From 6dd457470be4dca67cc5cfd83c4a259f333eb1ba Mon Sep 17 00:00:00 2001
From: Patrick Spek
Date: Thu, 6 Apr 2023 17:15:41 +0200
Subject: Redo k3s-master once more
---
.gitmodules | 5 +--
data.d/k3s-hurzak/helm.d/certmanager.yaml | 1 -
data.d/k3s-hurzak/helm.d/redis.yaml | 3 --
.../certmanager/letsencrypt-production.yaml | 16 -------
.../certmanager/letsencrypt-staging.yaml | 17 -------
data.d/k3s-hurzak/manifests.d/namespaces.yaml | 18 --------
.../personal-services/keycloak/deployment.yaml | 52 ----------------------
.../personal-services/keycloak/ingress.yaml | 31 -------------
.../personal-services/keycloak/sealed-secret.yaml | 18 --------
.../personal-services/keycloak/service.yaml | 22 ---------
.../personal-services/uptime-kuma/deployment.yaml | 36 ---------------
.../personal-services/uptime-kuma/ingress.yaml | 45 -------------------
.../personal-services/uptime-kuma/service.yaml | 17 -------
.../public-services/invidious/deployment.yaml | 34 --------------
.../public-services/invidious/ingress.yaml | 31 -------------
.../public-services/invidious/sealed-secret.yaml | 21 ---------
.../public-services/invidious/service.yaml | 24 ----------
.../public-services/nitter/deployment.yaml | 39 ----------------
.../public-services/nitter/ingress.yaml | 31 -------------
.../public-services/nitter/sealed-secret.yaml | 21 ---------
.../public-services/nitter/service.yaml | 22 ---------
.../public-services/omgur/deployment.yaml | 31 -------------
.../manifests.d/public-services/omgur/ingress.yaml | 31 -------------
.../manifests.d/public-services/omgur/service.yaml | 22 ---------
.../public-services/searxng/deployment.yaml | 31 -------------
.../public-services/searxng/ingress.yaml | 26 -----------
.../public-services/searxng/service.yaml | 17 -------
.../public-services/teddit/deployment.yaml | 41 -----------------
.../public-services/teddit/ingress.yaml | 31 -------------
.../public-services/teddit/service.yaml | 22 ---------
data.d/k3s-jaomox/helm.d/minio.yaml | 18 --------
data.d/k3s-jaomox/manifests.d/namespaces.yaml | 6 ---
.../minio/persistent-volume-claim.yaml | 14 ------
.../personal-services/minio/persistent-volume.yaml | 15 -------
data.d/k3s-master/helm.d/certmanager.yaml | 1 +
data.d/k3s-master/helm.d/minio.yaml | 18 ++++++++
data.d/k3s-master/helm.d/redis.yaml | 3 ++
.../certmanager/letsencrypt-production.yaml | 16 +++++++
.../certmanager/letsencrypt-staging.yaml | 17 +++++++
.../k3s-master/manifests.d/hurzak/namespaces.yaml | 18 ++++++++
.../personal-services/keycloak/deployment.yaml | 52 ++++++++++++++++++++++
.../hurzak/personal-services/keycloak/ingress.yaml | 31 +++++++++++++
.../personal-services/keycloak/sealed-secret.yaml | 18 ++++++++
.../hurzak/personal-services/keycloak/service.yaml | 22 +++++++++
.../personal-services/uptime-kuma/deployment.yaml | 36 +++++++++++++++
.../personal-services/uptime-kuma/ingress.yaml | 45 +++++++++++++++++++
.../personal-services/uptime-kuma/service.yaml | 17 +++++++
.../public-services/invidious/deployment.yaml | 34 ++++++++++++++
.../hurzak/public-services/invidious/ingress.yaml | 31 +++++++++++++
.../public-services/invidious/sealed-secret.yaml | 21 +++++++++
.../hurzak/public-services/invidious/service.yaml | 24 ++++++++++
.../hurzak/public-services/nitter/deployment.yaml | 39 ++++++++++++++++
.../hurzak/public-services/nitter/ingress.yaml | 31 +++++++++++++
.../public-services/nitter/sealed-secret.yaml | 21 +++++++++
.../hurzak/public-services/nitter/service.yaml | 22 +++++++++
.../hurzak/public-services/omgur/deployment.yaml | 31 +++++++++++++
.../hurzak/public-services/omgur/ingress.yaml | 31 +++++++++++++
.../hurzak/public-services/omgur/service.yaml | 22 +++++++++
.../hurzak/public-services/searxng/deployment.yaml | 31 +++++++++++++
.../hurzak/public-services/searxng/ingress.yaml | 26 +++++++++++
.../hurzak/public-services/searxng/service.yaml | 17 +++++++
.../hurzak/public-services/teddit/deployment.yaml | 41 +++++++++++++++++
.../hurzak/public-services/teddit/ingress.yaml | 31 +++++++++++++
.../hurzak/public-services/teddit/service.yaml | 22 +++++++++
.../k3s-master/manifests.d/jaomox/namespaces.yaml | 12 +++++
.../minio/persistent-volume-claim.yaml | 14 ++++++
.../personal-services/minio/persistent-volume.yaml | 15 +++++++
defaults | 4 ++
hosts.d/hurzak.tyil.net | 31 ++++++-------
hosts.d/jaomox.tyil.net | 9 ++--
playbooks.d/k3s-hurzak | 1 -
playbooks.d/k3s-jaomox | 1 -
playbooks.d/k3s-master | 1 +
registry.d/hurzak.tyil.net | 2 +-
registry.d/jaomox.tyil.net | 1 +
75 files changed, 837 insertions(+), 832 deletions(-)
delete mode 100644 data.d/k3s-hurzak/helm.d/certmanager.yaml
delete mode 100644 data.d/k3s-hurzak/helm.d/redis.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/base-system/certmanager/letsencrypt-production.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/base-system/certmanager/letsencrypt-staging.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/namespaces.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/personal-services/keycloak/deployment.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/personal-services/keycloak/ingress.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/personal-services/keycloak/sealed-secret.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/personal-services/keycloak/service.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/deployment.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/ingress.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/service.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/invidious/deployment.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/invidious/ingress.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/invidious/sealed-secret.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/invidious/service.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/nitter/deployment.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/nitter/ingress.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/nitter/sealed-secret.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/nitter/service.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/omgur/deployment.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/omgur/ingress.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/omgur/service.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/searxng/deployment.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/searxng/ingress.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/searxng/service.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/teddit/deployment.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/teddit/ingress.yaml
delete mode 100644 data.d/k3s-hurzak/manifests.d/public-services/teddit/service.yaml
delete mode 100644 data.d/k3s-jaomox/helm.d/minio.yaml
delete mode 100644 data.d/k3s-jaomox/manifests.d/namespaces.yaml
delete mode 100644 data.d/k3s-jaomox/manifests.d/personal-services/minio/persistent-volume-claim.yaml
delete mode 100644 data.d/k3s-jaomox/manifests.d/personal-services/minio/persistent-volume.yaml
create mode 100644 data.d/k3s-master/helm.d/certmanager.yaml
create mode 100644 data.d/k3s-master/helm.d/minio.yaml
create mode 100644 data.d/k3s-master/helm.d/redis.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-production.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-staging.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/namespaces.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/deployment.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/ingress.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/service.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/invidious/deployment.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/invidious/ingress.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/invidious/sealed-secret.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/invidious/service.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/nitter/deployment.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/nitter/ingress.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/nitter/sealed-secret.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/nitter/service.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/omgur/deployment.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/omgur/ingress.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/omgur/service.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/searxng/deployment.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/searxng/ingress.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/searxng/service.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/teddit/deployment.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/teddit/ingress.yaml
create mode 100644 data.d/k3s-master/manifests.d/hurzak/public-services/teddit/service.yaml
create mode 100644 data.d/k3s-master/manifests.d/jaomox/namespaces.yaml
create mode 100644 data.d/k3s-master/manifests.d/jaomox/personal-services/minio/persistent-volume-claim.yaml
create mode 100644 data.d/k3s-master/manifests.d/jaomox/personal-services/minio/persistent-volume.yaml
delete mode 160000 playbooks.d/k3s-hurzak
delete mode 160000 playbooks.d/k3s-jaomox
create mode 160000 playbooks.d/k3s-master
diff --git a/.gitmodules b/.gitmodules
index e3fe95e..ae999ae 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -5,8 +5,5 @@
path = playbooks.d/vpn-tinc
url = https://git.tyil.nl/bashtard/vpn-tinc
[submodule "playbooks.d/k3s-hurzak"]
- path = playbooks.d/k3s-hurzak
- url = https://git.tyil.nl/bashtard/k3s-master
-[submodule "playbooks.d/k3s-jaomox"]
- path = playbooks.d/k3s-jaomox
+ path = playbooks.d/k3s-master
url = https://git.tyil.nl/bashtard/k3s-master
diff --git a/data.d/k3s-hurzak/helm.d/certmanager.yaml b/data.d/k3s-hurzak/helm.d/certmanager.yaml
deleted file mode 100644
index 1b4551c..0000000
--- a/data.d/k3s-hurzak/helm.d/certmanager.yaml
+++ /dev/null
@@ -1 +0,0 @@
-installCRDs: true
diff --git a/data.d/k3s-hurzak/helm.d/redis.yaml b/data.d/k3s-hurzak/helm.d/redis.yaml
deleted file mode 100644
index 4dc9703..0000000
--- a/data.d/k3s-hurzak/helm.d/redis.yaml
+++ /dev/null
@@ -1,3 +0,0 @@
-architecture: standalone
-replica:
- replicaCount: 0
diff --git a/data.d/k3s-hurzak/manifests.d/base-system/certmanager/letsencrypt-production.yaml b/data.d/k3s-hurzak/manifests.d/base-system/certmanager/letsencrypt-production.yaml
deleted file mode 100644
index dbff2c2..0000000
--- a/data.d/k3s-hurzak/manifests.d/base-system/certmanager/letsencrypt-production.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
- name: letsencrypt-production
-spec:
- acme:
- email: root@tyil.net
- server: https://acme-v02.api.letsencrypt.org/directory
- privateKeySecretRef:
- name: clusterissuer-letsencrypt-production
- solvers:
- - http01:
- ingress:
- class: traefik
-...
diff --git a/data.d/k3s-hurzak/manifests.d/base-system/certmanager/letsencrypt-staging.yaml b/data.d/k3s-hurzak/manifests.d/base-system/certmanager/letsencrypt-staging.yaml
deleted file mode 100644
index 9b0a27d..0000000
--- a/data.d/k3s-hurzak/manifests.d/base-system/certmanager/letsencrypt-staging.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
- name: letsencrypt-staging
-spec:
- acme:
- email: root@tyil.net
- server: https://acme-staging-v02.api.letsencrypt.org/directory
- privateKeySecretRef:
- name: clusterissuer-letsencrypt-staging
- solvers:
- - http01:
- ingress:
- class: traefik
- selector: {}
-...
diff --git a/data.d/k3s-hurzak/manifests.d/namespaces.yaml b/data.d/k3s-hurzak/manifests.d/namespaces.yaml
deleted file mode 100644
index aab254a..0000000
--- a/data.d/k3s-hurzak/manifests.d/namespaces.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-apiVersion: v1
-kind: Namespace
-metadata:
- name: base-system
-...
----
-apiVersion: v1
-kind: Namespace
-metadata:
- name: personal-services
-...
----
-apiVersion: v1
-kind: Namespace
-metadata:
- name: public-services
-...
diff --git a/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/deployment.yaml b/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/deployment.yaml
deleted file mode 100644
index 5cd9975..0000000
--- a/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/deployment.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: keycloak
- namespace: personal-services
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: keycloak
- app.kubernetes.io/part-of: keycloak
-spec:
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: keycloak
- app.kubernetes.io/part-of: keycloak
- template:
- metadata:
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: keycloak
- app.kubernetes.io/part-of: keycloak
- spec:
- containers:
- - name: keycloak
- image: quay.io/keycloak/keycloak:21.0.2
- args: ["start-dev"]
- env:
- - name: KEYCLOAK_ADMIN
- valueFrom:
- secretKeyRef:
- name: keycloak-credentials
- key: username
- - name: KEYCLOAK_ADMIN_PASSWORD
- valueFrom:
- secretKeyRef:
- name: keycloak-credentials
- key: password
- - name: KC_PROXY
- value: "edge"
- ports:
- - name: http
- containerPort: 8080
- readinessProbe:
- httpGet:
- path: /realms/master
- port: 8080
-...
diff --git a/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/ingress.yaml b/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/ingress.yaml
deleted file mode 100644
index 40e6d22..0000000
--- a/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/ingress.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: keycloak
- namespace: personal-services
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: keycloak
- app.kubernetes.io/part-of: keycloak
- annotations:
- cert-manager.io/cluster-issuer: "letsencrypt-production"
-spec:
- ingressClassName: "traefik"
- tls:
- - hosts:
- - id.tyil.nl
- secretName: tls-nl.tyil.id
- rules:
- - host: id.tyil.nl
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: keycloak
- port:
- number: 8080
-...
diff --git a/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/sealed-secret.yaml b/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/sealed-secret.yaml
deleted file mode 100644
index acda853..0000000
--- a/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/sealed-secret.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-apiVersion: bitnami.com/v1alpha1
-kind: SealedSecret
-metadata:
- creationTimestamp: null
- name: keycloak-credentials
- namespace: personal-services
-spec:
- encryptedData:
- password: AgCpUewLKDwRembIHJSygOSViDlKDmA0UhKS6xaEWWpSZ2Cc0rJbtQZG6blK5O231wAXiILfCjY9oKAzLaHKQ+gqrmCwMCcYBsBT+r9SUk5iSYHUQW90nCNwgZ9kzCE8erBTFov2qWFLHxCuzhrAp2BlSDP8mAV8OwGuiNFeaqv0yVciaMfz89h+y4O3hJgGIhNZn8Pn/z4KgbP21GwUHf9OYCpkTfLyHFKqkfSUyBivIYlcI4aOL6PEy4PIPbSW0VgtPRwWCSM+/QU8H7MiOn93r9shtDcifp/9irWmd+PHwGE+xaJZLacirRtMcR4Fg9nV5V/AbuDjUokj4hwWyXN7RJBXa7uEhYGOhmGVHEqjuSkXRTxIH0d2xdXRSbKMMVcv1nOytRs2l5e98ggPWq1CwF1XCVnGosAkynlmaB0DKztdRJz3g2FJeFkLjDWOjOMV8iPLHbCrOZeJ59snknzeYaIZ7WZ5BKLRUSXSC7yQvNX6dAD0eSCs1pKb+kFcaBVYi0vjEwIMe4KlSgYcaVXOyte65PCC1GYFgWyjr50g2qDLIJNzEQYj41nsTUwu5r29YRcj8hBX4aVMJO4VMlOMwWbOOvjLZCpFY0wASUoGaM/PEHllHqboVKPIokbZokyAMH6XwGHzy4gybB9OQUSe6+rYjST2CjF+JL0Z50yi0qg0bpnyUJ9GLcTOEY8FGkS241NlInRDGYw=
- username: AgA+PP/Nr93rKQix8v9cx4r/LOHfUVjNA+6QEB3ITCbrjpmPC7DlzYtmGVGmIKpTqnzBZZOc1KjdVVgF+YNOZLoulGQOp3cx18LgxbxLU3Uh5kuSKkRDOZzSxe6OpVy0DE5aJXQqB9uzPDs9liIasW6ELbgOcgxOyk/+I0vkYcFpb+J7lbOMsLm4iPW/aY6AV35vmB0QLutDBoBiObfdwI9xJUHCZds9emuPY9wElybzBpsUVDoW9diTu64ePNL55RvTMloShTt4ICVrR/WGIJnOiwtXIMigzzBWPFBPyYIOsjMfBQgquXhpRVksNhSfmVQWwvWaFPb7IjeS1KeyIPl01XeJRej+AodT8n0lmW1YFsUiMj6GRELBNCmeW+r3+vWJlXcaVAN9a8ds8bN3F34iVs/JxVUHVA25T/bdtJY9kS0eM+9Xfli6F5Z61v8jjKS2PfJGAJq1Gly6E5eugzslHVwjmSfkB2mGYL8IJ3SJl93C+CX6l3txKKa+EWN7Sdt0wZpSZKUw4nmiYK8Vt6rvgcKc41obTxSFdQyYpwBtzGINuda5kto92gXvZi/FmBxISP2uCXPpcIHfnFS73xyuLTsRjmHgHr8ss/LGYdBPE7PLihd+av1mMd02X4j+pfT0E11EbHp+sJ47W0UGskYsR24HJw4pXVwYcFA0lfNd8PQgDPOOcxOYz65iFnmnAfeSBJo5
- template:
- data: null
- metadata:
- creationTimestamp: null
- name: keycloak-credentials
- namespace: personal-services
- type: Opaque
-
diff --git a/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/service.yaml b/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/service.yaml
deleted file mode 100644
index c9068b7..0000000
--- a/data.d/k3s-hurzak/manifests.d/personal-services/keycloak/service.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: keycloak
- namespace: personal-services
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: keycloak
- app.kubernetes.io/part-of: keycloak
-spec:
- selector:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: keycloak
- app.kubernetes.io/part-of: keycloak
- ports:
- - name: http
- port: 8080
- targetPort: 8080
-...
diff --git a/data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/deployment.yaml b/data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/deployment.yaml
deleted file mode 100644
index 9553007..0000000
--- a/data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/deployment.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: uptime-kuma
- namespace: personal-services
-spec:
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: uptime-kuma
- app.kubernetes.io/part-of: personal-services
- template:
- metadata:
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: uptime-kuma
- app.kubernetes.io/part-of: personal-services
- spec:
- containers:
- - name: uptime-kuma
- image: louislam/uptime-kuma:1
- ports:
- - containerPort: 3001
- volumeMounts:
- - name: data
- mountPath: /app/data
- volumes:
- - name: data
- hostPath:
- type: Directory
- path: /srv/personal-services/uptime-kuma
-...
diff --git a/data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/ingress.yaml b/data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/ingress.yaml
deleted file mode 100644
index 66eb258..0000000
--- a/data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/ingress.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: uptime-kuma
- namespace: personal-services
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: uptime-kuma
- app.kubernetes.io/part-of: personal-services
- annotations:
- cert-manager.io/cluster-issuer: letsencrypt-production
- #nginx.ingress.kubernetes.io/configuration-snippet: |
- # proxy_cache_bypass $http_upgrade;
- # proxy_set_header Connection "Upgrade";
- # proxy_set_header Host $host;
- # proxy_set_header Upgrade $http_upgrade;
- # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- # proxy_set_header X-Forwarded-For $remote_addr;
- # proxy_set_header X-Forwarded-Host $http_host;
- # proxy_set_header X-Forwarded-Proto $scheme;
- # proxy_set_header X-Real-IP $remote_addr;
- #nginx.ingress.kubernetes.io/proxy-http-version: "1.1"
- #nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
- #nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
- #nginx.ingress.kubernetes.io/ssl-redirect: "true"
-spec:
- ingressClassName: "traefik"
- rules:
- - host: uptime.tyil.nl
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: uptime-kuma
- port:
- number: 80
- tls:
- - hosts:
- - uptime.tyil.nl
- secretName: tls-nl.tyil.uptime
-...
diff --git a/data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/service.yaml b/data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/service.yaml
deleted file mode 100644
index 51d6d53..0000000
--- a/data.d/k3s-hurzak/manifests.d/personal-services/uptime-kuma/service.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: uptime-kuma
- namespace: personal-services
-spec:
- selector:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: uptime-kuma
- app.kubernetes.io/part-of: personal-services
- ports:
- - protocol: TCP
- port: 80
- targetPort: 3001
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/invidious/deployment.yaml b/data.d/k3s-hurzak/manifests.d/public-services/invidious/deployment.yaml
deleted file mode 100644
index 66c7912..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/invidious/deployment.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: invidious
- namespace: public-services
-spec:
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: invidious
- app.kubernetes.io/part-of: public-services
- template:
- metadata:
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: invidious
- app.kubernetes.io/part-of: public-services
- spec:
- containers:
- - name: invidious
- image: quay.io/invidious/invidious:latest
- ports:
- - containerPort: 8080
- env:
- - name: INVIDIOUS_CONFIG
- valueFrom:
- secretKeyRef:
- name: invidious-config
- key: config.yml
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/invidious/ingress.yaml b/data.d/k3s-hurzak/manifests.d/public-services/invidious/ingress.yaml
deleted file mode 100644
index cb675a9..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/invidious/ingress.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: invidious
- namespace: public-services
- annotations:
- cert-manager.io/cluster-issuer: "letsencrypt-production"
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: invidious
- app.kubernetes.io/part-of: public-services
-spec:
- ingressClassName: "traefik"
- tls:
- - hosts:
- - youtube.alt.tyil.nl
- secretName: tls-nl.tyil.alt.youtube
- rules:
- - host: youtube.alt.tyil.nl
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: invidious-http
- port:
- number: 80
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/invidious/sealed-secret.yaml b/data.d/k3s-hurzak/manifests.d/public-services/invidious/sealed-secret.yaml
deleted file mode 100644
index 013d172..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/invidious/sealed-secret.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-apiVersion: bitnami.com/v1alpha1
-kind: SealedSecret
-metadata:
- creationTimestamp: null
- name: invidious-config
- namespace: public-services
-spec:
- encryptedData:
- config.yml: AgBk+TMQyCIBOJzAx4XOwdbSlwWbcUSMdkxdAOKwZiq67cC/5LHXNgxRooRYVsq9pbul4lE46vkDs1a+VuE7ePEiSCqIFj4kQkqGFot33BBFdw378KrfolOKlcsT0aYpxj4MPIobs2MPLSFTFvf8S/JuBn3b6NFzzYvxteA5ljE0JnTluQhXilevDl81BmmiXBgyJZQEMjz8tLZQVCHWG9hQn+aQc4RVei/M0z4LVhLj4QZ6L315bPoFxLB2O43jWgon5wOirvSvdJzJ/d0laKePq94zu5xrtC/w5zIErlPpDL9oFh9vGHGf790SVc+1HNn7AeRhLPWpHNkmypODqjYjpGoTWoLYz7aU8ie1lNcpE4q752rbYzxS2TQuhlJCVpB55MtZZ9n0JoV3cABZW48VyWqU9g0jFpWF22M8oDDq5Yft58J3aHtZxZmmdCI9SbppWVyuI/WZ5qze3D2RNnDlY4FixZmDum49Ur9IHMpCEz0tOdEnDoyrQZ8LhT7LohewMClB4MuAwJ3ObF8XiLEgRDxFG501tfsK2L27m4PzCS4Zrm5K1u/gaXjWDHQxli/eMZqUXqF4TdTSF15R3XMEnjMxBne88L/DaPboQbtp70WFweazHX6wwST0HiKigwsndOL9o/ynd2TZA3E55EWbtD5mBW8PR3NPAzVg7GomyE71X4y+yMxfGgExfiyffjcP0yT+/BcKby6lsA9pI1OaIQ+Md1s+RnLqcd1gSbuY4n0/hAGTI1kfDVKxwOO+iWaY9RzSEy/qXNoOjhmSaEXVlxVexOnbThY0skxmftQbC4JjD6QJ59H/30ZieyF00obMJ5np4V7ktyewVrEVOx0rxlbf5qZUtQFsOocj7B5Pd9zJNar/OU68WfOZ0QcQxCVlG2ebSc9j+IevS6niW8IaO9mI9z0nhMeS4+a99VjGy7MXzfzmX6OOEilfMGkvIwzz9Ks0FkhgXDXVF9cn5SsYKGGq6bDpAcLG7KNdGNcqiD9tGjx0YlHj18MbLubwszy+qEBuuhMLEcjzUCnxhjjAkq6GJChZ28Xnf5GbzTG4QiCWKJssrIvStDU7Uc0iyh/FP9Hb+XgeliTNjlC2Mc8XEjH8y+pP8jTHzsPYNM0aD3HmKOoSi8yy8GKMGtgX8NHH70HltUek9bHLKL9AjxNJIOhCJ0piJYFf9w==
- template:
- metadata:
- creationTimestamp: null
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: invidious-config
- app.kubernetes.io/part-of: invidious
- name: invidious-config
- namespace: public-services
- type: Opaque
-
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/invidious/service.yaml b/data.d/k3s-hurzak/manifests.d/public-services/invidious/service.yaml
deleted file mode 100644
index e4f95be..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/invidious/service.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- # Funfact: if this name is set to "invidious", things will break!
- # https://github.com/iv-org/invidious/issues/2970
- name: invidious-http
- namespace: public-services
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: invidious
- app.kubernetes.io/part-of: public-services
-spec:
- selector:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: invidious
- app.kubernetes.io/part-of: public-services
- ports:
- - protocol: TCP
- port: 80
- targetPort: 3000
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/nitter/deployment.yaml b/data.d/k3s-hurzak/manifests.d/public-services/nitter/deployment.yaml
deleted file mode 100644
index 8ad6401..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/nitter/deployment.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: nitter
- namespace: public-services
-spec:
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: nitter
- app.kubernetes.io/part-of: public-services
- template:
- metadata:
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: nitter
- app.kubernetes.io/part-of: public-services
- spec:
- containers:
- - name: nitter
- image: zedeus/nitter
- ports:
- - containerPort: 8080
- env:
- - name: REDIS_HOST
- value: "redis-nitter-master"
- volumeMounts:
- - name: config
- subPath: nitter.conf
- mountPath: /src/nitter.conf
- volumes:
- - name: config
- secret:
- secretName: nitter-config
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/nitter/ingress.yaml b/data.d/k3s-hurzak/manifests.d/public-services/nitter/ingress.yaml
deleted file mode 100644
index 6c3e671..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/nitter/ingress.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: nitter
- namespace: public-services
- annotations:
- cert-manager.io/cluster-issuer: "letsencrypt-production"
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: nitter
- app.kubernetes.io/part-of: public-services
-spec:
- ingressClassName: "traefik"
- tls:
- - hosts:
- - twitter.alt.tyil.nl
- secretName: tls-nl.tyil.alt.twitter
- rules:
- - host: twitter.alt.tyil.nl
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: nitter
- port:
- number: 80
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/nitter/sealed-secret.yaml b/data.d/k3s-hurzak/manifests.d/public-services/nitter/sealed-secret.yaml
deleted file mode 100644
index ab6cf1b..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/nitter/sealed-secret.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-apiVersion: bitnami.com/v1alpha1
-kind: SealedSecret
-metadata:
- creationTimestamp: null
- name: nitter-config
- namespace: public-services
-spec:
- encryptedData:
- nitter.conf: AgA/KW9/ptYadmBAk8uwZ4u/OkJqzLg3Cns+XPGKHKii66esMuA9M4EqqB8dMHbI1zZi5wPxcdVBNeEX2cguPv0V9/PYtq24T5HJ2tGiQKKPxi1KqQUJquIxyDYZIzr5qYCu9TQfUSIQg3aGzuKyJTdckG3BJtjnGY8DMU/AIfSeU67ZEyNWSFmUtt80pqCL0oKi+tq7Bngb9jFCJHQv5F0yWF2MehuknNuI++QECAModVtkq/nRViKSGaN8IqVDWnfn71vH7CRsbL5c/Eb9ra7ptAHtLEuC54U5ezDhNEeJt93SGw6yniBy69sBtAauWzGofhK3y+eVAsjZsRZPZGpyyziHl21MHJdaCjvJTvxVp8tJqtD2bwOZTczV2tZO84ES2wftqgZaWBOqewtgPcH/yC4AtHdgK1xlEwNbE8EQ0rCpWdhPTsK4ZB3r9w2xujbQh5DiH7y+D50z4D54BJdvmdC/M/9s4WdSytSGF7fXU9LOfUE4/r9fUDn6vEDe5UYoFY9ej7ObBP6tZ2OFOizmyZ0BbS+IZ+szHHZI3Scgl1nPzUhJ3XcFQC549va5QgWg07ykFZdf/EDypbic/iK2Bke31G9BtP1DCoj34FUh+APIwUKEx9SnXJ732wOo7zPN0JCW32K8+OrStdKCX2K7STLoQ8Tby9Az5H0DSnTaYQvrt+FvRuNX+vriC4u4L8C5rQbRxJi67e1+FDPp8XoxZrhv5UZuS1hA5X2nEL+Q76s1ZdHiokVvBqj82F0fW7Jymt3AeGPqgorWWlmCJrLw7Rqfq3AoRy5QQ94jF4emeMVzZlp5HND0ZaIlajUeNl8R7/qmMgy/BoRnJP+QAhIfX8mwFowRnDY1YASIpt+eNoYf8XLaJO611glOTdUgt3FVNE1+3qbO7agBTx/rX9lfJf2BMwSyEWqsQbM+pnxQZxS36j85deTxTze758raPNgEcT2p4dr0RCWJt0jJchEpWcBLdGNMM+5J+Y5WQOFiA+MyS3R0SlSib+grvoxgFZMDO9UPJvCkijxuAki1n2y5D2S2vbNn2Cnk1gBCFBFbrK2u41i2HXsl1o4YoBTqinaD4SktCnJ1WSXalaVMkBA6FZz9tiyHwbC3LQRy8UoeSEF3cz90jD6JniN2nn5K2CmgSKiJLBNk/UDhiLEicCbVBkwuOxvygc07fTYU/+fWIV0HqkkdhTby3mLL//ylQNB2axlujeQgqfQEcqrkYbQrNaCh+cpQTBy9sV0yVAgXDrrhPjnvTWelp8V6wtUypLFh0CoEZ9qdgUiFPLSy1Jkt72zPiur7Uml6UAPaw5Q4Y5U7rHB530m1XWpfw7xQ43yMTI9P3aBPxgVyz0k0NAdWlCgXpqyH1Lrn/d0LmGRmDhsvJtO6ArJyikO3bbxecYCyOVDNZO4Uglf/vqKbhUtqRgj8xYV6tZqaoNk/AHAMVAncSCas7ffDS9Awx0GNhcPz0Vw5h/VeeuR2HbVcclLZ3hPKQUfGGHdUyO3nxSxyuGdjNiuJjiSsyWRoX57sxpX2DeQyqrxddsL9Hudxc9RMdpkq6YchfoReF3vdDkgENwAYI4A0xFRNgn8I8vDSx9A2UKjahns/aRvRJ6LLrn2KvXW5yQk2Oomdo4ak2Co2HAmVVa/C6WbsnlPzaHLVGupEVwV/aw==
- template:
- metadata:
- creationTimestamp: null
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: nitter-config
- app.kubernetes.io/part-of: nitter
- name: nitter-config
- namespace: public-services
- type: Opaque
-
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/nitter/service.yaml b/data.d/k3s-hurzak/manifests.d/public-services/nitter/service.yaml
deleted file mode 100644
index f9bba4b..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/nitter/service.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: nitter
- namespace: public-services
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: nitter
- app.kubernetes.io/part-of: public-services
-spec:
- selector:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: nitter
- app.kubernetes.io/part-of: public-services
- ports:
- - protocol: TCP
- port: 80
- targetPort: 8080
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/omgur/deployment.yaml b/data.d/k3s-hurzak/manifests.d/public-services/omgur/deployment.yaml
deleted file mode 100644
index 2cef276..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/omgur/deployment.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: omgur
- namespace: public-services
-spec:
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: omgur
- app.kubernetes.io/part-of: public-services
- template:
- metadata:
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: omgur
- app.kubernetes.io/part-of: public-services
- spec:
- containers:
- - name: omgur
- image: registry.gitlab.com/geraldwuhoo/omgur:latest
- ports:
- - containerPort: 8080
- env:
- - name: REDIS_HOST
- value: "redis-omgur-master"
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/omgur/ingress.yaml b/data.d/k3s-hurzak/manifests.d/public-services/omgur/ingress.yaml
deleted file mode 100644
index b8d7e1a..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/omgur/ingress.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: omgur
- namespace: public-services
- annotations:
- cert-manager.io/cluster-issuer: "letsencrypt-production"
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: omgur
- app.kubernetes.io/part-of: public-services
-spec:
- ingressClassName: "traefik"
- tls:
- - hosts:
- - imgur.alt.tyil.nl
- secretName: tls-nl.tyil.alt.imgur
- rules:
- - host: imgur.alt.tyil.nl
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: omgur
- port:
- number: 80
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/omgur/service.yaml b/data.d/k3s-hurzak/manifests.d/public-services/omgur/service.yaml
deleted file mode 100644
index f848c14..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/omgur/service.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: omgur
- namespace: public-services
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: omgur
- app.kubernetes.io/part-of: public-services
-spec:
- selector:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: omgur
- app.kubernetes.io/part-of: public-services
- ports:
- - protocol: TCP
- port: 80
- targetPort: 8080
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/searxng/deployment.yaml b/data.d/k3s-hurzak/manifests.d/public-services/searxng/deployment.yaml
deleted file mode 100644
index f5f6064..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/searxng/deployment.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: searxng
- namespace: public-services
-spec:
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: searxng
- app.kubernetes.io/part-of: searxng
- template:
- metadata:
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: searxng
- app.kubernetes.io/part-of: searxng
- spec:
- containers:
- - name: searxng
- image: searxng/searxng:2022.08.01-7c9c1124
- ports:
- - containerPort: 8080
- env:
- - name: BASE_URL
- value: https://searxng.tyil.nl
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/searxng/ingress.yaml b/data.d/k3s-hurzak/manifests.d/public-services/searxng/ingress.yaml
deleted file mode 100644
index 0b8fe62..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/searxng/ingress.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: searxng
- namespace: public-services
- annotations:
- cert-manager.io/cluster-issuer: "letsencrypt-production"
-spec:
- ingressClassName: "traefik"
- tls:
- - hosts:
- - searxng.tyil.nl
- secretName: tls-nl.tyil.searxng
- rules:
- - host: searxng.tyil.nl
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: searxng
- port:
- number: 80
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/searxng/service.yaml b/data.d/k3s-hurzak/manifests.d/public-services/searxng/service.yaml
deleted file mode 100644
index 23fb8ac..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/searxng/service.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: searxng
- namespace: public-services
-spec:
- selector:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: searxng
- app.kubernetes.io/part-of: searxng
- ports:
- - protocol: TCP
- port: 80
- targetPort: 8080
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/teddit/deployment.yaml b/data.d/k3s-hurzak/manifests.d/public-services/teddit/deployment.yaml
deleted file mode 100644
index 9542cde..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/teddit/deployment.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: teddit
- namespace: public-services
-spec:
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: teddit
- app.kubernetes.io/part-of: public-services
- template:
- metadata:
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: teddit
- app.kubernetes.io/part-of: public-services
- spec:
- containers:
- - name: teddit
- image: teddit/teddit:latest
- ports:
- - containerPort: 8080
- env:
- - name: DOMAIN
- value: "reddit.alt.tyil.nl"
- - name: REDIS_DB
- value: "1"
- - name: REDIS_HOST
- value: "10.57.100.7"
- - name: TRUST_PROXY
- value: "true"
- - name: USE_HELMET
- value: "true"
- - name: USE_HELMET_HSTS
- value: "true"
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/teddit/ingress.yaml b/data.d/k3s-hurzak/manifests.d/public-services/teddit/ingress.yaml
deleted file mode 100644
index 4830961..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/teddit/ingress.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: teddit
- namespace: public-services
- annotations:
- cert-manager.io/cluster-issuer: "letsencrypt-production"
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: teddit
- app.kubernetes.io/part-of: public-services
-spec:
- ingressClassName: "traefik"
- tls:
- - hosts:
- - reddit.alt.tyil.nl
- secretName: tls-nl.tyil.alt.reddit
- rules:
- - host: reddit.alt.tyil.nl
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: teddit
- port:
- number: 80
-...
diff --git a/data.d/k3s-hurzak/manifests.d/public-services/teddit/service.yaml b/data.d/k3s-hurzak/manifests.d/public-services/teddit/service.yaml
deleted file mode 100644
index b91c1d1..0000000
--- a/data.d/k3s-hurzak/manifests.d/public-services/teddit/service.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: teddit
- namespace: public-services
- labels:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: teddit
- app.kubernetes.io/part-of: public-services
-spec:
- selector:
- app.kubernetes.io/created-by: tyil
- app.kubernetes.io/managed-by: manual
- app.kubernetes.io/name: teddit
- app.kubernetes.io/part-of: public-services
- ports:
- - protocol: TCP
- port: 80
- targetPort: 8080
-...
diff --git a/data.d/k3s-jaomox/helm.d/minio.yaml b/data.d/k3s-jaomox/helm.d/minio.yaml
deleted file mode 100644
index e2f3b8b..0000000
--- a/data.d/k3s-jaomox/helm.d/minio.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-mode: standalone
-replicas: 1
-ingress:
- enabled: true
- annotations:
- cert-manager.io/cluster-issuer: letsencrypt-production
- hosts:
- - s3.tyil.nl
- tls:
- - hosts:
- - s3.tyil.nl
- secretName: tls-nl.tyil.s3
-persistence:
- enabled: true
- existingClaim: minio-data
-resources:
- requests:
- memory: 512Mi
diff --git a/data.d/k3s-jaomox/manifests.d/namespaces.yaml b/data.d/k3s-jaomox/manifests.d/namespaces.yaml
deleted file mode 100644
index f9151e9..0000000
--- a/data.d/k3s-jaomox/manifests.d/namespaces.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-apiVersion: v1
-kind: Namespace
-metadata:
- name: personal-services
-...
diff --git a/data.d/k3s-jaomox/manifests.d/personal-services/minio/persistent-volume-claim.yaml b/data.d/k3s-jaomox/manifests.d/personal-services/minio/persistent-volume-claim.yaml
deleted file mode 100644
index fdb42dc..0000000
--- a/data.d/k3s-jaomox/manifests.d/personal-services/minio/persistent-volume-claim.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: minio-data
- namespace: personal-services
-spec:
- storageClassName: manual
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 50Gi
-...
diff --git a/data.d/k3s-jaomox/manifests.d/personal-services/minio/persistent-volume.yaml b/data.d/k3s-jaomox/manifests.d/personal-services/minio/persistent-volume.yaml
deleted file mode 100644
index 45434e8..0000000
--- a/data.d/k3s-jaomox/manifests.d/personal-services/minio/persistent-volume.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: minio-data
- namespace: personal-services
-spec:
- storageClassName: manual
- capacity:
- storage: 50Gi
- accessModes:
- - ReadWriteOnce
- hostPath:
- path: /srv/personal-services/minio-data
-...
diff --git a/data.d/k3s-master/helm.d/certmanager.yaml b/data.d/k3s-master/helm.d/certmanager.yaml
new file mode 100644
index 0000000..1b4551c
--- /dev/null
+++ b/data.d/k3s-master/helm.d/certmanager.yaml
@@ -0,0 +1 @@
+installCRDs: true
diff --git a/data.d/k3s-master/helm.d/minio.yaml b/data.d/k3s-master/helm.d/minio.yaml
new file mode 100644
index 0000000..e2f3b8b
--- /dev/null
+++ b/data.d/k3s-master/helm.d/minio.yaml
@@ -0,0 +1,18 @@
+mode: standalone
+replicas: 1
+ingress:
+ enabled: true
+ annotations:
+ cert-manager.io/cluster-issuer: letsencrypt-production
+ hosts:
+ - s3.tyil.nl
+ tls:
+ - hosts:
+ - s3.tyil.nl
+ secretName: tls-nl.tyil.s3
+persistence:
+ enabled: true
+ existingClaim: minio-data
+resources:
+ requests:
+ memory: 512Mi
diff --git a/data.d/k3s-master/helm.d/redis.yaml b/data.d/k3s-master/helm.d/redis.yaml
new file mode 100644
index 0000000..4dc9703
--- /dev/null
+++ b/data.d/k3s-master/helm.d/redis.yaml
@@ -0,0 +1,3 @@
+architecture: standalone
+replica:
+ replicaCount: 0
diff --git a/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-production.yaml b/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-production.yaml
new file mode 100644
index 0000000..dbff2c2
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-production.yaml
@@ -0,0 +1,16 @@
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+ name: letsencrypt-production
+spec:
+ acme:
+ email: root@tyil.net
+ server: https://acme-v02.api.letsencrypt.org/directory
+ privateKeySecretRef:
+ name: clusterissuer-letsencrypt-production
+ solvers:
+ - http01:
+ ingress:
+ class: traefik
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-staging.yaml b/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-staging.yaml
new file mode 100644
index 0000000..9b0a27d
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-staging.yaml
@@ -0,0 +1,17 @@
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+ name: letsencrypt-staging
+spec:
+ acme:
+ email: root@tyil.net
+ server: https://acme-staging-v02.api.letsencrypt.org/directory
+ privateKeySecretRef:
+ name: clusterissuer-letsencrypt-staging
+ solvers:
+ - http01:
+ ingress:
+ class: traefik
+ selector: {}
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/namespaces.yaml b/data.d/k3s-master/manifests.d/hurzak/namespaces.yaml
new file mode 100644
index 0000000..aab254a
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/namespaces.yaml
@@ -0,0 +1,18 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: base-system
+...
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: personal-services
+...
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: public-services
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml
new file mode 100644
index 0000000..5cd9975
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml
@@ -0,0 +1,52 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: keycloak
+ namespace: personal-services
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: keycloak
+ app.kubernetes.io/part-of: keycloak
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: keycloak
+ app.kubernetes.io/part-of: keycloak
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: keycloak
+ app.kubernetes.io/part-of: keycloak
+ spec:
+ containers:
+ - name: keycloak
+ image: quay.io/keycloak/keycloak:21.0.2
+ args: ["start-dev"]
+ env:
+ - name: KEYCLOAK_ADMIN
+ valueFrom:
+ secretKeyRef:
+ name: keycloak-credentials
+ key: username
+ - name: KEYCLOAK_ADMIN_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: keycloak-credentials
+ key: password
+ - name: KC_PROXY
+ value: "edge"
+ ports:
+ - name: http
+ containerPort: 8080
+ readinessProbe:
+ httpGet:
+ path: /realms/master
+ port: 8080
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml
new file mode 100644
index 0000000..40e6d22
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml
@@ -0,0 +1,31 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: keycloak
+ namespace: personal-services
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: keycloak
+ app.kubernetes.io/part-of: keycloak
+ annotations:
+ cert-manager.io/cluster-issuer: "letsencrypt-production"
+spec:
+ ingressClassName: "traefik"
+ tls:
+ - hosts:
+ - id.tyil.nl
+ secretName: tls-nl.tyil.id
+ rules:
+ - host: id.tyil.nl
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: keycloak
+ port:
+ number: 8080
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml
new file mode 100644
index 0000000..acda853
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml
@@ -0,0 +1,18 @@
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+ creationTimestamp: null
+ name: keycloak-credentials
+ namespace: personal-services
+spec:
+ encryptedData:
+ password: AgCpUewLKDwRembIHJSygOSViDlKDmA0UhKS6xaEWWpSZ2Cc0rJbtQZG6blK5O231wAXiILfCjY9oKAzLaHKQ+gqrmCwMCcYBsBT+r9SUk5iSYHUQW90nCNwgZ9kzCE8erBTFov2qWFLHxCuzhrAp2BlSDP8mAV8OwGuiNFeaqv0yVciaMfz89h+y4O3hJgGIhNZn8Pn/z4KgbP21GwUHf9OYCpkTfLyHFKqkfSUyBivIYlcI4aOL6PEy4PIPbSW0VgtPRwWCSM+/QU8H7MiOn93r9shtDcifp/9irWmd+PHwGE+xaJZLacirRtMcR4Fg9nV5V/AbuDjUokj4hwWyXN7RJBXa7uEhYGOhmGVHEqjuSkXRTxIH0d2xdXRSbKMMVcv1nOytRs2l5e98ggPWq1CwF1XCVnGosAkynlmaB0DKztdRJz3g2FJeFkLjDWOjOMV8iPLHbCrOZeJ59snknzeYaIZ7WZ5BKLRUSXSC7yQvNX6dAD0eSCs1pKb+kFcaBVYi0vjEwIMe4KlSgYcaVXOyte65PCC1GYFgWyjr50g2qDLIJNzEQYj41nsTUwu5r29YRcj8hBX4aVMJO4VMlOMwWbOOvjLZCpFY0wASUoGaM/PEHllHqboVKPIokbZokyAMH6XwGHzy4gybB9OQUSe6+rYjST2CjF+JL0Z50yi0qg0bpnyUJ9GLcTOEY8FGkS241NlInRDGYw=
+ username: AgA+PP/Nr93rKQix8v9cx4r/LOHfUVjNA+6QEB3ITCbrjpmPC7DlzYtmGVGmIKpTqnzBZZOc1KjdVVgF+YNOZLoulGQOp3cx18LgxbxLU3Uh5kuSKkRDOZzSxe6OpVy0DE5aJXQqB9uzPDs9liIasW6ELbgOcgxOyk/+I0vkYcFpb+J7lbOMsLm4iPW/aY6AV35vmB0QLutDBoBiObfdwI9xJUHCZds9emuPY9wElybzBpsUVDoW9diTu64ePNL55RvTMloShTt4ICVrR/WGIJnOiwtXIMigzzBWPFBPyYIOsjMfBQgquXhpRVksNhSfmVQWwvWaFPb7IjeS1KeyIPl01XeJRej+AodT8n0lmW1YFsUiMj6GRELBNCmeW+r3+vWJlXcaVAN9a8ds8bN3F34iVs/JxVUHVA25T/bdtJY9kS0eM+9Xfli6F5Z61v8jjKS2PfJGAJq1Gly6E5eugzslHVwjmSfkB2mGYL8IJ3SJl93C+CX6l3txKKa+EWN7Sdt0wZpSZKUw4nmiYK8Vt6rvgcKc41obTxSFdQyYpwBtzGINuda5kto92gXvZi/FmBxISP2uCXPpcIHfnFS73xyuLTsRjmHgHr8ss/LGYdBPE7PLihd+av1mMd02X4j+pfT0E11EbHp+sJ47W0UGskYsR24HJw4pXVwYcFA0lfNd8PQgDPOOcxOYz65iFnmnAfeSBJo5
+ template:
+ data: null
+ metadata:
+ creationTimestamp: null
+ name: keycloak-credentials
+ namespace: personal-services
+ type: Opaque
+
diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml
new file mode 100644
index 0000000..c9068b7
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml
@@ -0,0 +1,22 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: keycloak
+ namespace: personal-services
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: keycloak
+ app.kubernetes.io/part-of: keycloak
+spec:
+ selector:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: keycloak
+ app.kubernetes.io/part-of: keycloak
+ ports:
+ - name: http
+ port: 8080
+ targetPort: 8080
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/deployment.yaml
new file mode 100644
index 0000000..9553007
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/deployment.yaml
@@ -0,0 +1,36 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: uptime-kuma
+ namespace: personal-services
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: uptime-kuma
+ app.kubernetes.io/part-of: personal-services
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: uptime-kuma
+ app.kubernetes.io/part-of: personal-services
+ spec:
+ containers:
+ - name: uptime-kuma
+ image: louislam/uptime-kuma:1
+ ports:
+ - containerPort: 3001
+ volumeMounts:
+ - name: data
+ mountPath: /app/data
+ volumes:
+ - name: data
+ hostPath:
+ type: Directory
+ path: /srv/personal-services/uptime-kuma
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/ingress.yaml
new file mode 100644
index 0000000..66eb258
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/ingress.yaml
@@ -0,0 +1,45 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: uptime-kuma
+ namespace: personal-services
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: uptime-kuma
+ app.kubernetes.io/part-of: personal-services
+ annotations:
+ cert-manager.io/cluster-issuer: letsencrypt-production
+ #nginx.ingress.kubernetes.io/configuration-snippet: |
+ # proxy_cache_bypass $http_upgrade;
+ # proxy_set_header Connection "Upgrade";
+ # proxy_set_header Host $host;
+ # proxy_set_header Upgrade $http_upgrade;
+ # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ # proxy_set_header X-Forwarded-For $remote_addr;
+ # proxy_set_header X-Forwarded-Host $http_host;
+ # proxy_set_header X-Forwarded-Proto $scheme;
+ # proxy_set_header X-Real-IP $remote_addr;
+ #nginx.ingress.kubernetes.io/proxy-http-version: "1.1"
+ #nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
+ #nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
+ #nginx.ingress.kubernetes.io/ssl-redirect: "true"
+spec:
+ ingressClassName: "traefik"
+ rules:
+ - host: uptime.tyil.nl
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: uptime-kuma
+ port:
+ number: 80
+ tls:
+ - hosts:
+ - uptime.tyil.nl
+ secretName: tls-nl.tyil.uptime
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/service.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/service.yaml
new file mode 100644
index 0000000..51d6d53
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/service.yaml
@@ -0,0 +1,17 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: uptime-kuma
+ namespace: personal-services
+spec:
+ selector:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: uptime-kuma
+ app.kubernetes.io/part-of: personal-services
+ ports:
+ - protocol: TCP
+ port: 80
+ targetPort: 3001
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/deployment.yaml
new file mode 100644
index 0000000..66c7912
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/deployment.yaml
@@ -0,0 +1,34 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: invidious
+ namespace: public-services
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: invidious
+ app.kubernetes.io/part-of: public-services
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: invidious
+ app.kubernetes.io/part-of: public-services
+ spec:
+ containers:
+ - name: invidious
+ image: quay.io/invidious/invidious:latest
+ ports:
+ - containerPort: 8080
+ env:
+ - name: INVIDIOUS_CONFIG
+ valueFrom:
+ secretKeyRef:
+ name: invidious-config
+ key: config.yml
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/ingress.yaml
new file mode 100644
index 0000000..cb675a9
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/ingress.yaml
@@ -0,0 +1,31 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: invidious
+ namespace: public-services
+ annotations:
+ cert-manager.io/cluster-issuer: "letsencrypt-production"
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: invidious
+ app.kubernetes.io/part-of: public-services
+spec:
+ ingressClassName: "traefik"
+ tls:
+ - hosts:
+ - youtube.alt.tyil.nl
+ secretName: tls-nl.tyil.alt.youtube
+ rules:
+ - host: youtube.alt.tyil.nl
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: invidious-http
+ port:
+ number: 80
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/sealed-secret.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/sealed-secret.yaml
new file mode 100644
index 0000000..013d172
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/sealed-secret.yaml
@@ -0,0 +1,21 @@
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+ creationTimestamp: null
+ name: invidious-config
+ namespace: public-services
+spec:
+ encryptedData:
+ config.yml: AgBk+TMQyCIBOJzAx4XOwdbSlwWbcUSMdkxdAOKwZiq67cC/5LHXNgxRooRYVsq9pbul4lE46vkDs1a+VuE7ePEiSCqIFj4kQkqGFot33BBFdw378KrfolOKlcsT0aYpxj4MPIobs2MPLSFTFvf8S/JuBn3b6NFzzYvxteA5ljE0JnTluQhXilevDl81BmmiXBgyJZQEMjz8tLZQVCHWG9hQn+aQc4RVei/M0z4LVhLj4QZ6L315bPoFxLB2O43jWgon5wOirvSvdJzJ/d0laKePq94zu5xrtC/w5zIErlPpDL9oFh9vGHGf790SVc+1HNn7AeRhLPWpHNkmypODqjYjpGoTWoLYz7aU8ie1lNcpE4q752rbYzxS2TQuhlJCVpB55MtZZ9n0JoV3cABZW48VyWqU9g0jFpWF22M8oDDq5Yft58J3aHtZxZmmdCI9SbppWVyuI/WZ5qze3D2RNnDlY4FixZmDum49Ur9IHMpCEz0tOdEnDoyrQZ8LhT7LohewMClB4MuAwJ3ObF8XiLEgRDxFG501tfsK2L27m4PzCS4Zrm5K1u/gaXjWDHQxli/eMZqUXqF4TdTSF15R3XMEnjMxBne88L/DaPboQbtp70WFweazHX6wwST0HiKigwsndOL9o/ynd2TZA3E55EWbtD5mBW8PR3NPAzVg7GomyE71X4y+yMxfGgExfiyffjcP0yT+/BcKby6lsA9pI1OaIQ+Md1s+RnLqcd1gSbuY4n0/hAGTI1kfDVKxwOO+iWaY9RzSEy/qXNoOjhmSaEXVlxVexOnbThY0skxmftQbC4JjD6QJ59H/30ZieyF00obMJ5np4V7ktyewVrEVOx0rxlbf5qZUtQFsOocj7B5Pd9zJNar/OU68WfOZ0QcQxCVlG2ebSc9j+IevS6niW8IaO9mI9z0nhMeS4+a99VjGy7MXzfzmX6OOEilfMGkvIwzz9Ks0FkhgXDXVF9cn5SsYKGGq6bDpAcLG7KNdGNcqiD9tGjx0YlHj18MbLubwszy+qEBuuhMLEcjzUCnxhjjAkq6GJChZ28Xnf5GbzTG4QiCWKJssrIvStDU7Uc0iyh/FP9Hb+XgeliTNjlC2Mc8XEjH8y+pP8jTHzsPYNM0aD3HmKOoSi8yy8GKMGtgX8NHH70HltUek9bHLKL9AjxNJIOhCJ0piJYFf9w==
+ template:
+ metadata:
+ creationTimestamp: null
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: invidious-config
+ app.kubernetes.io/part-of: invidious
+ name: invidious-config
+ namespace: public-services
+ type: Opaque
+
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/service.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/service.yaml
new file mode 100644
index 0000000..e4f95be
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/service.yaml
@@ -0,0 +1,24 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ # Funfact: if this name is set to "invidious", things will break!
+ # https://github.com/iv-org/invidious/issues/2970
+ name: invidious-http
+ namespace: public-services
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: invidious
+ app.kubernetes.io/part-of: public-services
+spec:
+ selector:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: invidious
+ app.kubernetes.io/part-of: public-services
+ ports:
+ - protocol: TCP
+ port: 80
+ targetPort: 3000
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/deployment.yaml
new file mode 100644
index 0000000..8ad6401
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/deployment.yaml
@@ -0,0 +1,39 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nitter
+ namespace: public-services
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: nitter
+ app.kubernetes.io/part-of: public-services
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: nitter
+ app.kubernetes.io/part-of: public-services
+ spec:
+ containers:
+ - name: nitter
+ image: zedeus/nitter
+ ports:
+ - containerPort: 8080
+ env:
+ - name: REDIS_HOST
+ value: "redis-nitter-master"
+ volumeMounts:
+ - name: config
+ subPath: nitter.conf
+ mountPath: /src/nitter.conf
+ volumes:
+ - name: config
+ secret:
+ secretName: nitter-config
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/ingress.yaml
new file mode 100644
index 0000000..6c3e671
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/ingress.yaml
@@ -0,0 +1,31 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: nitter
+ namespace: public-services
+ annotations:
+ cert-manager.io/cluster-issuer: "letsencrypt-production"
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: nitter
+ app.kubernetes.io/part-of: public-services
+spec:
+ ingressClassName: "traefik"
+ tls:
+ - hosts:
+ - twitter.alt.tyil.nl
+ secretName: tls-nl.tyil.alt.twitter
+ rules:
+ - host: twitter.alt.tyil.nl
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: nitter
+ port:
+ number: 80
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/sealed-secret.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/sealed-secret.yaml
new file mode 100644
index 0000000..ab6cf1b
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/sealed-secret.yaml
@@ -0,0 +1,21 @@
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+ creationTimestamp: null
+ name: nitter-config
+ namespace: public-services
+spec:
+ encryptedData:
+ nitter.conf: AgA/KW9/ptYadmBAk8uwZ4u/OkJqzLg3Cns+XPGKHKii66esMuA9M4EqqB8dMHbI1zZi5wPxcdVBNeEX2cguPv0V9/PYtq24T5HJ2tGiQKKPxi1KqQUJquIxyDYZIzr5qYCu9TQfUSIQg3aGzuKyJTdckG3BJtjnGY8DMU/AIfSeU67ZEyNWSFmUtt80pqCL0oKi+tq7Bngb9jFCJHQv5F0yWF2MehuknNuI++QECAModVtkq/nRViKSGaN8IqVDWnfn71vH7CRsbL5c/Eb9ra7ptAHtLEuC54U5ezDhNEeJt93SGw6yniBy69sBtAauWzGofhK3y+eVAsjZsRZPZGpyyziHl21MHJdaCjvJTvxVp8tJqtD2bwOZTczV2tZO84ES2wftqgZaWBOqewtgPcH/yC4AtHdgK1xlEwNbE8EQ0rCpWdhPTsK4ZB3r9w2xujbQh5DiH7y+D50z4D54BJdvmdC/M/9s4WdSytSGF7fXU9LOfUE4/r9fUDn6vEDe5UYoFY9ej7ObBP6tZ2OFOizmyZ0BbS+IZ+szHHZI3Scgl1nPzUhJ3XcFQC549va5QgWg07ykFZdf/EDypbic/iK2Bke31G9BtP1DCoj34FUh+APIwUKEx9SnXJ732wOo7zPN0JCW32K8+OrStdKCX2K7STLoQ8Tby9Az5H0DSnTaYQvrt+FvRuNX+vriC4u4L8C5rQbRxJi67e1+FDPp8XoxZrhv5UZuS1hA5X2nEL+Q76s1ZdHiokVvBqj82F0fW7Jymt3AeGPqgorWWlmCJrLw7Rqfq3AoRy5QQ94jF4emeMVzZlp5HND0ZaIlajUeNl8R7/qmMgy/BoRnJP+QAhIfX8mwFowRnDY1YASIpt+eNoYf8XLaJO611glOTdUgt3FVNE1+3qbO7agBTx/rX9lfJf2BMwSyEWqsQbM+pnxQZxS36j85deTxTze758raPNgEcT2p4dr0RCWJt0jJchEpWcBLdGNMM+5J+Y5WQOFiA+MyS3R0SlSib+grvoxgFZMDO9UPJvCkijxuAki1n2y5D2S2vbNn2Cnk1gBCFBFbrK2u41i2HXsl1o4YoBTqinaD4SktCnJ1WSXalaVMkBA6FZz9tiyHwbC3LQRy8UoeSEF3cz90jD6JniN2nn5K2CmgSKiJLBNk/UDhiLEicCbVBkwuOxvygc07fTYU/+fWIV0HqkkdhTby3mLL//ylQNB2axlujeQgqfQEcqrkYbQrNaCh+cpQTBy9sV0yVAgXDrrhPjnvTWelp8V6wtUypLFh0CoEZ9qdgUiFPLSy1Jkt72zPiur7Uml6UAPaw5Q4Y5U7rHB530m1XWpfw7xQ43yMTI9P3aBPxgVyz0k0NAdWlCgXpqyH1Lrn/d0LmGRmDhsvJtO6ArJyikO3bbxecYCyOVDNZO4Uglf/vqKbhUtqRgj8xYV6tZqaoNk/AHAMVAncSCas7ffDS9Awx0GNhcPz0Vw5h/VeeuR2HbVcclLZ3hPKQUfGGHdUyO3nxSxyuGdjNiuJjiSsyWRoX57sxpX2DeQyqrxddsL9Hudxc9RMdpkq6YchfoReF3vdDkgENwAYI4A0xFRNgn8I8vDSx9A2UKjahns/aRvRJ6LLrn2KvXW5yQk2Oomdo4ak2Co2HAmVVa/C6WbsnlPzaHLVGupEVwV/aw==
+ template:
+ metadata:
+ creationTimestamp: null
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: nitter-config
+ app.kubernetes.io/part-of: nitter
+ name: nitter-config
+ namespace: public-services
+ type: Opaque
+
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/service.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/service.yaml
new file mode 100644
index 0000000..f9bba4b
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/service.yaml
@@ -0,0 +1,22 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: nitter
+ namespace: public-services
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: nitter
+ app.kubernetes.io/part-of: public-services
+spec:
+ selector:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: nitter
+ app.kubernetes.io/part-of: public-services
+ ports:
+ - protocol: TCP
+ port: 80
+ targetPort: 8080
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/deployment.yaml
new file mode 100644
index 0000000..2cef276
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/deployment.yaml
@@ -0,0 +1,31 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: omgur
+ namespace: public-services
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: omgur
+ app.kubernetes.io/part-of: public-services
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: omgur
+ app.kubernetes.io/part-of: public-services
+ spec:
+ containers:
+ - name: omgur
+ image: registry.gitlab.com/geraldwuhoo/omgur:latest
+ ports:
+ - containerPort: 8080
+ env:
+ - name: REDIS_HOST
+ value: "redis-omgur-master"
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/ingress.yaml
new file mode 100644
index 0000000..b8d7e1a
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/ingress.yaml
@@ -0,0 +1,31 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: omgur
+ namespace: public-services
+ annotations:
+ cert-manager.io/cluster-issuer: "letsencrypt-production"
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: omgur
+ app.kubernetes.io/part-of: public-services
+spec:
+ ingressClassName: "traefik"
+ tls:
+ - hosts:
+ - imgur.alt.tyil.nl
+ secretName: tls-nl.tyil.alt.imgur
+ rules:
+ - host: imgur.alt.tyil.nl
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: omgur
+ port:
+ number: 80
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/service.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/service.yaml
new file mode 100644
index 0000000..f848c14
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/service.yaml
@@ -0,0 +1,22 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: omgur
+ namespace: public-services
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: omgur
+ app.kubernetes.io/part-of: public-services
+spec:
+ selector:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: omgur
+ app.kubernetes.io/part-of: public-services
+ ports:
+ - protocol: TCP
+ port: 80
+ targetPort: 8080
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/deployment.yaml
new file mode 100644
index 0000000..f5f6064
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/deployment.yaml
@@ -0,0 +1,31 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: searxng
+ namespace: public-services
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: searxng
+ app.kubernetes.io/part-of: searxng
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: searxng
+ app.kubernetes.io/part-of: searxng
+ spec:
+ containers:
+ - name: searxng
+ image: searxng/searxng:2022.08.01-7c9c1124
+ ports:
+ - containerPort: 8080
+ env:
+ - name: BASE_URL
+ value: https://searxng.tyil.nl
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/ingress.yaml
new file mode 100644
index 0000000..0b8fe62
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/ingress.yaml
@@ -0,0 +1,26 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: searxng
+ namespace: public-services
+ annotations:
+ cert-manager.io/cluster-issuer: "letsencrypt-production"
+spec:
+ ingressClassName: "traefik"
+ tls:
+ - hosts:
+ - searxng.tyil.nl
+ secretName: tls-nl.tyil.searxng
+ rules:
+ - host: searxng.tyil.nl
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: searxng
+ port:
+ number: 80
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/service.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/service.yaml
new file mode 100644
index 0000000..23fb8ac
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/service.yaml
@@ -0,0 +1,17 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: searxng
+ namespace: public-services
+spec:
+ selector:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: searxng
+ app.kubernetes.io/part-of: searxng
+ ports:
+ - protocol: TCP
+ port: 80
+ targetPort: 8080
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/deployment.yaml
new file mode 100644
index 0000000..9542cde
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/deployment.yaml
@@ -0,0 +1,41 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: teddit
+ namespace: public-services
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: teddit
+ app.kubernetes.io/part-of: public-services
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: teddit
+ app.kubernetes.io/part-of: public-services
+ spec:
+ containers:
+ - name: teddit
+ image: teddit/teddit:latest
+ ports:
+ - containerPort: 8080
+ env:
+ - name: DOMAIN
+ value: "reddit.alt.tyil.nl"
+ - name: REDIS_DB
+ value: "1"
+ - name: REDIS_HOST
+ value: "10.57.100.7"
+ - name: TRUST_PROXY
+ value: "true"
+ - name: USE_HELMET
+ value: "true"
+ - name: USE_HELMET_HSTS
+ value: "true"
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/ingress.yaml
new file mode 100644
index 0000000..4830961
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/ingress.yaml
@@ -0,0 +1,31 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: teddit
+ namespace: public-services
+ annotations:
+ cert-manager.io/cluster-issuer: "letsencrypt-production"
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: teddit
+ app.kubernetes.io/part-of: public-services
+spec:
+ ingressClassName: "traefik"
+ tls:
+ - hosts:
+ - reddit.alt.tyil.nl
+ secretName: tls-nl.tyil.alt.reddit
+ rules:
+ - host: reddit.alt.tyil.nl
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: teddit
+ port:
+ number: 80
+...
diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/service.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/service.yaml
new file mode 100644
index 0000000..b91c1d1
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/service.yaml
@@ -0,0 +1,22 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: teddit
+ namespace: public-services
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: teddit
+ app.kubernetes.io/part-of: public-services
+spec:
+ selector:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: teddit
+ app.kubernetes.io/part-of: public-services
+ ports:
+ - protocol: TCP
+ port: 80
+ targetPort: 8080
+...
diff --git a/data.d/k3s-master/manifests.d/jaomox/namespaces.yaml b/data.d/k3s-master/manifests.d/jaomox/namespaces.yaml
new file mode 100644
index 0000000..2211e87
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/jaomox/namespaces.yaml
@@ -0,0 +1,12 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: base-system
+...
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: personal-services
+...
diff --git a/data.d/k3s-master/manifests.d/jaomox/personal-services/minio/persistent-volume-claim.yaml b/data.d/k3s-master/manifests.d/jaomox/personal-services/minio/persistent-volume-claim.yaml
new file mode 100644
index 0000000..fdb42dc
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/jaomox/personal-services/minio/persistent-volume-claim.yaml
@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: minio-data
+ namespace: personal-services
+spec:
+ storageClassName: manual
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 50Gi
+...
diff --git a/data.d/k3s-master/manifests.d/jaomox/personal-services/minio/persistent-volume.yaml b/data.d/k3s-master/manifests.d/jaomox/personal-services/minio/persistent-volume.yaml
new file mode 100644
index 0000000..45434e8
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/jaomox/personal-services/minio/persistent-volume.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: minio-data
+ namespace: personal-services
+spec:
+ storageClassName: manual
+ capacity:
+ storage: 50Gi
+ accessModes:
+ - ReadWriteOnce
+ hostPath:
+ path: /srv/personal-services/minio-data
+...
diff --git a/defaults b/defaults
index 78ab9b5..10e0fd8 100644
--- a/defaults
+++ b/defaults
@@ -7,6 +7,10 @@ dns.upstream.1=188.68.231.82
dns.upstream.2=51.83.172.84
dns.upstream.3=2a03:94e0:1804::1
dns.upstream.4=2001:470:71:6dc::53
+k3s-master.helm.repos.jetstack.url=https://charts.jetstack.io
+k3s-master.helm.apps.certmanager.chart=jetstack/cert-manager
+k3s-master.helm.apps.certmanager.namespace=base-system
+k3s-master.helm.apps.certmanager.values=certmanager.yaml
vpn-tinc.name=tyilnet
www-blog.generator=hugo
www-blog.path=/var/www/nl.tyil.www
diff --git a/hosts.d/hurzak.tyil.net b/hosts.d/hurzak.tyil.net
index e926555..9c781c0 100644
--- a/hosts.d/hurzak.tyil.net
+++ b/hosts.d/hurzak.tyil.net
@@ -5,20 +5,17 @@ bashtard.backup.repositories.1=rsync.net:{fqdn}
bashtard.ssh.host=10.57.20.7
meta.provider=leaseweb
vpn-tinc.ipv4=10.57.20.7
-k3s-hurzak.helm.repos.sealed-secrets.url=https://bitnami-labs.github.io/sealed-secrets
-k3s-hurzak.helm.repos.jetstack.url=https://charts.jetstack.io
-k3s-hurzak.helm.repos.bitnami.url=https://charts.bitnami.com/bitnami
-k3s-hurzak.helm.apps.sealedsecrets.chart=sealed-secrets/sealed-secrets
-k3s-hurzak.helm.apps.sealedsecrets.namespace=base-system
-k3s-hurzak.helm.apps.certmanager.chart=jetstack/cert-manager
-k3s-hurzak.helm.apps.certmanager.namespace=base-system
-k3s-hurzak.helm.apps.certmanager.values=certmanager.yaml
-k3s-hurzak.helm.apps.redis-nitter.chart=bitnami/redis
-k3s-hurzak.helm.apps.redis-nitter.namespace=public-services
-k3s-hurzak.helm.apps.redis-nitter.values=redis.yaml
-k3s-hurzak.helm.apps.redis-omgur.chart=bitnami/redis
-k3s-hurzak.helm.apps.redis-omgur.namespace=public-services
-k3s-hurzak.helm.apps.redis-omgur.values=redis.yaml
-k3s-hurzak.helm.apps.redis-teddit.chart=bitnami/redis
-k3s-hurzak.helm.apps.redis-teddit.namespace=public-services
-k3s-hurzak.helm.apps.redis-teddit.values=redis.yaml
+k3s-master.manifest-prefix=hurzak
+k3s-master.helm.repos.sealed-secrets.url=https://bitnami-labs.github.io/sealed-secrets
+k3s-master.helm.repos.bitnami.url=https://charts.bitnami.com/bitnami
+k3s-master.helm.apps.sealedsecrets.chart=sealed-secrets/sealed-secrets
+k3s-master.helm.apps.sealedsecrets.namespace=base-system
+k3s-master.helm.apps.redis-nitter.chart=bitnami/redis
+k3s-master.helm.apps.redis-nitter.namespace=public-services
+k3s-master.helm.apps.redis-nitter.values=redis.yaml
+k3s-master.helm.apps.redis-omgur.chart=bitnami/redis
+k3s-master.helm.apps.redis-omgur.namespace=public-services
+k3s-master.helm.apps.redis-omgur.values=redis.yaml
+k3s-master.helm.apps.redis-teddit.chart=bitnami/redis
+k3s-master.helm.apps.redis-teddit.namespace=public-services
+k3s-master.helm.apps.redis-teddit.values=redis.yaml
diff --git a/hosts.d/jaomox.tyil.net b/hosts.d/jaomox.tyil.net
index 01eec06..d39abc0 100644
--- a/hosts.d/jaomox.tyil.net
+++ b/hosts.d/jaomox.tyil.net
@@ -5,7 +5,8 @@ bashtard.backup.repositories.1=rsync.net:{fqdn}
bashtard.ssh.host=10.57.21.1
meta.provider=self
vpn-tinc.ipv4=10.57.21.1
-k3s-jaomox.helm.repos.minio.url=https://charts.min.io/
-k3s-jaomox.helm.apps.minio.chart=minio/minio
-k3s-jaomox.helm.apps.minio.namespace=personal-services
-k3s-jaomox.helm.apps.minio.values=minio.yaml
+k3s-master.manifest-prefix=jaomox
+k3s-master.helm.repos.minio.url=https://charts.min.io/
+k3s-master.helm.apps.minio.chart=minio/minio
+k3s-master.helm.apps.minio.namespace=personal-services
+k3s-master.helm.apps.minio.values=minio.yaml
diff --git a/playbooks.d/k3s-hurzak b/playbooks.d/k3s-hurzak
deleted file mode 160000
index 09191e3..0000000
--- a/playbooks.d/k3s-hurzak
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 09191e3eb172759619aefab5373abccbc5513200
diff --git a/playbooks.d/k3s-jaomox b/playbooks.d/k3s-jaomox
deleted file mode 160000
index e7d5c8e..0000000
--- a/playbooks.d/k3s-jaomox
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit e7d5c8e1e135b93762b5e8ca6f53077c6d2cc238
diff --git a/playbooks.d/k3s-master b/playbooks.d/k3s-master
new file mode 160000
index 0000000..00e7ed1
--- /dev/null
+++ b/playbooks.d/k3s-master
@@ -0,0 +1 @@
+Subproject commit 00e7ed1c2e5c4cd26aa91fe4e020b301250e252b
diff --git a/registry.d/hurzak.tyil.net b/registry.d/hurzak.tyil.net
index 286ffa2..2e7ea04 100644
--- a/registry.d/hurzak.tyil.net
+++ b/registry.d/hurzak.tyil.net
@@ -1,4 +1,4 @@
-k3s-hurzak
+k3s-master
ssh
user-tyil
vpn-tinc
diff --git a/registry.d/jaomox.tyil.net b/registry.d/jaomox.tyil.net
index c3910de..2e7ea04 100644
--- a/registry.d/jaomox.tyil.net
+++ b/registry.d/jaomox.tyil.net
@@ -1,3 +1,4 @@
+k3s-master
ssh
user-tyil
vpn-tinc
--
cgit v1.1