qalqyiv1r8eNjANXw -qPXH9f49iZ4OwPgoWC91AQSjgrVKuZStRbjHzalbjDidpLTLceMvjg+MExLzbzpj -Jl4AIp0Oxn9GLEiiVMuvPvfViF0wf3EzQl0GVYdZrftwozJU9/I3hSETl8ISAVa2 -vxm0nzw1d5eZ3MPj36t7K4sNDbIasqJLMDbIHNFhA2GjsP3WlX2eHNY2lThbhScG -qqm4q3bdVo3VCgh0iiMJchw0m7PVntF0FMC6Ghxwcds7u2CsrsBK738CAwEAAQ== +MIICCgKCAgEAu08q7S2MuqMEPeuTBJw6aFcJRF/8FlbxhNrUlHhfhc7N+4FnmQht +gqr5I20V4BZKkgYI2KUB1+vHGCswy+ReMUtD2njM5BZbNBAOSrVcLtNAuCrCwDev +Adbf58Mx3IJJSZdvYsOQD6MzNkfvCviaBBue89f8tI0Voh06uJT2AEijQBepindj +b5hs75npMgkXVlDocgNnt6vN1ZSILK17cllvInrIi1tuA7+0XWTBYxroILYRIhWO +m4IbnO/tP08e7cEnhCea+/Z5R/ZWlatsYom/gROo6s/ZcwhW1HKVx558Sjynuu92 +GE3o+bxqUD5shPyIo2BOl5h9kGNUtjTpX5rcpRHNr/NX1Zn2ss3bMRTxGGlIU1jI +R4ZTWqzFNH8wZPNywQcbrxBcYj0xSDrq8u3ZO3mo4YXIv2X7PBBzq3+tyxQfWdcK +u1AWxIV83W+eBcPQAdIF45yP1EOU7D53Jghe8KrXMnSSyHsghSInnLjqC4dWzveo +5bQa4koKmMnW5SkvZuihyTWnMs+xgXXxznmUJKUoddgFCpzRhHckQ7KVQmosXthS +a4njMXzAv/C1gVV0VR3LNSw+ZKOug5Sb7vTeQekOFEv3X98GEy5VKgbq9ebedXh8 +BBJuvClzuWGO3xiRjAwtHWhwOSt0Am1aPq2jEDhxynOGJqXR2Zeqh2UCAwEAAQ== -----END RSA PUBLIC KEY----- -Ed25519PublicKey = z6XeVexx6bPgOqM4LA3Jg0hZehhZZRo/KCM+sf0po/H +Ed25519PublicKey = ZJkCNlpDKYYzTYl0UfyQMYjAApwbQ5oYgMpnxGXOB+H diff --git a/data.d/vpn-tinc/hosts/oolah_tyil_net b/data.d/vpn-tinc/hosts/oolah_tyil_net index e5d0e66..26d59a3 100644 --- a/data.d/vpn-tinc/hosts/oolah_tyil_net +++ b/data.d/vpn-tinc/hosts/oolah_tyil_net @@ -1,17 +1,16 @@ -Address = 2a10:3781:2453:1:7aaf:8ff:fe7a:9ba8 -Subnet = 10.57.101.1/32 -Subnet = fd68:1057:1992:3381:0:3317:1:1/128 +Subnet = 10.57.1.1/32 +Subnet = fd68:1057:1992:3381:0:1:3317:1/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA3uaxPI2q7VPAVOh4D9u8b6kSFXNMLtvJQozlhH/Hr3+5Cv/wfKlB -vMPnavGf2J4dlw4d0EoYCCD8k84NkvWCcaXnCpRy80zVQmge2OLaIU7zScCAAqpj -BvCF5q9AbeeI0hxdD8sJI0yYjWpdxsS3tN63kTm0JeYSfrMIwNOoajMUuYOApDB4 -JpZCR3SEgnbkTXsr0uWWUQs9IPnrn2BtwfaN3YDK0KQal36eDwNYiInFutfgWMMh -6WmBLJwNtU4OA68sifs9HGqAkJe+M+Ro43/n8BtUgkNH+RnAtwegZgAWLMMkEoPL -WAGumBsg1QwxLfmSZovUTe4QFFqEYSFhRzRVUTvvBYJI/GGRBBx7igKsc3rfTH6S -Pm483NYeXdNri90Wf77rpfJuEWXtNk9TVRniSHEcs7jxsCs0wxTDE5ozKw3xhlY8 -ezWdbZnY6YKXyvJnHE+Wbe4bO3yt2lPB5Xli7OyGm9TP9TeXnhM60Q12KOIYxhBw -NO7MnyrIAvV3rURaMNJQdDJEtTstgxnXsEjtTQHhduw6RqbDf3Pjz/8XNqium/ss -ifhXawQL6aTzU3N0z/MVh4yYE/svcV36Eh8whnRVGD/p41WwaqDOeAxpxlkB7/rZ -ROujwLLJG4hFHefPtU0cdrFi/oQVGjvywJRro2eqMjPRBwfBELDTTEUCAwEAAQ== +MIICCgKCAgEAiWbWMo9fujW67rWelrMaxPP3qNHrWUIzg2Z4R4MZegZ2GWVYym3u +EzboiDO9MOBh7bXSrQavjkecv40d8PDmbcwNy3hYFS2WH+bJCtjHl4xkxEsE2cvA +1rLW7KEnBfbkKTbVMI/Di9jo4CoVIWNYRU8Ebw+nMWzGcYA1CvtkgzX7gaDio1kk +0EhZ1BqWnExOEA/ChQEazv1kbFjSUW1Aok/aM95JkZ5h2OmGXxCy3MhvaLd78YC9 +cCc2R53FHsBgmufqqAN2kd96BeW0ZxZUrmzTtbz4ucS41O6hz4yBmz2sQt5TAx9K +yQcLm2YL11xKkSdc8+LbhnMubYtUSfQcmUW92lxIYy/Odi+OIXjDzk3EconN8nHL +GFWQJQsuIG9/LsEhR7kNd77becG/QscoV7PnjoxL77QMmlYGOTtS+eeVT8Yn55Lu +qH4plZso2HL7UJv4cy97ZdTw29SHNz4wZNsDlBT+r8OmnANQShznzboddeY+bbZK +aBEkwG1IWR719zNLbbeg84MpHx9z+VyS1RWO4Z+xd/g9f8oEWHFKUJRCCmmCGgJU +qEswMAjPeCsVk31kB+yZujNJnrLCHxUHBHULJVXwcfvOyjZDU+vOgvcjBTOxlzV8 +wPDK2QZyuHNASYnLedyK3b1IRvuSNl5JepuvvwA2JZLlnqU5GLV0l5kCAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/plarabe_tyil_net b/data.d/vpn-tinc/hosts/plarabe_tyil_net index 0d2a970..91acd8c 100644 --- a/data.d/vpn-tinc/hosts/plarabe_tyil_net +++ b/data.d/vpn-tinc/hosts/plarabe_tyil_net @@ -1,16 +1,18 @@ -Subnet = 10.57.100.10/32 -Subnet = fd68:1057:1992:3381:0:3317:0:3 +Port = 657 + +Subnet = 10.57.0.3/32 +Subnet = fd68:1057:1992:3381:0:0:3317:3/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEAvply9cPmEi7zqZEqIEYpTisk+OJvIOXhEL1uwz3ntf8z/1CjG7bq -lGCtgwEx4ilQ4M4JUp5Y+7DSt2JQmpzfunQszhVNSNIBm57iLM7pkhfr6LEXglfW -eGe8nFv4Kph8D+N0kY9xdRIMDCDxvcsdaMcnjCBs+NoGXeF0Yl2Z1pXw0jU4bAe4 -JfXT/AvuvOrBTXVZ+vzqiKbOCxJRK6gWeyfs3gnHTgSQ2eOjyYFOLkTAxnYmFLkO -DPkhQ/s1QviqYFgvJ0of99Q9WnyK7Ki1w5Wx46qoh05ic9FwJ5/AV/1s83TDvUfD -YiVtsdLQxwZcsiXfLa1whisDRy0z93CrnzrVOTEncxo3tGu+Fmz43h5NgQLnIxKq -EWT7SOA0yvyynNRpWmav7XEfWMFJAw08Cz3hlCK+nYAL9w92PIMOVxGQ9QpWcQTb -bxkKNF9A08GKUb3OHjxM3Va+7f4/Ju8fQJ5Ce7UvGAaoWIVSIdO/bWtaKBLpSNou -kgvpyyuOCAMfBFD1c44m8pqtHBfkM6dH5Yp55dV4Q249/E5r/6nErwBYtAcUdRcu -9Tchbc5nLynfRwmG8xVG+sNS/Vmp3S0BFVzqrnmKvB3j5GqU2GZIP7TcWgzf+Y4t -E5mGIbAjTSw7DCqodMzl8MDQqSaauB5rSpy+TfFnw3dsImQyfXN7Lm8CAwEAAQ== +MIICCgKCAgEAsasMofIk6AxtX7wsNYf1rZy+tpnnrRrQMX6/kXri+DhMByURJ1HI +i7jhKBjQBfIcj5FijHHUQHiiKx0bNR0ekpXQFPcsRrspXdQEUnYkc1Pb1J0OMNQ+ +9CT/DH2sun+Zk3qHE+GLdDoWe6gz4uT8Eh+c1/6Z5VwxFpSYKRwT5T/wU9OOEqJi +svoLZSZUh57Xq2y+3JJvfPx3LS6UP9mwz6cmvLWAkRBn18WG81ZBXvN/4ida23o8 +qhaxDhYIO20lDKY+in2oiN1qztLPcQKiXdn/R3ATr8dZ3pPm8YMclnH4Uil10IAw +sl7B7Zt/As/LxklCdwWvPLcRMPC7bAMTGRMFW89C9APY3FsfRD5oiX3jqUMDLw6p +UIVt6/gxnXBjyfgVFouG2ThrqGJp+sC3TfEEjBQ38/W8zk7S3IwMEqLd0gBc8Yq7 +QUWbORloNvv4CtwkeYFonM0eoYn9euxuXJ7RSBGzXadqkKiwtsG4rsvaLU+LKQnQ +xRdzyiEZFcACU5/bdydHXYWWX1xfD2dPsW0nOelvJukgJvNWn0HyCZ1uClTdcAOr +/m3Wh4clCiYgDfvurdVKRmgzzG/5U+xih+SUjgDnf/zgfOViY30BzRxoeWvJ+bCH +TfMKk85a/Zdxxqosasoq6tMlt7EKhPDX5FmL/T102BB40Wtz4U3b81cCAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/qohrei_tyil_net b/data.d/vpn-tinc/hosts/qohrei_tyil_net index f38fc9c..decdcfa 100644 --- a/data.d/vpn-tinc/hosts/qohrei_tyil_net +++ b/data.d/vpn-tinc/hosts/qohrei_tyil_net @@ -1,18 +1,19 @@ Address = 37.27.37.131 Address = 2a01:4f9:c012:6273::1 -Subnet = 10.57.250.250/32 -Subnet = fd68:1057:1992:3381:0:1:1:1 + +Subnet = 10.57.1.6/32 +Subnet = fd68:1057:1992:3381:0:1:1:3/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA3xeAUoTfq/aF4/y9+O8gmYM733srXyqtXuA7HKfeDOsmGO1myVOo -YIOp0NnXLXB+IorfDe1yHxHOgZrIWib6Hh1fKNJ62to2+X5015ubiQfd3hC2+sCP -BJGTwfcWmZ44fo8Pnbxa7ZJkqcqNs/3NPtg5I+yQ8shRF7B/7Am4mwL15tnqsThG -07BxqvUcxvYJs6MZvDIcNMYbalOs5JQDBkcqi+ekkR92S3qjpKBGoBzjA5tIklNv -OC4FERxNVfxYHufrbpQv9Uh8L4Z6D9XDIf787LYCu721wNk30y4xQXojCniqPvRc -KQWMMyElw8E7h+EPPEbCWKF6dnWUOYcK5baPDlRosOLS1V/2WvP3bpcfrseMw+Zp -EKXf60T9iva4VMRgHmo5nI4m8fj4KzEYGXfm7iNVXvvX3pdZQSvDyenEo9oV9CaR -IFUhNuK1ATCiRcJif9jRG1iH0XQ83eT4EEIMXhot+e94K1dV+icYZQ8ig/F47B8c -C8absE5zgwMtbKTpUI9tIRLAazMkp2eHkrPGDRc6ccSzpE3NIJ/Ba7mMO7dC9ukw -XsE7S1kLEO6im8v823EIvtuHle098rqDjljtm+R3blTXyAUIdvqteKHY/b2LSqPZ -OSnpvQ9/qjlIscAMLqQLFUjmCesJV0Bn2C6xDvgBoI31Ye9KEEXmGQsCAwEAAQ== +MIICCgKCAgEApbLsMPasXP2g/gJzxo40aayVPH7rDrxuiOaKfm4R0LKVnDuRGQDj +V+ksZgM5UNxBsJdchzo8BfwtSASFeqlNu4cM9SqMvnKnFOe/W5TCu8+VUx2syrcp +AhTnZ9yzEsHKMqdup7hOExQ+QXQXWPLbSsKEK6Jel4Kw5gQNc/fOq+sPQQPFb/Y+ +gQvaBrylHnM8oGlohutZjbnZdOaLFWLr4/3xgvzawWgudXOLa5lEmdkMJF0KjsJ0 +NuCVTf8TzzTZf/vdlE/ODYL7dAKuDWUScqpK4RE5+mqS1qHcmXl0hCuu5HecnT3t +q5S5d4YuatacSI5PaAmGZgD2YoXK4L3LMfvqcO5z5EAKx+GaR+ePY2AB6kljy909 +zyAHW3uRsYA33QqUXQovPBJ4J9hiwDXgsHUUJ5OO1ZTpUJaT1n3Z3TmDwvYA6ZmF +6LMqu4Mgs2Uvb8kR4xVPuw1dNzsOo9SeN9pQsypYwPatluJVjRwMVibH04ory0uQ +5gzh+ixNbnEwhYCru8gh5raxgtXJe4WoIunX/G/0L23Jr331oLMHAXXkHKsd63/7 +cwVIvcLN/3bYpraG7tzHCfW2EcGMn1zEoWx6sXooXEgo7qcylHfPIjEpWiq153VY +VFLwEyd+CHz8uDx57k4grHE4ggjCAJ6LYBUhl2Nk3lY9f4+Gl/I+D2ECAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-tinc/hosts/ricui_tyil_net b/data.d/vpn-tinc/hosts/ricui_tyil_net index 02d4cb7..30866a2 100644 --- a/data.d/vpn-tinc/hosts/ricui_tyil_net +++ b/data.d/vpn-tinc/hosts/ricui_tyil_net @@ -1,17 +1,18 @@ -Subnet = 10.57.20.7/32 -Subnet = fd68:1057:1992:3381:0:1:1:3/128 +Address = 2a01:4f8:1c1b:67d7::1 +Subnet = 10.57.1.7/32 +Subnet = fd68:1057:1992:3381:0:1:1:4/128 -----BEGIN RSA PUBLIC KEY----- -MIICCgKCAgEA3d5Kb3dOU9qaDko7jbmSwQ8heCVdJtNYV5biGDoqz4KdxFafsDKD -Fd/kH2YnquqSDmtHwxX3fIovnV3PQExqXPTbDWUa5WjR5HOi9JZUIjlyY1YJol6G -KY0c3YHUB0D1qiZCo07vCO+E/RNxeS/GYtugVwEQD9DeIzI8uTOYx+cCEzn6XSbV -bEZ02cBjgjx0CctBEDKl9dVTzKc/ijSU/U4MtUbC5u5OnyL0+E7uzU05Yc1ucHuY -QcchyYZ/o9liNXQ3K680KHnnYiy4ywOD/9hLOTMC5fKtoSp2s+Q5e7Fjy3AXrVY2 -xgywp3id2VOdbvcOPDwxrzLIj0ndjNAlPG4P6y3XTloe3wkKawXIl1mtcolIsl8u -stfXSU5S+JQa3M2tFpJKPQUYdjq+jbc/O7epNQWbMzd5N/EyG42fcP0gV6MWGzoA -Ns+/JePxzToD/FlXAXqoS+1DFPBxM7O+CjEGjFc0wPCATR8jGzOyHBaMaYgjbkaZ -KI+uvtusAjDLR9NPHsaqLNURUcVs5ZLTYtUfHD2vyL6njbJlKVgnqcID34hbXF6k -FZ8k0CH3QWzmS5ZTBLD95i4uL48cYIf/4vuapYigzntaxUju1azejMN7ACMZm2iQ -hIA1TfNVsrMLTNjfiMqgvXSUfa3MtoBU7OrVEuyDQRJJuw+mwecwms8CAwEAAQ== +MIICCgKCAgEAqtSWcbWqGvmpwQuFaLhTXIxr1j2mVApKhV0Bw8UyggszBsEsZiZd +b3eAbJOrklLhedZVendcjPhK8PPBJCWABW9Jm100xDaHc5HfMp/O5J2cSWD7vQVu +iRVonHWaJRYAGeOUnG7mkIfAaHLIOnVzIVEpyuV9z8SCl48Bx7pU351WqYGwk75X +VEIexX8C8vtHneeZJnF5p79kHCQuzwv1DlrAShjmh7qjr4rB97sZYnuwt9g2W9s9 +4wKUk+CJdmrARWyDxXQaS7P5VyqcJw7FpLefe+9B8Hq4ruU1HbqIxjKPFG1Kvtdf +19KATOjEAlbeIlEvyiJnOi8Bedxo+MmeX2B3rE2aQyZTHEnkAImILLEgvDf8GnFx +N6JWAnHELkrPOvQhFRhjQeQz4uk4WAEY2aSCqxnx0iQiqEjrHF38tntqZuahSknX +3nXKiy5qeBi/4a6QcAEBn0L1WaJr12kbviqortg/ltSv1qwmWEnVw+Wdl3sF7uxw +5fz2ciDrqOQE75jz7ouz28FhinGiLYXOddqWKWhE5J2hW2y+XfClXn0Z6uvCbSe+ +XZzmF3Yz6u/PEib8JWteaYkU2M3DVVvl/UDOuYP+lG6xISCIyCOGEFPtRq6VHHwD +ReFPww8iAT8lD1/8zmPI0f2Ktm1Jnpf3aIHhBu2NugRTkDqj0djnafkCAwEAAQ== -----END RSA PUBLIC KEY----- diff --git a/data.d/vpn-wireguard/hooks/post-up b/data.d/vpn-wireguard/hooks/post-up index b200922..edbcd50 100755 --- a/data.d/vpn-wireguard/hooks/post-up +++ b/data.d/vpn-wireguard/hooks/post-up @@ -3,6 +3,7 @@ readonly COLOR_RESET="\033[0m" readonly COLOR_OK="\033[32;1m" readonly COLOR_NOK="\033[31;1m" +readonly BUFFER="$(mktemp)" main() { printf "Verifying connectability...\n" @@ -15,6 +16,8 @@ main() { done < <(awk -F= '/vpn-wireguard.ipv(4|6)=/ { print $NF }' /etc/bashtard/hosts.d/*) wait + + sort -- "$BUFFER" >&2 } check() { @@ -38,7 +41,7 @@ log() { color="$COLOR_OK" fi - printf "%b%3s%b: %s\n" "$color" "$state" "$COLOR_RESET" "$addr" >&2 + printf "%b%3s%b: %s\n" "$color" "$state" "$COLOR_RESET" "$addr" >> "$BUFFER" } main "$@" diff --git a/data.d/vpn-wireguard/peers/faiwoo.tyil.net b/data.d/vpn-wireguard/peers/faiwoo.tyil.net index a0d9b00..631f39a 100644 --- a/data.d/vpn-wireguard/peers/faiwoo.tyil.net +++ b/data.d/vpn-wireguard/peers/faiwoo.tyil.net @@ -1,5 +1,5 @@ [Peer] -AllowedIPs = fd68:1058:1992:3381:0:1:1:2/128,10.58.1.2/32 +AllowedIPs = fd68:1058:1992:3381:0:1:1:2/128,10.58.1.2/32,fd00:8:0:3::/64,172.28.3.0/24 Endpoint = [2a01:4f9:c010:e20c::1]:51820 -PublicKey = VFum7R3gltUKMhx8XHDYpPHJzVmgb9cuYSKyIEyOKkc= +PublicKey = Rrl9qa09Gc8LM3CIr0BIMTnkCMhL1GZFVKCh1P2okWg= PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/gaeru.tyil.net b/data.d/vpn-wireguard/peers/gaeru.tyil.net new file mode 100644 index 0000000..4b65f52 --- /dev/null +++ b/data.d/vpn-wireguard/peers/gaeru.tyil.net @@ -0,0 +1,5 @@ +[Peer] +AllowedIPs = fd68:1058:1992:3381:0:1:2:1/128,10.58.1.5/32 +Endpoint = [37.48.120.26]:51820 +PublicKey = np17FGeZB0N77/SfaHfKTbsD/oV0LnjdOUeIMePGQG4= +PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/jaomox.tyil.net b/data.d/vpn-wireguard/peers/jaomox.tyil.net index d5ca415..15c3dc2 100644 --- a/data.d/vpn-wireguard/peers/jaomox.tyil.net +++ b/data.d/vpn-wireguard/peers/jaomox.tyil.net @@ -1,5 +1,5 @@ [Peer] AllowedIPs = fd68:1058:1992:3381:0:3:3:1/128,10.58.3.1/32 Endpoint = [163.172.218.246]:51820 -PublicKey = gn9hMP+0mljBktybTlPDMI+/QIWNyk1lKO46o8cY82A= +PublicKey = VBqMAsZkCNVlqaMZGT7SKDuCkjXcVrwZNCxVKBRII0Q= PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/mieshu.tyil.net b/data.d/vpn-wireguard/peers/mieshu.tyil.net index edd7dbc..0b9001f 100644 --- a/data.d/vpn-wireguard/peers/mieshu.tyil.net +++ b/data.d/vpn-wireguard/peers/mieshu.tyil.net @@ -1,5 +1,5 @@ [Peer] AllowedIPs = fd68:1058:1992:3381:0:3:3317:2/128,10.58.3.2/32 -Endpoint = [2a10:3781:2453:1:7aaf:8ff:fe7a:9ba8]:51820 -PublicKey = gY8H+0sKzjr1hGLtsF+dTJsTM746k3Ufw6BczudRMmQ= +Endpoint = [2a10:3781:2453:1:4950:47ce:f8db:1fed]:51820 +PublicKey = hrVjitF/wpaNvL9/hlswTL/G8hhKcpMmqGsinU34IBA= PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/nouki.tyil.net b/data.d/vpn-wireguard/peers/nouki.tyil.net index 4204ccf..0986864 100644 --- a/data.d/vpn-wireguard/peers/nouki.tyil.net +++ b/data.d/vpn-wireguard/peers/nouki.tyil.net @@ -1,5 +1,5 @@ [Peer] -AllowedIPs = fd68:1057:1992:3381:0:2:3317:1/128,10.58.2.1/32 +AllowedIPs = fd68:1058:1992:3381:0:2:3317:1/128,10.58.2.1/32 Endpoint = [2a10:3781:2453:1:c8cb:d1a:bc0:dc38]:51820 -PublicKey = geCOglWhIHapf8V/5GuQglEcSJhBqUAP6GKOkZqC9Rg= +PublicKey = Mo2jVPUCIX3o5fY+H2rrVMWAKatVrF9nF75OCZZhRGM= PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/oolah.tyil.net b/data.d/vpn-wireguard/peers/oolah.tyil.net new file mode 100644 index 0000000..2951f1f --- /dev/null +++ b/data.d/vpn-wireguard/peers/oolah.tyil.net @@ -0,0 +1,5 @@ +[Peer] +AllowedIPs = fd68:1058:1992:3381:0:1:3317:1/128,10.58.1.4/32,fd00:8:0:0::/64,172.28.0.0/24 +Endpoint = [2a10:3781:2453:1:7aaf:8ff:fe7a:9ba8]:51820 +PublicKey = 8UkQ71m0xVPJbQ4zySRqH/WXJm479zj5xcgeJVoBWi8= +PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/qohrei.tyil.net b/data.d/vpn-wireguard/peers/qohrei.tyil.net index 9ad882b..2a206d6 100644 --- a/data.d/vpn-wireguard/peers/qohrei.tyil.net +++ b/data.d/vpn-wireguard/peers/qohrei.tyil.net @@ -1,5 +1,5 @@ [Peer] -AllowedIPs = fd68:1058:1992:3381:0:1:1:1/128,10.58.1.1/32 +AllowedIPs = fd68:1058:1992:3381:0:1:1:1/128,10.58.1.1/32,fd00:8:0:2::/64,172.28.2.0/24 Endpoint = [2a01:4f9:c012:6273::1]:51820 -PublicKey = 944GFpkZnrVRziBBR1ST52PDwuFjW/XfXwggmLH46E8= +PublicKey = cD1NveEPXKKNdGcx9bO4+91b1abDwoUSGnF4dI1m0R4= PersistentKeepalive = 10 diff --git a/data.d/vpn-wireguard/peers/ricui.tyil.net b/data.d/vpn-wireguard/peers/ricui.tyil.net index 41ad9f9..a8cfdd7 100644 --- a/data.d/vpn-wireguard/peers/ricui.tyil.net +++ b/data.d/vpn-wireguard/peers/ricui.tyil.net @@ -1,5 +1,5 @@ [Peer] -AllowedIPs = fd68:1058:1992:3381:0:1:1:3/128,10.58.1.3/32 +AllowedIPs = fd68:1058:1992:3381:0:1:1:3/128,10.58.1.3/32,fd00:8:0:4::/64,172.28.4.0/24 Endpoint = [2a01:4f8:1c1b:67d7::1]:51820 -PublicKey = sEMRuNGxTLUsUocC9Oq2WSpuBTFjHBdssaSNXCzmx0Y= +PublicKey = Rv41YhKkhAVKefwlKtD0Uywv7r6a2/uhsdhWVcZUYyU= PersistentKeepalive = 10 @@ -1,6 +1,7 @@ bashtard.backup.elements.0=filesystem bashtard.backup.fs.paths.0=/etc bashtard.backup.repositories.edephas=backup@edephas:{fqdn} +bashtard.ssh.host&=vpn-tinc.ipv6 dns.domain=tyil.net dns.upstream.0=185.181.61.24 dns.upstream.1=188.68.231.82 @@ -9,21 +10,24 @@ dns.upstream.3=2a03:94e0:1804::1 dns.upstream.4=2001:470:71:6dc::53 etc-nixos.path=/etc/nixos etc-portage.path=/etc/portage +k3s-master.bind-address&=k3s-node.bind-address +k3s-master.cluster-cidr=fd00:8::0/48,172.28.0.0/16 k3s-master.cluster-domain=k3s.tyil.nl -k3s-master.helm.apps.certmanager.chart=jetstack/cert-manager -k3s-master.helm.apps.certmanager.namespace=base-system -k3s-master.helm.apps.certmanager.values=certmanager.yaml -k3s-master.helm.repos.jetstack.url=https://charts.jetstack.io +k3s-master.external-ip&=k3s-node.internal-ip +k3s-master.internal-ip&=k3s-node.internal-ip +k3s-master.service-cidr=fd00:5::0/108,172.25.0.0/16 k3s-master.service-node-port-min=1025 +k3s-master.flannel.interfaces.tinc&=k3s-node.flannel.interfaces.tinc +k3s-node.bind-address&=vpn-tinc.ipv6 +k3s-node.cluster-cidr&=k3s-master.cluster-cidr +k3s-node.cluster-domain&=k3s-master.cluster-domain k3s-node.cluster-domain=k3s.tyil.nl -k3s-node.entry.host=10.57.101.1 -k3s-node.service-node-port-min=1025 -k8s-master.flags.control-plane-endpoint=k8s.tyil.nl -k8s-master.flags.pod-network-cidr=fd68:1058:1992:8888::0/64 -k8s-master.flags.service-cidr=fd68:1058:1992:3381::80:0/108 -k8s-master.flags.service-dns-domain=k8s.tyil.nl -k8s-node.master.address=k8s.tyil.nl -k8s-node.node-ip&=vpn-wireguard.ipv6 +k3s-node.entry.host=[fd68:1057:1992:3381:0:1:3317:1] +k3s-node.external-ip&=k3s-node.internal-ip +k3s-node.flannel.interfaces.tinc=tyilnet1057 +k3s-node.role=agent +k3s-node.service-cidr&=k3s-master.service-cidr +k3s-node.service-node-port-min&=k3s-master.service-node-port-min nftables.input.icmp.ipv4.policy=accept nftables.input.icmp.ipv4.rate=2/second nftables.input.icmp.ipv6.policy=accept @@ -47,8 +51,16 @@ nftables.input.rules.wireguard.proto=udp nftables.input.state.established.policy=accept nftables.input.state.invalid.policy=drop nftables.input.state.related.policy=accept +seaweedfs-filer.ip&=vpn-wireguard.ipv6 seaweedfs-master.replication=100 -vpn-tinc.name=tyilnet +seaweedfs-volume.ip&=vpn-wireguard.ipv6 +vpn-tinc.name=tyilnet1057 +vpn-tinc.peers.caeghi=caeghi_tyil_net +vpn-tinc.peers.faiwoo=faiwoo_tyil_net +vpn-tinc.peers.gaeru=gaeru_tyil_net +vpn-tinc.peers.qohrei=qohrei_tyil_net +vpn-tinc.peers.ricui=ricui_tyil_net +vpn-tinc.port=657 vpn-wireguard.interface=tyilnet1058 vpn-wireguard.keepalive=10 www-blog.generator=hugo diff --git a/hosts.d/anoia.tyil.net b/hosts.d/anoia.tyil.net index 40e23e4..c41fbfb 100644 --- a/hosts.d/anoia.tyil.net +++ b/hosts.d/anoia.tyil.net @@ -1,7 +1,6 @@ bashtard.backup.fs.paths.1=/etc bashtard.backup.fs.paths.2=/home/tyil bashtard.backup.repositories.1=rsync.net:{fqdn} -bashtard.ssh.host=10.57.100.3 meta.provider=self -vpn-tinc.ipv4=10.57.100.3 -vpn-tinc.ipv6=fd68:1057:1992:3381:0:3317:0:2 +vpn-tinc.ipv4=10.57.0.4 +vpn-tinc.ipv6=fd68:1057:1992:3381:0:0:3317:4 diff --git a/hosts.d/caeghi.tyil.net b/hosts.d/caeghi.tyil.net index 35c70c3..b17df23 100644 --- a/hosts.d/caeghi.tyil.net +++ b/hosts.d/caeghi.tyil.net @@ -3,7 +3,8 @@ bashtard.backup.fs.paths.1=/etc bashtard.backup.fs.paths.2=/home bashtard.backup.fs.paths.3=/var/lib/mumble-server bashtard.backup.repositories.1=rsync.net:{fqdn} -bashtard.ssh.host=10.57.20.2 meta.provider=hetzner -vpn-tinc.ipv4=10.57.20.2 -vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:0:1 +vpn-tinc.ipv4=10.57.1.3 +vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:1:1 +vpn-wireguard.ipv4=10.58.1.3 +vpn-wireguard.ipv6=fd68:1058:1992:3381:0:1:1:1 diff --git a/hosts.d/edephas.tyil.net b/hosts.d/edephas.tyil.net index 75197a4..f86f044 100644 --- a/hosts.d/edephas.tyil.net +++ b/hosts.d/edephas.tyil.net @@ -6,7 +6,6 @@ bashtard.backup.fs.paths.2=/home/tyil/.local/git bashtard.backup.fs.paths.3=/var/www/* bashtard.backup.repositories.edephas=/var/media/backups/{fqdn} bashtard.backup.repositories.rsync=rsync.net:{fqdn} -bashtard.ssh.host=10.57.100.7 meta.provider=self -vpn-tinc.ipv4=10.57.100.7 -vpn-tinc.ipv6=fd68:1057:1992:3381:0:3317:0:1 +vpn-tinc.ipv4=10.57.0.1 +vpn-tinc.ipv6=fd68:1057:1992:3381:0:0:3317:1 diff --git a/hosts.d/faiwoo.tyil.net b/hosts.d/faiwoo.tyil.net index 27a007f..1efb888 100644 --- a/hosts.d/faiwoo.tyil.net +++ b/hosts.d/faiwoo.tyil.net @@ -1,12 +1,12 @@ +k3s-node.internal-ip=fd68:1057:1992:3381:0:1:1:2,10.57.1.4 bashtard.backup.borg.remote_paths.1=borg1 bashtard.backup.fs.paths.1=/home bashtard.backup.fs.paths.2=/var/www bashtard.backup.fs.paths.3=/etc bashtard.backup.repositories.1=rsync.net:{fqdn} -bashtard.ssh.host=10.57.20.5 meta.provider=hetzner -vpn-tinc.ipv4=10.57.20.5 +vpn-tinc.ipv4=10.57.1.4 vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:1:2 vpn-wireguard.endpoint=2a01:4f9:c010:e20c::1 -vpn-wireguard.ipv4=10.58.1.2 +vpn-wireguard.ipv4=10.58.1.4 vpn-wireguard.ipv6=fd68:1058:1992:3381:0:1:1:2 diff --git a/hosts.d/gaeru.tyil.net b/hosts.d/gaeru.tyil.net index e3fc506..bc01b3a 100644 --- a/hosts.d/gaeru.tyil.net +++ b/hosts.d/gaeru.tyil.net @@ -2,7 +2,9 @@ bashtard.backup.borg.remote_paths.1=borg1 bashtard.backup.fs.paths.1=/etc bashtard.backup.fs.paths.2=/home bashtard.backup.repositories.1=rsync.net:{fqdn} -bashtard.ssh.host=10.57.20.6 meta.provider=leaseweb -vpn-tinc.ipv4=10.57.20.6 -vpn-tinc.ipv6=fd68:1057:1992:3381:0:2:0:1 +vpn-tinc.ipv4=10.57.1.2 +vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:2:1 +vpn-wireguard.endpoint=37.48.120.26 +vpn-wireguard.ipv4=10.58.1.2 +vpn-wireguard.ipv6=fd68:1058:1992:3381:0:1:2:1 diff --git a/hosts.d/jaomox.tyil.net b/hosts.d/jaomox.tyil.net index 3aed991..f9c9af9 100644 --- a/hosts.d/jaomox.tyil.net +++ b/hosts.d/jaomox.tyil.net @@ -2,7 +2,6 @@ bashtard.backup.borg.remote_paths.1=borg1 bashtard.backup.fs.paths.1=/etc bashtard.backup.fs.paths.2=/home/tyil bashtard.backup.repositories.1=rsync.net:{fqdn} -bashtard.ssh.host=10.57.21.1 meta.provider=oneprovider nftables.input.rules.seaweedfs-filer.policy=accept nftables.input.rules.seaweedfs-filer.port=8888 @@ -22,8 +21,8 @@ seaweedfs-volume.ip&=vpn-wireguard.ipv6 seaweedfs-volume.dc&=meta.provider seaweedfs-volume.rack=amsterdam seaweedfs-volume.volumes.0.port=8080 -vpn-tinc.ipv4=10.57.21.1 +vpn-tinc.ipv4=10.57.3.2 vpn-tinc.ipv6=fd68:1057:1992:3381:0:3:3:1 vpn-wireguard.endpoint=163.172.218.246 -vpn-wireguard.ipv4=10.58.3.1 +vpn-wireguard.ipv4=10.58.3.2 vpn-wireguard.ipv6=fd68:1058:1992:3381:0:3:3:1 diff --git a/hosts.d/ludifah.tyil.net b/hosts.d/ludifah.tyil.net index 810bf8d..214404b 100644 --- a/hosts.d/ludifah.tyil.net +++ b/hosts.d/ludifah.tyil.net @@ -2,7 +2,6 @@ bashtard.backup.borg.remote_paths.1=borg1 bashtard.backup.fs.paths.1=/etc bashtard.backup.fs.paths.2=/home/tyil bashtard.backup.repositories.1=rsync.net:{fqdn} -bashtard.ssh.host=10.57.100.9 meta.provider=self -vpn-tinc.ipv4=10.57.100.9 -vpn-tinc.ipv6=fd68:1057:1992:3381:0:3317:0:4 +vpn-tinc.ipv4=10.57.0.2 +vpn-tinc.ipv6=fd68:1057:1992:3381:0:0:3317:2 diff --git a/hosts.d/mieshu.tyil.net b/hosts.d/mieshu.tyil.net index 701dc57..47b12ae 100644 --- a/hosts.d/mieshu.tyil.net +++ b/hosts.d/mieshu.tyil.net @@ -1,4 +1,3 @@ -bashtard.ssh.host=10.57.101.10 git.repodir=/mnt/pool/git git.repos.bashtard.description=Configuration Management System in Bash git.repos.bashtard/k3s-master.description=A Bashtard playbook to set up k3s on a single-node @@ -9,28 +8,39 @@ git.repos.dotfiles.description=My user-level configuration files, use with cauti git.repos.helm/invidious.description=Helm chart to deploy Invidious git.repos.helm/nitter.description=Helm chart to deploy Nitter git.repos.kubernetes/nfs-operator.description=An operator for Kubernetes to provision NFS mounts for PVC resources -git.repos.raku/config.description=Extensible library for reading and writing configuration files in the Raku programming language git.repos.raku/config-parser-toml.description=TOML parser for Config git.repos.raku/config-parser-yaml.description=YAML parser for Config -git.repos.rakudo-star.description=User-friendly distribution of the Raku programming language +git.repos.raku/config.description=Extensible library for reading and writing configuration files in the Raku programming language git.repos.raku/hash-merge.description=Raku module for deep merging of Hashes git.repos.raku/io-path-xdg.description=Convenience functions for working with the XDG Base Directory Specification in the Raku programming language git.repos.raku/irc-client.description=Sources for the IRC::Client module for the Raku programming language git.repos.raku/irc-grammar.description=Grammar to parse IRC messages git.repos.raku/log-colored.description=A Log implementation with colored output -git.repos.raku/log.description=An interface for logging mechanisms in the Raku programming language git.repos.raku/log-json.description=A Log implementation with JSON formatted output git.repos.raku/log-simple.description=A simple implementation of the Log library for the Raku programming language +git.repos.raku/log.description=An interface for logging mechanisms in the Raku programming language git.repos.raku/string-fold.description=Fold strings to a certain length git.repos.raku/url.description=A Raku library to handle URLs +git.repos.rakudo-star.description=User-friendly distribution of the Raku programming language git.repos.tyilnet.description=Configuration for machines in my personal network git.repos.vim/camelcasemotion.description=A plugin for vim to make motions stop at camelCase or snake_case boundaries k3s-node.role=server meta.provider=self nfs-server.exports./mnt/exports/invidious.fsid=97d3493c-1397-479f-bb8a-5c71833b9e17 +nfs-server.exports./mnt/exports/lldap.fsid=ee8ee25b-6f14-47f0-81b1-f6fe03a9761f nfs-server.exports./mnt/exports/prometheus.fsid=052f42b5-33c0-40b9-aa69-d05dc03a9fa1 -vpn-tinc.ipv4=10.57.101.10 -vpn-tinc.ipv6=fd68:1057:1992:3381:0:3317:3:1 +seaweedfs-volume.dc=schokkerstraat +seaweedfs-volume.rack=main +seaweedfs-volume.volumes.tyilstore0.port.grpc=17080 +seaweedfs-volume.volumes.tyilstore0.port.http=5080 +seaweedfs-volume.volumes.tyilstore1.port.grpc=17081 +seaweedfs-volume.volumes.tyilstore1.port.http=5081 +seaweedfs-volume.volumes.tyilstore2.port.grpc=17082 +seaweedfs-volume.volumes.tyilstore2.port.http=5082 +seaweedfs-volume.volumes.tyilstore3.port.grpc=17083 +seaweedfs-volume.volumes.tyilstore3.port.http=5083 +vpn-tinc.ipv4=10.57.3.1 +vpn-tinc.ipv6=fd68:1057:1992:3381:0:3:3317:1 vpn-wireguard.endpoint=2a10:3781:2453:1:7aaf:8ff:fe7a:9ba8 -vpn-wireguard.ipv4=10.58.3.2 -vpn-wireguard.ipv6=fd68:1058:1992:3381:0:3:3317:2 +vpn-wireguard.ipv4=10.58.3.1 +vpn-wireguard.ipv6=fd68:1058:1992:3381:0:3:3317:1 diff --git a/hosts.d/nouki.tyil.net b/hosts.d/nouki.tyil.net index 0f59739..cefffc2 100644 --- a/hosts.d/nouki.tyil.net +++ b/hosts.d/nouki.tyil.net @@ -1,8 +1,7 @@ -bashtard.ssh.host=10.57.101.20 k3s-node.role=server meta.provider=self -vpn-tinc.ipv4=10.57.101.20 -vpn-tinc.ipv6=fd68:1057:1992:3381:0:3317:2:1 +vpn-tinc.ipv4=10.57.2.1 +vpn-tinc.ipv6=fd68:1057:1992:3381:0:2:3317:1 vpn-wireguard.endpoint=2a10:3781:2453:1:c8cb:d1a:bc0:dc38 vpn-wireguard.ipv4=10.58.2.1 -vpn-wireguard.ipv6=fd68:1057:1992:3381:0:2:3317:1 +vpn-wireguard.ipv6=fd68:1058:1992:3381:0:2:3317:1 diff --git a/hosts.d/oolah.tyil.net b/hosts.d/oolah.tyil.net index d9800bf..174cb84 100644 --- a/hosts.d/oolah.tyil.net +++ b/hosts.d/oolah.tyil.net @@ -1,7 +1,7 @@ -bashtard.ssh.host=10.57.101.1 -k3s-master.manifest-prefix=tyilnet -k3s-node.role=server -k3s-node.entry.host=10.57.101.20 +k3s-node.internal-ip=fd68:1057:1992:3381:0:1:3317:1,10.57.1.1 meta.provider=self -vpn-tinc.ipv4=10.57.101.1 -vpn-tinc.ipv6=fd68:1057:1992:3381:0:3317:1:1 +vpn-tinc.ipv4=10.57.1.1 +vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:3317:1 +vpn-wireguard.endpoint=2a10:3781:2453:1:7aaf:8ff:fe7a:9ba8 +vpn-wireguard.ipv4=10.58.1.1 +vpn-wireguard.ipv6=fd68:1058:1992:3381:0:1:3317:1 diff --git a/hosts.d/plarabe.tyil.net b/hosts.d/plarabe.tyil.net index 8a8ef11..4163491 100644 --- a/hosts.d/plarabe.tyil.net +++ b/hosts.d/plarabe.tyil.net @@ -1,4 +1,3 @@ -bashtard.ssh.host=10.57.100.10 meta.provider=self -vpn-tinc.ipv4=10.57.100.10 -vpn-tinc.ipv6=fd68:1057:1992:3381:0:3317:0:3 +vpn-tinc.ipv4=10.57.0.3 +vpn-tinc.ipv6=fd68:1057:1992:3381:0:0:3317:3 diff --git a/hosts.d/qohrei.tyil.net b/hosts.d/qohrei.tyil.net index 536b51f..f206068 100644 --- a/hosts.d/qohrei.tyil.net +++ b/hosts.d/qohrei.tyil.net @@ -1,4 +1,4 @@ -k8s-master.flags.apiserver-advertise-address&=vpn-wireguard.ipv6 +k3s-node.internal-ip=fd68:1058:1992:3381:0:1:1:1,10.58.1.1 meta.provider=hetzner nftables.input.interfaces.cilium*.policy=accept nftables.input.interfaces.lxc*.policy=accept @@ -11,8 +11,8 @@ nftables.input.rules.kubeapi.proto=tcp nftables.input.rules.kubelet.policy=accept nftables.input.rules.kubelet.port=10250 nftables.input.rules.kubelet.proto=tcp -vpn-tinc.ipv4=10.57.250.250 -vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:1:1 +vpn-tinc.ipv4=10.57.1.6 +vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:1:3 vpn-wireguard.endpoint=2a01:4f9:c012:6273::1 -vpn-wireguard.ipv4=10.58.1.1 -vpn-wireguard.ipv6=fd68:1058:1992:3381:0:1:1:1 +vpn-wireguard.ipv4=10.58.1.6 +vpn-wireguard.ipv6=fd68:1058:1992:3381:0:1:1:3 diff --git a/hosts.d/ricui.tyil.net b/hosts.d/ricui.tyil.net index 3100c45..9c4c8b5 100644 --- a/hosts.d/ricui.tyil.net +++ b/hosts.d/ricui.tyil.net @@ -1,11 +1,12 @@ +k3s-node.internal-ip=fd68:1057:1992:3381:0:1:1:4,10.57.1.7 meta.provider=hetzner nftables.input.interfaces.cilium*.policy=accept nftables.input.interfaces.lxc*.policy=accept nftables.input.rules.kubelet.policy=accept nftables.input.rules.kubelet.port=10250 nftables.input.rules.kubelet.proto=tcp -vpn-tinc.ipv4=10.57.20.7 -vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:1:3 +vpn-tinc.ipv4=10.57.1.7 +vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:1:4 vpn-wireguard.endpoint=2a01:4f8:1c1b:67d7::1 -vpn-wireguard.ipv4=10.58.1.3 -vpn-wireguard.ipv6=fd68:1058:1992:3381:0:1:1:3 +vpn-wireguard.ipv4=10.58.1.7 +vpn-wireguard.ipv6=fd68:1058:1992:3381:0:1:1:4 diff --git a/playbooks.d/git-server/share/pubkeys.d/tyil@plarabe-ed25519.pub b/playbooks.d/git-server/share/pubkeys.d/tyil@plarabe-ed25519.pub new file mode 100644 index 0000000..25a5449 --- /dev/null +++ b/playbooks.d/git-server/share/pubkeys.d/tyil@plarabe-ed25519.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ7XKD3KxXTe5GlM4w4xdap3VAPvYCi4EowD88ymInFR tyil@plarabe diff --git a/playbooks.d/k3s-master b/playbooks.d/k3s-master deleted file mode 160000 -Subproject 27d48e4dec3e2eee30d6000f16dc7eb8f67b85e diff --git a/playbooks.d/k3s-master/description.txt b/playbooks.d/k3s-master/description.txt new file mode 100644 index 0000000..bf1fbab --- /dev/null +++ b/playbooks.d/k3s-master/description.txt @@ -0,0 +1 @@ +Playbook for a k3s node diff --git a/playbooks.d/k3s-master/etc/defaults b/playbooks.d/k3s-master/etc/defaults new file mode 100644 index 0000000..3cbca90 --- /dev/null +++ b/playbooks.d/k3s-master/etc/defaults @@ -0,0 +1,4 @@ +pkg.curl=curl +pkg.kubectl=kubectl +pkg.nfs-common=nfs-common +pkg.open-iscsi=open-iscsi diff --git a/playbooks.d/k3s-master/etc/os.d/linux-gentoo b/playbooks.d/k3s-master/etc/os.d/linux-gentoo new file mode 100644 index 0000000..5e7bc08 --- /dev/null +++ b/playbooks.d/k3s-master/etc/os.d/linux-gentoo @@ -0,0 +1,2 @@ +pkg.nfs-common=net-fs/nfs-utils +pkg.open-iscsi=sys-block/open-iscsi diff --git a/playbooks.d/k3s-master/playbook.bash b/playbooks.d/k3s-master/playbook.bash new file mode 100644 index 0000000..270e0cb --- /dev/null +++ b/playbooks.d/k3s-master/playbook.bash @@ -0,0 +1,65 @@ +#!/usr/bin/env bash + +playbook_add() { + pkg install curl + + info "$BASHTARD_PLAYBOOK/add" "Writing config.yaml for k3s" + mkdir -pv -- /etc/rancher/k3s + { + cat <<-EOF + node-name: "${BASHTARD_PLATFORM[fqdn]}" + node-ip: "$(config "$BASHTARD_PLAYBOOK.internal-ip" "127.0.0.1")" + bind-address: "$(config "$BASHTARD_PLAYBOOK.bind-address" "0.0.0.0")" + cluster-cidr: "$(config "$BASHTARD_PLAYBOOK.cluster-cidr" "172.19.0.0/16")" + service-cidr: "$(config "$BASHTARD_PLAYBOOK.service-cidr" "172.20.0.0/16")" + cluster-domain: "$(config "$BASHTARD_PLAYBOOK.cluster-domain" "cluster.local")" + service-node-port-range: "$(config "$BASHTARD_PLAYBOOK.service-node-port-min" "30000")-$(config "$BASHTARD_PLAYBOOK.service-node-port-max" "32767")" + flannel-ipv6-masq: true + disable: + - traefik + EOF + + if [[ -n "$(config_subkeys "$BASHTARD_PLAYBOOK.flannel.interfaces")" ]] + then + printf "flannel-iface:\n" + + while read -r iface + do + printf -- "- %s\n" "$(config "$BASHTARD_PLAYBOOK.flannel.interfaces.$iface")" + done < <( config_subkeys "$BASHTARD_PLAYBOOK.flannel.interfaces" ) + fi + + if [[ -n "$(config "$BASHTARD_PLAYBOOK.external-ip" "")" ]] + then + printf "%s: \"%s\"\n" "node-external-ip" "$(config "$BASHTARD_PLAYBOOK.external-ip" "")" + fi + } > "$(config "fs.etcdir")/rancher/k3s/config.yaml" + + info "$BASHTARD_PLAYBOOK/add" "Installing k3s" + curl -sfL https://get.k3s.io | sh -s - server --cluster-init # I hate this + + notice "$BASHTARD_PLAYBOOK/add" "Creating data directories" + mkdir -pv -- "$(playbook_path "data")/manifests.d" + + notice "$BASHTARD_PLAYBOOK/add" "Waiting for node to become available" + { grep -q -m 1 "${BASHTARD_PLATFORM[fqdn]}[[:space:]]\+Ready"; kill $!; } < <(k3s kubectl get node -w) + + playbook_sync +} + +playbook_sync() { + local data + local kubeconfig + local manifest_prefix + local values + + data="$(playbook_path "data")" + kubeconfig="$(config "fs.etcdir")/rancher/k3s/k3s.yaml" + + notice "$BASHTARD_PLAYBOOK/sync" "Applying manifests.d" + kubectl --kubeconfig "$kubeconfig" apply --recursive --filename "$data/manifests.d" || true +} + +playbook_del() { + /usr/local/bin/k3s-uninstall.sh +} diff --git a/playbooks.d/k3s-node/playbook.bash b/playbooks.d/k3s-node/playbook.bash index f2ae8d6..bc041df 100644 --- a/playbooks.d/k3s-node/playbook.bash +++ b/playbooks.d/k3s-node/playbook.bash @@ -1,35 +1,81 @@ #!/usr/bin/env bash BASHTARD_PLAYBOOK_VARS[$BASHTARD_PLAYBOOK.entry.host]="required" -BASHTARD_PLAYBOOK_VARS[$BASHTARD_PLAYBOOK.entry.token]="required" +BASHTARD_PLAYBOOK_VARS[$BASHTARD_PLAYBOOK.internal-ip]="required" playbook_add() { - pkg install curl nfs-common open-iscsi + local host + local role + local token - info "$BASHTARD_PLAYBOOK" "Writing config.yaml for k3s" - mkdir -pv -- /etc/rancher/k3s - cat <<-EOF > /etc/rancher/k3s/config.yaml - node-ip: "$(config "$BASHTARD_PLAYBOOK.node-ip" "$(config "bashtard.ssh.host")")" - node-name: "${BASHTARD_PLATFORM[fqdn]}" - server: "https://$(config "$BASHTARD_PLAYBOOK.entry.host"):$(config "$BASHTARD_PLAYBOOK.entry.port" "6443")" - token: "$(config "$BASHTARD_PLAYBOOK.entry.token")" - EOF - - if [[ "$(config "$BASHTARD_PLAYBOOK.role")" == "server" ]] + host="$(config "$BASHTARD_PLAYBOOK.entry.host")" + role="$(config "$BASHTARD_PLAYBOOK.role" "agent")" + token="$(config "$BASHTARD_PLAYBOOK.entry.token" "")" + + pkg install curl + + # If token is not supplied manually, attempt to fetch it from the entry + # host over ssh + if [[ -z "$token" ]] then - cat <<-EOF >> /etc/rancher/k3s/config.yaml - cluster-cidr: "$(config "$BASHTARD_PLAYBOOK.cluster-cidr" "172.19.0.0/16")" - cluster-domain: "$(config "$BASHTARD_PLAYBOOK.cluster-domain" "cluster.local")" - service-cidr: "$(config "$BASHTARD_PLAYBOOK.service-cidr" "172.20.0.0/16")" - service-node-port-range: "$(config "$BASHTARD_PLAYBOOK.service-node-port-min" "30000")-$(config "$BASHTARD_PLAYBOOK.service-node-port-max" "32767")" - EOF + # Dealing with an IPv6 address, strip away the brackets + if [[ "${host:0:1}" == "[" && "${host: -1}" == "]" ]] + then + host="${host:1:-1}" + fi + + info "$BASHTARD_PLAYBOOK/add" "Attempting to fetch token from $host" + token="$(ssh "$host" -- cat /var/lib/rancher/k3s/server/token)" + fi + + if [[ -z "$token" ]] + then + emerg "$BASHTARD_PLAYBOOK/add" "No entry token found, set one with bashtard var -s $BASHTARD_PLAYBOOK.entry.token <value>" + return 1 fi - info "$BASHTARD_PLAYBOOK" "Installing k3s" - curl -sfL https://get.k3s.io | sh -s - "$(config "$BASHTARD_PLAYBOOK.role" "agent")" + info "$BASHTARD_PLAYBOOK/add" "Writing config.yaml for k3s" + mkdir -pv -- /etc/rancher/k3s + { + cat <<-EOF + node-name: "${BASHTARD_PLATFORM[fqdn]}" + node-ip: "$(config "$BASHTARD_PLAYBOOK.internal-ip" "127.0.0.1")" + server: "https://$(config "$BASHTARD_PLAYBOOK.entry.host"):$(config "$BASHTARD_PLAYBOOK.entry.port" "6443")" + token: "$token" + EOF + + if [[ -n "$(config_subkeys "$BASHTARD_PLAYBOOK.flannel.interfaces")" ]] + then + printf "flannel-iface:\n" + + while read -r iface + do + printf -- "- \"%s\"\n" "$(config "$BASHTARD_PLAYBOOK.flannel.interfaces.$iface")" + done < <( config_subkeys "$BASHTARD_PLAYBOOK.flannel.interfaces" ) + fi - notice "$BASHTARD_PLAYBOOK" "Waiting for node to become available" - { grep -q -m 1 "${BASHTARD_PLATFORM[fqdn]}[[:space:]]\+Ready"; kill $!; } < <(k3s kubectl get node -w) + if [[ -n "$(config "$BASHTARD_PLAYBOOK.external-ip" "")" ]] + then + printf "%s: \"%s\"\n" "node-external-ip" "$(config "$BASHTARD_PLAYBOOK.external-ip" "")" + fi + + if [[ "$role" == "server" ]] + then + info "$BASHTARD_PLAYBOOK/add" "Node is a server, adding master configuration" + cat <<-EOF >> /etc/rancher/k3s/config.yaml + cluster-cidr: "$(config "$BASHTARD_PLAYBOOK.cluster-cidr" "172.19.0.0/16")" + cluster-domain: "$(config "$BASHTARD_PLAYBOOK.cluster-domain" "cluster.local")" + service-cidr: "$(config "$BASHTARD_PLAYBOOK.service-cidr" "172.20.0.0/16")" + service-node-port-range: "$(config "$BASHTARD_PLAYBOOK.service-node-port-min" "30000")-$(config "$BASHTARD_PLAYBOOK.service-node-port-max" "32767")" + flannel-ipv6-masq: true + disable: + - traefik + EOF + fi + } > "$(config "fs.etcdir")/rancher/k3s/config.yaml" + + info "$BASHTARD_PLAYBOOK/add" "Installing k3s" + curl -sfL https://get.k3s.io | sh -s - "$role" } playbook_sync() { @@ -37,5 +83,16 @@ playbook_sync() { } playbook_del() { - /usr/local/bin/k3s-uninstall.sh + local role + + role="$(config "$BASHTARD_PLAYBOOK.role" "agent")" + + case "$role" in + server) + /usr/local/bin/k3s-uninstall.sh + ;; + agent) + /usr/local/bin/k3s-agent-uninstall.sh + ;; + esac } diff --git a/playbooks.d/k8s-master/description.txt b/playbooks.d/k8s-master/description.txt deleted file mode 100644 index 60693ef..0000000 --- a/playbooks.d/k8s-master/description.txt +++ /dev/null @@ -1 +0,0 @@ -Playbook for a Kubernetes master node diff --git a/playbooks.d/k8s-master/etc/defaults b/playbooks.d/k8s-master/etc/defaults deleted file mode 100644 index 9506887..0000000 --- a/playbooks.d/k8s-master/etc/defaults +++ /dev/null @@ -1,4 +0,0 @@ -pkg.containerd=containerd -pkg.kubeadm=kubeadm -pkg.kubectl=kubectl -pkg.kubelet=kubelet diff --git a/playbooks.d/k8s-master/playbook.bash b/playbooks.d/k8s-master/playbook.bash deleted file mode 100644 index f423c00..0000000 --- a/playbooks.d/k8s-master/playbook.bash +++ /dev/null @@ -1,115 +0,0 @@ -#!/usr/bin/env bash - -playbook_add() { - local version - - version="1.29" - - case "${BASHTARD_PLATFORM[key]}" in - linux-debian_gnu_linux) - # Fetch the apt key - info "$BASHTARD_PLAYBOOK" "Adding apt repository" - mkdir -pv -m 755 -- /etc/apt/keyrings - curl -fsSL "https://pkgs.k8s.io/core:/stable:/v$version/deb/Release.key" \ - | gpg --dearmor \ - > /etc/apt/keyrings/kubernetes-apt-keyring.gpg - printf "deb [signed-by=%s] %s /\n" \ - "/etc/apt/keyrings/kubernetes-apt-keyring.gpg" \ - "https://pkgs.k8s.io/core:/stable:/v$version/deb/" \ - > /etc/apt/sources.list.d/kubernetes.list - apt update - ;; - esac - - pkg install containerd - pkg install kubeadm - pkg install kubectl - pkg install kubelet - - info "$BASHTARD_PLAYBOOK" "Enabling forwarding" - cat <<-EOF > "$(config "fs.etcdir")/sysctl.d/kubernetes.conf" - net.bridge.bridge-nf-call-iptables = 1 - net.bridge.bridge-nf-call-ip6tables = 1 - net.ipv4.ip_forward = 1 - net.ipv6.conf.all.forwarding = 1 - EOF - - sysctl --system - - info "$BASHTARD_PLAYBOOK" "Enabling kernel modules" - cat <<-EOF > "$(config "fs.etcdir")/modules-load.d/kubernetes.conf" - br_netfilter - overlay - EOF - - modprobe overlay - modprobe br_netfilter - - notice "$BASHTARD_PLAYBOOK" "Creating data directories" - mkdir -pv -- "$(playbook_path "data")/manifests.d" - - if [[ "$(config "$BASHTARD_PLAYBOOK.flags.apiserver-advertise-address" "")" != "" ]] - then - notice "$BASHTARD_PLAYBOOK" "Setting node ip in $(config "fs.etcdir")/default/kubelet" - cat <<-EOF > "$(config "fs.etcdir")/default/kubelet" - KUBELET_EXTRA_ARGS="--node-ip=$(config "$BASHTARD_PLAYBOOK.flags.apiserver-advertise-address")" - EOF - fi - - notice "$BASHTARD_PLAYBOOK" "Initialize kubeadm" - kubeadm init \ - --apiserver-advertise-address="$(config "$BASHTARD_PLAYBOOK.flags.apiserver-advertise-address" "127.0.0.1")" \ - --apiserver-bind-port="$(config "$BASHTARD_PLAYBOOK.flags.apiserver-bind-port" "6443")" \ - --control-plane-endpoint="$(config "$BASHTARD_PLAYBOOK.flags.control-plane-endpoint" "localhost")" \ - --node-name="${BASHTARD_PLATFORM[fqdn]}" \ - --service-cidr="$(config "$BASHTARD_PLAYBOOK.flags.service-cidr" "10.96.0.0/12")" \ - --service-dns-domain="$(config "$BASHTARD_PLAYBOOK.flags.service-dns-domain" "cluster.local")" \ - --pod-network-cidr="$(config "$BASHTARD_PLAYBOOK.flags.pod-network-cidr" "10.0.0.0/12")" \ - || return 1 - - playbook_sync - - return 0 -} - -playbook_sync() { - local data - local kubeconfig - local manifest_prefix - local values - - data="$(playbook_path "data")" - kubeconfig="$(config "fs.etcdir")/kubernetes/admin.conf" - manifest_prefix="$(config "$BASHTARD_PLAYBOOK.manifest-prefix" "")" - - notice "$BASHTARD_PLAYBOOK/manifests" "Applying manifests.d" - kubectl --kubeconfig "$kubeconfig" apply --recursive --filename "$data/manifests.d/$manifest_prefix" -} - -playbook_del() { - kubeadm reset --force - iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X - ipvsadm -C - rm -fr -- \ - "$(config "fs.etcdir")/modules-load.d/kubernetes.conf" \ - "$(config "fs.etcdir")/sysctl.d/kubernetes.conf" \ - "$(config "fs.etcdir")/cni/net.d" \ - "$(config "fs.etcdir")/kubernetes" \ - "/var/lib/etcd" \ - "/var/lib/cni" - - pkg uninstall kubectl - pkg uninstall kubeadm - pkg uninstall kubelet - pkg uninstall containerd - - case "${BASHTARD_PLATFORM[key]}" in - linux-debian_gnu_linux) - # Fetch the apt key - info "$BASHTARD_PLAYBOOK" "Removing apt repository" - rm -fr -- \ - /etc/apt/keyrings/kubernetes-apt-keyring.gpg \ - /etc/apt/sources.list.d/kubernetes.list - ;; - esac -} diff --git a/playbooks.d/k8s-node/description.txt b/playbooks.d/k8s-node/description.txt deleted file mode 100644 index 60693ef..0000000 --- a/playbooks.d/k8s-node/description.txt +++ /dev/null @@ -1 +0,0 @@ -Playbook for a Kubernetes master node diff --git a/playbooks.d/k8s-node/etc/defaults b/playbooks.d/k8s-node/etc/defaults deleted file mode 100644 index 9506887..0000000 --- a/playbooks.d/k8s-node/etc/defaults +++ /dev/null @@ -1,4 +0,0 @@ -pkg.containerd=containerd -pkg.kubeadm=kubeadm -pkg.kubectl=kubectl -pkg.kubelet=kubelet diff --git a/playbooks.d/k8s-node/playbook.bash b/playbooks.d/k8s-node/playbook.bash deleted file mode 100644 index fbf49e9..0000000 --- a/playbooks.d/k8s-node/playbook.bash +++ /dev/null @@ -1,103 +0,0 @@ -#!/usr/bin/env bash - -BASHTARD_PLAYBOOK_VARS[$BASHTARD_PLAYBOOK.cert-hash]="required" -BASHTARD_PLAYBOOK_VARS[$BASHTARD_PLAYBOOK.master.address]="required" -BASHTARD_PLAYBOOK_VARS[$BASHTARD_PLAYBOOK.token]="required" - -playbook_add() { - local version - - version="1.29" - - case "${BASHTARD_PLATFORM[key]}" in - linux-debian_gnu_linux) - # Fetch the apt key - info "$BASHTARD_PLAYBOOK" "Adding apt repository" - mkdir -pv -m 755 -- /etc/apt/keyrings - curl -fsSL "https://pkgs.k8s.io/core:/stable:/v$version/deb/Release.key" \ - | gpg --dearmor \ - > /etc/apt/keyrings/kubernetes-apt-keyring.gpg - printf "deb [signed-by=%s] %s /\n" \ - "/etc/apt/keyrings/kubernetes-apt-keyring.gpg" \ - "https://pkgs.k8s.io/core:/stable:/v$version/deb/" \ - > /etc/apt/sources.list.d/kubernetes.list - apt update - ;; - esac - - pkg install containerd - pkg install kubeadm - pkg install kubectl - pkg install kubelet - - info "$BASHTARD_PLAYBOOK" "Enabling forwarding" - cat <<-EOF > "$(config "fs.etcdir")/sysctl.d/kubernetes.conf" - net.bridge.bridge-nf-call-iptables = 1 - net.bridge.bridge-nf-call-ip6tables = 1 - net.ipv4.ip_forward = 1 - net.ipv6.conf.all.forwarding = 1 - EOF - - sysctl --system - - info "$BASHTARD_PLAYBOOK" "Enabling kernel modules" - cat <<-EOF > "$(config "fs.etcdir")/modules-load.d/kubernetes.conf" - br_netfilter - overlay - EOF - - modprobe overlay - modprobe br_netfilter - - if [[ "$(config "$BASHTARD_PLAYBOOK.node-ip" "")" != "" ]] - then - notice "$BASHTARD_PLAYBOOK" "Setting node ip in $(config "fs.etcdir")/default/kubelet" - cat <<-EOF > "$(config "fs.etcdir")/default/kubelet" - KUBELET_EXTRA_ARGS="--node-ip=$(config "$BASHTARD_PLAYBOOK.node-ip")" - EOF - fi - - notice "$BASHTARD_PLAYBOOK" "Initialize kubeadm" - kubeadm join \ - --discovery-token-ca-cert-hash "$(config "$BASHTARD_PLAYBOOK.cert-hash")" \ - --node-name="${BASHTARD_PLATFORM[fqdn]}" \ - --token "$(config "$BASHTARD_PLAYBOOK.token")" \ - "$(config "$BASHTARD_PLAYBOOK.master.address"):$(config "$BASHTARD_PLAYBOOK.master.port" "6443")" -} - -playbook_sync() { - :; -} - -playbook_del() { - kubectl drain "${BASHTARD_PLATFORM[fqdn]}" \ - --delete-emptydir-data \ - --force \ - --ignore-daemonsets - - kubeadm reset --force - iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X - ipvsadm -C - rm -fr -- \ - "$(config "fs.etcdir")/modules-load.d/kubernetes.conf" \ - "$(config "fs.etcdir")/sysctl.d/kubernetes.conf" \ - "$(config "fs.etcdir")/cni/net.d" \ - "$(config "fs.etcdir")/kubernetes" \ - "/var/lib/etcd" \ - "/var/lib/cni" - - pkg uninstall kubectl - pkg uninstall kubeadm - pkg uninstall kubelet - pkg uninstall containerd - - case "${BASHTARD_PLATFORM[key]}" in - linux-debian_gnu_linux) - # Fetch the apt key - info "$BASHTARD_PLAYBOOK" "Removing apt repository" - rm -fr -- \ - /etc/apt/keyrings/kubernetes-apt-keyring.gpg \ - /etc/apt/sources.list.d/kubernetes.list - ;; - esac -} diff --git a/playbooks.d/seaweedfs-volume/playbook.bash b/playbooks.d/seaweedfs-volume/playbook.bash index 8485ba0..875a2cd 100644 --- a/playbooks.d/seaweedfs-volume/playbook.bash +++ b/playbooks.d/seaweedfs-volume/playbook.bash @@ -69,13 +69,14 @@ playbook_sync() { file_template "volume.conf" \ dc="$(config "$BASHTARD_PLAYBOOK.dc")" \ dir="/var/lib/seaweedfs/volume/$volume" \ - disk="$(config "$BASHTARD_PLAYBOOK.volume.$volume.disk" "hdd")" \ - max="$(config "$BASHTARD_PLAYBOOK.volume.$volume.max" "0")" \ - free_space="$(config "$BASHTARD_PLAYBOOK.free-space" "10GiB")" \ + disk="$(config "$BASHTARD_PLAYBOOK.volumes.$volume.disk" "hdd")" \ filesize_limit="$(config "$BASHTARD_PLAYBOOK.filesize-limit" "256")" \ + free_space="$(config "$BASHTARD_PLAYBOOK.free-space" "10GiB")" \ ip="$(config "$BASHTARD_PLAYBOOK.ip")" \ + max="$(config "$BASHTARD_PLAYBOOK.volumes.$volume.max" "0")" \ mserver="$(join_args "${peers[@]}")" \ - port="$(config "$BASHTARD_PLAYBOOK.volume.$volume.port" "8080")" \ + port_grpc="$(config "$BASHTARD_PLAYBOOK.volumes.$volume.port.grpc" "17080")" \ + port_http="$(config "$BASHTARD_PLAYBOOK.volumes.$volume.port.http" "8080")" \ rack="$(config "$BASHTARD_PLAYBOOK.rack")" \ > "$buffer" diff --git a/playbooks.d/seaweedfs-volume/share/volume.conf b/playbooks.d/seaweedfs-volume/share/volume.conf index d659faa..e9310cb 100644 --- a/playbooks.d/seaweedfs-volume/share/volume.conf +++ b/playbooks.d/seaweedfs-volume/share/volume.conf @@ -1,5 +1,6 @@ ip=[${ip}] -port=${port} +port=${port_http} +port.grpc=${port_grpc} mserver=${mserver} dataCenter=${dc} diff --git a/playbooks.d/seaweedfs/playbook.bash b/playbooks.d/seaweedfs/playbook.bash index 7405cb5..e6c0c4c 100644 --- a/playbooks.d/seaweedfs/playbook.bash +++ b/playbooks.d/seaweedfs/playbook.bash @@ -9,7 +9,7 @@ playbook_add() { # Install seaweedfs case "${BASHTARD_PLATFORM[arch]}" in x86_64) dl_arch=amd64 ;; - *) die "NYI" ;; + aarch64) dl_arch=arm64 ;; esac dl_baseurl="https://github.com/seaweedfs/seaweedfs/releases/download" @@ -34,7 +34,8 @@ playbook_add() { } playbook_sync() { - :; + file_template "seaweedfs-mount@.service"\ + > "/etc/systemd/system/seaweedfs-mount@.service" } playbook_del() { diff --git a/playbooks.d/seaweedfs/share/master.conf b/playbooks.d/seaweedfs/share/master.conf deleted file mode 100644 index fb72a28..0000000 --- a/playbooks.d/seaweedfs/share/master.conf +++ /dev/null @@ -1,8 +0,0 @@ -ip=${ip} -port=${port} - -peers=${peers} -mdir=${mdir} - -defaultReplication=${replication} -volumeSizeLimitMB=${volume_size} diff --git a/playbooks.d/seaweedfs/share/seaweedfs-mount@.service b/playbooks.d/seaweedfs/share/seaweedfs-mount@.service new file mode 100644 index 0000000..438dc90 --- /dev/null +++ b/playbooks.d/seaweedfs/share/seaweedfs-mount@.service @@ -0,0 +1,15 @@ +[Unit] +Description=SeaweedFS Mount %i +After=network.target + +[Service] +Type=simple +User=root +Group=root + +ExecStart=/usr/bin/weed mount -options="/etc/seaweedfs/mount-%i.conf" +ExecStopPost=sh -c "/bin/umount $(awk -F= '/^dir=/ { print $NF }' < /etc/seaweedfs/mount-%i.conf)" +SyslogIdentifier=seaweedfs-mount-%i + +[Install] +WantedBy=multi-user.target diff --git a/playbooks.d/seaweedfs/share/server.conf b/playbooks.d/seaweedfs/share/server.conf deleted file mode 100644 index 12be6fa..0000000 --- a/playbooks.d/seaweedfs/share/server.conf +++ /dev/null @@ -1,14 +0,0 @@ -dir=${datadir} -ip=${ip} - -master=true -master.volumeSizeLimitMB=${volume_size} - -filer=true - -s3=true - -volume=true -volume.disk=hdd -volume.max=0 -volume.minFreeSpace=${reserved_space} diff --git a/playbooks.d/vpn-tinc/playbook.bash b/playbooks.d/vpn-tinc/playbook.bash index 6a6a957..485c6e6 100644 --- a/playbooks.d/vpn-tinc/playbook.bash +++ b/playbooks.d/vpn-tinc/playbook.bash @@ -17,15 +17,17 @@ playbook_add() local name local tinc local tincd + local port data="$(playbook_path "data")" - etc="$(config "fs.etcdir")/tinc/tyilnet" host="$(tr "." "_" <<< "${BASHTARD_PLATFORM[fqdn]}")" ipv4="$(config "$BASHTARD_PLAYBOOK.ipv4")" ipv6="$(config "$BASHTARD_PLAYBOOK.ipv6")" name="$(config "$BASHTARD_PLAYBOOK.name")" tinc="$(config "app.tinc")" tincd="$(config "app.tincd")" + port="$(config "$BASHTARD_PLAYBOOK.port" "655")" + etc="$(config "fs.etcdir")/tinc/$name" case "${BASHTARD_PLATFORM[key]}" in freebsd) iptool=ifconfig ;; @@ -41,10 +43,6 @@ playbook_add() "$etc" \ "$etc/hosts" - file_template tinc.conf \ - "name=$host" \ - > "$etc/tinc.conf" - file_template "tinc-up-$iptool" \ "ip4=$ipv4" \ "ip6=$ipv6" \ @@ -58,6 +56,7 @@ playbook_add() file_template "host" \ "ip4=$ipv4" \ "ip6=$ipv6" \ + "port=$port" \ > "$etc/hosts/$host" chmod +x \ @@ -139,6 +138,17 @@ playbook_sync() cp -v -- "$data/hosts/$file" "$etc/hosts/$file" done + info "$BASHTARD_PLAYBOOK/sync" "Reconfiguring peers" + { + printf "Name = %s\n\n" "$host" + + while read -r peer + do + printf "ConnectTo = %s\n" "$(config "$BASHTARD_PLAYBOOK.peers.$peer")" + done < <( config_subkeys "$BASHTARD_PLAYBOOK.peers" ) + } > "$etc/tinc.conf" + + [[ "$BASHTARD_COMMAND" == "add" ]] && return [[ "$hash" == "$(dir_hash "$etc/hosts")" ]] && return diff --git a/playbooks.d/vpn-tinc/share/host b/playbooks.d/vpn-tinc/share/host index 627aab6..fbcdd4a 100644 --- a/playbooks.d/vpn-tinc/share/host +++ b/playbooks.d/vpn-tinc/share/host @@ -1,3 +1,4 @@ +Port = ${port} + Subnet = ${ip4}/32 Subnet = ${ip6}/128 - diff --git a/registry.d/gaeru.tyil.net b/registry.d/gaeru.tyil.net index c3910de..983e06c 100644 --- a/registry.d/gaeru.tyil.net +++ b/registry.d/gaeru.tyil.net @@ -1,3 +1,4 @@ ssh user-tyil vpn-tinc +vpn-wireguard diff --git a/registry.d/mieshu.tyil.net b/registry.d/mieshu.tyil.net index b1f38d8..8afac1f 100644 --- a/registry.d/mieshu.tyil.net +++ b/registry.d/mieshu.tyil.net @@ -2,6 +2,9 @@ etc-portage git-server k3s-node nfs-server +seaweedfs +seaweedfs-filer +seaweedfs-volume ssh user-tyil vpn-tinc diff --git a/registry.d/oolah.tyil.net b/registry.d/oolah.tyil.net index 07624a3..0548b0a 100644 --- a/registry.d/oolah.tyil.net +++ b/registry.d/oolah.tyil.net @@ -1,3 +1,4 @@ +k3s-master proxy-privoxy ssh user-tyil diff --git a/registry.d/ricui.tyil.net b/registry.d/ricui.tyil.net index 6f38e85..d991b9a 100644 --- a/registry.d/ricui.tyil.net +++ b/registry.d/ricui.tyil.net @@ -1,3 +1,4 @@ +k3s-node nftables ssh vpn-tinc |