diff --git a/kubernetes/main/apps/self-hosted/homepage/app/configuration.yaml b/kubernetes/main/apps/self-hosted/homepage/app/configuration.yaml new file mode 100644 index 0000000000..4d30ffd072 --- /dev/null +++ b/kubernetes/main/apps/self-hosted/homepage/app/configuration.yaml @@ -0,0 +1,200 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: homepage-config +data: + bookmarks.yaml: | + - Communicate: + - Discord: + - icon: discord.png + href: 'https://discord.com/app' + - Gmail: + - icon: gmail.png + href: 'http://gmail.com' + - Google Calendar: + - icon: google-calendar.png + href: 'https://calendar.google.com' + - Outlook: + - icon: https://raw.githubusercontent.com/joryirving/home-ops/main/.docs/icons/outlook.png + href: 'https://outlook.com' + - Media Links: + - YouTube: + - icon: youtube.png + href: 'https://youtube.com/feed/subscriptions' + - Spotify: + - icon: spotify.png + href: 'http://open.spotify.com' + - Youtube Music: + - icon: https://raw.githubusercontent.com/joryirving/home-ops/main/.docs/icons/youtube-music.png + href: 'https://music.youtube.com' + - Reading: + - Beyond: + - icon: https://raw.githubusercontent.com/joryirving/home-ops/main/.docs/icons/beyond.png + href: 'https://forums.beyond.ca/search.php?do=getnew&contenttype=vBForum_Post' + - Western Subaru Club: + - icon: https://raw.githubusercontent.com/joryirving/home-ops/main/.docs/icons/wsc.png + href: 'http://westernsubaruclub.com/smf/index.php?action=unread' + - Reddit: + - icon: reddit.png + href: 'https://reddit.com' + - Git: + - kubesearch: + - icon: kubernetes-dashboard.png + href: 'https://kubesearch.dev/' + - home-ops: + - icon: github.png + href: 'https://github.com/joryirving/home-ops' + docker.yaml: "" + kubernetes.yaml: | + mode: cluster + services.yaml: | + - Network: + - Cloudflared: + href: https://dash.cloudflare.com/ + icon: cloudflare-zero-trust.png + description: Cloudflared Tunnel Status + widget: + type: cloudflared + accountid: {{HOMEPAGE_VAR_CLOUDFLARED_ACCOUNTID}} + tunnelid: {{HOMEPAGE_VAR_CLOUDFLARED_TUNNELID}} + key: {{HOMEPAGE_VAR_CLOUDFLARED_API_TOKEN}} + fields: ["status"] + + - Media: + - Sonarr: + href: https://sonarr.{{HOMEPAGE_VAR_SECRET_DOMAIN_NAME}} + icon: sonarr.png + description: TV Shows + widget: + type: sonarr + url: http://sonarr.media:8989 + key: {{HOMEPAGE_VAR_SONARR_TOKEN}} + - Radarr-4k: + href: https://radarr-4k.{{HOMEPAGE_VAR_SECRET_DOMAIN_NAME}} + icon: radarr.png + description: 4K Movies + widget: + type: radarr + url: http://radarr-4k.media:7878 + key: {{HOMEPAGE_VAR_RADARR_4K_TOKEN}} + - Radarr: + href: https://radarr.{{HOMEPAGE_VAR_SECRET_DOMAIN_NAME}} + icon: radarr.png + description: Movies + widget: + type: radarr + url: http://radarr.media:7878 + key: {{HOMEPAGE_VAR_RADARR_TOKEN}} + - Sabnzbd: + href: https://sabnzbd.{{HOMEPAGE_VAR_SECRET_DOMAIN_NAME}} + icon: sabnzbd.png + description: NZB Downloader + widget: + type: sabnzbd + url: http://sabnzbd.media + key: {{HOMEPAGE_VAR_SABNZBD_TOKEN}} + + - Calendar: + - Agenda: + widget: + type: calendar + view: agenda # optional - possible values monthly, agenda + maxEvents: 5 # optional - defaults to 10 + integrations: # optional + - type: sonarr # active widget type that is currently enabled on homepage - possible values: radarr, sonarr> + service_group: Media # group name where widget exists + service_name: Sonarr # service name for that widget + - type: radarr # active widget type that is currently enabled on homepage - possible values: radarr, sonarr> + service_group: Media # group name where widget exists + service_name: Radarr # service name for that widget + - type: radarr # active widget type that is currently enabled on homepage - possible values: radarr, sonarr> + service_group: Media # group name where widget exists + service_name: Radarr-4k # service name for that widget + settings.yaml: | + title: Homelab + # background: + # image: https://raw.githubusercontent.com/joryirving/home-ops/main/.docs/assets/101518784_p0.jpg + # opacity: 20 + favicon: https://github.com/walkxcode/dashboard-icons/blob/main/png/heimdall.png + theme: dark + color: slate + layout: + Calendar: + style: column + icon: mdi-calendar + Network: + style: row + columns: 5 + icon: mdi-network + Media: + style: row + columns: 5 + icon: mdi-download-circle + Games: + style: row + columns: 2 + icon: mdi-minecraft + Video: + style: column + icon: mdi-play-circle + Books: + style: row + columns: 2 + icon: mdi-book + Infrastructure: + style: row + columns: 5 + icon: mdi-server + Observability: + style: row + columns: + icon: mdi-chart-line + Home: + style: row + columns: 5 + icon: mdi-home-analytics + useEqualHeights: true + headerStyle: clean + quicklaunch: + searchDescriptions: true + hideInternetSearch: true + showSearchSuggestions: true + hideVisitURL: true + widgets.yaml: | + # - logo: + # icon: https://raw.githubusercontent.com/joryirving/home-ops/main/.docs/icons/lds-transparent.png + - search: + provider: [google] + focus: false + target: _blank + # - greeting: + # text_size: xl + # text: "Howdy Hey!" + - kubernetes: + cluster: + cpu: true + memory: true + show: true + showLabel: true + nodes: + cpu: true + memory: true + show: false + showLabel: true + - openmeteo: + label: Home + latitude: {{HOMEPAGE_VAR_LATITUDE}} + longitude: {{HOMEPAGE_VAR_LONGITUDE}} + units: metric + cache: 5 + - datetime: + text_size: l + format: + timeStyle: short + dateStyle: short + hourCycle: h23 + - unifi_console: + url: {{HOMEPAGE_VAR_UNIFI_URL}} + username: {{HOMEPAGE_VAR_UNIFI_USERNAME}} + password: {{HOMEPAGE_VAR_UNIFI_PASSWORD}} diff --git a/kubernetes/main/apps/self-hosted/homepage/app/helm-release.yaml b/kubernetes/main/apps/self-hosted/homepage/app/helm-release.yaml new file mode 100644 index 0000000000..c3a6cb715f --- /dev/null +++ b/kubernetes/main/apps/self-hosted/homepage/app/helm-release.yaml @@ -0,0 +1,83 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: homepage +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 3.0.4 + sourceRef: + kind: HelmRepository + name: bjw-s-charts + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + values: + controllers: + main: + replicas: 1 + strategy: RollingUpdate + annotations: + reloader.stakater.com/auto: "true" + containers: + app: + image: + repository: ghcr.io/gethomepage/homepage + tag: v0.8.9 + env: + TZ: ${CONFIG_TIMEZONE} + envFrom: + - secretRef: + name: homepage-secret + resources: + requests: + cpu: 15m + memory: 200M + limits: + memory: 2G + service: + main: + controller: main + ports: + http: + port: 3000 + ingress: + main: + className: internal + hosts: + - host: "{{ .Release.Name }}.${SECRET_DOMAIN_NAME}" + paths: + - path: / + pathType: Prefix + service: + identifier: main + port: http + persistence: + config: + type: configMap + name: homepage-config + globalMounts: + - subPath: bookmarks.yaml + path: /app/config/bookmarks.yaml + - subPath: docker.yaml + path: /app/config/docker.yaml + - subPath: kubernetes.yaml + path: /app/config/kubernetes.yaml + - subPath: services.yaml + path: /app/config/services.yaml + - subPath: settings.yaml + path: /app/config/settings.yaml + - subPath: widgets.yaml + path: /app/config/widgets.yaml + serviceAccount: + create: true + name: homepage diff --git a/kubernetes/main/apps/self-hosted/homepage/app/homepage-secrets.yaml b/kubernetes/main/apps/self-hosted/homepage/app/homepage-secrets.yaml new file mode 100644 index 0000000000..9cefb32ff3 --- /dev/null +++ b/kubernetes/main/apps/self-hosted/homepage/app/homepage-secrets.yaml @@ -0,0 +1,162 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.zinn.ca/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: &name homepage-secret +spec: + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-connect + target: + name: *name + creationPolicy: Owner + deletionPolicy: Delete + template: + engineVersion: v2 + data: + ## Non Cluster resources + HOMEPAGE_VAR_CLOUDFLARED_ACCOUNTID: "{{ .cloudflare_ACCOUNT_TAG }}" + HOMEPAGE_VAR_CLOUDFLARED_TUNNELID: "{{ .cloudflare_TUNNEL_ID }}" + HOMEPAGE_VAR_CLOUDFLARED_API_TOKEN: "{{ .cloudflare_API_TOKEN }}" + HOMEPAGE_VAR_LATITUDE: "{{ .home_assistant_HASS_SECRET_LATITUDE }}" + HOMEPAGE_VAR_LONGITUDE: "{{ .home_assistant_HASS_SECRET_LONGITUDE }}" + HOMEPAGE_VAR_UNIFI_URL: "{{ .unifi_UNIFI_URL }}" + HOMEPAGE_VAR_UNIFI_USERNAME: "{{ .unifi_UNIFI_USER }}" + HOMEPAGE_VAR_UNIFI_PASSWORD: "{{ .unifi_UNIFI_PASSWORD }}" + ## Cluster resources + HOMEPAGE_VAR_SECRET_DOMAIN_NAME: "${SECRET_DOMAIN_NAME}" + # ## Default + # HOMEPAGE_VAR_HASS_TOKEN: "{{ .HASS_TOKEN }}" + # HOMEPAGE_VAR_PAPERLESS_TOKEN: "{{ .HOMEPAGE_VAR_PAPERLESS_TOKEN }}" + ## Downloads + HOMEPAGE_VAR_PROWLARR_TOKEN: "{{ .prowlarr_APIKEY }}" + HOMEPAGE_VAR_QBITTORRENT_USERNAME: "{{ .qbittorrent_username }}" + HOMEPAGE_VAR_QBITTORRENT_PASSWORD: "{{ .qbittorrent_password }}" + HOMEPAGE_VAR_RADARR_TOKEN: "{{ .radarr_RADARR_APIKEY }}" + HOMEPAGE_VAR_RADARR_4K_TOKEN: "{{ .radarr_4k_RADARR_4K_APIKEY }}" + HOMEPAGE_VAR_READARR_TOKEN: "{{ .readarr_APIKEY }}" + HOMEPAGE_VAR_SABNZBD_TOKEN: "{{ .sabnzbd__API_KEY }}" + HOMEPAGE_VAR_SONARR_TOKEN: "{{ .sonarr_SONARR_APIKEY }}" + # ## Media + # HOMEPAGE_VAR_OVERSEERR_TOKEN: "{{ .OVERSEERR_API_KEY }}" + # HOMEPAGE_VAR_PLEX_TOKEN: "{{ .PLEX_TOKEN }}" + # HOMEPAGE_VAR_TAUTULLI_TOKEN: "{{ .TAUTULLI_API_KEY }}" + # HOMEPAGE_VAR_KAVITA_USERNAME: "{{ .KAVITA_USERNAME }}" + # HOMEPAGE_VAR_KAVITA_PASSWORD: "{{ .KAVITA_PASSWORD }}" + # HOMEPAGE_VAR_KOMGA_USERNAME: "{{ .HOMEPAGE_VAR_KOMGA_USERNAME }}" + # HOMEPAGE_VAR_KOMGA_PASSWORD: "{{ .HOMEPAGE_VAR_KOMGA_PASSWORD }}" + # ## Observability + # HOMEPAGE_VAR_GRAFANA_USERNAME: "{{ .GRAFANA_ADMIN_USER }}" + # HOMEPAGE_VAR_GRAFANA_PASSWORD: "{{ .GRAFANA_ADMIN_PASS }}" + # HOMEPAGE_VAR_HEALTHCHECK_TOKEN: "{{ .HOMEPAGE_VAR_HEALTHCHECK_TOKEN }}" + # HOMEPAGE_VAR_HEALTHCHECK_UUID: "{{ .HOMEPAGE_VAR_HEALTHCHECK_UUID }}" + # ## Security + # HOMEPAGE_VAR_AUTHENTIK_TOKEN: "{{ .AUTHENTIK_TOKEN }}" + dataFrom: + - extract: + key: cloudflare + rewrite: + - regexp: + source: "(.*)" + target: "cloudflare_$1" + - extract: + key: home-assistant + rewrite: + - regexp: + source: "(.*)" + target: "home_assistant_$1" + - extract: + key: prowlarr + rewrite: + - regexp: + source: "(.*)" + target: "prowlarr_$1" + - extract: + key: radarr + rewrite: + - regexp: + source: "(.*)" + target: "radarr_$1" + - extract: + key: radarr-4k + rewrite: + - regexp: + source: "(.*)" + target: "radarr_4k_$1" + - extract: + key: readarr + rewrite: + - regexp: + source: "(.*)" + target: "readarr_$1" + - extract: + key: qbittorrent + rewrite: + - regexp: + source: "(.*)" + target: "qbittorrent_$1" + - extract: + key: sabnzbd + rewrite: + - regexp: + source: "(.*)" + target: "sabnzbd_$1" + - extract: + key: sonarr + rewrite: + - regexp: + source: "(.*)" + target: "sonarr_$1" + - extract: + key: unifi-poller + rewrite: + - regexp: + source: "(.*)" + target: "unifi_$1" + # - extract: + # key: authentik + # - extract: + # key: bazarr + # - extract: + # key: cloudflare + # - extract: + # key: grafana + # - extract: + # key: healthcheck + # - extract: + # key: home-assistant + # - extract: + # key: kapowarr + # - extract: + # key: kavita + # - extract: + # key: komga + # - extract: + # key: mylar + # - extract: + # key: nextdns + # - extract: + # key: overseerr + # - extract: + # key: paperless + # - extract: + # key: plex + # - extract: + # key: portainer + # - extract: + # key: prowlarr + # - extract: + # key: qbittorrent + # - extract: + # key: radarr + # - extract: + # key: readarr + # - extract: + # key: sabnzbd + # - extract: + # key: sonarr + # - extract: + # key: tautulli + # - extract: + # key: unifi diff --git a/kubernetes/main/apps/self-hosted/homepage/app/kustomization.yaml b/kubernetes/main/apps/self-hosted/homepage/app/kustomization.yaml new file mode 100644 index 0000000000..9aa957f486 --- /dev/null +++ b/kubernetes/main/apps/self-hosted/homepage/app/kustomization.yaml @@ -0,0 +1,9 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - configuration.yaml + - homepage-secrets.yaml + - helm-release.yaml + - rbac.yaml diff --git a/kubernetes/main/apps/self-hosted/homepage/app/rbac.yaml b/kubernetes/main/apps/self-hosted/homepage/app/rbac.yaml new file mode 100644 index 0000000000..7a906c7316 --- /dev/null +++ b/kubernetes/main/apps/self-hosted/homepage/app/rbac.yaml @@ -0,0 +1,63 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: &app homepage + labels: + app.kubernetes.io/instance: *app + app.kubernetes.io/name: *app +rules: + - apiGroups: + - "" + resources: + - namespaces + - pods + - nodes + verbs: + - get + - list + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - apiGroups: + - traefik.containo.us + resources: + - ingressroutes + verbs: + - get + - list + - apiGroups: + - metrics.k8s.io + resources: + - nodes + - pods + verbs: + - get + - list + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions/status + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: &app homepage + labels: + app.kubernetes.io/instance: *app + app.kubernetes.io/name: *app +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: *app +subjects: + - kind: ServiceAccount + name: *app + namespace: self-hosted # keep diff --git a/kubernetes/main/apps/self-hosted/homepage/install.yaml b/kubernetes/main/apps/self-hosted/homepage/install.yaml new file mode 100644 index 0000000000..ffb6e0751f --- /dev/null +++ b/kubernetes/main/apps/self-hosted/homepage/install.yaml @@ -0,0 +1,23 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.zinn.ca/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: self-hosted-homepage + namespace: flux-system +spec: + targetNamespace: self-hosted + commonMetadata: + labels: + app.kubernetes.io/name: &app homepage + path: ./kubernetes/main/apps/self-hosted/homepage/app + sourceRef: + kind: GitRepository + name: homelab-kubernetes + dependsOn: + - name: security-external-secrets-stores + prune: true + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/main/apps/self-hosted/kustomization.yaml b/kubernetes/main/apps/self-hosted/kustomization.yaml index d254c50e65..30077efaf0 100644 --- a/kubernetes/main/apps/self-hosted/kustomization.yaml +++ b/kubernetes/main/apps/self-hosted/kustomization.yaml @@ -6,6 +6,7 @@ resources: - namespace.yaml - changedetection/install.yaml - dashy/install.yaml + - homepage/install.yaml - pdf-tool/install.yaml - shlink/install.yaml - theme-park/install.yaml