From c7181b37662a473999a6a2644152959c072ac511 Mon Sep 17 00:00:00 2001 From: Danny Bessems Date: Tue, 19 Sep 2023 10:02:18 +0200 Subject: [PATCH] Paperless--;Argus++ --- services/Argus/_namespace-Argus.yml | 4 + services/Argus/configMap-Argus.yml | 72 ++++++++++ services/Argus/deployment-Argus.yml | 37 +++++ services/Argus/ingressRoute-Argus.yml | 18 +++ services/Argus/persistentVolume-Argus.yml | 19 +++ .../Argus/persistentVolumeClaim-Argus.yml | 13 ++ services/Argus/sealedsecret-SMBSecret.yaml | 17 +++ services/Argus/secret.yml | 9 ++ services/Argus/service-Argus.yml | 12 ++ services/Argus/serviceAccount-Argus.yml | 7 + services/Paperless/deploy-Paperless.yml | 130 ------------------ 11 files changed, 208 insertions(+), 130 deletions(-) create mode 100644 services/Argus/_namespace-Argus.yml create mode 100644 services/Argus/configMap-Argus.yml create mode 100644 services/Argus/deployment-Argus.yml create mode 100644 services/Argus/ingressRoute-Argus.yml create mode 100644 services/Argus/persistentVolume-Argus.yml create mode 100644 services/Argus/persistentVolumeClaim-Argus.yml create mode 100644 services/Argus/sealedsecret-SMBSecret.yaml create mode 100644 services/Argus/secret.yml create mode 100644 services/Argus/service-Argus.yml create mode 100644 services/Argus/serviceAccount-Argus.yml delete mode 100644 services/Paperless/deploy-Paperless.yml diff --git a/services/Argus/_namespace-Argus.yml b/services/Argus/_namespace-Argus.yml new file mode 100644 index 0000000..e7733f3 --- /dev/null +++ b/services/Argus/_namespace-Argus.yml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: argus diff --git a/services/Argus/configMap-Argus.yml b/services/Argus/configMap-Argus.yml new file mode 100644 index 0000000..32f2e73 --- /dev/null +++ b/services/Argus/configMap-Argus.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: configmap-argus-conf + namespace: argus +data: + config.yml: | + service: + dani-garcia/vaultwarden: + latest_version: + type: github + url: dani-garcia/vaultwarden + deployed_version: + url: https://vault.spamasaurus.com/api/version + regex: ([0-9.]+) + dashboard: + web_url: https://github.com/dani-garcia/vaultwarden/releases/{{ version }} + icon: https://raw.githubusercontent.com/dani-garcia/vaultwarden/main/src/static/images/vaultwarden-icon.png + go-gitea/gitea: + latest_version: + type: github + url: go-gitea/gitea + url_commands: + - type: regex + regex: v([0-9.]+)$ + require: + regex_content: gitea-{{ version }}-linux-amd64 + regex_version: ^[0-9.]+[0-9]$ + deployed_version: + url: https://code.spamasaurus.com + regex: 'Powered by Gitea\s+Version:\s+([0-9.]+) ' + dashboard: + web_url: https://github.com/go-gitea/gitea/releases/v{{ version }} + icon: https://raw.githubusercontent.com/go-gitea/gitea/main/assets/logo.svg + goharbor/harbor: + latest_version: + type: github + url: goharbor/harbor + url_commands: + - type: regex + regex: v([0-9.]+)$ + deployed_version: + url: https://bv11-cr01.bessems.eu/api/v2.0/systeminfo + json: harbor_version + regex: v([0-9.]+) + dashboard: + web_url: https://github.com/goharbor/harbor/releases/tag/v{{ version }} + icon: https://github.com/goharbor/harbor/raw/main/src/portal/src/images/harbor-logo.svg + gotify/server: + latest_version: + type: github + url: gotify/server + url_commands: + - type: regex + regex: v([0-9.]+)$ + deployed_version: + url: https://notify.spamasaurus.com/version + json: version + dashboard: + web_url: https://github.com/gotify/server/releases/v{{ version }} + icon: https://github.com/gotify/logo/raw/master/gotify-logo.png + + release-argus/argus: + latest_version: + type: github + url: release-argus/argus + deployed_version: + url: https://release.spamasaurus.com/api/v1/version + json: version + dashboard: + web_url: https://github.com/release-argus/Argus/blob/master/CHANGELOG.md + icon: https://github.com/release-argus/Argus/raw/master/web/ui/static/favicon.svg diff --git a/services/Argus/deployment-Argus.yml b/services/Argus/deployment-Argus.yml new file mode 100644 index 0000000..369c0b0 --- /dev/null +++ b/services/Argus/deployment-Argus.yml @@ -0,0 +1,37 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argus + namespace: argus + labels: + app: argus +spec: + replicas: 1 + selector: + matchLabels: + app: argus + template: + metadata: + labels: + app: argus + spec: + serviceAccountName: argus + containers: + - name: argus + image: bv11-cr01.bessems.eu/proxy/releaseargus/argus:0.13.3 + ports: + - name: web + containerPort: 8080 + volumeMounts: + - name: configmap-argus-conf + mountPath: /app/config.yml + subPath: config.yml + - name: flexvolsmb-argus-data + mountPath: /app/data + volumes: + - name: configmap-argus-conf + configMap: + name: configmap-argus-conf + - name: flexvolsmb-argus-data + persistentVolumeClaim: + claimName: flexvolsmb-argus-data diff --git a/services/Argus/ingressRoute-Argus.yml b/services/Argus/ingressRoute-Argus.yml new file mode 100644 index 0000000..96d4e70 --- /dev/null +++ b/services/Argus/ingressRoute-Argus.yml @@ -0,0 +1,18 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: argus + namespace: argus +spec: + entryPoints: + - websecure + routes: + - match: Host(`release.spamasaurus.com`) + kind: Rule + services: + - name: argus + port: 8080 + middlewares: + - name: 2fa-authentication@file + - name: security-headers@file + - name: compression@file diff --git a/services/Argus/persistentVolume-Argus.yml b/services/Argus/persistentVolume-Argus.yml new file mode 100644 index 0000000..cf15bf2 --- /dev/null +++ b/services/Argus/persistentVolume-Argus.yml @@ -0,0 +1,19 @@ +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: flexvolsmb-argus-data +spec: + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-argus-data + flexVolume: + driver: mount/smb + secretRef: + name: smb-secret + options: + opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl + server: 192.168.11.225 + share: /K3s.Volumes/argus/data diff --git a/services/Argus/persistentVolumeClaim-Argus.yml b/services/Argus/persistentVolumeClaim-Argus.yml new file mode 100644 index 0000000..84c105f --- /dev/null +++ b/services/Argus/persistentVolumeClaim-Argus.yml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: flexvolsmb-argus-data + namespace: argus +spec: + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-argus-data + resources: + requests: + storage: 1Gi diff --git a/services/Argus/sealedsecret-SMBSecret.yaml b/services/Argus/sealedsecret-SMBSecret.yaml new file mode 100644 index 0000000..c629b32 --- /dev/null +++ b/services/Argus/sealedsecret-SMBSecret.yaml @@ -0,0 +1,17 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: smb-secret + namespace: argus +spec: + encryptedData: + password: AgBYWANvTuW3Ju9BujDeu/49Gnm0seDpJH8pPOCa1Qaol1cydKRvjZrNmzA3PL33zLCfu4AbvyNfCujkzT7AzhEbwhiSH7aXu8ksJhg6yu4K+xpmt9EhGcFbVjmW7Of/fMFwBARUz3wUwD8K9/OupbTLPOVW0eHyT4Z4uFxgnmsoa7QXT+zbvBxRnoj4XdSE+WYREHxe8JU/ApEwwQODN7nky03ipu+YUbkiGvVYO8jtXPfLKzMt8FaIuszmb8gWH7U8mZfYRbcWP3c5A60RdjgsHl2Md1VrMK0TipiRvNKKeH7bLH1PDVc34Od7ABMP7MYAFZm/1j1PbpQyw9YbGJgV7pfOypkcZSg59DWjwE7apOyZioUXtuxKtJh/h3dFEf07Xpvpv/hjCQFaOUPo6k5Hz5e7FtMRVwp7uwncgBhvHsKdApLsVW6OAPg38bLVw8FG7nAucoye3vaZgymnDerORnMpM14IJZiQ1LSGKKvxHBWR+m+CyhfxpZAuaspb0qnjDJvQopdPiE11JBIfnACsAr3KbrLHCRHe2xIcxGxUOH+EC59Z5c0dEpLph7cGMAEmSqHCa4jm4ImRRPX0pC6zWmJXm01NNrIuJea/M23UrCvmFuu0NfOm1z28bzRANhaQub6DWhId2V9O40q8HFP3tSlrJvbbIx0BdeEKu8mJfq3003A3PITNJu3twQtlsVmBbYKsTu3YPO6dIljpVGNG + username: AgCPKfz4Di7U7gnenWAX8pZZPda6taa9QHKtHHXP4ukr1gPXwsm9q+60cjRqOs97G6RAzZfxRIZQi4D4zcjeHj9R9ByoDn/OPQSpDdIenWWZKasECUNRXwNXPH66BJ+TBgxtcsu2TvlQRT4q9l1WdDif0KeNd0hufmFY/xXA3Np6Q5mRukQa4uIXIGOZihxSjbjIpiplKVQsgGhErhfsxUkQVP7v8Z5nr+nOQ+R/SoyE2IbZJWyFIg28lUIGhcFsDJxNdysuPrQ2DclLhgJbOEgjsPp+9wfj+j1EnIVGByGBPYi+ejdX0+dcTiX1j/gSnILe5lH83uLS03Kz2BDPipYSvDQuJWex0ObYAc2XcutJggYSbkXGe8OsHKESgEVEDespaz6wgcpgwnn0nPEd6DmDaSDPH22dlFIpNLJcGB4JCZ5skmUx1JP+bNZGE0Hs/R4t/T2VXYbVRFD1n0AaeZCcsUZpt8FFVYdtqRoJG19JxVqpUkJcXQxy1YiNxlKNtI8eC+BmltOTMMBDCu1osbFyuh6UhK21neUOyFQZ0EsvWBiuNKqjIyibmmEGkDFfGNMliJDGtUXr62WJ1TZfFCifWSofOHOw2ZQNB1m6dC+MlNm4+VmOw+kSTGtFF7kv0+AABv+AJnpPr24OjrYkwnlOsXpD4CIut3ySK0I/PixrxUddS+DB52xguWZedgUuKlU4fLeOpos= + template: + data: null + metadata: + creationTimestamp: null + name: smb-secret + namespace: argus + type: mount/smb diff --git a/services/Argus/secret.yml b/services/Argus/secret.yml new file mode 100644 index 0000000..7d5e6d2 --- /dev/null +++ b/services/Argus/secret.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +data: + password: QmVyQXdyRThFV1J1ZmFXMw== + username: enpjaWZz +kind: Secret +metadata: + name: smb-secret + namespace: argus +type: mount/smb diff --git a/services/Argus/service-Argus.yml b/services/Argus/service-Argus.yml new file mode 100644 index 0000000..c02fec3 --- /dev/null +++ b/services/Argus/service-Argus.yml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: argus + namespace: argus +spec: + ports: + - protocol: TCP + name: web + port: 8080 + selector: + app: argus diff --git a/services/Argus/serviceAccount-Argus.yml b/services/Argus/serviceAccount-Argus.yml new file mode 100644 index 0000000..761e5c6 --- /dev/null +++ b/services/Argus/serviceAccount-Argus.yml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argus + namespace: argus + labels: + app: argus diff --git a/services/Paperless/deploy-Paperless.yml b/services/Paperless/deploy-Paperless.yml deleted file mode 100644 index cc69bfb..0000000 --- a/services/Paperless/deploy-Paperless.yml +++ /dev/null @@ -1,130 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: paperless -spec: - ports: - - protocol: TCP - name: web - port: 8000 - selector: - app: paperless ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: paperless - labels: - app: paperless -spec: - replicas: 1 - selector: - matchLabels: - app: paperless - template: - metadata: - labels: - app: paperless - spec: - containers: - - name: frontend - image: bv11-cr01.bessems.eu/proxy/linuxserver/paperless-ngx:1.7.1 - env: - - name: TZ - value: Europe/Amsterdam - ports: - - name: web - containerPort: 8000 - volumeMounts: - - mountPath: /data - name: flexvolsmb-paperless-data - - mountPath: /config - name: flexvolsmb-paperless-config - volumes: - - name: flexvolsmb-paperless-data - persistentVolumeClaim: - claimName: flexvolsmb-paperless-data - - name: flexvolsmb-paperless-config - persistentVolumeClaim: - claimName: flexvolsmb-paperless-config ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: paperless -spec: - entryPoints: - - websecure - routes: - - match: Host(`ocr.spamasaurus.com`) - kind: Rule - services: - - name: paperless - port: 8000 - middlewares: - - name: security-headers@file - - name: compression@file ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: flexvolsmb-paperless-data -spec: - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-paperless-data - flexVolume: - driver: mount/smb - secretRef: - name: smb-secret - options: - opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8 - server: 192.168.11.225 - share: /K3s.Volumes/paperless/data ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: flexvolsmb-paperless-data - namespace: default -spec: - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-paperless-data - resources: - requests: - storage: 1Gi ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: flexvolsmb-paperless-config -spec: - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-paperless-config - flexVolume: - driver: mount/smb - secretRef: - name: smb-secret - options: - opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl - server: 192.168.11.225 - share: /K3s.Volumes/paperless/config ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: flexvolsmb-paperless-config - namespace: default -spec: - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-paperless-config - resources: - requests: - storage: 1Gi