diff --git a/ADDING-APPS.md b/ADDING-APPS.md index 553a180..cae0849 100644 --- a/ADDING-APPS.md +++ b/ADDING-APPS.md @@ -31,21 +31,18 @@ requires: alias: db # Use a different reference name in templates - name: redis # 'alias' and 'installedAs' default to 'name' value defaultConfig: - serverImage: ghcr.io/immich-app/immich-server:release - mlImage: ghcr.io/immich-app/immich-machine-learning:release - timezone: UTC - serverPort: 2283 - mlPort: 3003 + namespace: immich + externalDnsDomain: "{{ .cloud.domain }}" storage: 250Gi cacheStorage: 10Gi - redisHostname: "{{ .apps.redis.host }}" # Can reference 'requires' app configurations - dbHostname: "{{ .apps.pg.host }}" + domain: immich.{{ .cloud.domain }} + tlsSecretName: wildcard-wild-cloud-tls db: # Configuration can be nested + host: "{{ .apps.pg.host }}" # Can reference 'requires' app configurations name: immich user: immich - host: "{{ .apps.pg.host }}" - port: "{{ .apps.pg.port }}" - domain: immich.{{ .cloud.domain }} + redis: + host: "{{ .apps.redis.host }}" defaultSecrets: - key: password # Random value will be generated if empty - key: dbUrl diff --git a/decidim/README.md b/decidim/README.md index 8a01d5b..3c66d4a 100644 --- a/decidim/README.md +++ b/decidim/README.md @@ -1,11 +1,6 @@ # Decidim -Decidim is a participatory democracy framework for cities and organizations. Built in Ruby on Rails, it enables citizen participation through proposals, debates, and voting. Includes Sidekiq for background job processing. - -## Dependencies - -- **PostgreSQL** - Database for storing participatory processes and user data -- **Redis** - Used for Sidekiq background job processing +Decidim is a participatory democracy framework for cities and organizations. It enables citizen participation through proposals, debates, and voting. ## Configuration @@ -16,20 +11,3 @@ Key settings configured through your instance's `config.yaml`: - **systemAdminEmail** - System admin email (defaults to your operator email) - **storage** - Persistent volume size (default: `20Gi`) - **SMTP** - Email delivery settings inherited from your Wild Cloud instance - -## Access - -After deployment, Decidim will be available at: -- `https://decidim.{your-cloud-domain}` - -## First-Time Setup - -1. Add and deploy the app: - ```bash - wild app add decidim - wild app deploy decidim - ``` - -2. Log in with the system admin credentials configured during setup - -3. Create your first organization and configure participatory processes diff --git a/decidim/db-init-job.yaml b/decidim/db-init-job.yaml index fbe71e3..7e3d5e6 100644 --- a/decidim/db-init-job.yaml +++ b/decidim/db-init-job.yaml @@ -54,7 +54,7 @@ spec: echo "Database initialization completed successfully" env: - name: POSTGRES_HOST - value: {{ .dbHostname }} + value: {{ .db.host }} - name: POSTGRES_ADMIN_USER value: postgres - name: POSTGRES_ADMIN_PASSWORD @@ -63,9 +63,9 @@ spec: name: decidim-secrets key: postgres.password - name: DB_NAME - value: {{ .dbName }} + value: {{ .db.name }} - name: DB_USER - value: {{ .dbUsername }} + value: {{ .db.user }} - name: DB_PASSWORD valueFrom: secretKeyRef: diff --git a/decidim/deployment.yaml b/decidim/deployment.yaml index 5e05a49..f306c97 100644 --- a/decidim/deployment.yaml +++ b/decidim/deployment.yaml @@ -55,7 +55,7 @@ spec: - name: RAILS_ENV value: "production" - name: PORT - value: "{{ .port }}" + value: "3000" - name: RAILS_LOG_TO_STDOUT value: "true" # Database configuration @@ -66,7 +66,7 @@ spec: key: dbUrl # Redis configuration - name: REDIS_HOSTNAME - value: {{ .redisHostname }} + value: {{ .redis.host }} - name: REDIS_PASSWORD valueFrom: secretKeyRef: @@ -112,11 +112,11 @@ spec: key: systemAdminPassword ports: - name: http - containerPort: {{ .port }} + containerPort: 3000 protocol: TCP livenessProbe: tcpSocket: - port: {{ .port }} + port: 3000 initialDelaySeconds: 300 periodSeconds: 30 timeoutSeconds: 10 @@ -124,7 +124,7 @@ spec: failureThreshold: 6 readinessProbe: tcpSocket: - port: {{ .port }} + port: 3000 initialDelaySeconds: 180 periodSeconds: 30 timeoutSeconds: 10 @@ -182,7 +182,7 @@ spec: key: dbUrl # Redis configuration - name: REDIS_HOSTNAME - value: {{ .redisHostname }} + value: {{ .redis.host }} - name: REDIS_PASSWORD valueFrom: secretKeyRef: diff --git a/decidim/ingress.yaml b/decidim/ingress.yaml index 0686918..b48ceef 100644 --- a/decidim/ingress.yaml +++ b/decidim/ingress.yaml @@ -23,4 +23,4 @@ spec: service: name: decidim port: - number: {{ .port }} + number: 3000 diff --git a/decidim/manifest.yaml b/decidim/manifest.yaml index 84bda15..2f3d530 100644 --- a/decidim/manifest.yaml +++ b/decidim/manifest.yaml @@ -1,7 +1,7 @@ name: decidim is: decidim description: Decidim is a participatory democracy framework for cities and organizations. Built in Ruby on Rails, it enables citizen participation through proposals, debates, and voting. Includes Sidekiq for background job processing. -version: 0.31.0 +version: 0.31.0-1 icon: https://raw.githubusercontent.com/decidim/decidim/develop/logo.svg requires: - name: postgres @@ -11,27 +11,27 @@ requires: - name: smtp defaultConfig: namespace: decidim - externalDnsDomain: "{{ .cloud.domain }}" - timezone: UTC - port: 3000 + externalDnsDomain: '{{ .cloud.domain }}' storage: 20Gi - systemAdminEmail: "{{ .operator.email }}" - siteName: "Decidim" + systemAdminEmail: '{{ .operator.email }}' + siteName: 'Decidim' domain: decidim.{{ .cloud.domain }} - dbHostname: "{{ .apps.postgres.host }}" - dbPort: "{{ .apps.postgres.port }}" - dbUsername: decidim - dbName: decidim - redisHostname: "{{ .apps.redis.host }}" tlsSecretName: wildcard-wild-cloud-tls + db: + host: '{{ .apps.postgres.host }}' + port: '{{ .apps.postgres.port }}' + name: decidim + user: decidim + redis: + host: '{{ .apps.redis.host }}' smtp: enabled: true - host: "{{ .apps.smtp.host }}" - port: "{{ .apps.smtp.port }}" - user: "{{ .apps.smtp.user }}" - from: "{{ .apps.smtp.from }}" - tls: "{{ .apps.smtp.tls }}" - startTls: "{{ .apps.smtp.startTls }}" + host: '{{ .apps.smtp.host }}' + port: '{{ .apps.smtp.port }}' + user: '{{ .apps.smtp.user }}' + from: '{{ .apps.smtp.from }}' + tls: '{{ .apps.smtp.tls }}' + startTls: '{{ .apps.smtp.startTls }}' defaultSecrets: - key: systemAdminPassword - key: secretKeyBase @@ -39,7 +39,7 @@ defaultSecrets: - key: smtpPassword - key: dbPassword - key: dbUrl - default: "postgres://{{ .app.dbUsername }}:{{ .secrets.dbPassword }}@{{ .app.dbHostname }}:{{ .app.dbPort }}/{{ .app.dbName }}" + default: "postgres://{{ .app.db.user }}:{{ .secrets.dbPassword }}@{{ .app.db.host }}:{{ .app.db.port }}/{{ .app.db.name }}" requiredSecrets: - postgres.password - redis.password diff --git a/decidim/service.yaml b/decidim/service.yaml index 7b0eecc..8c91c3d 100644 --- a/decidim/service.yaml +++ b/decidim/service.yaml @@ -9,7 +9,7 @@ spec: component: web ports: - name: http - port: {{ .port }} + port: 3000 targetPort: http protocol: TCP type: ClusterIP diff --git a/discourse/db-init-job.yaml b/discourse/db-init-job.yaml index 7cbe9b0..fbfd773 100644 --- a/discourse/db-init-job.yaml +++ b/discourse/db-init-job.yaml @@ -27,7 +27,7 @@ spec: readOnlyRootFilesystem: false env: - name: PGHOST - value: "{{ .dbHostname }}" + value: "{{ .db.host }}" - name: PGPORT value: "5432" - name: PGUSER @@ -38,9 +38,9 @@ spec: name: discourse-secrets key: postgres.password - name: DISCOURSE_DB_USER - value: "{{ .dbUsername }}" + value: "{{ .db.user }}" - name: DISCOURSE_DB_NAME - value: "{{ .dbName }}" + value: "{{ .db.name }}" - name: DISCOURSE_DB_PASSWORD valueFrom: secretKeyRef: diff --git a/discourse/deployment.yaml b/discourse/deployment.yaml index 2103e89..7ffc271 100644 --- a/discourse/deployment.yaml +++ b/discourse/deployment.yaml @@ -56,20 +56,20 @@ spec: - name: RAILS_ENV value: "production" - name: DISCOURSE_DB_HOST - value: {{ .dbHostname }} + value: {{ .db.host }} - name: DISCOURSE_DB_PORT - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: DISCOURSE_DB_NAME - value: {{ .dbName }} + value: {{ .db.name }} - name: DISCOURSE_DB_USERNAME - value: {{ .dbUsername }} + value: {{ .db.user }} - name: DISCOURSE_DB_PASSWORD valueFrom: secretKeyRef: name: discourse-secrets key: dbPassword - name: DISCOURSE_REDIS_HOST - value: {{ .redisHostname }} + value: {{ .redis.host }} - name: DISCOURSE_REDIS_PASSWORD valueFrom: secretKeyRef: @@ -113,13 +113,13 @@ spec: value: "production" # Discourse database configuration - name: DISCOURSE_DB_HOST - value: {{ .dbHostname }} + value: {{ .db.host }} - name: DISCOURSE_DB_PORT - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: DISCOURSE_DB_NAME - value: {{ .dbName }} + value: {{ .db.name }} - name: DISCOURSE_DB_USERNAME - value: {{ .dbUsername }} + value: {{ .db.user }} - name: DISCOURSE_DB_PASSWORD valueFrom: secretKeyRef: @@ -127,7 +127,7 @@ spec: key: dbPassword # Redis configuration - name: DISCOURSE_REDIS_HOST - value: {{ .redisHostname }} + value: {{ .redis.host }} - name: DISCOURSE_REDIS_PASSWORD valueFrom: secretKeyRef: @@ -220,13 +220,13 @@ spec: value: "production" # Discourse database configuration - name: DISCOURSE_DB_HOST - value: {{ .dbHostname }} + value: {{ .db.host }} - name: DISCOURSE_DB_PORT - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: DISCOURSE_DB_NAME - value: {{ .dbName }} + value: {{ .db.name }} - name: DISCOURSE_DB_USERNAME - value: {{ .dbUsername }} + value: {{ .db.user }} - name: DISCOURSE_DB_PASSWORD valueFrom: secretKeyRef: @@ -234,7 +234,7 @@ spec: key: dbPassword # Redis configuration - name: DISCOURSE_REDIS_HOST - value: {{ .redisHostname }} + value: {{ .redis.host }} - name: DISCOURSE_REDIS_PASSWORD valueFrom: secretKeyRef: diff --git a/discourse/manifest.yaml b/discourse/manifest.yaml index b6d01c6..6de4d65 100644 --- a/discourse/manifest.yaml +++ b/discourse/manifest.yaml @@ -1,7 +1,7 @@ name: discourse is: discourse description: Discourse is a modern, open-source discussion platform designed for online communities and forums. -version: 3.5.3 +version: 3.5.3-1 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/discourse.svg requires: - name: postgres @@ -9,28 +9,28 @@ requires: - name: smtp defaultConfig: namespace: discourse - externalDnsDomain: "{{ .cloud.domain }}" - timezone: UTC - port: 3000 + externalDnsDomain: '{{ .cloud.domain }}' storage: 10Gi - adminEmail: "{{ .operator.email }}" + adminEmail: '{{ .operator.email }}' adminUsername: admin - siteName: "Community" + siteName: 'Community' domain: discourse.{{ .cloud.domain }} - dbHostname: "{{ .apps.postgres.host }}" - dbPort: "{{ .apps.postgres.port }}" - dbUsername: discourse - dbName: discourse - redisHostname: "{{ .apps.redis.host }}" tlsSecretName: wildcard-wild-cloud-tls + db: + host: '{{ .apps.postgres.host }}' + port: '{{ .apps.postgres.port }}' + name: discourse + user: discourse + redis: + host: '{{ .apps.redis.host }}' smtp: enabled: false - host: "{{ .apps.smtp.host }}" - port: "{{ .apps.smtp.port }}" - user: "{{ .apps.smtp.user }}" - from: "{{ .apps.smtp.from }}" - tls: "{{ .apps.smtp.tls }}" - startTls: "{{ .apps.smtp.startTls }}" + host: '{{ .apps.smtp.host }}' + port: '{{ .apps.smtp.port }}' + user: '{{ .apps.smtp.user }}' + from: '{{ .apps.smtp.from }}' + tls: '{{ .apps.smtp.tls }}' + startTls: '{{ .apps.smtp.startTls }}' defaultSecrets: - key: adminPassword - key: secretKeyBase @@ -38,7 +38,7 @@ defaultSecrets: - key: smtpPassword - key: dbPassword - key: dbUrl - default: "postgres://{{ .app.dbUsername }}:{{ .secrets.dbPassword }}@{{ .app.dbHostname }}:{{ .app.dbPort }}/{{ .app.dbName }}?sslmode=disable" + default: "postgres://{{ .app.db.user }}:{{ .secrets.dbPassword }}@{{ .app.db.host }}:{{ .app.db.port }}/{{ .app.db.name }}?sslmode=disable" requiredSecrets: - postgres.password - redis.password \ No newline at end of file diff --git a/e2e-test-app/db-init-job.yaml b/e2e-test-app/db-init-job.yaml index 69b1953..d149485 100644 --- a/e2e-test-app/db-init-job.yaml +++ b/e2e-test-app/db-init-job.yaml @@ -28,7 +28,7 @@ spec: readOnlyRootFilesystem: false env: - name: PGHOST - value: {{ .dbHost }} + value: {{ .db.host }} - name: PGUSER value: postgres - name: PGPASSWORD @@ -37,9 +37,9 @@ spec: name: e2e-test-app-secrets key: postgres.password - name: DB_NAME - value: {{ .dbName }} + value: {{ .db.name }} - name: DB_USER - value: {{ .dbUser }} + value: {{ .db.user }} - name: DB_PASSWORD valueFrom: secretKeyRef: diff --git a/e2e-test-app/manifest.yaml b/e2e-test-app/manifest.yaml index b73b56b..d2d29ab 100644 --- a/e2e-test-app/manifest.yaml +++ b/e2e-test-app/manifest.yaml @@ -1,23 +1,23 @@ name: e2e-test-app is: e2e-test-app description: End-to-end test application for automated integration testing. Includes PVC and PostgreSQL dependency to exercise all backup strategies. -version: 1.0.0 +version: 1.0.0-1 requires: - name: postgres defaultConfig: namespace: e2e-test-app domain: e2e-test-app.{{ .cloud.domain }} - externalDnsDomain: "{{ .cloud.domain }}" + externalDnsDomain: '{{ .cloud.domain }}' tlsSecretName: wildcard-wild-cloud-tls storage: 1Gi - dbHost: "{{ .apps.postgres.host }}" - dbPort: "{{ .apps.postgres.port }}" - dbName: e2e_test_app - dbUser: e2e_test_app - timezone: UTC + db: + host: '{{ .apps.postgres.host }}' + port: '{{ .apps.postgres.port }}' + name: e2e_test_app + user: e2e_test_app defaultSecrets: - key: dbPassword - key: dbUrl - default: "postgres://{{ .app.dbUser }}:{{ .secrets.dbPassword }}@{{ .app.dbHost }}:{{ .app.dbPort }}/{{ .app.dbName }}?sslmode=disable" + default: "postgres://{{ .app.db.user }}:{{ .secrets.dbPassword }}@{{ .app.db.host }}:{{ .app.db.port }}/{{ .app.db.name }}?sslmode=disable" requiredSecrets: - postgres.password diff --git a/ghost/db-init-job.yaml b/ghost/db-init-job.yaml index 7e0fd02..5fc86fc 100644 --- a/ghost/db-init-job.yaml +++ b/ghost/db-init-job.yaml @@ -29,13 +29,13 @@ spec: name: mysql-secrets key: rootPassword - name: DB_HOSTNAME - value: "{{ .dbHost }}" + value: "{{ .db.host }}" - name: DB_PORT - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: DB_DATABASE_NAME - value: "{{ .dbName }}" + value: "{{ .db.name }}" - name: DB_USERNAME - value: "{{ .dbUser }}" + value: "{{ .db.user }}" - name: DB_PASSWORD valueFrom: secretKeyRef: diff --git a/ghost/deployment.yaml b/ghost/deployment.yaml index f89071f..b33ed06 100644 --- a/ghost/deployment.yaml +++ b/ghost/deployment.yaml @@ -17,10 +17,10 @@ spec: spec: containers: - name: ghost - image: {{ .image }} + image: docker.io/bitnami/ghost:5.118.1-debian-12-r0 ports: - name: http - containerPort: {{ .port }} + containerPort: 2368 protocol: TCP env: - name: BITNAMI_DEBUG @@ -28,13 +28,13 @@ spec: - name: ALLOW_EMPTY_PASSWORD value: "yes" - name: GHOST_DATABASE_HOST - value: {{ .dbHost }} + value: {{ .db.host }} - name: GHOST_DATABASE_PORT_NUMBER - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: GHOST_DATABASE_NAME - value: {{ .dbName }} + value: {{ .db.name }} - name: GHOST_DATABASE_USER - value: {{ .dbUser }} + value: {{ .db.user }} - name: GHOST_DATABASE_PASSWORD valueFrom: secretKeyRef: @@ -43,7 +43,7 @@ spec: - name: GHOST_HOST value: {{ .domain }} - name: GHOST_PORT_NUMBER - value: "{{ .port }}" + value: "2368" - name: GHOST_USERNAME value: {{ .adminUser }} - name: GHOST_PASSWORD @@ -92,7 +92,7 @@ spec: mountPath: /bitnami/ghost livenessProbe: tcpSocket: - port: {{ .port }} + port: 2368 initialDelaySeconds: 120 timeoutSeconds: 5 periodSeconds: 10 diff --git a/ghost/manifest.yaml b/ghost/manifest.yaml index 2d26cf2..bf294bd 100644 --- a/ghost/manifest.yaml +++ b/ghost/manifest.yaml @@ -2,7 +2,7 @@ name: ghost is: ghost description: Ghost is a powerful app for new-media creators to publish, share, and grow a business around their content. -version: 5.118.1 +version: 5.118.1-1 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/ghost.png requires: - name: mysql @@ -10,19 +10,17 @@ requires: defaultConfig: namespace: ghost externalDnsDomain: '{{ .cloud.domain }}' - image: docker.io/bitnami/ghost:5.118.1-debian-12-r0 domain: ghost.{{ .cloud.domain }} tlsSecretName: wildcard-wild-cloud-tls - port: 2368 storage: 10Gi - dbHost: mysql.mysql.svc.cluster.local - dbPort: 3306 - dbName: ghost - dbUser: ghost adminUser: admin - adminEmail: {{ .operator.email }} + adminEmail: '{{ .operator.email }}' blogTitle: My Blog - timezone: UTC + db: + host: '{{ .apps.mysql.host }}' + port: '3306' + name: ghost + user: ghost smtp: host: '{{ .apps.smtp.host }}' port: '{{ .apps.smtp.port }}' diff --git a/ghost/service.yaml b/ghost/service.yaml index d230d9a..3a8e848 100644 --- a/ghost/service.yaml +++ b/ghost/service.yaml @@ -9,6 +9,6 @@ spec: - name: http port: 80 protocol: TCP - targetPort: {{ .port }} + targetPort: 2368 selector: component: web \ No newline at end of file diff --git a/gitea/db-init-job.yaml b/gitea/db-init-job.yaml index 26c81a5..c55d2a5 100644 --- a/gitea/db-init-job.yaml +++ b/gitea/db-init-job.yaml @@ -38,11 +38,11 @@ spec: name: postgres-secrets key: password - name: DB_HOSTNAME - value: "{{ .dbHost }}" + value: "{{ .db.host }}" - name: DB_DATABASE_NAME - value: "{{ .dbName }}" + value: "{{ .db.name }}" - name: DB_USERNAME - value: "{{ .dbUser }}" + value: "{{ .db.user }}" - name: DB_PASSWORD valueFrom: secretKeyRef: diff --git a/gitea/deployment.yaml b/gitea/deployment.yaml index 9fee93f..d3f3403 100644 --- a/gitea/deployment.yaml +++ b/gitea/deployment.yaml @@ -23,7 +23,7 @@ spec: terminationGracePeriodSeconds: 60 containers: - name: gitea - image: "{{ .image }}" + image: "gitea/gitea:1.24.3" imagePullPolicy: IfNotPresent envFrom: - configMapRef: diff --git a/gitea/gitea.env b/gitea/gitea.env index e67fe5e..cec23b0 100644 --- a/gitea/gitea.env +++ b/gitea/gitea.env @@ -8,7 +8,7 @@ GITEA_ADMIN_PASSWORD_MODE=keepUpdated # Core app settings GITEA____APP_NAME={{ .appName }} -GITEA____RUN_MODE={{ .runMode }} +GITEA____RUN_MODE=prod GITEA____RUN_USER=git # Security settings @@ -17,19 +17,19 @@ GITEA__security__PASSWORD_HASH_ALGO=pbkdf2 # Database settings (except password which comes from secret) GITEA__database__DB_TYPE=postgres -GITEA__database__HOST={{ .dbHost }}:{{ .dbPort }} -GITEA__database__NAME={{ .dbName }} -GITEA__database__USER={{ .dbUser }} +GITEA__database__HOST={{ .db.host }}:{{ .db.port }} +GITEA__database__NAME={{ .db.name }} +GITEA__database__USER={{ .db.user }} GITEA__database__SSL_MODE=disable GITEA__database__LOG_SQL=false # Server settings GITEA__server__DOMAIN={{ .domain }} -GITEA__server__HTTP_PORT={{ .port }} +GITEA__server__HTTP_PORT=3000 GITEA__server__ROOT_URL=https://{{ .domain }}/ GITEA__server__DISABLE_SSH=false GITEA__server__SSH_DOMAIN={{ .domain }} -GITEA__server__SSH_PORT={{ .sshPort }} +GITEA__server__SSH_PORT=22 GITEA__server__SSH_LISTEN_PORT=2222 GITEA__server__LFS_START_SERVER=true GITEA__server__OFFLINE_MODE=true diff --git a/gitea/manifest.yaml b/gitea/manifest.yaml index 14bea71..c9fa7c5 100644 --- a/gitea/manifest.yaml +++ b/gitea/manifest.yaml @@ -1,7 +1,7 @@ name: gitea is: gitea description: Gitea is a painless self-hosted Git service written in Go -version: 1.24.3 +version: 1.24.3-1 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/gitea.svg requires: - name: postgres @@ -9,21 +9,17 @@ requires: defaultConfig: namespace: gitea externalDnsDomain: '{{ .cloud.domain }}' - image: gitea/gitea:1.24.3 appName: Gitea domain: gitea.{{ .cloud.domain }} tlsSecretName: wildcard-wild-cloud-tls - port: 3000 - sshPort: 22 storage: 10Gi - dbName: gitea - dbUser: gitea - dbHost: postgres.postgres.svc.cluster.local adminUser: admin adminEmail: "{{ .operator.email }}" - dbPort: 5432 - timezone: UTC - runMode: prod + db: + name: gitea + user: gitea + host: '{{ .apps.postgres.host }}' + port: '{{ .apps.postgres.port }}' smtp: host: '{{ .apps.smtp.host }}' port: '{{ .apps.smtp.port }}' diff --git a/gitea/service.yaml b/gitea/service.yaml index 4d358af..9c6dfe9 100644 --- a/gitea/service.yaml +++ b/gitea/service.yaml @@ -8,7 +8,7 @@ spec: ports: - name: http port: 3000 - targetPort: {{ .port }} + targetPort: 3000 selector: component: web --- @@ -21,7 +21,7 @@ spec: type: LoadBalancer ports: - name: ssh - port: {{ .sshPort }} + port: 22 targetPort: 2222 protocol: TCP selector: diff --git a/immich/db-init-job.yaml b/immich/db-init-job.yaml index 5e63d5d..16867e8 100644 --- a/immich/db-init-job.yaml +++ b/immich/db-init-job.yaml @@ -55,11 +55,11 @@ spec: name: immich-secrets key: postgres.password - name: DB_HOSTNAME - value: "{{ .dbHostname }}" + value: "{{ .db.host }}" - name: DB_DATABASE_NAME - value: "{{ .dbUsername }}" + value: "{{ .db.name }}" - name: DB_USERNAME - value: "{{ .dbUsername }}" + value: "{{ .db.user }}" - name: DB_PASSWORD valueFrom: secretKeyRef: diff --git a/immich/deployment-machine-learning.yaml b/immich/deployment-machine-learning.yaml index 1cace39..fc861b3 100644 --- a/immich/deployment-machine-learning.yaml +++ b/immich/deployment-machine-learning.yaml @@ -17,14 +17,14 @@ spec: component: machine-learning spec: containers: - - image: "{{ .mlImage }}" + - image: "ghcr.io/immich-app/immich-machine-learning:v1.135.3" name: immich-machine-learning ports: - - containerPort: {{ .mlPort }} + - containerPort: 3003 protocol: TCP env: - name: TZ - value: "{{ .timezone }}" + value: "UTC" volumeMounts: - mountPath: /cache name: immich-cache diff --git a/immich/deployment-microservices.yaml b/immich/deployment-microservices.yaml index 191b332..e7f8699 100644 --- a/immich/deployment-microservices.yaml +++ b/immich/deployment-microservices.yaml @@ -20,27 +20,27 @@ spec: component: microservices spec: containers: - - image: "{{ .serverImage }}" + - image: "ghcr.io/immich-app/immich-server:v1.135.3" name: immich-microservices env: - name: REDIS_HOSTNAME - value: "{{ .redisHostname }}" + value: "{{ .redis.host }}" - name: REDIS_PASSWORD valueFrom: secretKeyRef: name: immich-secrets key: redis.password - name: DB_HOSTNAME - value: "{{ .dbHostname }}" + value: "{{ .db.host }}" - name: DB_USERNAME - value: "{{ .dbUsername }}" + value: "{{ .db.user }}" - name: DB_PASSWORD valueFrom: secretKeyRef: name: immich-secrets key: dbPassword - name: TZ - value: "{{ .timezone }}" + value: "UTC" - name: IMMICH_WORKERS_EXCLUDE value: api volumeMounts: diff --git a/immich/deployment-server.yaml b/immich/deployment-server.yaml index 311131f..ac8f70e 100644 --- a/immich/deployment-server.yaml +++ b/immich/deployment-server.yaml @@ -20,30 +20,30 @@ spec: component: server spec: containers: - - image: "{{ .serverImage }}" + - image: "ghcr.io/immich-app/immich-server:v1.135.3" name: immich-server ports: - - containerPort: {{ .serverPort }} + - containerPort: 2283 protocol: TCP env: - name: REDIS_HOSTNAME - value: "{{ .redisHostname }}" + value: "{{ .redis.host }}" - name: REDIS_PASSWORD valueFrom: secretKeyRef: name: immich-secrets key: redis.password - name: DB_HOSTNAME - value: "{{ .dbHostname }}" + value: "{{ .db.host }}" - name: DB_USERNAME - value: "{{ .dbUsername }}" + value: "{{ .db.user }}" - name: DB_PASSWORD valueFrom: secretKeyRef: name: immich-secrets key: dbPassword - name: TZ - value: "{{ .timezone }}" + value: "UTC" - name: IMMICH_WORKERS_EXCLUDE value: microservices volumeMounts: diff --git a/immich/manifest.yaml b/immich/manifest.yaml index 204838a..081ee8f 100644 --- a/immich/manifest.yaml +++ b/immich/manifest.yaml @@ -2,7 +2,7 @@ name: immich is: immich description: Immich is a self-hosted photo and video backup solution that allows you to store, manage, and share your media files securely. -version: 1.135.3 +version: 1.135.3-1 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/immich.svg requires: - name: redis @@ -10,18 +10,16 @@ requires: defaultConfig: namespace: immich externalDnsDomain: '{{ .cloud.domain }}' - serverImage: ghcr.io/immich-app/immich-server:v1.135.3 - mlImage: ghcr.io/immich-app/immich-machine-learning:v1.135.3 - timezone: UTC - serverPort: 2283 - mlPort: 3003 storage: 250Gi cacheStorage: 10Gi - redisHostname: redis.redis.svc.cluster.local - dbHostname: postgres.postgres.svc.cluster.local - dbUsername: immich domain: immich.{{ .cloud.domain }} tlsSecretName: wildcard-wild-cloud-tls + db: + host: '{{ .apps.postgres.host }}' + name: immich + user: immich + redis: + host: '{{ .apps.redis.host }}' defaultSecrets: - key: dbPassword requiredSecrets: diff --git a/immich/service.yaml b/immich/service.yaml index aaa1b08..131a865 100644 --- a/immich/service.yaml +++ b/immich/service.yaml @@ -9,7 +9,7 @@ metadata: spec: ports: - port: 3001 - targetPort: {{ .serverPort }} + targetPort: 2283 selector: app: immich component: server @@ -25,7 +25,7 @@ metadata: app: immich-machine-learning spec: ports: - - port: {{ .mlPort }} + - port: 3003 selector: app: immich component: machine-learning diff --git a/keila/db-init-job.yaml b/keila/db-init-job.yaml index 59a8d3d..97a3b6c 100644 --- a/keila/db-init-job.yaml +++ b/keila/db-init-job.yaml @@ -26,7 +26,7 @@ spec: readOnlyRootFilesystem: false env: - name: PGHOST - value: {{ .dbHostname }} + value: {{ .db.host }} - name: PGUSER value: postgres - name: PGPASSWORD @@ -35,9 +35,9 @@ spec: name: keila-secrets key: postgres.password - name: DB_NAME - value: {{ .dbName }} + value: {{ .db.name }} - name: DB_USER - value: {{ .dbUsername }} + value: {{ .db.user }} - name: DB_PASSWORD valueFrom: secretKeyRef: diff --git a/keila/deployment.yaml b/keila/deployment.yaml index 04706bf..8e90009 100644 --- a/keila/deployment.yaml +++ b/keila/deployment.yaml @@ -16,9 +16,9 @@ spec: spec: containers: - name: keila - image: "{{ .image }}" + image: "pentacent/keila:0.17.1" ports: - - containerPort: {{ .port }} + - containerPort: 4000 env: - name: DB_URL valueFrom: @@ -32,7 +32,7 @@ spec: - name: URL_PORT value: "443" - name: PORT - value: "{{ .port }}" + value: "4000" - name: SECRET_KEY_BASE valueFrom: secretKeyRef: @@ -72,13 +72,13 @@ spec: livenessProbe: httpGet: path: / - port: {{ .port }} + port: 4000 initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: httpGet: path: / - port: {{ .port }} + port: 4000 initialDelaySeconds: 5 periodSeconds: 5 volumes: diff --git a/keila/manifest.yaml b/keila/manifest.yaml index 36853d1..3125c44 100644 --- a/keila/manifest.yaml +++ b/keila/manifest.yaml @@ -1,38 +1,37 @@ name: keila is: keila description: Keila is an open-source email marketing platform that allows you to send newsletters and manage mailing lists with privacy and control. -version: 0.17.1 +version: 0.17.1-1 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/keila.svg requires: - name: postgres - name: smtp defaultConfig: namespace: keila - externalDnsDomain: "{{ .cloud.domain }}" - image: pentacent/keila:0.17.1 - port: 4000 + externalDnsDomain: '{{ .cloud.domain }}' storage: 1Gi domain: keila.{{ .cloud.domain }} - dbHostname: "{{ .apps.postgres.host }}" - dbPort: "{{ .apps.postgres.port }}" - dbName: keila - dbUsername: keila - disableRegistration: "true" + disableRegistration: 'true' adminUser: admin@{{ .cloud.domain }} tlsSecretName: wildcard-wild-cloud-tls + db: + host: '{{ .apps.postgres.host }}' + port: '{{ .apps.postgres.port }}' + name: keila + user: keila smtp: - host: "{{ .apps.smtp.host }}" - port: "{{ .apps.smtp.port }}" - from: "{{ .apps.smtp.from }}" - user: "{{ .apps.smtp.user }}" - tls: "{{ .apps.smtp.tls }}" - startTls: "{{ .apps.smtp.startTls }}" + host: '{{ .apps.smtp.host }}' + port: '{{ .apps.smtp.port }}' + from: '{{ .apps.smtp.from }}' + user: '{{ .apps.smtp.user }}' + tls: '{{ .apps.smtp.tls }}' + startTls: '{{ .apps.smtp.startTls }}' defaultSecrets: - key: secretKeyBase default: "{{ random.AlphaNum 64 }}" - key: dbPassword - key: dbUrl - default: "postgres://{{ .app.dbUsername }}:{{ .secrets.dbPassword }}@{{ .app.dbHostname }}:{{ .app.dbPort }}/keila?sslmode=disable" + default: "postgres://{{ .app.db.user }}:{{ .secrets.dbPassword }}@{{ .app.db.host }}:{{ .app.db.port }}/{{ .app.db.name }}?sslmode=disable" - key: adminPassword - key: smtpPassword requiredSecrets: diff --git a/keila/service.yaml b/keila/service.yaml index 94d3a86..8435ce6 100644 --- a/keila/service.yaml +++ b/keila/service.yaml @@ -7,5 +7,5 @@ spec: component: web ports: - port: 80 - targetPort: {{ .port }} + targetPort: 4000 protocol: TCP \ No newline at end of file diff --git a/lemmy/configmap.yaml b/lemmy/configmap.yaml index 946a044..2832bb4 100644 --- a/lemmy/configmap.yaml +++ b/lemmy/configmap.yaml @@ -8,15 +8,15 @@ data: { hostname: "{{ .domain }}" bind: "0.0.0.0" - port: {{ .backendPort }} + port: 8536 tls_enabled: false database: { - uri: "postgresql://{{ .dbUser }}:DBPASSWORD@{{ .dbHost }}:{{ .dbPort }}/{{ .dbName }}" + uri: "postgresql://{{ .db.user }}:DBPASSWORD@{{ .db.host }}:{{ .db.port }}/{{ .db.name }}" } pictrs: { - url: "http://lemmy-pictrs:{{ .pictrsPort }}/" + url: "http://lemmy-pictrs:8080/" api_key: "PICTRS_API_KEY" } diff --git a/lemmy/db-init-job.yaml b/lemmy/db-init-job.yaml index 8ec9e54..381d865 100644 --- a/lemmy/db-init-job.yaml +++ b/lemmy/db-init-job.yaml @@ -26,9 +26,9 @@ spec: readOnlyRootFilesystem: false env: - name: PGHOST - value: "{{ .dbHost }}" + value: "{{ .db.host }}" - name: PGPORT - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: PGUSER value: postgres - name: PGPASSWORD @@ -37,9 +37,9 @@ spec: name: lemmy-secrets key: postgres.password - name: DB_NAME - value: "{{ .dbName }}" + value: "{{ .db.name }}" - name: DB_USER - value: "{{ .dbUser }}" + value: "{{ .db.user }}" - name: DB_PASSWORD valueFrom: secretKeyRef: diff --git a/lemmy/deployment-backend.yaml b/lemmy/deployment-backend.yaml index 7aa5c89..47addf5 100644 --- a/lemmy/deployment-backend.yaml +++ b/lemmy/deployment-backend.yaml @@ -4,7 +4,7 @@ metadata: name: lemmy-backend namespace: {{ .namespace }} spec: - replicas: {{ .backendReplicas }} + replicas: 1 selector: matchLabels: component: backend @@ -65,7 +65,7 @@ spec: mountPath: /config containers: - name: backend - image: {{ .backendImage }} + image: dessalines/lemmy:0.19.15 securityContext: allowPrivilegeEscalation: false capabilities: @@ -75,9 +75,9 @@ spec: - name: LEMMY_CONFIG_LOCATION value: /config/lemmy.hjson - name: TZ - value: "{{ .timezone }}" + value: "UTC" ports: - - containerPort: {{ .backendPort }} + - containerPort: 8536 name: http volumeMounts: - name: config @@ -85,13 +85,13 @@ spec: livenessProbe: httpGet: path: /api/v3/site - port: {{ .backendPort }} + port: 8536 initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: httpGet: path: /api/v3/site - port: {{ .backendPort }} + port: 8536 initialDelaySeconds: 10 periodSeconds: 5 volumes: diff --git a/lemmy/deployment-pictrs.yaml b/lemmy/deployment-pictrs.yaml index 5d21e75..74d4f41 100644 --- a/lemmy/deployment-pictrs.yaml +++ b/lemmy/deployment-pictrs.yaml @@ -4,7 +4,7 @@ metadata: name: lemmy-pictrs namespace: {{ .namespace }} spec: - replicas: {{ .pictrsReplicas }} + replicas: 1 selector: matchLabels: component: pictrs @@ -22,7 +22,7 @@ spec: type: RuntimeDefault containers: - name: pictrs - image: {{ .pictrsImage }} + image: asonix/pictrs:0.5.5 securityContext: allowPrivilegeEscalation: false capabilities: @@ -30,7 +30,7 @@ spec: readOnlyRootFilesystem: false env: - name: PICTRS__SERVER__BIND - value: "0.0.0.0:{{ .pictrsPort }}" + value: "0.0.0.0:8080" - name: PICTRS__MEDIA__VIDEO_CODEC value: vp9 - name: PICTRS__MEDIA__GIF__MAX_WIDTH @@ -54,7 +54,7 @@ spec: - name: PICTRS__STORE__PATH value: /mnt/files ports: - - containerPort: {{ .pictrsPort }} + - containerPort: 8080 name: http volumeMounts: - name: storage @@ -62,13 +62,13 @@ spec: livenessProbe: httpGet: path: /healthz - port: {{ .pictrsPort }} + port: 8080 initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: httpGet: path: /healthz - port: {{ .pictrsPort }} + port: 8080 initialDelaySeconds: 10 periodSeconds: 5 volumes: diff --git a/lemmy/deployment-ui.yaml b/lemmy/deployment-ui.yaml index 90351ea..82cf1a6 100644 --- a/lemmy/deployment-ui.yaml +++ b/lemmy/deployment-ui.yaml @@ -4,7 +4,7 @@ metadata: name: lemmy-ui namespace: {{ .namespace }} spec: - replicas: {{ .uiReplicas }} + replicas: 1 selector: matchLabels: component: ui @@ -21,7 +21,7 @@ spec: type: RuntimeDefault containers: - name: ui - image: {{ .uiImage }} + image: dessalines/lemmy-ui:0.19.15 securityContext: allowPrivilegeEscalation: false capabilities: @@ -29,25 +29,25 @@ spec: readOnlyRootFilesystem: false env: - name: LEMMY_UI_LEMMY_INTERNAL_HOST - value: "lemmy-backend:{{ .backendPort }}" + value: "lemmy-backend:8536" - name: LEMMY_UI_LEMMY_EXTERNAL_HOST value: "{{ .domain }}" - name: LEMMY_UI_HTTPS value: "true" ports: - - containerPort: {{ .uiPort }} + - containerPort: 1234 name: http livenessProbe: httpGet: path: / - port: {{ .uiPort }} + port: 1234 initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 readinessProbe: httpGet: path: / - port: {{ .uiPort }} + port: 1234 initialDelaySeconds: 10 periodSeconds: 5 timeoutSeconds: 5 diff --git a/lemmy/ingress.yaml b/lemmy/ingress.yaml index b9be5d7..9e19880 100644 --- a/lemmy/ingress.yaml +++ b/lemmy/ingress.yaml @@ -25,18 +25,18 @@ spec: service: name: lemmy-backend port: - number: {{ .backendPort }} + number: 8536 - path: /pictrs pathType: Prefix backend: service: name: lemmy-pictrs port: - number: {{ .pictrsPort }} + number: 8080 - path: / pathType: Prefix backend: service: name: lemmy-ui port: - number: {{ .uiPort }} + number: 1234 diff --git a/lemmy/manifest.yaml b/lemmy/manifest.yaml index befb8d4..7b5dce0 100644 --- a/lemmy/manifest.yaml +++ b/lemmy/manifest.yaml @@ -1,38 +1,29 @@ name: lemmy is: lemmy description: Lemmy is a selfhosted social link aggregation and discussion platform. It is an open source alternative to Reddit, designed for the fediverse. -version: 0.19.15 +version: 0.19.15-2 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/lemmy.svg requires: - name: postgres - name: smtp defaultConfig: namespace: lemmy - backendImage: dessalines/lemmy:0.19.15 - uiImage: dessalines/lemmy-ui:0.19.15 - pictrsImage: asonix/pictrs:0.5.5 - backendPort: 8536 - uiPort: 1234 - pictrsPort: 8080 - backendReplicas: 1 - uiReplicas: 1 - pictrsReplicas: 1 + externalDnsDomain: lemmy.{{ .cloud.baseDomain }} + domain: lemmy.{{ .cloud.domain }} + tlsSecretName: wildcard-wild-cloud-tls storage: 10Gi pictrsStorage: 50Gi - timezone: UTC - domain: lemmy.{{ .cloud.domain }} - externalDnsDomain: lemmy.{{ .cloud.baseDomain }} - tlsSecretName: lemmy-tls - dbName: lemmy - dbUser: lemmy - dbHost: postgres.postgres.svc.cluster.local - dbPort: 5432 + db: + host: '{{ .apps.postgres.host }}' + port: '{{ .apps.postgres.port }}' + name: lemmy + user: lemmy smtp: - host: "{{ .apps.smtp.host }}" - port: "{{ .apps.smtp.port }}" - user: "{{ .apps.smtp.user }}" - from: "noreply@{{ .cloud.baseDomain }}" - tls: "{{ .apps.smtp.tls }}" + host: '{{ .apps.smtp.host }}' + port: '{{ .apps.smtp.port }}' + user: '{{ .apps.smtp.user }}' + from: 'noreply@{{ .cloud.baseDomain }}' + tls: '{{ .apps.smtp.tls }}' defaultSecrets: - key: dbPassword - key: adminPassword diff --git a/lemmy/service-backend.yaml b/lemmy/service-backend.yaml index 74f1529..4264282 100644 --- a/lemmy/service-backend.yaml +++ b/lemmy/service-backend.yaml @@ -9,5 +9,5 @@ spec: component: backend ports: - name: http - port: {{ .backendPort }} - targetPort: {{ .backendPort }} + port: 8536 + targetPort: 8536 diff --git a/lemmy/service-pictrs.yaml b/lemmy/service-pictrs.yaml index 4f52324..39d3aa8 100644 --- a/lemmy/service-pictrs.yaml +++ b/lemmy/service-pictrs.yaml @@ -9,5 +9,5 @@ spec: component: pictrs ports: - name: http - port: {{ .pictrsPort }} - targetPort: {{ .pictrsPort }} + port: 8080 + targetPort: 8080 diff --git a/lemmy/service-ui.yaml b/lemmy/service-ui.yaml index 0c12c81..fcb45a7 100644 --- a/lemmy/service-ui.yaml +++ b/lemmy/service-ui.yaml @@ -9,5 +9,5 @@ spec: component: ui ports: - name: http - port: {{ .uiPort }} - targetPort: {{ .uiPort }} + port: 1234 + targetPort: 1234 diff --git a/listmonk/db-init-job.yaml b/listmonk/db-init-job.yaml index 0d536d7..66e2b46 100644 --- a/listmonk/db-init-job.yaml +++ b/listmonk/db-init-job.yaml @@ -28,7 +28,7 @@ spec: readOnlyRootFilesystem: false env: - name: PGHOST - value: {{ .dbHost }} + value: {{ .db.host }} - name: PGUSER value: postgres - name: PGPASSWORD @@ -37,9 +37,9 @@ spec: name: listmonk-secrets key: postgres.password - name: DB_NAME - value: {{ .dbName }} + value: {{ .db.name }} - name: DB_USER - value: {{ .dbUser }} + value: {{ .db.user }} - name: DB_PASSWORD valueFrom: secretKeyRef: diff --git a/listmonk/deployment.yaml b/listmonk/deployment.yaml index 749af51..644ce91 100644 --- a/listmonk/deployment.yaml +++ b/listmonk/deployment.yaml @@ -31,17 +31,17 @@ spec: - name: LISTMONK_app__address value: "0.0.0.0:9000" - name: LISTMONK_app__root_url - value: "{{ .rootUrl }}" + value: "https://{{ .domain }}" - name: LISTMONK_db__host - value: {{ .dbHost }} + value: {{ .db.host }} - name: LISTMONK_db__port - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: LISTMONK_db__user - value: {{ .dbUser }} + value: {{ .db.user }} - name: LISTMONK_db__database - value: {{ .dbName }} + value: {{ .db.name }} - name: LISTMONK_db__ssl_mode - value: {{ .dbSSLMode }} + value: disable - name: LISTMONK_db__password valueFrom: secretKeyRef: diff --git a/listmonk/manifest.yaml b/listmonk/manifest.yaml index da47830..8c2ba1a 100644 --- a/listmonk/manifest.yaml +++ b/listmonk/manifest.yaml @@ -2,7 +2,7 @@ name: listmonk is: listmonk description: Listmonk is a standalone, self-hosted, newsletter and mailing list manager. It is fast, feature-rich, and packed into a single binary. -version: 5.0.3 +version: 5.0.3-1 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/listmonk.svg requires: - name: postgres @@ -10,18 +10,16 @@ defaultConfig: namespace: listmonk externalDnsDomain: '{{ .cloud.domain }}' domain: listmonk.{{ .cloud.domain }} - rootUrl: https://listmonk.{{ .cloud.domain }} tlsSecretName: wildcard-wild-cloud-tls storage: 1Gi - dbHost: postgres.postgres.svc.cluster.local - dbPort: 5432 - dbName: listmonk - dbUser: listmonk - dbSSLMode: disable - timezone: UTC + db: + host: '{{ .apps.postgres.host }}' + port: '{{ .apps.postgres.port }}' + name: listmonk + user: listmonk defaultSecrets: - key: dbPassword - key: dbUrl - default: 'postgres://{{ .app.dbUser }}:{{ .secrets.dbPassword }}@{{ .app.dbHost }}:{{ .app.dbPort }}/{{ .app.dbName }}?sslmode={{ .app.dbSSLMode }}' + default: 'postgres://{{ .app.db.user }}:{{ .secrets.dbPassword }}@{{ .app.db.host }}:{{ .app.db.port }}/{{ .app.db.name }}?sslmode=disable' requiredSecrets: - postgres.password diff --git a/loomio/db-init-job.yaml b/loomio/db-init-job.yaml index 60dc44f..8e2daeb 100644 --- a/loomio/db-init-job.yaml +++ b/loomio/db-init-job.yaml @@ -8,7 +8,7 @@ spec: restartPolicy: OnFailure containers: - name: db-init - image: {{ .image }} + image: loomio/loomio:latest command: - /bin/bash - -c diff --git a/loomio/deployment-worker.yaml b/loomio/deployment-worker.yaml index 29b1720..0cda21f 100644 --- a/loomio/deployment-worker.yaml +++ b/loomio/deployment-worker.yaml @@ -14,7 +14,7 @@ spec: spec: containers: - name: worker - image: {{ .workerImage }} + image: loomio/loomio:latest env: - name: TASK value: worker @@ -46,7 +46,7 @@ spec: name: loomio-secrets key: secretCookieToken - name: ACTIVE_STORAGE_SERVICE - value: {{ .activeStorageService }} + value: local - name: SMTP_AUTH value: {{ .smtp.auth }} - name: SMTP_DOMAIN diff --git a/loomio/deployment.yaml b/loomio/deployment.yaml index d5f8620..74da827 100644 --- a/loomio/deployment.yaml +++ b/loomio/deployment.yaml @@ -4,6 +4,8 @@ metadata: name: loomio spec: replicas: 1 + strategy: + type: Recreate selector: matchLabels: component: web @@ -14,13 +16,13 @@ spec: spec: containers: - name: loomio - image: {{ .image }} + image: loomio/loomio:latest command: - /bin/bash - -c - | set -e - bundle exec rake db:schema:load db:seed + bundle exec rake db:migrate db:seed bundle exec thrust puma -C config/puma.rb ports: - containerPort: 3000 @@ -54,17 +56,17 @@ spec: name: loomio-secrets key: secretCookieToken - name: FORCE_SSL - value: "{{ .forceSSL }}" + value: "1" - name: USE_RACK_ATTACK - value: "{{ .useRackAttack }}" + value: "1" - name: PUMA_WORKERS - value: "{{ .pumaWorkers }}" + value: "2" - name: MIN_THREADS - value: "{{ .minThreads }}" + value: "5" - name: MAX_THREADS - value: "{{ .maxThreads }}" + value: "5" - name: ACTIVE_STORAGE_SERVICE - value: {{ .activeStorageService }} + value: local - name: SMTP_AUTH value: {{ .smtp.auth }} - name: SMTP_DOMAIN diff --git a/loomio/manifest.yaml b/loomio/manifest.yaml index de23797..a5bf751 100644 --- a/loomio/manifest.yaml +++ b/loomio/manifest.yaml @@ -1,7 +1,7 @@ name: loomio is: loomio description: Loomio is a collaborative decision-making tool that makes it easy for groups to make decisions together -version: 3.0.11 +version: 3.0.11-2 icon: https://www.loomio.com/brand/logo_gold.svg requires: - name: postgres @@ -10,39 +10,30 @@ requires: - name: smtp defaultConfig: namespace: loomio - externalDnsDomain: "{{ .cloud.domain }}" - image: loomio/loomio:latest - workerImage: loomio/loomio:latest + externalDnsDomain: '{{ .cloud.domain }}' appName: Loomio - domain: "loomio.{{ .cloud.domain }}" + domain: 'loomio.{{ .cloud.domain }}' tlsSecretName: wildcard-wild-cloud-tls - port: 3000 storage: uploads: 5Gi files: 5Gi plugins: 1Gi - redisUrl: "{{ .apps.redis.uri }}" - adminEmail: "{{ .operator.email }}" - supportEmail: "{{ .operator.email }}" - forceSSL: "1" - useRackAttack: "1" - pumaWorkers: "2" - minThreads: "5" - maxThreads: "5" - activeStorageService: local + redisUrl: '{{ .apps.redis.uri }}' + adminEmail: '{{ .operator.email }}' + supportEmail: '{{ .operator.email }}' db: name: loomio user: loomio - host: "{{ .apps.postgres.host }}" - port: "{{ .apps.postgres.port }}" + host: '{{ .apps.postgres.host }}' + port: '{{ .apps.postgres.port }}' smtp: auth: plain - domain: "{{ .cloud.domain }}" - host: "{{ .apps.smtp.host }}" - port: "{{ .apps.smtp.port }}" - user: "{{ .apps.smtp.user }}" - tls: "{{ .apps.smtp.tls }}" - from: "{{ .apps.smtp.from }}" + domain: '{{ .cloud.domain }}' + host: '{{ .apps.smtp.host }}' + port: '{{ .apps.smtp.port }}' + user: '{{ .apps.smtp.user }}' + tls: '{{ .apps.smtp.tls }}' + from: '{{ .apps.smtp.from }}' defaultSecrets: - key: dbPassword default: "{{ random.AlphaNum 32 }}" diff --git a/mastodon/db-init-job.yaml b/mastodon/db-init-job.yaml index df6ff7e..c1f47d8 100644 --- a/mastodon/db-init-job.yaml +++ b/mastodon/db-init-job.yaml @@ -27,9 +27,9 @@ spec: readOnlyRootFilesystem: false env: - name: PGHOST - value: "{{ .dbHostname }}" + value: "{{ .db.host }}" - name: PGPORT - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: PGUSER value: postgres - name: PGPASSWORD @@ -38,9 +38,9 @@ spec: name: mastodon-secrets key: postgres.password - name: MASTODON_DB - value: "{{ .dbName }}" + value: "{{ .db.name }}" - name: MASTODON_USER - value: "{{ .dbUsername }}" + value: "{{ .db.user }}" - name: MASTODON_PASSWORD valueFrom: secretKeyRef: @@ -108,7 +108,7 @@ spec: type: RuntimeDefault containers: - name: db-migrate - image: {{ .image }} + image: ghcr.io/mastodon/mastodon:v4.5.3 securityContext: allowPrivilegeEscalation: false capabilities: @@ -150,22 +150,22 @@ spec: name: mastodon-secrets key: activeRecordKeyDerivationSalt - name: DB_HOST - value: "{{ .dbHostname }}" + value: "{{ .db.host }}" - name: DB_PORT - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: DB_NAME - value: "{{ .dbName }}" + value: "{{ .db.name }}" - name: DB_USER - value: "{{ .dbUsername }}" + value: "{{ .db.user }}" - name: DB_PASS valueFrom: secretKeyRef: name: mastodon-secrets key: dbPassword - name: REDIS_HOST - value: "{{ .redisHostname }}" + value: "{{ .redis.host }}" - name: REDIS_PORT - value: "{{ .redisPort }}" + value: "{{ .redis.port }}" - name: REDIS_PASSWORD valueFrom: secretKeyRef: diff --git a/mastodon/deployment-sidekiq.yaml b/mastodon/deployment-sidekiq.yaml index 2a8da2a..f838c03 100644 --- a/mastodon/deployment-sidekiq.yaml +++ b/mastodon/deployment-sidekiq.yaml @@ -22,7 +22,7 @@ spec: type: RuntimeDefault containers: - name: sidekiq - image: {{ .image }} + image: ghcr.io/mastodon/mastodon:v4.5.3 securityContext: allowPrivilegeEscalation: false capabilities: @@ -33,7 +33,7 @@ spec: - exec - sidekiq - -c - - "{{ .sidekiq.concurrency }}" + - "25" - -q - default,8 - -q @@ -91,13 +91,13 @@ spec: name: mastodon-secrets key: activeRecordKeyDerivationSalt - name: DB_HOST - value: "{{ .dbHostname }}" + value: "{{ .db.host }}" - name: DB_PORT - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: DB_NAME - value: "{{ .dbName }}" + value: "{{ .db.name }}" - name: DB_USER - value: "{{ .dbUsername }}" + value: "{{ .db.user }}" - name: DB_PASS valueFrom: secretKeyRef: @@ -109,9 +109,9 @@ spec: name: mastodon-secrets key: postgres.password - name: REDIS_HOST - value: "{{ .redisHostname }}" + value: "{{ .redis.host }}" - name: REDIS_PORT - value: "{{ .redisPort }}" + value: "{{ .redis.port }}" - name: REDIS_PASSWORD valueFrom: secretKeyRef: @@ -131,9 +131,9 @@ spec: - name: SMTP_FROM_ADDRESS value: "{{ .smtp.from }}" - name: SMTP_AUTH_METHOD - value: "{{ .smtp.authMethod }}" + value: "plain" - name: SMTP_ENABLE_STARTTLS - value: "{{ .smtp.enableStarttls }}" + value: "auto" - name: SMTP_TLS value: "{{ .smtp.tls }}" volumeMounts: diff --git a/mastodon/deployment-streaming.yaml b/mastodon/deployment-streaming.yaml index 4b3dd52..dd5c9c9 100644 --- a/mastodon/deployment-streaming.yaml +++ b/mastodon/deployment-streaming.yaml @@ -22,7 +22,7 @@ spec: type: RuntimeDefault containers: - name: streaming - image: {{ .streamingImage }} + image: ghcr.io/mastodon/mastodon-streaming:v4.5.3 securityContext: allowPrivilegeEscalation: false capabilities: @@ -30,32 +30,32 @@ spec: readOnlyRootFilesystem: false ports: - name: streaming - containerPort: {{ .streamingPort }} + containerPort: 4000 protocol: TCP env: - name: NODE_ENV value: production - name: PORT - value: "{{ .streamingPort }}" + value: "4000" - name: STREAMING_CLUSTER_NUM value: "1" - name: DB_HOST - value: "{{ .dbHostname }}" + value: "{{ .db.host }}" - name: DB_PORT - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: DB_NAME - value: "{{ .dbName }}" + value: "{{ .db.name }}" - name: DB_USER - value: "{{ .dbUsername }}" + value: "{{ .db.user }}" - name: DB_PASS valueFrom: secretKeyRef: name: mastodon-secrets key: dbPassword - name: REDIS_HOST - value: "{{ .redisHostname }}" + value: "{{ .redis.host }}" - name: REDIS_PORT - value: "{{ .redisPort }}" + value: "{{ .redis.port }}" - name: REDIS_PASSWORD valueFrom: secretKeyRef: diff --git a/mastodon/deployment-web.yaml b/mastodon/deployment-web.yaml index 0d88a7d..ef97e6d 100644 --- a/mastodon/deployment-web.yaml +++ b/mastodon/deployment-web.yaml @@ -22,7 +22,7 @@ spec: type: RuntimeDefault containers: - name: web - image: {{ .image }} + image: ghcr.io/mastodon/mastodon:v4.5.3 securityContext: allowPrivilegeEscalation: false capabilities: @@ -36,7 +36,7 @@ spec: - config/puma.rb ports: - name: http - containerPort: {{ .webPort }} + containerPort: 3000 protocol: TCP env: - name: LOCAL_DOMAIN @@ -85,13 +85,13 @@ spec: name: mastodon-secrets key: activeRecordKeyDerivationSalt - name: DB_HOST - value: "{{ .dbHostname }}" + value: "{{ .db.host }}" - name: DB_PORT - value: "{{ .dbPort }}" + value: "{{ .db.port }}" - name: DB_NAME - value: "{{ .dbName }}" + value: "{{ .db.name }}" - name: DB_USER - value: "{{ .dbUsername }}" + value: "{{ .db.user }}" - name: DB_PASS valueFrom: secretKeyRef: @@ -103,9 +103,9 @@ spec: name: mastodon-secrets key: postgres.password - name: REDIS_HOST - value: "{{ .redisHostname }}" + value: "{{ .redis.host }}" - name: REDIS_PORT - value: "{{ .redisPort }}" + value: "{{ .redis.port }}" - name: REDIS_PASSWORD valueFrom: secretKeyRef: @@ -125,9 +125,9 @@ spec: - name: SMTP_FROM_ADDRESS value: "{{ .smtp.from }}" - name: SMTP_AUTH_METHOD - value: "{{ .smtp.authMethod }}" + value: "plain" - name: SMTP_ENABLE_STARTTLS - value: "{{ .smtp.enableStarttls }}" + value: "auto" - name: SMTP_TLS value: "{{ .smtp.tls }}" - name: STREAMING_API_BASE_URL diff --git a/mastodon/ingress.yaml b/mastodon/ingress.yaml index 6682b1c..e1b4d11 100644 --- a/mastodon/ingress.yaml +++ b/mastodon/ingress.yaml @@ -23,11 +23,11 @@ spec: service: name: mastodon-streaming port: - number: {{ .streamingPort }} + number: 4000 - path: / pathType: Prefix backend: service: name: mastodon-web port: - number: {{ .webPort }} + number: 3000 diff --git a/mastodon/manifest.yaml b/mastodon/manifest.yaml index f408265..ddbade7 100644 --- a/mastodon/manifest.yaml +++ b/mastodon/manifest.yaml @@ -1,7 +1,7 @@ name: mastodon is: mastodon description: Mastodon is a free, open-source social network server based on ActivityPub. -version: 4.5.3 +version: 4.5.3-2 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/mastodon.svg requires: - name: postgres @@ -9,43 +9,30 @@ requires: - name: smtp defaultConfig: namespace: mastodon - externalDnsDomain: "{{ .cloud.domain }}" - timezone: UTC - image: ghcr.io/mastodon/mastodon:v4.5.3 - streamingImage: ghcr.io/mastodon/mastodon-streaming:v4.5.3 + externalDnsDomain: '{{ .cloud.domain }}' domain: mastodon.{{ .cloud.domain }} locale: en singleUserMode: false - # Database configuration - dbHostname: "{{ .apps.postgres.host }}" - dbPort: "{{ .apps.postgres.port }}" - dbName: mastodon_production - dbUsername: mastodon - # Redis configuration - redisHostname: "{{ .apps.redis.host }}" - redisPort: "{{ .apps.redis.port }}" - # Ports - webPort: 3000 - streamingPort: 4000 - # Storage assetsStorage: 10Gi systemStorage: 100Gi - # SMTP configuration - smtp: - enabled: "{{ .apps.smtp.host | ternary true false }}" - server: "{{ .apps.smtp.host }}" - port: "{{ .apps.smtp.port }}" - from: notifications@{{ .cloud.domain }} - user: "{{ .apps.smtp.user }}" - authMethod: plain - enableStarttls: auto - tls: "{{ .apps.smtp.tls }}" - # TLS tlsSecretName: wildcard-wild-cloud-tls - # Sidekiq configuration sidekiq: replicas: 1 - concurrency: 25 + db: + host: '{{ .apps.postgres.host }}' + port: '{{ .apps.postgres.port }}' + name: mastodon_production + user: mastodon + redis: + host: '{{ .apps.redis.host }}' + port: '{{ .apps.redis.port }}' + smtp: + enabled: '{{ .apps.smtp.host | ternary true false }}' + server: '{{ .apps.smtp.host }}' + port: '{{ .apps.smtp.port }}' + from: notifications@{{ .cloud.domain }} + user: '{{ .apps.smtp.user }}' + tls: '{{ .apps.smtp.tls }}' defaultSecrets: - key: secretKeyBase default: "{{ random.AlphaNum 128 }}" diff --git a/mastodon/service-streaming.yaml b/mastodon/service-streaming.yaml index fb92eca..d51d9d2 100644 --- a/mastodon/service-streaming.yaml +++ b/mastodon/service-streaming.yaml @@ -6,7 +6,7 @@ metadata: spec: type: ClusterIP ports: - - port: {{ .streamingPort }} + - port: 4000 targetPort: streaming protocol: TCP name: streaming diff --git a/mastodon/service-web.yaml b/mastodon/service-web.yaml index accc352..61f0ea7 100644 --- a/mastodon/service-web.yaml +++ b/mastodon/service-web.yaml @@ -6,7 +6,7 @@ metadata: spec: type: ClusterIP ports: - - port: {{ .webPort }} + - port: 3000 targetPort: http protocol: TCP name: http diff --git a/mastodon/vapid-init-job.yaml b/mastodon/vapid-init-job.yaml index b13841b..fe1665a 100644 --- a/mastodon/vapid-init-job.yaml +++ b/mastodon/vapid-init-job.yaml @@ -20,7 +20,7 @@ spec: type: RuntimeDefault containers: - name: vapid-init - image: {{ .image }} + image: ghcr.io/mastodon/mastodon:v4.5.3 securityContext: allowPrivilegeEscalation: false capabilities: diff --git a/matrix/configmap.yaml b/matrix/configmap.yaml index 8a211cf..1338105 100644 --- a/matrix/configmap.yaml +++ b/matrix/configmap.yaml @@ -8,7 +8,7 @@ data: public_baseurl: https://{{ .domain }} listeners: - - port: {{ .port }} + - port: 8008 tls: false type: http x_forwarded: true @@ -20,17 +20,17 @@ data: database: name: psycopg2 args: - user: {{ .dbUsername }} + user: {{ .db.user }} password: ${DB_PASSWORD} - database: {{ .dbName }} - host: {{ .dbHostname }} + database: {{ .db.name }} + host: {{ .db.host }} port: 5432 cp_min: 5 cp_max: 10 redis: enabled: true - host: {{ .redisHostname }} + host: {{ .redis.host }} port: 6379 password: ${REDIS_PASSWORD} diff --git a/matrix/db-init-job.yaml b/matrix/db-init-job.yaml index 13ca4cc..c3090d3 100644 --- a/matrix/db-init-job.yaml +++ b/matrix/db-init-job.yaml @@ -33,11 +33,11 @@ spec: name: matrix-secrets key: postgres.password - name: DB_HOSTNAME - value: "{{ .dbHostname }}" + value: "{{ .db.host }}" - name: DB_DATABASE_NAME - value: "{{ .dbName }}" + value: "{{ .db.name }}" - name: DB_USERNAME - value: "{{ .dbUsername }}" + value: "{{ .db.user }}" - name: DB_PASSWORD valueFrom: secretKeyRef: diff --git a/matrix/deployment.yaml b/matrix/deployment.yaml index 7b92d63..078c20b 100644 --- a/matrix/deployment.yaml +++ b/matrix/deployment.yaml @@ -18,7 +18,7 @@ spec: spec: initContainers: - name: generate-signing-key - image: "{{ .image }}" + image: "matrixdotorg/synapse:v1.144.0" command: ["/bin/sh", "-c"] args: - | @@ -80,7 +80,7 @@ spec: readOnlyRootFilesystem: false containers: - name: synapse - image: "{{ .image }}" + image: "matrixdotorg/synapse:v1.144.0" command: ["/bin/sh", "-c"] args: - | @@ -127,17 +127,17 @@ spec: # Start Synapse with the processed config exec /start.py ports: - - containerPort: {{ .port }} + - containerPort: 8008 protocol: TCP name: http - - containerPort: {{ .federationPort }} + - containerPort: 8448 protocol: TCP name: federation env: - name: SYNAPSE_CONFIG_PATH value: /data/homeserver.yaml - name: TZ - value: "{{ .timezone }}" + value: "UTC" - name: DB_PASSWORD valueFrom: secretKeyRef: @@ -179,14 +179,14 @@ spec: livenessProbe: httpGet: path: /health - port: {{ .port }} + port: 8008 initialDelaySeconds: 60 periodSeconds: 30 timeoutSeconds: 5 readinessProbe: httpGet: path: /health - port: {{ .port }} + port: 8008 initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 diff --git a/matrix/ingress.yaml b/matrix/ingress.yaml index 6b2534d..5518b74 100644 --- a/matrix/ingress.yaml +++ b/matrix/ingress.yaml @@ -23,7 +23,7 @@ spec: service: name: matrix-synapse port: - number: {{ .port }} + number: 8008 --- apiVersion: networking.k8s.io/v1 kind: Ingress @@ -49,4 +49,4 @@ spec: service: name: matrix-synapse port: - number: {{ .federationPort }} + number: 8448 diff --git a/matrix/manifest.yaml b/matrix/manifest.yaml index 7e30603..2cb5be1 100644 --- a/matrix/manifest.yaml +++ b/matrix/manifest.yaml @@ -1,7 +1,7 @@ name: matrix is: matrix description: Matrix is an open standard for secure, decentralized, real-time communication. This deploys the Synapse homeserver for self-hosted Matrix federation and messaging. -version: v1.144.0 +version: v1.144.0-2 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/matrix.svg requires: - name: postgres @@ -10,20 +10,18 @@ requires: defaultConfig: namespace: matrix externalDnsDomain: '{{ .cloud.domain }}' - image: matrixdotorg/synapse:v1.144.0 - timezone: UTC - port: 8008 - federationPort: 8448 storage: 50Gi mediaStorage: 100Gi serverName: '{{ .cloud.domain }}' - dbHostname: postgres.postgres.svc.cluster.local - dbUsername: matrix - dbName: matrix - redisHostname: redis.redis.svc.cluster.local domain: matrix.{{ .cloud.domain }} tlsSecretName: wildcard-wild-cloud-tls enableRegistration: false + db: + host: '{{ .apps.postgres.host }}' + name: matrix + user: matrix + redis: + host: '{{ .apps.redis.host }}' smtp: host: '{{ .apps.smtp.host }}' port: '{{ .apps.smtp.port }}' diff --git a/matrix/service.yaml b/matrix/service.yaml index 9f07d8d..4ce7e53 100644 --- a/matrix/service.yaml +++ b/matrix/service.yaml @@ -7,12 +7,12 @@ spec: type: ClusterIP ports: - name: http - port: {{ .port }} - targetPort: {{ .port }} + port: 8008 + targetPort: 8008 protocol: TCP - name: federation - port: {{ .federationPort }} - targetPort: {{ .federationPort }} + port: 8448 + targetPort: 8448 protocol: TCP selector: app: matrix-synapse diff --git a/memcached/deployment.yaml b/memcached/deployment.yaml index 5b153b2..f8c7a13 100644 --- a/memcached/deployment.yaml +++ b/memcached/deployment.yaml @@ -3,7 +3,7 @@ kind: Deployment metadata: name: memcached spec: - replicas: {{ .replicas }} + replicas: 1 selector: matchLabels: component: cache @@ -14,24 +14,24 @@ spec: spec: containers: - name: memcached - image: "{{ .image }}" + image: "memcached:1.6.32-alpine" ports: - - containerPort: {{ .port }} + - containerPort: 11211 name: memcached args: - -m - "{{ .memoryLimit }}" - -c - - "{{ .maxConnections }}" + - "1024" - -p - - "{{ .port }}" + - "11211" resources: requests: - memory: "{{ .resources.requests.memory }}" - cpu: "{{ .resources.requests.cpu }}" + memory: 64Mi + cpu: 100m limits: - memory: "{{ .resources.limits.memory }}" - cpu: "{{ .resources.limits.cpu }}" + memory: 128Mi + cpu: 200m securityContext: runAsNonRoot: true runAsUser: 11211 diff --git a/memcached/manifest.yaml b/memcached/manifest.yaml index 31e6346..bfa03df 100644 --- a/memcached/manifest.yaml +++ b/memcached/manifest.yaml @@ -2,21 +2,11 @@ name: memcached is: memcached description: Memcached is an in-memory key-value store for small chunks of arbitrary data, commonly used as a cache layer. -version: 1.6.32 +version: 1.6.32-1 icon: https://www.vectorlogo.zone/logos/memcached/memcached-icon.svg requires: [] defaultConfig: namespace: memcached - image: memcached:1.6.32-alpine - port: 11211 + host: memcached.memcached.svc.cluster.local memoryLimit: 64m - maxConnections: 1024 - replicas: 1 - resources: - requests: - memory: 64Mi - cpu: 100m - limits: - memory: 128Mi - cpu: 200m defaultSecrets: [] diff --git a/memcached/service.yaml b/memcached/service.yaml index 92f8d75..509a460 100644 --- a/memcached/service.yaml +++ b/memcached/service.yaml @@ -4,8 +4,8 @@ metadata: name: memcached spec: ports: - - port: {{ .port }} - targetPort: {{ .port }} + - port: 11211 + targetPort: 11211 protocol: TCP name: memcached selector: diff --git a/mysql/manifest.yaml b/mysql/manifest.yaml index 66d4253..4b9c5c9 100644 --- a/mysql/manifest.yaml +++ b/mysql/manifest.yaml @@ -1,20 +1,15 @@ name: mysql is: mysql description: MySQL is an open-source relational database management system -version: 9.1.0 +version: 9.1.0-1 icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png requires: [] defaultConfig: namespace: mysql - externalDnsDomain: '{{ .cloud.domain }}' - image: mysql:9.1.0 - port: 3306 + host: mysql.mysql.svc.cluster.local storage: 20Gi dbName: mysql - rootUser: root user: mysql - timezone: UTC - enableSSL: false defaultSecrets: - key: rootPassword - key: password diff --git a/mysql/service-headless.yaml b/mysql/service-headless.yaml index 9882959..e8fce27 100644 --- a/mysql/service-headless.yaml +++ b/mysql/service-headless.yaml @@ -9,7 +9,7 @@ spec: publishNotReadyAddresses: true ports: - name: mysql - port: {{ .port }} + port: 3306 protocol: TCP targetPort: mysql selector: diff --git a/mysql/service.yaml b/mysql/service.yaml index a385378..224da75 100644 --- a/mysql/service.yaml +++ b/mysql/service.yaml @@ -7,7 +7,7 @@ spec: type: ClusterIP ports: - name: mysql - port: {{ .port }} + port: 3306 protocol: TCP targetPort: mysql selector: diff --git a/mysql/statefulset.yaml b/mysql/statefulset.yaml index 3386c72..129f67d 100644 --- a/mysql/statefulset.yaml +++ b/mysql/statefulset.yaml @@ -29,7 +29,7 @@ spec: type: RuntimeDefault containers: - name: mysql - image: {{ .image }} + image: mysql:9.1.0 imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false @@ -53,10 +53,10 @@ spec: - name: MYSQL_DATABASE value: {{ .dbName }} - name: TZ - value: {{ .timezone }} + value: UTC ports: - name: mysql - containerPort: {{ .port }} + containerPort: 3306 protocol: TCP livenessProbe: exec: diff --git a/open-webui/deployment.yaml b/open-webui/deployment.yaml index bc3393a..6334e8b 100644 --- a/open-webui/deployment.yaml +++ b/open-webui/deployment.yaml @@ -19,7 +19,7 @@ spec: type: RuntimeDefault containers: - name: open-webui - image: {{ .image }} + image: ghcr.io/open-webui/open-webui:v0.9.5 imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false @@ -29,12 +29,12 @@ spec: readOnlyRootFilesystem: false ports: - name: http - containerPort: {{ .port }} + containerPort: 8080 env: - name: WEBUI_AUTH - value: "{{ .enableAuth }}" + value: "true" - name: ENABLE_SIGNUP - value: "{{ .enableSignup }}" + value: "false" - name: OPENAI_API_BASE_URL value: "{{ .vllmApiUrl }}" - name: OPENAI_API_KEY diff --git a/open-webui/manifest.yaml b/open-webui/manifest.yaml index 1745b98..bf8fb6f 100644 --- a/open-webui/manifest.yaml +++ b/open-webui/manifest.yaml @@ -3,19 +3,15 @@ is: open-webui description: Open WebUI is a comprehensive, open-source web interface for AI models. Features a user-friendly design, supports various LLM runners, and operates entirely offline. Perfect for creating a ChatGPT-like experience with local or hosted models. -version: 0.9.5 +version: 0.9.5-1 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/open-webui.svg requires: [] defaultConfig: namespace: open-webui externalDnsDomain: '{{ .cloud.domain }}' - image: ghcr.io/open-webui/open-webui:v0.9.5 - port: 8080 storage: 10Gi domain: chat.{{ .cloud.domain }} vllmApiUrl: http://vllm-service.llm.svc.cluster.local:8000/v1 - enableAuth: true - enableSignup: false adminEmail: '{{ .operator.email }}' defaultSecrets: - key: secretKey diff --git a/openproject/configmap_core.yaml b/openproject/configmap_core.yaml index 478217d..4894bc4 100644 --- a/openproject/configmap_core.yaml +++ b/openproject/configmap_core.yaml @@ -5,19 +5,19 @@ kind: "ConfigMap" metadata: name: "openproject-core" data: - DATABASE_HOST: "{{ .dbHostname }}" - DATABASE_PORT: "5432" - DATABASE_NAME: "{{ .dbName }}" - DATABASE_USERNAME: "{{ .dbUsername }}" - DATABASE_URL: "postgresql://{{ .dbUsername }}@{{ .dbHostname }}:5432/{{ .dbName }}" - OPENPROJECT_SEED_ADMIN_USER_PASSWORD_RESET: "{{ .adminPasswordReset }}" + DATABASE_HOST: "{{ .db.host }}" + DATABASE_PORT: "{{ .db.port }}" + DATABASE_NAME: "{{ .db.name }}" + DATABASE_USERNAME: "{{ .db.user }}" + DATABASE_URL: "postgresql://{{ .db.user }}@{{ .db.host }}:{{ .db.port }}/{{ .db.name }}" + OPENPROJECT_SEED_ADMIN_USER_PASSWORD_RESET: "true" OPENPROJECT_SEED_ADMIN_USER_NAME: "{{ .adminUserName }}" OPENPROJECT_SEED_ADMIN_USER_MAIL: "{{ .adminUserEmail }}" - OPENPROJECT_HTTPS: "{{ .https }}" - OPENPROJECT_SEED_LOCALE: "{{ .seedLocale }}" + OPENPROJECT_HTTPS: "true" + OPENPROJECT_SEED_LOCALE: "en" OPENPROJECT_HOST__NAME: "{{ .domain }}" - OPENPROJECT_HSTS: "{{ .hsts }}" - OPENPROJECT_RAILS__CACHE__STORE: "{{ .cacheStore }}" - OPENPROJECT_RAILS__RELATIVE__URL__ROOT: "{{ .railsRelativeUrlRoot }}" - POSTGRES_STATEMENT_TIMEOUT: "{{ .postgresStatementTimeout }}" + OPENPROJECT_HSTS: "true" + OPENPROJECT_RAILS__CACHE__STORE: "memcache" + OPENPROJECT_RAILS__RELATIVE__URL__ROOT: "" + POSTGRES_STATEMENT_TIMEOUT: "120s" ... diff --git a/openproject/configmap_memcached.yaml b/openproject/configmap_memcached.yaml index 12f5d8c..5ee59ef 100644 --- a/openproject/configmap_memcached.yaml +++ b/openproject/configmap_memcached.yaml @@ -5,5 +5,5 @@ kind: "ConfigMap" metadata: name: "openproject-memcached" data: - OPENPROJECT_CACHE__MEMCACHE__SERVER: "{{ .memcachedHostname }}:{{ .memcachedPort }}" + OPENPROJECT_CACHE__MEMCACHE__SERVER: "{{ .memcached.host }}:{{ .memcached.port }}" ... diff --git a/openproject/db-init-job.yaml b/openproject/db-init-job.yaml index 00eb86f..78ca802 100644 --- a/openproject/db-init-job.yaml +++ b/openproject/db-init-job.yaml @@ -38,11 +38,11 @@ spec: name: postgres-secrets key: password - name: DB_HOSTNAME - value: "{{ .dbHostname }}" + value: "{{ .db.host }}" - name: DB_DATABASE_NAME - value: "{{ .dbName }}" + value: "{{ .db.name }}" - name: DB_USERNAME - value: "{{ .dbUsername }}" + value: "{{ .db.user }}" - name: DB_PASSWORD valueFrom: secretKeyRef: diff --git a/openproject/manifest.yaml b/openproject/manifest.yaml index 45fea2a..29f9b0e 100644 --- a/openproject/manifest.yaml +++ b/openproject/manifest.yaml @@ -2,7 +2,7 @@ name: openproject is: openproject description: OpenProject is an open-source project management software that provides comprehensive features for project planning, tracking, and collaboration. -version: 16.1.1 +version: 16.1.1-1 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/openproject.svg requires: - name: postgres @@ -10,27 +10,19 @@ requires: defaultConfig: namespace: openproject externalDnsDomain: '{{ .cloud.domain }}' - serverImage: openproject/openproject:16.1.1-slim - timezone: UTC - serverPort: 8080 storage: 5Gi - dbHostname: postgres.postgres.svc.cluster.local - dbUsername: openproject - dbName: openproject - memcachedHostname: memcached.memcached.svc.cluster.local - memcachedPort: 11211 - domain: openproject.{{ .cloud.domain }} - https: true - hsts: true - seedLocale: en adminUserName: OpenProject Admin adminUserEmail: '{{ .operator.email }}' - adminPasswordReset: true - postgresStatementTimeout: 120s - tmpVolumesStorage: 2Gi + domain: openproject.{{ .cloud.domain }} tlsSecretName: wildcard-wild-cloud-tls - cacheStore: memcache - railsRelativeUrlRoot: '' + db: + host: '{{ .apps.postgres.host }}' + port: '{{ .apps.postgres.port }}' + name: openproject + user: openproject + memcached: + host: '{{ .apps.memcached.host }}' + port: '{{ .apps.memcached.port }}' defaultSecrets: - key: dbPassword - key: adminPassword diff --git a/openproject/seeder-job.yaml b/openproject/seeder-job.yaml index 28a865e..7cc31fe 100644 --- a/openproject/seeder-job.yaml +++ b/openproject/seeder-job.yaml @@ -27,7 +27,7 @@ spec: accessModes: ["ReadWriteOnce"] resources: requests: - storage: {{ .tmpVolumesStorage }} + storage: 2Gi - name: app-tmp # we can't use emptyDir due to the sticky bit / world writable issue # see: https://github.com/kubernetes/kubernetes/issues/110835 @@ -39,7 +39,7 @@ spec: accessModes: ["ReadWriteOnce"] resources: requests: - storage: {{ .tmpVolumesStorage }} + storage: 2Gi - name: "data" persistentVolumeClaim: claimName: openproject @@ -91,7 +91,7 @@ spec: type: RuntimeDefault containers: - name: seeder - image: "{{ .serverImage }}" + image: "openproject/openproject:16.1.1-slim" imagePullPolicy: Always args: - bash diff --git a/openproject/web-deployment.yaml b/openproject/web-deployment.yaml index 9e86717..512b2d6 100644 --- a/openproject/web-deployment.yaml +++ b/openproject/web-deployment.yaml @@ -43,7 +43,7 @@ spec: accessModes: ["ReadWriteOnce"] resources: requests: - storage: {{ .tmpVolumesStorage }} + storage: 2Gi - name: app-tmp # we can't use emptyDir due to the sticky bit / world writable issue # see: https://github.com/kubernetes/kubernetes/issues/110835 @@ -55,7 +55,7 @@ spec: accessModes: ["ReadWriteOnce"] resources: requests: - storage: {{ .tmpVolumesStorage }} + storage: 2Gi - name: "data" persistentVolumeClaim: claimName: openproject @@ -118,7 +118,7 @@ spec: runAsUser: 1000 seccompProfile: type: RuntimeDefault - image: {{ .serverImage }} + image: openproject/openproject:16.1.1-slim imagePullPolicy: Always envFrom: - configMapRef: diff --git a/openproject/worker-deployment.yaml b/openproject/worker-deployment.yaml index 66df52b..7dab42f 100644 --- a/openproject/worker-deployment.yaml +++ b/openproject/worker-deployment.yaml @@ -43,7 +43,7 @@ spec: accessModes: ["ReadWriteOnce"] resources: requests: - storage: {{ .tmpVolumesStorage }} + storage: 2Gi - name: app-tmp # we can't use emptyDir due to the sticky bit / world writable issue # see: https://github.com/kubernetes/kubernetes/issues/110835 @@ -55,7 +55,7 @@ spec: accessModes: ["ReadWriteOnce"] resources: requests: - storage: {{ .tmpVolumesStorage }} + storage: 2Gi - name: "data" persistentVolumeClaim: claimName: openproject @@ -118,7 +118,7 @@ spec: runAsUser: 1000 seccompProfile: type: RuntimeDefault - image: {{ .serverImage }} + image: openproject/openproject:16.1.1-slim imagePullPolicy: Always envFrom: - configMapRef: diff --git a/postgres/deployment.yaml b/postgres/deployment.yaml index 04bc453..14408a2 100644 --- a/postgres/deployment.yaml +++ b/postgres/deployment.yaml @@ -17,7 +17,7 @@ spec: spec: containers: - name: postgres - image: "{{ .image }}" + image: "pgvector/pgvector:pg15" args: [ "-c", @@ -37,7 +37,7 @@ spec: - name: PGDATA value: /var/lib/postgresql/data/pgdata - name: TZ - value: "{{ .timezone }}" + value: "UTC" - name: POSTGRES_DB value: "{{ .database }}" - name: POSTGRES_USER diff --git a/postgres/manifest.yaml b/postgres/manifest.yaml index f042228..d70516c 100644 --- a/postgres/manifest.yaml +++ b/postgres/manifest.yaml @@ -1,7 +1,7 @@ name: postgres is: postgres description: PostgreSQL is a powerful, open source object-relational database system. -version: 1.0.0 +version: 1.0.0-1 icon: https://www.postgresql.org/media/img/about/press/elephant.png defaultConfig: namespace: postgres @@ -10,7 +10,5 @@ defaultConfig: database: postgres user: postgres storage: 10Gi - image: pgvector/pgvector:pg15 - timezone: UTC defaultSecrets: - key: password diff --git a/postgres/service.yaml b/postgres/service.yaml index 61d5219..4628dde 100644 --- a/postgres/service.yaml +++ b/postgres/service.yaml @@ -5,6 +5,6 @@ metadata: name: postgres spec: ports: - - port: {{ .port }} + - port: 5432 selector: app: postgres diff --git a/redis/deployment.yaml b/redis/deployment.yaml index e8e6ebe..107494b 100644 --- a/redis/deployment.yaml +++ b/redis/deployment.yaml @@ -14,13 +14,11 @@ spec: app: redis spec: containers: - - image: "{{ .image }}" + - image: "redis:alpine" name: redis ports: - - containerPort: {{ .port }} + - containerPort: 6379 env: - - name: TZ - value: "{{ .timezone }}" - name: REDIS_PASSWORD valueFrom: secretKeyRef: diff --git a/redis/manifest.yaml b/redis/manifest.yaml index a9b57cd..cfd3c85 100644 --- a/redis/manifest.yaml +++ b/redis/manifest.yaml @@ -1,12 +1,10 @@ name: redis is: redis description: Redis is an open source, in-memory data structure store, used as a database, cache and message broker. -version: 1.0.0 +version: 1.0.0-1 icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/redis.svg defaultConfig: namespace: redis - image: redis:alpine - timezone: UTC host: redis.redis.svc.cluster.local port: 6379 uri: redis://{{ .app.host }}:{{ .app.port }}/0 diff --git a/redis/service.yaml b/redis/service.yaml index 9740f0e..fb2235e 100644 --- a/redis/service.yaml +++ b/redis/service.yaml @@ -7,7 +7,7 @@ metadata: app: redis spec: ports: - - port: {{ .port }} - targetPort: {{ .port }} + - port: 6379 + targetPort: 6379 selector: app: redis diff --git a/vllm/deployment.yaml b/vllm/deployment.yaml index d553cf0..940c6c9 100644 --- a/vllm/deployment.yaml +++ b/vllm/deployment.yaml @@ -22,7 +22,7 @@ spec: nvidia.com/gpu.product: "{{ .gpuProduct }}" containers: - name: vllm - image: "{{ .image }}" + image: vllm/vllm-openai:v0.5.4 imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false @@ -33,11 +33,9 @@ spec: args: - --model={{ .model }} - --max-model-len={{ .maxModelLen }} - - --tensor-parallel-size={{ .tensorParallelSize }} + - --tensor-parallel-size=1 - --gpu-memory-utilization={{ .gpuMemoryUtilization }} - {{- if .apps.vllm.enforceEager }} - --enforce-eager=True - {{- end }} env: - name: VLLM_TORCH_DTYPE value: "auto" diff --git a/vllm/manifest.yaml b/vllm/manifest.yaml index 38827f9..7acbf7d 100644 --- a/vllm/manifest.yaml +++ b/vllm/manifest.yaml @@ -2,16 +2,14 @@ name: vllm is: vllm description: vLLM is a fast and easy-to-use library for LLM inference and serving with OpenAI-compatible API -version: 0.5.4 +version: 0.5.4-1 icon: https://unpkg.com/@lobehub/icons-static-png@latest/dark/vllm.png requires: [] defaultConfig: - image: vllm/vllm-openai:v0.5.4 + namespace: llm model: Qwen/Qwen2.5-7B-Instruct maxModelLen: 8192 - tensorParallelSize: 1 gpuMemoryUtilization: 0.9 - enforceEager: true gpuProduct: RTX 4090 cpuRequest: '4' cpuLimit: '8' @@ -19,5 +17,4 @@ defaultConfig: memoryLimit: 24Gi gpuCount: 1 domain: vllm.{{ .cloud.domain }} - namespace: llm defaultSecrets: []