diff --git a/bootstrap/helmrepositories/helmrepository-alekc.yaml b/bootstrap/helmrepositories/helmrepository-alekc.yaml deleted file mode 100644 index 5b37395..0000000 --- a/bootstrap/helmrepositories/helmrepository-alekc.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: alekc - namespace: flux-system -spec: - interval: 15m - url: https://charts.alekc.dev diff --git a/bootstrap/helmrepositories/helmrepository-halkeye.yaml b/bootstrap/helmrepositories/helmrepository-halkeye.yaml deleted file mode 100644 index d57f783..0000000 --- a/bootstrap/helmrepositories/helmrepository-halkeye.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: halkeye - namespace: flux-system -spec: - interval: 15m - url: https://halkeye.github.io/helm-charts/ diff --git a/bootstrap/helmrepositories/helmrepository-utkuozdemir.yaml b/bootstrap/helmrepositories/helmrepository-utkuozdemir.yaml deleted file mode 100644 index f2bc9ba..0000000 --- a/bootstrap/helmrepositories/helmrepository-utkuozdemir.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: utkuozdemir - namespace: flux-system -spec: - interval: 15m - url: https://utkuozdemir.org/helm-charts diff --git a/bootstrap/kustomizations/kustomization-jellyfin.yaml b/bootstrap/kustomizations/kustomization-jellyfin.yaml deleted file mode 100644 index 4155356..0000000 --- a/bootstrap/kustomizations/kustomization-jellyfin.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: kustomize.toolkit.fluxcd.io/v1beta1 -kind: Kustomization -metadata: - name: jellyfin - namespace: flux-system -spec: - interval: 15m - path: jellyfin - prune: true # remove any elements later removed from the above path - timeout: 2m # if not set, this defaults to interval duration, which is 1h - sourceRef: - kind: GitRepository - name: flux-system - validation: server - healthChecks: - - apiVersion: helm.toolkit.fluxcd.io/v2beta1 - kind: HelmRelease - name: jellyfin - namespace: jellyfin - - apiVersion: helm.toolkit.fluxcd.io/v2beta1 - kind: HelmRelease - name: transmission-openvpn - namespace: jellyfin diff --git a/bootstrap/namespaces/namespace-jellyfin.yaml b/bootstrap/namespaces/namespace-jellyfin.yaml deleted file mode 100644 index 167a2cb..0000000 --- a/bootstrap/namespaces/namespace-jellyfin.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: jellyfin diff --git a/jellyfin/dns-endpoint-jackett.yaml b/jellyfin/dns-endpoint-jackett.yaml deleted file mode 100644 index 06371d7..0000000 --- a/jellyfin/dns-endpoint-jackett.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: jackett.michaelthomson.dev - namespace: jellyfin -spec: - endpoints: - - dnsName: jackett.michaelthomson.dev - recordTTL: 180 - recordType: CNAME - targets: - - server.michaelthomson.dev diff --git a/jellyfin/dns-endpoint-jellyfin.yaml b/jellyfin/dns-endpoint-jellyfin.yaml deleted file mode 100644 index d730ba7..0000000 --- a/jellyfin/dns-endpoint-jellyfin.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: jellyfin.michaelthomson.dev - namespace: jellyfin -spec: - endpoints: - - dnsName: jellyfin.michaelthomson.dev - recordTTL: 180 - recordType: CNAME - targets: - - server.michaelthomson.dev diff --git a/jellyfin/dns-endpoint-radarr.yaml b/jellyfin/dns-endpoint-radarr.yaml deleted file mode 100644 index 5ae9649..0000000 --- a/jellyfin/dns-endpoint-radarr.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: radarr.michaelthomson.dev - namespace: jellyfin -spec: - endpoints: - - dnsName: radarr.michaelthomson.dev - recordTTL: 180 - recordType: CNAME - targets: - - server.michaelthomson.dev diff --git a/jellyfin/dns-endpoint-transmission-openvpn.yaml b/jellyfin/dns-endpoint-transmission-openvpn.yaml deleted file mode 100644 index 2cd9cb8..0000000 --- a/jellyfin/dns-endpoint-transmission-openvpn.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: transmission.michaelthomson.dev - namespace: jellyfin -spec: - endpoints: - - dnsName: transmission.michaelthomson.dev - recordTTL: 180 - recordType: CNAME - targets: - - server.michaelthomson.dev diff --git a/jellyfin/helmrelease-jackett.yaml b/jellyfin/helmrelease-jackett.yaml deleted file mode 100644 index be65870..0000000 --- a/jellyfin/helmrelease-jackett.yaml +++ /dev/null @@ -1,90 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: jackett - namespace: jellyfin -spec: - chart: - spec: - chart: jackett - version: 0.1.3 - sourceRef: - kind: HelmRepository - name: halkeye - namespace: flux-system - interval: 15m - timeout: 5m - releaseName: jackett - values: - # Default values for jackett. - # This is a YAML-formatted file. - # Declare variables to be passed into your templates. - - replicaCount: 1 - - strategy: - type: Recreate - - image: - repository: linuxserver/jackett - tag: "{{ .Chart.AppVersion }}" - pullPolicy: Always - - nameOverride: "" - fullnameOverride: "" - - service: - type: ClusterIP - port: 9117 - - jackett: - uid: 1000 - gid: 1000 - tz: UTC - run_opts: "" - - ingress: - enabled: false - annotations: - traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd - hosts: - - jackett.michaelthomson.dev - paths: - - / - tls: - - secretName: letsencrypt-wildcard-cert-michaelthomson.dev - hosts: - - jackett.michaelthomson.dev - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - nodeSelector: {} - - tolerations: [] - - affinity: {} - - persistence: - enabled: true - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - storageClassName: longhorn - accessModes: - - ReadWriteOnce - size: 1Gi diff --git a/jellyfin/helmrelease-jellyfin.yaml b/jellyfin/helmrelease-jellyfin.yaml deleted file mode 100644 index a725ea6..0000000 --- a/jellyfin/helmrelease-jellyfin.yaml +++ /dev/null @@ -1,216 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: jellyfin - namespace: jellyfin -spec: - chart: - spec: - chart: jellyfin - version: 2.x - sourceRef: - kind: HelmRepository - name: utkuozdemir - namespace: flux-system - interval: 15m - timeout: 5m - releaseName: jellyfin - values: - # -- Number of replicas to run. Chart is not designed to scale horizontally, use at your own risk - replicaCount: 1 - - # -- Use host network - hostNetwork: false - - port: 8096 - hostPort: - # -- Use host port for the application - enabled: false - # -- Host port to bind to - port: 8096 - - # -- Additional port definitions for the pod - additionalPorts: [] - # - name: tcp-8920 - # containerPort: 8920 - # protocol: TCP - # hostPort: 8920 - # - name: udp-1900 - # containerPort: 1900 - # protocol: UDP - # hostPort: 1900 - # - name: udp-7359 - # containerPort: 7359 - # protocol: UDP - # hostPort: 7359 - - # -- Additional port definitions for the service - additionalServicePorts: [] - - image: - # -- Image repository - repository: docker.io/linuxserver/jellyfin - # -- Image pull policy - pullPolicy: IfNotPresent - # -- Image tag (if not specified, defaults to the chart's appVersion) - tag: "" - - # -- Image pull secrets - imagePullSecrets: [] - # -- String to partially override fullname template with a string (will prepend the release name) - nameOverride: "" - # -- String to fully override fullname template with a string - fullnameOverride: "" - - serviceAccount: - # -- Specifies whether a service account should be created - create: true - # -- Annotations to add to the service account - annotations: {} - # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template - name: "" - - # -- Annotations for the pods - podAnnotations: {} - - # -- Security context for the pods - podSecurityContext: {} - - # -- Security context for the container. NET_ADMIN capability is required for the VPN to work properly. - securityContext: - capabilities: - add: - - NET_ADMIN - - # -- Deployment strategy - strategy: - type: Recreate - - service: - # -- Type of the service - type: ClusterIP - # -- Port for the service to use - port: 8096 - - ingress: - # -- Expose the app using an ingress - enabled: true - # -- Ingress class name - className: traefik - # -- Annotations for the ingress - annotations: - traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd - # -- Ingress hosts configuration - # @default -- see [values.yaml](values.yaml) - hosts: - - host: jellyfin.michaelthomson.dev - paths: - - path: / - pathType: ImplementationSpecific - # -- The TLS configuration for the Ingress - tls: - - secretName: letsencrypt-wildcard-cert-michaelthomson.dev - hosts: - - jellyfin.michaelthomson.dev - - # -- The resource requests and limits of the container - resources: {} - - # -- The node selector for the deployment - nodeSelector: {} - - # -- Tolerations for the pod assignment - tolerations: [] - - # -- Affinity for the pod assignment - affinity: {} - - persistence: - config: - # -- Config: Enable persistence - enabled: true - # -- Config: Persistence type is pvc. When `false`, data volume definition is read from `persistence.config.customVolume` - isPvc: true - # -- Config: Name of the existing claim to be used for config - existingClaim: "" - # -- Config: Storage class for the volume - storageClass: longhorn - # -- Config: Annotations for the claim - annotations: {} - # helm.sh/resource-policy: keep - # -- Config: Access modes for the claim - accessModes: - - ReadWriteOnce - # -- Config: Size for the claim - size: 2Gi - # -- Config: Alternative data volume definition (e.g. nfs, hostPath). Used when `persistence.config.isPvc` is `false` - customVolume: {} - # hostPath: - # path: /path/on/host - data: - # -- Data: Enable persistence - enabled: true - # -- Data: Persistence type is pvc. When `false`, data volume definition is read from `persistence.data.customVolume` - isPvc: true - # -- Data: Name of the existing claim to be used - existingClaim: "" - # -- Data: Storage class for the data volume - storageClass: longhorn - # -- Data: Annotations for the claim - annotations: {} - # helm.sh/resource-policy: keep - # -- Data: Access modes for the claim - accessModes: - - ReadWriteMany - # -- Data: Size for the claim - size: 64Gi - # -- Data: Alternative data volume definition (e.g. nfs, hostPath). Used when `persistence.data.isPvc` is `false` - customVolume: {} - # hostPath: - # path: /path/on/host - - # -- Non-sensitive environment variables to be set in the pods. See the [application docs](https://docs.linuxserver.io/images/docker-jellyfin) - env: {} - - # -- Sensitive environment variables to be set in the pods. See the [application docs](https://docs.linuxserver.io/images/docker-jellyfin) - secretEnv: {} - - # -- DNS configuration for the pod - dnsConfig: {} - - # -- DNS policy for the pod - dnsPolicy: ClusterFirst - - # -- Arbitrary extra volume definitions for the pod - extraVolumes: [] - - # -- Arbitrary extra volume mounts for the pod - extraVolumeMounts: {} - - # -- Pod liveness probe - livenessProbe: {} - - # -- Pod readiness probe - readinessProbe: - httpGet: - port: http - - # -- Init containers - initContainers: [] - # - name: init - # image: busybox:stable-musl - # command: - # - sh - # - -c - # - echo "initializing..." - - # -- Sidecar containers - sidecarContainers: [] - # - name: sidecar - # image: busybox:stable-musl - # command: - # - tail - # - -f - # - /dev/null diff --git a/jellyfin/helmrelease-radarr.yaml b/jellyfin/helmrelease-radarr.yaml deleted file mode 100644 index 16ee68b..0000000 --- a/jellyfin/helmrelease-radarr.yaml +++ /dev/null @@ -1,130 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: radarr - namespace: jellyfin -spec: - chart: - spec: - chart: radarr - version: 1.1.x - sourceRef: - kind: HelmRepository - name: alekc - namespace: flux-system - interval: 15m - timeout: 5m - releaseName: radarr - values: - # Default values for radarr. - # This is a YAML-formatted file. - # Declare variables to be passed into your templates. - replicaCount: 1 - - image: - repository: hotio/radarr - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "" - - deployment: - # -- Deployment strategy - strategy: - type: Recreate - - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - - podAnnotations: {} - - podSecurityContext: - {} - # fsGroup: 2000 - - securityContext: - {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - - service: - type: ClusterIP - port: 80 - - ingress: - enabled: true - # -- Ingress class name - className: traefik - # -- Annotations for the ingress - annotations: - traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd - # -- Ingress hosts configuration - # @default -- see [values.yaml](values.yaml) - hosts: - - host: radarr.michaelthomson.dev - paths: - - path: / - pathType: ImplementationSpecific - # -- The TLS configuration for the Ingress - tls: - - secretName: letsencrypt-wildcard-cert-michaelthomson.dev - hosts: - - radarr.michaelthomson.dev - - resources: - {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - - nodeSelector: {} - - tolerations: [] - - affinity: {} - - env: - PUID: "1000" - PGID: "1000" - TZ: "America/Toronto" - UMASK: "002" - - persistence: - storageClass: "longhorn" - existingClaim: "" - enabled: true - accessMode: ReadWriteOnce - size: 800Mi - # if you need any additional volumes, you can define them here - additionalVolumes: [] - # if you need any additional volume mounts, you can define them here - additionalMounts: [] diff --git a/jellyfin/helmrelease-transmission-openvpn.yaml b/jellyfin/helmrelease-transmission-openvpn.yaml deleted file mode 100644 index 8112a94..0000000 --- a/jellyfin/helmrelease-transmission-openvpn.yaml +++ /dev/null @@ -1,212 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: transmission-openvpn - namespace: jellyfin -spec: - chart: - spec: - chart: transmission-openvpn - version: 2.x - sourceRef: - kind: HelmRepository - name: utkuozdemir - namespace: flux-system - interval: 15m - timeout: 5m - releaseName: transmission-openvpn - values: - # -- Number of replicas to run. Chart is not designed to scale horizontally, use at your own risk - replicaCount: 1 - - # -- Use host network - hostNetwork: false - - hostPort: - # -- Use host port for the application - enabled: false - # -- Host port to bind to - port: 9091 - - # -- Common labels for all resources of the chart - commonLabels: {} - - # -- Additional port definitions for the pod - additionalPorts: [] - - # -- Additional port definitions for the service - additionalServicePorts: [] - - image: - # -- Image repository - repository: haugene/transmission-openvpn - # -- Image pull policy - pullPolicy: IfNotPresent - # -- Image tag (if not specified, defaults to the chart's appVersion) - tag: "4.3.2" - - # -- Image pull secrets - imagePullSecrets: [] - # -- String to partially override fullname template with a string (will prepend the release name) - nameOverride: "" - # -- String to fully override fullname template with a string - fullnameOverride: "" - - serviceAccount: - # -- Specifies whether a service account should be created - create: true - # -- Annotations to add to the service account - annotations: {} - # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template - name: "" - - # -- Annotations for the pods - podAnnotations: {} - - # -- Security context for the pods - podSecurityContext: {} - - # -- Security context for the container. NET_ADMIN capability is required for the VPN to work properly. - securityContext: - capabilities: - add: - - NET_ADMIN - - # -- Deployment strategy - strategy: - type: Recreate - - service: - # -- Type of the service - type: ClusterIP - # -- Port for the service to use - port: 80 - # -- Service annotations - annotations: {} - # -- clusterIP for the service - clusterIP: "" - # -- loadBalancerIP for the service - loadBalancerIP: "" - # -- externalName for the service - externalName: "" - # -- loadBalancerClass for the service - loadBalancerClass: "" - - ingress: - # -- Expose the app using an ingress - enabled: true - # -- Ingress class name - className: traefik - # -- Annotations for the ingress - annotations: - traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd - # -- Ingress hosts configuration - # @default -- see [values.yaml](values.yaml) - hosts: - - host: transmission.michaelthomson.dev - paths: - - path: / - pathType: ImplementationSpecific - # -- The TLS configuration for the Ingress - tls: - - secretName: letsencrypt-wildcard-cert-michaelthomson.dev - hosts: - - transmission.michaelthomson.dev - - # -- The resource requests and limits of the container - resources: {} - - # -- The node selector for the deployment - nodeSelector: {} - - # -- Tolerations for the pod assignment - tolerations: [] - - # -- Affinity for the pod assignment - affinity: {} - - persistence: - # -- Enable persistence - enabled: true - # -- Persistence type is pvc. When `false`, data volume definition is read from `persistence.dataVolume` - isPvc: true - # -- Name of the existing claim to be used - existingClaim: "jellyfin-data" - # -- Storage class for the data volume - storageClass: "" - # -- Volume name override for the pvc - volumeName: "" - # -- Annotations for the claim - annotations: {} - # helm.sh/resource-policy: keep - # -- Access modes for the claim - accessModes: - - ReadWriteOnce - # -- Size for the claim - size: 64Gi - # -- Alternative data volume definition (e.g. nfs, hostPath). Used when `persistence.isPvc` is `false` - dataVolume: {} - # hostPath: - # path: /path/on/host - - # -- Non-sensitive environment variables to be set in the pods. See the [application docs](https://haugene.github.io/docker-transmission-openvpn/config-options/) - env: - OPENVPN_PROVIDER: PROTONVPN - OPENVPN_CONFIG: us.protonvpn.net.udp - LOCAL_NETWORK: "10.42.0.0/16,192.168.2.0/24" - # CREATE_TUN_DEVICE: "true" - OPENVPN_OPTS: --inactive 3600 --ping 10 --ping-exit 60 - - # -- Sensitive environment variables to be set in the pods. See the [application docs](https://haugene.github.io/docker-transmission-openvpn/config-options/) - secretEnv: - OPENVPN_USERNAME: wSNJV3UTu7K8fxBV - OPENVPN_PASSWORD: fh7dwMzYzJGmHgTo5nTlirjaO0LANcUa - - # -- Mount the /dev/net/tun device into the pod. Required by OpenVPN when a `tun` device is used - mountTunDevice: false - - # -- DNS configuration for the pod - dnsConfig: {} - - # -- DNS policy for the pod - dnsPolicy: ClusterFirst - - # -- Arbitrary extra volume definitions for the pod - extraVolumes: [] - # - name: custom-provider-config - # secret: - # defaultMode: 420 - # secretName: openvpn-custom - - # -- Arbitrary extra volume mounts for the pod - extraVolumeMounts: {} - # - mountPath: /etc/openvpn/custom/ - # name: custom-provider-config - - # -- Pod liveness probe - livenessProbe: {} - - # -- Pod readiness probe - readinessProbe: - tcpSocket: - port: http - - # -- Init containers - initContainers: [] - # - name: init - # image: busybox:stable-musl - # command: - # - sh - # - -c - # - echo "initializing..." - - # -- Sidecar containers - sidecarContainers: [] - # - name: sidecar - # image: busybox:stable-musl - # command: - # - tail - # - -f - # - /dev/null diff --git a/jellyfin/ingress-jackett.yaml b/jellyfin/ingress-jackett.yaml deleted file mode 100644 index e9f7660..0000000 --- a/jellyfin/ingress-jackett.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: jackett - namespace: jellyfin - annotations: - traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd -spec: - ingressClassName: traefik - tls: - - secretName: letsencrypt-wildcard-cert-michaelthomson.dev - hosts: - - jackett.michaelthomson.dev - rules: - - host: jackett.michaelthomson.dev - http: - paths: - - backend: - service: - name: jackett - port: - number: 9117 - path: / - pathType: ImplementationSpecific -