From ad9349f638af3cf6a222f5632e290d700689dd39 Mon Sep 17 00:00:00 2001 From: Eric Renfro Date: Sun, 12 Nov 2023 16:02:19 -0500 Subject: [PATCH] Initial Commit --- .hashes | 6 +++++ Chart.yaml | 6 +++++ README.md | 5 ++++ scripts/deploy.sh | 49 +++++++++++++++++++++++++++++++++++ templates/deployment.yaml | 54 +++++++++++++++++++++++++++++++++++++++ templates/ingress.yaml | 38 +++++++++++++++++++++++++++ templates/pvc.yaml | 14 ++++++++++ templates/service.yaml | 15 +++++++++++ values/privatebin.yaml | 44 +++++++++++++++++++++++++++++++ values/wiki.yaml | 47 ++++++++++++++++++++++++++++++++++ 10 files changed, 278 insertions(+) create mode 100644 .hashes create mode 100644 Chart.yaml create mode 100644 README.md create mode 100755 scripts/deploy.sh create mode 100644 templates/deployment.yaml create mode 100644 templates/ingress.yaml create mode 100644 templates/pvc.yaml create mode 100644 templates/service.yaml create mode 100644 values/privatebin.yaml create mode 100644 values/wiki.yaml diff --git a/.hashes b/.hashes new file mode 100644 index 0000000..4f5534f --- /dev/null +++ b/.hashes @@ -0,0 +1,6 @@ +eaf01e27a1f06bc36b5d4e0e96fb352656771fe2 ./templates/ingress.yaml +4f43a9216ff28bb9649c17562c3178486a328383 ./templates/deployment.yaml +54ac65fae69a221c4188354f0c9d07b67351eacb ./templates/service.yaml +a4c04ed02d25c1b06d6394ec78e62cd01acc5238 ./Chart.yaml +78cc2bd5f0273b96d50e4fe8cf303793364f22aa ./values/privatebin.yaml +ae5a9f03a72f32284b576c6cbd3df913df79c286 ./values/wiki.yaml diff --git a/Chart.yaml b/Chart.yaml new file mode 100644 index 0000000..930281e --- /dev/null +++ b/Chart.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: v2 +name: home_server +description: This deploys all of my home server services +type: application +version: 0.0.1 diff --git a/README.md b/README.md new file mode 100644 index 0000000..d638bc1 --- /dev/null +++ b/README.md @@ -0,0 +1,5 @@ +# Home Server Helm + +Run `./scripts/deploy.sh` + +It uses helm diff to find any changes and redeploys if any are detected. diff --git a/scripts/deploy.sh b/scripts/deploy.sh new file mode 100755 index 0000000..610062f --- /dev/null +++ b/scripts/deploy.sh @@ -0,0 +1,49 @@ +#!/usr/bin/env bash + +set -eu -o pipefail + +if [[ "${1:-}" == "diff" ]]; then + mode='diff' +else + mode='apply' +fi +timeout='120' +master_node='k3s-1' + +cur_hashes="$(kubectl get node "$master_node" -o jsonpath='{.metadata.annotations.home-server-hashes}')" + +compare_hash() { + yaml="$1" + hash=$(shasum "$yaml" | awk '{print $1}') + + if [[ "$cur_hashes" =~ $hash ]]; then + return 0 + else + return 1 + fi +} + +# Deploy all services if there is a template change +for yaml in templates/*.yaml; do + if ! compare_hash "$yaml"; then + deploy_all=true + fi +done + +# Deploy individual service changes +for yaml in values/*.yaml; do + if ! compare_hash "$yaml" || [[ "${deploy_all:-}" == true ]]; then + name=$(grep '^name:' "$yaml" | awk '{print $2}') + if [[ "$mode" == 'apply' ]]; then + helm upgrade --install --atomic --timeout="${timeout}s" -f "$yaml" "$name" . + made_changes=true + elif [[ "$mode" == 'diff' ]]; then + helm diff upgrade -f "$yaml" "$name" . + fi + fi +done + +if [[ "${made_changes:-}" ]]; then + new_hashes="$(find . -type f -name '*.yaml' -exec shasum {} \+)" + kubectl annotate node "$master_node" home-server-hashes="$new_hashes" --overwrite=true +fi diff --git a/templates/deployment.yaml b/templates/deployment.yaml new file mode 100644 index 0000000..e8ee208 --- /dev/null +++ b/templates/deployment.yaml @@ -0,0 +1,54 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.name }} + labels: + app: {{ .Values.name }} +spec: + replicas: {{ .Values.replicas }} + strategy: + type: {{ .Values.strategy | default "RollingUpdate" }} + selector: + matchLabels: + app: {{ .Values.name }} + template: + metadata: + labels: + app: {{ .Values.name }} + spec: + containers: + - name: {{ .Values.name }} + imagePullPolicy: {{ .Values.image.imagePullPolicy | default "IfNotPresent" }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + {{- with .Values.ports}} + ports: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.lifecycle}} + lifecycle: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumeMounts}} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.resources}} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.env }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.args}} + args: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes}} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeName}} + nodeName: {{ . }} + {{- end }} diff --git a/templates/ingress.yaml b/templates/ingress.yaml new file mode 100644 index 0000000..ae53da8 --- /dev/null +++ b/templates/ingress.yaml @@ -0,0 +1,38 @@ +{{- if .Values.ingress.enabled -}} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.name }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.tls }} + rules: + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $.Values.name }} + port: + number: {{ .port }} + {{- end }} + {{- end }} +{{- end }} diff --git a/templates/pvc.yaml b/templates/pvc.yaml new file mode 100644 index 0000000..e203a7a --- /dev/null +++ b/templates/pvc.yaml @@ -0,0 +1,14 @@ +{{- if .Values.pvc.enabled -}} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Values.pvc.name }} +spec: + accessModes: + {{ .Values.pvc.accessModes }} + storageClassName: {{ .Values.pvc.storageClassName }} + resources: + requests: + storage: {{ .Values.pvc.size | default "10Gi" }} +{{- end }} diff --git a/templates/service.yaml b/templates/service.yaml new file mode 100644 index 0000000..1ecc5ff --- /dev/null +++ b/templates/service.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.name }} +spec: + selector: + app: {{ .Values.name }} + ports: + {{- range .Values.ports}} + - protocol: {{ .protocol | default "TCP" }} + port: {{ .containerPort }} + targetPort: {{ .targetPort | default .containerPort }} + name: {{ .containerPort }}-{{ .protocol | default "TCP" | lower }}-{{ .targetPort | default .containerPort }} + {{- end }} diff --git a/values/privatebin.yaml b/values/privatebin.yaml new file mode 100644 index 0000000..9be070b --- /dev/null +++ b/values/privatebin.yaml @@ -0,0 +1,44 @@ +name: privatebin +replicas: 1 +image: + repository: privatebin/nginx-fpm-alpine + imagePullPolicy: Always + tag: 1.6.0 +ports: + - containerPort: 8080 + protocol: TCP + name: tcp8080 +volumeMounts: + - name: data + mountPath: /srv/data + subPath: privatebin/data + - name: data + mountPath: /srv/cfg + subPath: privatebin/cfg +volumes: + - name: data + persistentVolumeClaim: + claimName: cephfs-privatebin +ingress: + enabled: true + annotations: + kubernetes.io/ingress.class: traefik + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: paste.linux-help.org + paths: + - path: / + pathType: Prefix + port: 8080 + tls: + - secretName: paste-linux-help.org-tls + hosts: + - paste.linux-help.org +pvc: + enabled: true + name: cephfs-privatebin + storageClassName: cephfs + size: 2Gi + accessModes: + - ReadWriteMany + diff --git a/values/wiki.yaml b/values/wiki.yaml new file mode 100644 index 0000000..48662a5 --- /dev/null +++ b/values/wiki.yaml @@ -0,0 +1,47 @@ +name: wiki +replicas: 1 +image: + repository: linuxserver/grav + imagePullPolicy: Always + tag: 1.7.43 +ports: + - containerPort: 80 + protocol: TCP + name: tcp80 +volumeMounts: + - mountPath: /config + name: cephfs +volumes: + - name: cephfs + persistentVolumeClaim: + claimName: cephfs-wiki +env: + - name: PGID + value: "10000" + - name: PUID + value: "10000" + - name: TZ + value: "America/Toronto" +ingress: + enabled: true + annotations: + kubernetes.io/ingress.class: traefik + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: grav.linux-help.org + paths: + - path: / + pathType: Prefix + port: 80 + tls: + - secretName: grav-linux-help.org-tls + hosts: + - grav.linux-help.org +pvc: + enabled: true + name: cephfs-wiki + storageClassName: cephfs + size: 1Gi + accessModes: + - ReadWriteMany +