add mollysocket

2026-02-08 01:36:28 +01:00 · 2025-11-20 23:02:59 +01:00
parent 63e28f5b64
commit a2ee42495e
9 changed files with 151 additions and 0 deletions
--- a/charts/apps/mollysocket/Chart.yaml
+++ b/charts/apps/mollysocket/Chart.yaml
@@ -0,0 +1,3 @@
+apiVersion: v2
+version: 1.0.0
+name: mollysocket
--- a/charts/apps/mollysocket/templates/_external-http-service.yaml
+++ b/charts/apps/mollysocket/templates/_external-http-service.yaml
@@ -0,0 +1,11 @@
+apiVersion: homelab.mortenolsen.pro/v1
+kind: ExternalHttpService
+metadata:
+  name: '{{ .Release.Name }}'
+spec:
+  environment: '{{ .Values.globals.environment }}'
+  subdomain: '{{ .Values.subdomain }}'
+  destination:
+    host: '{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local'
+    port:
+      number: 80
--- a/charts/apps/mollysocket/templates/deployment.yaml
+++ b/charts/apps/mollysocket/templates/deployment.yaml
@@ -0,0 +1,88 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: "{{ .Release.Name }}"
+spec:
+  strategy:
+    type: Recreate
+  replicas: 1
+  selector:
+    matchLabels:
+      app: "{{ .Release.Name }}"
+  template:
+    metadata:
+      labels:
+        app: "{{ .Release.Name }}"
+    spec:
+      initContainers:
+        - name: mollysocket-vapid-gentor
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" # Use the mollysocket image itself
+          imagePullPolicy: "{{ .Values.image.pullPolicy }}"
+          command: ["sh", "-c"]
+          args:
+            - |
+              # Define paths within the volume
+              VAPID_DIR="/data/vapid"
+              PRIVATE_KEY_PATH="${VAPID_DIR}/private_key.txt"
+
+              echo "Checking for existing VAPID keys in ${VAPID_DIR}..."
+
+              # Create the VAPID directory if it doesn't exist
+              mkdir -p "${VAPID_DIR}"
+
+              # Check if the private key file already exists
+              if [ -f "${PRIVATE_KEY_PATH}" ]; then
+                echo "VAPID private key already exists. Skipping generation."
+              else
+                echo "VAPID private key not found. Generating new keys..."
+                # Run the mollysocket command to generate keys
+                # The output format is:
+                # VAPD private key: <private_key_string>
+
+                mollysocket vapid gen > "${PRIVATE_KEY_PATH}"
+              fi
+          volumeMounts:
+            - mountPath: /data # Mount the PVC here, same as the main container
+              name: data
+      containers:
+        - name: "{{ .Release.Name }}"
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: "{{ .Values.image.pullPolicy }}"
+          args: ["serve"]
+          resources:
+            limits:
+              memory: "128Mi"
+              cpu: "500m"
+          ports:
+            - name: http
+              containerPort: 8020
+              protocol: TCP
+          livenessProbe:
+            tcpSocket:
+              port: http
+          readinessProbe:
+            tcpSocket:
+              port: http
+          env:
+            - name: TZ
+              value: "{{ .Values.globals.timezone }}"
+            - name: MOLLY_DB
+              value: /data/db.sqlite
+            - name: MOLLY_HOST
+              value: 0.0.0.0
+            - name: MOLLY_PORT
+              value: '8020'
+            - name: MOLLY_VAPID_KEY_FILE
+              value: /data/vapid/private_key.txt
+            - name: MOLLY_ALLOWED_ENDPOINTS
+              value: '["*","https://ntfy.{{ .Values.globals.domain }}/"]'
+            - name: RUST_LOG
+              value: info
+          volumeMounts:
+            - mountPath: /data
+              name: data
+
+      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: "{{ .Release.Name }}-data"
--- a/charts/apps/mollysocket/templates/http-service.yaml
+++ b/charts/apps/mollysocket/templates/http-service.yaml
@@ -0,0 +1,11 @@
+apiVersion: homelab.mortenolsen.pro/v1
+kind: HttpService
+metadata:
+  name: "{{ .Release.Name }}"
+spec:
+  environment: "{{ .Values.globals.environment }}"
+  subdomain: "{{ .Values.subdomain }}"
+  destination:
+    host: "{{ .Release.Name }}"
+    port:
+      number: 80
--- a/charts/apps/mollysocket/templates/pvc.yaml
+++ b/charts/apps/mollysocket/templates/pvc.yaml
@@ -0,0 +1,11 @@
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: "{{ .Release.Name }}-data"
+spec:
+  accessModes:
+    - "ReadWriteOnce"
+  resources:
+    requests:
+      storage: "1Gi"
+  storageClassName: "{{ .Values.globals.environment }}"
--- a/charts/apps/mollysocket/templates/service.yaml
+++ b/charts/apps/mollysocket/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: "{{ .Release.Name }}"
+  labels:
+    app: "{{ .Release.Name }}"
+spec:
+  type: ClusterIP
+  ports:
+    - port: 80
+      targetPort: 8020
+      protocol: TCP
+      name: http
+  selector:
+    app: "{{ .Release.Name }}"
--- a/charts/apps/mollysocket/values.yaml
+++ b/charts/apps/mollysocket/values.yaml
@@ -0,0 +1,5 @@
+image:
+  repository: ghcr.io/mollyim/mollysocket
+  tag: latest
+  pullPolicy: IfNotPresent
+subdomain: mollysocket
--- a/charts/apps/ntfy/templates/deployment.yaml
+++ b/charts/apps/ntfy/templates/deployment.yaml
@@ -50,6 +50,8 @@ spec:
              value: /var/lib/ntfy/attachments
            - name: NTFY_ENABLE_LOGIN
              value: 'true'
+            - name: NTFY_REQUIRE_LOGIN
+              value: 'true'
          volumeMounts:
            - mountPath: /var/lib/ntfy
              name: data
--- a/helmfile.yaml
+++ b/helmfile.yaml
@@ -176,3 +176,8 @@ releases:
    namespace: prod
    values:
      - values.yaml
+  - name: mollysocket
+    chart: charts/apps/mollysocket
+    namespace: prod
+    values:
+      - values.yaml