diff --git a/bootstrap/kustomizations/kustomization-syncthing.yaml b/bootstrap/kustomizations/kustomization-syncthing.yaml new file mode 100644 index 0000000..2e7f54f --- /dev/null +++ b/bootstrap/kustomizations/kustomization-syncthing.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: syncthing + namespace: flux-system +spec: + interval: 15m + path: ./syncthing + prune: true # remove any elements later removed from the above path + timeout: 2m # if not set, this defaults to interval duration, which is 1h + sourceRef: + kind: GitRepository + name: flux-system + healthChecks: + - apiVersion: apps/v1 + kind: Deployment + name: syncthing + namespace: syncthing diff --git a/bootstrap/namespaces/namespace-syncthing.yaml b/bootstrap/namespaces/namespace-syncthing.yaml new file mode 100644 index 0000000..399f956 --- /dev/null +++ b/bootstrap/namespaces/namespace-syncthing.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: syncthing diff --git a/syncthing/deployment.yaml b/syncthing/deployment.yaml new file mode 100644 index 0000000..1bf0b18 --- /dev/null +++ b/syncthing/deployment.yaml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: syncthing + namespace: syncthing +spec: + selector: + matchLabels: + app: syncthing + template: + metadata: + labels: + app: syncthing + spec: + containers: + - env: + - name: PGID + value: "1000" + - name: PUID + value: "1000" + image: syncthing/syncthing + name: syncthing + ports: + - containerPort: 8384 + name: http + protocol: TCP + - containerPort: 22000 + name: tcp + protocol: TCP + - containerPort: 22000 + name: quic + protocol: UDP + - containerPort: 21027 + name: discovery + protocol: UDP + volumeMounts: + - mountPath: /var/syncthing + name: data + restartPolicy: Always + volumes: + - name: data + persistentVolumeClaim: + claimName: data diff --git a/syncthing/dns-endpoint.yaml b/syncthing/dns-endpoint.yaml new file mode 100644 index 0000000..b4f5836 --- /dev/null +++ b/syncthing/dns-endpoint.yaml @@ -0,0 +1,12 @@ +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: syncthing.michaelthomson.dev + namespace: syncthing +spec: + endpoints: + - dnsName: syncthing.michaelthomson.dev + recordTTL: 180 + recordType: CNAME + targets: + - server.michaelthomson.dev diff --git a/syncthing/ingress.yaml b/syncthing/ingress.yaml new file mode 100644 index 0000000..65a576b --- /dev/null +++ b/syncthing/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: syncthing + namespace: syncthing + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" +spec: + rules: + - host: syncthing.michaelthomson.dev + http: + paths: + - pathType: ImplementationSpecific + path: / + backend: + service: + name: syncthing + port: + name: http + tls: + - hosts: + - syncthing.michaelthomson.dev + secretName: letsencrypt-wildcard-cert-michaelthomson.dev diff --git a/syncthing/pvc-data.yaml b/syncthing/pvc-data.yaml new file mode 100644 index 0000000..595d225 --- /dev/null +++ b/syncthing/pvc-data.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: data + namespace: syncthing +spec: + accessModes: + - ReadWriteOnce + storageClassName: nfs-client + resources: + requests: + storage: 1Ti diff --git a/syncthing/service.yaml b/syncthing/service.yaml new file mode 100644 index 0000000..6286054 --- /dev/null +++ b/syncthing/service.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: syncthing + namespace: syncthing +spec: + selector: + app: syncthing + ports: + - name: http + port: 8384 + targetPort: http + - name: tcp + port: 22000 + targetPort: tcp + - name: quic + port: 22000 + protocol: UDP + targetPort: quic + - name: discovery + port: 21027 + protocol: UDP + targetPort: discovery