bookstack

2026-02-04 13:09:53 +00:00 · 2023-12-28 15:51:39 -05:00
parent e737339d09
commit 9e1243e040
15 changed files with 162 additions and 49 deletions
--- a/actual/deployment.yaml
+++ b/actual/deployment.yaml
@@ -1,30 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: actual
-  namespace: actual
-spec:
-  selector:
-    matchLabels:
-      app: actual
-  template:
-    metadata:
-      labels:
-        app: actual
-    spec:
-      containers:
-      - name: actual
-        image: docker.io/actualbudget/actual-server:latest
-        ports:
-        - containerPort: 5006
-          name: http
-          protocol: TCP
-        volumeMounts:
-        - mountPath: /data
-          name: data
-      volumes:
-      - name: data
-        persistentVolumeClaim: 
-          claimName: actual-data
-            
-          
--- a/bookstack/bookstack-config.yaml
+++ b/bookstack/bookstack-config.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: bookstack-config
+  namespace: bookstack
+data:
+  PUID: "1000"
+  PGID: "1000"
+  APP_URL: https://bookstack.michaelthomson.dev
+  DB_HOST: bookstack-db
+  DB_PORT: "3306"
+  DB_DATABASE: bookstackapp
--- a/bookstack/bookstack-db-config.yaml
+++ b/bookstack/bookstack-db-config.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: bookstack-db-config
+  namespace: bookstack
+data:
+  PUID: "1000"
+  PGID: "1000"
+  MYSQL_DATABASE: bookstackapp
--- a/bookstack/bookstack-db-secret.yaml
+++ b/bookstack/bookstack-db-secret.yaml
@@ -0,0 +1,16 @@
+kind: SealedSecret
+apiVersion: bitnami.com/v1alpha1
+metadata:
+  name: bookstack-db-secret
+  namespace: bookstack
+  creationTimestamp:
+spec:
+  template:
+    metadata:
+      name: bookstack-db-secret
+      namespace: bookstack
+      creationTimestamp:
+  encryptedData:
+    MYSQL_PASSWORD: AgAEtwzCQZKiELCyoLH1lGX/u+j9NgLSWY47e1WNk80rB6gt/B9ffvw6y0kav4H70+SAh8TW+I/8bJoZsYnUFY0+rIYh6C4g1O7iLXHCBvYCBVE6uApGh/ShMqKaaR6VFkeOcHUNn7oo+Eyx2JzvMa/3vsz5DmkzXzAjv+rW6bYUYa3sOK2q0g4ENR8+rOZV6dWBLI0snihptTKgmC/uVeaJfCOEQGjestx5P2EgljVoLbde4ln9BAn8Jki+WpZZvrI0X3Ql8/gCzYEVyVwVrl3NAFRRzpzSKBqmh0uHF7Adw+yv1NnsblqcwKOc8R9+IVYh9wqpZtoWR0/1Cl+3T47ajXpUuyqrNvXyQUdFYtTrp+61+MLN1qadghJxNX98nRmfMZmhvqsgmMoP73weyZWRXaltx4OLud18Ekj4dXxM/XpFo3Al3vIJmWxFVyeZNO0qAfkcWwk4ZbpND+tHjWrndMqpFj7YjQrYkSsICZldTFH65MbKtM8JrTWtb4tahL1lZ2fWXCMTd1pJI4N0edOpkBIwf5hED8bH+vP6XrSSle6a7Y8gkZDMNXrP7v14UtKL5xPVci6jtrFL+UG+DGc31bRxbUmRcUB7OhTrVj1yWmVvz+5BBhyn+QkPTKW7Ya4ySlh/IUOkIL8LGluT2UprXo4DM11DXxK3P+pJngLeGBewXOpr9tuwYm75ubTmyJrP+wbtoTNXHIl5sdUAKmBfnMah
+    MYSQL_ROOT_PASSWORD: AgBgugCmihJplLAE3F0kMSTYdsjlzbZqanfhi12dyEDDGVi2VLo4Trcwp3GpYRn2G6fFu74XU017sgBj9UNmCp+bxBYA7Qa3BubbFicpQtV1ZH+9mOm6K18PGPaes7HqhlyYbozqEXeA17PPnzNWVpPUbnlye1DOoSlBZg1pxP0jfXqKK0V3CaXiK4wjaRSAdQtTXZvpZCCGzDff+zAt0l0oGObmsrzjr3g/5Yx46q4x3FKwItXMf5tquoQxZGMBMd52NWim/9BKiO/AhRo7O0SvuZQ0LKRWKvkhTsuW/mUvQfbZUcXluqzxF3WDlLWIBV5SUD35KvZURyPfqNCo+n7OOFrQDtHe/pY2h5P6rqa9cqJZhk2XRkKJwTVK0/53yKwAxuvpmz1x2i22HVoWAR2MygyaEcNB0YUqwqX+FO8MnZoL6Mnu5PkObdALmltQYVW45RyiP0xSw59VbCLYwg8ss0vLxPScNVLlxIVbBqEzzShnDKQPsI6QF+MG9Tc2HPLO6pSLKEGk3UXPEl5s63Ua0MANcI9p9CM1J3yGA9JRJcGauxNWUWEWTrlhIX/xly8QvlsEmKVdSPCrPhxh0FmCtYAI2kfjcrtEoObOybvaUyFpmXcNEy6ysNpvihtFdvEKdmuiMeJWAaXgoeBLrq3I5jrokWZN5lLFnk81DXo4MHuNSFy+g6qeUN0b+sPfSLKXOlDJqxMgDRVcnJ7vHOMo6f7s
+    MYSQL_USER: AgDdCO9kdcxiKJuOcu3y5roM50VSLrmr//Rx4uGh1f8ozZhZjb8Cpsaplx0HEFRRGngScsPq4Agm4SS5X7oxcUtuEbFARVw1ESrIqcekdt1SSVkqzcPySEMpi9J/F/yHL1zUUwRJiSd1ui3jGrwCdR8KuZC/kJSbFOQX+nJ/GxtyrQkMEWb5rMNvDeHsg49LxuFNHL1ThehcqZjoJyo6EyqFhO6Not9kIXc4wrK6OQJu6b8Y2b4O3vSJk0aSBX9+6mPj6l4XT0Na2b3ZQms6bPObyhqf0IlFrjofVNp4iNAIpcGHfZkrM+YwtVlKMwS9B9r4kjyNwnldGVVzFcsSLD3UXlNDNkqMHIyktDtdDYCFkn9Z0k/+4QFQG8bnqj3eYLVJIPzgnYzvzpi9qZRGnnvbXylL7SC/vJ9ZeUkPs/n1MfhIjG4BRJxS1Gt2KD0GpQJBEmKhLDf8KJn9YHyIRSIuco0Cvj06EOHeGwnKfuSWplQzZY6I6mAAA52u0L5t8+Yok6KUvXBTGcwLM5ia44r1SQUdlZzhps6rW28UqqBSZkHbMQ1+TUwXt70MQdsBmEsiLAFq2zrxeJIcypinH9vhAurODS8Ug/BP9xXYWC4FXJ4ssUku/PzdFnRHr2iW0goPFug42UuC/XrE9RU7uTYrA39z3AJ2HptVG/73abFcHKGPTlS778aAgaKwCL7Z6doslyYzBwUbrnU=
--- a/bookstack/bookstack-db-service.yaml
+++ b/bookstack/bookstack-db-service.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: bookstack-db
+  namespace: bookstack
+spec:
+  selector:
+    app: bookstack-db
+  ports:
+  - port: 3306
+    targetPort: 3306
--- a/bookstack/bookstack-secret.yaml
+++ b/bookstack/bookstack-secret.yaml
@@ -0,0 +1,15 @@
+kind: SealedSecret
+apiVersion: bitnami.com/v1alpha1
+metadata:
+  name: bookstack-secret
+  namespace: bookstack
+  creationTimestamp:
+spec:
+  template:
+    metadata:
+      name: bookstack-secret
+      namespace: bookstack
+      creationTimestamp:
+  encryptedData:
+    DB_PASS: AgArYCwRMaba1yKKJMRWZ0Ggr4ioZWPt7Z3PBDJhVl3WSKy6Hc3xhNTChcSbWAwAw5csP/mTbNiUU6/BYU5cCx0cbQ9jGoyVBDJ8bIboQHdYwgJ8JAC6jp4nN/o9+Se6ys2HrzgzsHnWTDxWaIZIjguAodQePhGQOOMCub+GnU5AvGwJfZLa0E+APanL/9cLzpMd6dCs7RZEQWvbOm5VBysAknhtTcfFdex2lbEoLRrJoNK0ZS6kImPQfJTyESs5O9dOBpg4okXD11UG2dpe0kotuXTMABL4nBumncR8kAmMLT8luB4OsV9h6rou7SDFvpRCxc6W6ZSKlgXp6rq6rhCh03ojMIz51BiDzDnYY5TjtI38S+J+OXZgvaZc8rlCFUf4GyGvcdn6r468MxDhADkx7KDgymVeSmoEPiq7HLg5yJZZS3CEKCFlgaj712hrESh/RLMOQxBNB3iv0dRXfVImUuIEA1vsd3g9bK9zQtgyjoNoJ+vfOY2wiOcciXA9GlYn08dyFElTlHpjJ0c7KM7ghPBoQv4iyjd9X3+w/85U69muFylLx8lirZ/vN61vHd5BnbxBCS1If0Ya6vfuYwGIofQAMJqwHbwIgZaCx6ZxsBc/L5Td1zPd9ObOf9JeN5VFS8E4Qj4qhqyPRgnDX6dxNKek2ShjS5SIJv+J2lc2dx/y1RWT9C1iJgkLAMfZtApoYCfUroRSjJWHgdFNtT4w8soC
+    DB_USER: AgAe41Zf+w5i5NXOM3TM+lLX7DCsFBM8uNTyDhWyJBkKjG6PuDI7CiP7ieV61anTIMEAckm05i53rdy4tpk136U5L+EpP+HP5W/DP2AVnHL0vaGAmaUNMyfy+IpuSenLXxyeM/v2io0C9vtxnJR7m6lYfdCn9bq3e9n0PoC5PG2ErEtjzQq0GhO6SPEhdtuamr4A0ouXI9O+iKHimphQ1OU5fEtUZRy4kDQ23nbp4fNg09tlmupOF44ywmrq+c2P4aZEDXolDrd94JaGcnb0/IOjeaFVi42xC5jwt5LIyWHocOCYzkCE9l9wmRaorQz+pd/BLewoBJ43bjmqbyksdQ9plGp/0V6r2jeLwQP3eRjE0gLTCTs4QQ/Q8djqLKwNFfewOhbNANv8r9LiQnnpxJ0cVrFHZyoPkkt8vJgE3MS8luj8CdqgMtf1XEu9vLLVnlUh+Tcv7zJa0qt14nILzbO6BHln2VhZDdapBVSKAQz0B90Gohs6LCE71p+mdsTMin5YZ5/ml3/sDTOnrrugxwscw0DP7KwvECNzo948SclF75VzTx69u/mscBBcDiYiIbdYhLjlu9krF4Mf8Mh8UZJ4vvM4ivgBLp9zf9s4O5hUngG5bQlrLX4NIHURCHTQ8WkRhqgWGhvU37/6SxasPUbTQYlcKKXG+PAp5qJkFfaz0qqHP2IYHG2t4rwGMl5udf3OHflIORY8uq4=
--- a/bookstack/bookstack-service.yaml
+++ b/bookstack/bookstack-service.yaml
@@ -1,11 +1,11 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: actual
-  namespace: actual
+  name: bookstack
+  namespace: bookstack
 spec:
  selector:
-    app: actual
+    app: bookstack
  ports:
  - port: 80
    targetPort: http
--- a/bookstack/deployment-bookstack-db.yaml
+++ b/bookstack/deployment-bookstack-db.yaml
@@ -0,0 +1,33 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: bookstack-db
+  namespace: bookstack
+spec:
+  selector:
+    matchLabels:
+      app: bookstack-db
+  template:
+    metadata:
+      labels:
+        app: bookstack-db
+    spec:
+      containers:
+      - name: bookstack-db
+        image: lscr.io/linuxserver/mariadb
+        envFrom:
+        - configMapRef:
+            name: bookstack-db-config
+        - secretRef:
+            name: bookstack-db-secret
+        ports:
+        - containerPort: 3306
+        volumeMounts:
+        - mountPath: /config
+          name: config
+      volumes:
+      - name: config
+        persistentVolumeClaim: 
+          claimName: bookstack-db-config
+            
+          
--- a/bookstack/deployment-bookstack.yaml
+++ b/bookstack/deployment-bookstack.yaml
@@ -0,0 +1,35 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: bookstack
+  namespace: bookstack
+spec:
+  selector:
+    matchLabels:
+      app: bookstack
+  template:
+    metadata:
+      labels:
+        app: bookstack
+    spec:
+      containers:
+      - name: bookstack
+        image: lscr.io/linuxserver/bookstack
+        envFrom:
+        - configMapRef:
+            name: bookstack-config
+        - secretRef:
+            name: bookstack-secret
+        ports:
+        - containerPort: 6875
+          name: http
+          protocol: TCP
+        volumeMounts:
+        - mountPath: /config
+          name: config
+      volumes:
+      - name: config
+        persistentVolumeClaim: 
+          claimName: bookstack-config
+            
+          
--- a/bookstack/dns-endpoint.yaml
+++ b/bookstack/dns-endpoint.yaml
@@ -1,11 +1,11 @@
 apiVersion: externaldns.k8s.io/v1alpha1
 kind: DNSEndpoint
 metadata:
-  name: actual.michaelthomson.dev
-  namespace: actual
+  name: bookstack.michaelthomson.dev
+  namespace: bookstack
 spec:
  endpoints:
-  - dnsName: actual.michaelthomson.dev
+  - dnsName: bookstack.michaelthomson.dev
    recordTTL: 180
    recordType: CNAME
    targets:
--- a/bookstack/ingress.yaml
+++ b/bookstack/ingress.yaml
@@ -1,25 +1,25 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: actual
-  namespace: actual
+  name: bookstack
+  namespace: bookstack
  annotations:
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
    traefik.ingress.kubernetes.io/router.tls: "true"
 spec:
  rules:
-  - host: actual.michaelthomson.dev
+  - host: bookstack.michaelthomson.dev
    http:
      paths:
      - pathType: ImplementationSpecific
        path: /
        backend:
          service:
-            name: actual
+            name: bookstack
            port: 
              name: http
  tls:
    - hosts:
-        - actual.michaelthomson.dev
+        - bookstack.michaelthomson.dev
      secretName: letsencrypt-wildcard-cert-michaelthomson.dev
--- a/bookstack/pvc-bookstack-config.yaml
+++ b/bookstack/pvc-bookstack-config.yaml
@@ -1,12 +1,12 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: actual-data
-  namespace: actual
+  name: bookstack-config
+  namespace: bookstack
 spec:
  resources:
    requests:
-      storage: 2Gi
+      storage: 1Gi
  storageClassName: longhorn
  accessModes:
    - ReadWriteOnce
--- a/bookstack/pvc-bookstack-db-config.yaml
+++ b/bookstack/pvc-bookstack-db-config.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: bookstack-db-config
+  namespace: bookstack
+spec:
+  resources:
+    requests:
+      storage: 1Gi
+  storageClassName: longhorn
+  accessModes:
+    - ReadWriteOnce
--- a/bootstrap/kustomizations/kustomization-bookstack.yaml
+++ b/bootstrap/kustomizations/kustomization-bookstack.yaml
@@ -1,11 +1,11 @@
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
-  name: actual
+  name: bookstack
  namespace: flux-system
 spec:
  interval: 30m
-  path: ./actual
+  path: ./bookstack
  prune: true # remove any elements later removed from the above path
  timeout: 2m # if not set, this defaults to interval duration, which is 1h
  sourceRef:
@@ -14,5 +14,5 @@ spec:
  healthChecks:
    - apiVersion: apps/v1
      kind: Deployment
-      name: actual
-      namespace: actual
+      name: bookstack
+      namespace: bookstack
--- a/bootstrap/namespaces/namespace-bookstack.yaml
+++ b/bootstrap/namespaces/namespace-bookstack.yaml
@@ -1,4 +1,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: actual
+  name: bookstack