AllardDCS/kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

eindelijk weer eens een push

Browse Source
This commit is contained in:
allard
2026-05-31 16:07:30 +02:00
parent 01cff8e165
commit ff21c258e0
2747 changed files with 302316 additions and 131101 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lp/homeassistent/backstage.yaml
+116
View File
@@ -0,0 +1,116 @@
# kubernetes/backstage.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: backstage
namespace: backstage
spec:
replicas: 1
selector:
matchLabels:
app: backstage
template:
metadata:
labels:
app: backstage
spec:
containers:
- name: backstage
image: roadiehq/community-backstage-image
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 7000
env:
- name: POSTGRES_USER
value: backstage
- name: POSTGRES_PASSWORD
value: backstage
- name: POSTGRES_DB
value: backstage
- name: POSTGRES_SERVICE_HOST
value: postgres13.postgres
- name: POSTGRES_SERVICE_PORT
value: "5432"
- name: GITEA_TOKEN
value:
- name: APP_CONFIG_auth_environment
value: development
- name: APP_CONFIG_provider_github_development_clientID
value: "Ov23linGjyUcqg1CpmlF"
- name: APP_CONFIG_provider_github_development_clientSecret
value: "3cc49adb5168df96662e0ad00db74ed1913849ce"
volumeMounts:
- mountPath: /usr/src/app/app-config.yaml
subPath: app-config.yaml
name: app-config
volumes:
- name: app-config
configMap:
name: app-config
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: backstage-pv
spec:
storageClassName: ""
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
mountOptions:
- hard
- nfsvers=4.1
nfs:
server: 192.168.2.110
path: /mnt/nfs_share/backstage
readOnly: false
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: backstage-pvc
namespace: backstage
spec:
storageClassName: ""
volumeName: backstage-pv
accessModes:
- ReadWriteMany
volumeMode: Filesystem
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: Service
metadata:
name: backstage
namespace: backstage
spec:
type: NodePort
selector:
app: backstage
ports:
- name: http
port: 80
targetPort: 7000
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: backstage-tls
namespace: backstage
spec:
entryPoints:
- websecure
routes:
- match: Host(`backstage-lp.allarddcs.nl`)
kind: Rule
services:
- name: backstage
port: 80
tls:
secretName: backstage-lp.allarddcs.nl-tls
lp/homeassistent/homeassistant.yaml
+125
View File
@@ -0,0 +1,125 @@
apiVersion: v1
kind: Namespace
metadata:
name: homeassistant
---
# PersistentVolume for NFS
apiVersion: v1
kind: PersistentVolume
metadata:
name: homeassistant-pv
spec:
storageClassName: ""
capacity:
storage: 2Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
mountOptions:
- hard
- nfsvers=4.1
nfs:
server: 192.168.2.110
path: /mnt/nfs_share/lp/homeassistant
readOnly: false
---
# PersistentVolumeClaim
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: homeassistant-pvc
namespace: homeassistant
spec:
accessModes:
- ReadWriteOnce
storageClassName: ""
resources:
requests:
storage: 2Gi
---
# Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: homeassistant
namespace: homeassistant
spec:
replicas: 1
selector:
matchLabels:
app: homeassistant
template:
metadata:
labels:
app: homeassistant
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: homeassistant
image: ghcr.io/home-assistant/home-assistant:stable
ports:
- containerPort: 8123
volumeMounts:
- name: config
mountPath: /config
- name: tls-cert
mountPath: /ssl
readOnly: true
securityContext:
capabilities:
add:
- NET_ADMIN
- NET_RAW
volumes:
- name: config
persistentVolumeClaim:
claimName: homeassistant-pvc
- name: tls-cert
secret:
secretName: homeassistant-certificate-secret
---
# Service (optional with hostNetwork, needed for Traefik)
apiVersion: v1
kind: Service
metadata:
name: homeassistant
namespace: homeassistant
spec:
selector:
app: homeassistant
ports:
- port: 8123
targetPort: 8123
---
apiVersion: traefik.io/v1alpha1
kind: IngressRouteTCP
metadata:
name: homeassistant-tcp
namespace: homeassistant
spec:
entryPoints:
- websecure
routes:
- match: HostSNI(`homeassistant-lp.allarddcs.nl`)
services:
- name: homeassistant
port: 8123
tls:
passthrough: true
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: homeassistant-http
namespace: homeassistant
spec:
entryPoints:
- web
routes:
- match: Host(`homeassistant-lp.allarddcs.nl`)
kind: Rule
services:
- name: homeassistant
port: 8123
lp/homeassistent/ingressroute-http.yaml
+14
View File
@@ -0,0 +1,14 @@
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: homeassistant-http
namespace: homeassistant
spec:
entryPoints:
- web
routes:
- match: Host(`homeassistant-lp.allarddcs.nl`)
kind: Rule
services:
- name: homeassistant
port: 8123
lp/homeassistent/tls-secret.yaml
+17
View File
@@ -0,0 +1,17 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: homeassistant-lp.allarddcs.nl
namespace: homeassistant
spec:
secretName: homeassistant-certificate-secret
issuerRef:
name: letsencrypt
kind: ClusterIssuer
commonName: homeassistant-lp.allarddcs.nl
dnsNames:
- homeassistant-lp.allarddcs.nl
usages:
- digital signature
- key encipherment
- server auth