Mirrors/JimsGarage
1
0
Fork 0
mirror of https://github.com/JamesTurland/JimsGarage.git synced 2025-10-02 16:36:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

add-kubernetes

Browse Source
This commit is contained in:
James Turland
2024-07-08 11:19:54 +01:00
parent 0cd8339e6e
commit ef6ba4bd22
42 changed files with 1375 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
Home-Assistant/Kubernetes/default-headers.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: default-headers
namespace: homeassistant
spec:
headers:
browserXssFilter: true
contentTypeNosniff: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
stsSeconds: 15552000
customFrameOptionsValue: SAMEORIGIN
customRequestHeaders:
X-Forwarded-Proto: https

94
Home-Assistant/Kubernetes/homeassistant-deployment.yaml Normal file
View File

@@ -0,0 +1,94 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: homeassistant
app.kubernetes.io/instance: homeassistant
name: homeassistant
namespace: homeassistant
spec:
replicas: 1
selector:
matchLabels:
app: homeassistant
template:
metadata:
labels:
app: homeassistant
app.kubernetes.io/name: homeassistant
spec:
nodeSelector:
worker: "true"
containers:
- image: homeassistant/home-assistant:latest
imagePullPolicy: Always
name: homeassistant
ports:
- containerPort: 8123
name: web
protocol: TCP
env:
- name: TZ
value: Europe/London
volumeMounts:
- mountPath: /config
name: homeassistant
subPath: config
- image: docker.io/postgres:12-alpine
imagePullPolicy: IfNotPresent
name: homeassistant-db
ports:
- containerPort: 5432
name: db
protocol: TCP
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: secrets
key: POSTGRES_USER
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: secrets
key: POSTGRES_PASSWORD
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: secrets
key: POSTGRES_DB
- name: POSTGRES_INITDB_ARGS
value: --encoding=UTF-8
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: homeassistant
subPath: schemas
volumes:
- name: homeassistant
persistentVolumeClaim:
claimName: homeassistant
---
apiVersion: v1
kind: Service
metadata:
labels:
app: homeassistant
name: homeassistant
namespace: homeassistant
spec:
ports:
- name: web-tcp
port: 80
protocol: TCP
targetPort: 8123
- name: db
port: 5432
protocol: TCP
targetPort: 5432
selector:
app: homeassistant
externalTrafficPolicy: Local
loadBalancerIP: 192.168.200.17
type: LoadBalancer

26
Home-Assistant/Kubernetes/ingress.yaml Normal file
View File

@@ -0,0 +1,26 @@
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: homeassistant
namespace: homeassistant
annotations:
kubernetes.io/ingress.class: traefik-external
spec:
entryPoints:
- websecure
routes:
- match: Host(`www.ha.yourdomain.co.uk`)
kind: Rule
services:
- name: homeassistant
port: 80
- match: Host(`ha.yourdomain.co.uk`)
kind: Rule
services:
- name: homeassistant
port: 80
middlewares:
- name: default-headers
tls:
secretName: yourdomain-tls

18
Home-Assistant/Kubernetes/sealed-secret.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: secrets
namespace: homeassistant
spec:
encryptedData:
POSTGRES_DB: some-secret
POSTGRES_PASSWORD: some-secret
POSTGRES_USER: some-secret
template:
metadata:
creationTimestamp: null
name: secrets
namespace: homeassistant
type: Opaque

11
Home-Assistant/Kubernetes/secret.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v1
kind: Secret
metadata:
name: secrets
namespace: homeassistant
type: Opaque
data:
POSTGRES_USER: some-secret
POSTGRES_PASSWORD: some-secret
POSTGRES_DB: some-secret