firefly

bootstrap/helmrepositories/helmrepository-firefly.yaml

@@ -0,0 +1,8 @@
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: firefly
+  namespace: flux-system
+spec:
+  interval: 15m
+  url: https://firefly-iii.github.io/kubernetes/

bootstrap/kustomizations/kustomization-firefly.yaml

@@ -0,0 +1,18 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: firefly
+  namespace: flux-system
+spec:
+  interval: 15m
+  path: ./firefly
+  prune: true # remove any elements later removed from the above path
+  timeout: 2m # if not set, this defaults to interval duration, which is 1h
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  healthChecks:
+    - apiVersion: helm.toolkit.fluxcd.io/v2beta1
+      kind: HelmRelease
+      name: firefly
+      namespace: firefly

bootstrap/namespaces/namespace-firefly.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: firefly

firefly/dns-endpoint.yaml

@@ -0,0 +1,17 @@
+apiVersion: externaldns.k8s.io/v1alpha1
+kind: DNSEndpoint
+metadata:
+  name: firefly.michaelthomson.dev
+  namespace: firefly
+spec:
+  endpoints:
+  - dnsName: firefly.michaelthomson.dev
+    recordTTL: 180
+    recordType: CNAME
+    targets:
+    - server.michaelthomson.dev
+  - dnsName: importer.michaelthomson.dev
+    recordTTL: 180
+    recordType: CNAME
+    targets:
+    - server.michaelthomson.dev

firefly/helmrelease-firefly.yaml

@@ -0,0 +1,64 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: firefly
+  namespace: firefly
+spec:
+  chart:
+    spec:
+      chart: firefly-iii/firefly-iii-stack
+      version: 0.7.x
+      sourceRef:
+        kind: HelmRepository
+        name: firefly
+        namespace: flux-system
+  interval: 15m
+  timeout: 5m
+  releaseName: immich
+  values:
+    firefly-db:
+      # if you set this to false it will not be installed
+      enabled: true
+      # environment variables
+      configs:
+        PGPASSWORD: "password"
+
+    firefly-iii:
+      # -- Set to false to not deploy Firefly III
+      enabled: true
+      secrets:
+        env:
+          APP_PASSWORD: "password"
+          DB_PASSWORD: "password"
+      ingress:
+        enabled: true
+        annotations:
+          traefik.ingress.kubernetes.io/router.entrypoints: websecure
+          # traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
+          traefik.ingress.kubernetes.io/router.tls: "true"
+        hosts:
+          - host: firefly.michaelthomson.dev
+            paths:
+              - path: "/"
+        tls:
+          - hosts:
+              - firefly.michaelthomson.dev
+            secretName: letsencrypt-wildcard-cert-michaelthomson.dev
+
+    importer:
+      # -- Set to false to not deploy the importer
+      enabled: true
+      ingress:
+        enabled: true
+        annotations:
+          traefik.ingress.kubernetes.io/router.entrypoints: websecure
+          # traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
+          traefik.ingress.kubernetes.io/router.tls: "true"
+        hosts:
+          - host: importer.michaelthomson.dev
+            paths:
+              - path: "/"
+        tls:
+          - hosts:
+              - importer.michaelthomson.dev
+            secretName: letsencrypt-wildcard-cert-michaelthomson.dev