Dan V
deb6c38d7b
- Add .gitignore: exclude compiled binaries, build artifacts, and Helm values files containing real secrets (authentik, prometheus) - Add all Kubernetes deployment manifests (deployment/) - Add services source code: ha-sync, device-inventory, games-console, paperclip, parts-inventory - Add Ansible orchestration: playbooks, roles, inventory, cloud-init - Add hardware specs, execution plans, scripts, HOMELAB.md - Add skills/homelab/SKILL.md + skills/install.sh to preserve Copilot skill - Remove previously-tracked inventory-cli binary from git index Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
158 lines
3.7 KiB
YAML
158 lines
3.7 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
annotations: {}
|
|
name: owncloud-config
|
|
namespace: storage
|
|
data:
|
|
OWNCLOUD_ADMIN_PASSWORD: YYuiwhdyfUOjjoako
|
|
OWNCLOUD_ADMIN_USERNAME: sefu
|
|
OWNCLOUD_DB_HOST: owncloud-mariadb
|
|
OWNCLOUD_DB_NAME: owncloud
|
|
OWNCLOUD_DB_TYPE: mysql
|
|
OWNCLOUD_DOMAIN: localhost:8080
|
|
OWNCLOUD_MYSQL_UTF8MB4: 'true'
|
|
OWNCLOUD_REDIS_ENABLED: 'true'
|
|
OWNCLOUD_REDIS_HOST: owncloud-redis
|
|
OWNCLOUD_TRUSTED_DOMAINS: drive.vandachevici.ro
|
|
---
|
|
# NOTE: Secret 'owncloud-db-secret' must be created manually:
|
|
# kubectl create secret generic owncloud-db-secret \
|
|
# --from-literal=root-password=<ROOT_PASS> \
|
|
# --from-literal=user=<USER> \
|
|
# --from-literal=password=<PASS> \
|
|
# --from-literal=database=owncloud \
|
|
# -n storage
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
annotations: {}
|
|
name: owncloud-files-v2-pvc
|
|
namespace: storage
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 190Gi
|
|
storageClassName: nfs-owncloud
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
annotations: {}
|
|
name: owncloud-server
|
|
namespace: storage
|
|
spec:
|
|
replicas: 2
|
|
selector:
|
|
matchLabels:
|
|
app: owncloud-server
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: owncloud-server
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
app: owncloud-server
|
|
topologyKey: kubernetes.io/hostname
|
|
containers:
|
|
- env:
|
|
- name: OWNCLOUD_DB_USERNAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: user
|
|
name: owncloud-db-secret
|
|
- name: OWNCLOUD_DB_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: password
|
|
name: owncloud-db-secret
|
|
envFrom:
|
|
- configMapRef:
|
|
name: owncloud-config
|
|
image: owncloud/server:10.12
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- /usr/bin/healthcheck
|
|
failureThreshold: 5
|
|
initialDelaySeconds: 120
|
|
periodSeconds: 30
|
|
timeoutSeconds: 10
|
|
name: owncloud
|
|
ports:
|
|
- containerPort: 8080
|
|
name: http
|
|
readinessProbe:
|
|
exec:
|
|
command:
|
|
- /usr/bin/healthcheck
|
|
failureThreshold: 5
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 10
|
|
timeoutSeconds: 10
|
|
resources:
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 2Gi
|
|
requests:
|
|
cpu: 200m
|
|
memory: 512Mi
|
|
volumeMounts:
|
|
- mountPath: /mnt/data
|
|
name: owncloud-files
|
|
volumes:
|
|
- name: owncloud-files
|
|
persistentVolumeClaim:
|
|
claimName: owncloud-files-v2-pvc
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
annotations: {}
|
|
name: owncloud-server
|
|
namespace: storage
|
|
spec:
|
|
ports:
|
|
- name: http
|
|
port: 8080
|
|
targetPort: 8080
|
|
selector:
|
|
app: owncloud-server
|
|
type: ClusterIP
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
nginx.ingress.kubernetes.io/proxy-body-size: '0'
|
|
nginx.ingress.kubernetes.io/proxy-read-timeout: '600'
|
|
nginx.ingress.kubernetes.io/proxy-send-timeout: '600'
|
|
nginx.ingress.kubernetes.io/use-forwarded-headers: 'true'
|
|
name: owncloud
|
|
namespace: storage
|
|
spec:
|
|
ingressClassName: nginx
|
|
rules:
|
|
- host: drive.vandachevici.ro
|
|
http:
|
|
paths:
|
|
- backend:
|
|
service:
|
|
name: owncloud-server
|
|
port:
|
|
number: 8080
|
|
path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- hosts:
|
|
- drive.vandachevici.ro
|
|
secretName: owncloud-tls
|