From bec0a6face4c5d70ecf792ea04151e4004334cb8 Mon Sep 17 00:00:00 2001 From: Morten Olsen Date: Fri, 2 Jan 2026 13:22:34 +0100 Subject: [PATCH] migate mealie --- apps/charts/mealie/Chart.yaml | 4 + apps/charts/mealie/templates/client.yaml | 11 +-- apps/charts/mealie/templates/deployment.yaml | 74 +------------------ apps/charts/mealie/templates/pvc.yaml | 12 +-- apps/charts/mealie/templates/service.yaml | 16 +--- .../mealie/templates/virtual-service.yaml | 40 +--------- apps/charts/mealie/values.yaml | 73 ++++++++++++++++++ 7 files changed, 82 insertions(+), 148 deletions(-) diff --git a/apps/charts/mealie/Chart.yaml b/apps/charts/mealie/Chart.yaml index 054a083..da81175 100644 --- a/apps/charts/mealie/Chart.yaml +++ b/apps/charts/mealie/Chart.yaml @@ -1,3 +1,7 @@ apiVersion: v2 version: 1.0.0 name: mealie +dependencies: + - name: common + version: 1.0.0 + repository: file://../../common diff --git a/apps/charts/mealie/templates/client.yaml b/apps/charts/mealie/templates/client.yaml index d693063..c13745f 100644 --- a/apps/charts/mealie/templates/client.yaml +++ b/apps/charts/mealie/templates/client.yaml @@ -1,10 +1 @@ -apiVersion: homelab.mortenolsen.pro/v1 -kind: OidcClient -metadata: - name: "{{ .Release.Name }}" -spec: - environment: "{{ .Values.globals.environment }}" - redirectUris: - - path: /login - subdomain: "{{ .Values.subdomain }}" - matchingMode: strict +{{ include "common.oidc" . }} diff --git a/apps/charts/mealie/templates/deployment.yaml b/apps/charts/mealie/templates/deployment.yaml index 79637e2..4508e33 100644 --- a/apps/charts/mealie/templates/deployment.yaml +++ b/apps/charts/mealie/templates/deployment.yaml @@ -1,73 +1 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: "{{ .Release.Name }}" - labels: - app: "{{ .Release.Name }}" -spec: - replicas: 1 - revisionHistoryLimit: 0 - selector: - matchLabels: - app: "{{ .Release.Name }}" - template: - metadata: - labels: - app: "{{ .Release.Name }}" - spec: - containers: - - name: "{{ .Release.Name }}" - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - ports: - - containerPort: 9000 - name: http - env: - - name: TZ - value: "{{ .Values.globals.timezone }}" - - name: BASE_URL - value: https://{{ .Values.subdomain }}.{{ .Values.globals.domain }} - - name: ALLOW_SIGNUP - value: "false" - - name: PUID - value: "1000" - - name: PGID - value: "1000" - - name: OIDC_AUTH_ENABLED - value: "true" - - name: OIDC_SIGNUP_ENABLED - value: "true" - - name: OIDC_USER_GROUP - value: "mealie-users" - - name: OIDC_ADMIN_GROUP - value: "admin" - - name: OIDC_AUTO_REDIRECT - value: "true" - - name: OIDC_PROVIDER_NAME - value: Authentik - - name: OIDC_REMEMBER_ME - value: "true" - - name: OIDC_SIGNING_ALGORITHM - value: RS256 - - name: OIDC_CLIENT_ID - valueFrom: - secretKeyRef: - name: "{{ .Release.Name }}-client" - key: clientId - - name: OIDC_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: "{{ .Release.Name }}-client" - key: clientSecret - - name: OIDC_CONFIGURATION_URL - valueFrom: - secretKeyRef: - name: "{{ .Release.Name }}-client" - key: configuration - - volumeMounts: - - mountPath: /app/data - name: data - volumes: - - name: data - persistentVolumeClaim: - claimName: "{{ .Release.Name }}-data" +{{ include "common.deployment" . }} diff --git a/apps/charts/mealie/templates/pvc.yaml b/apps/charts/mealie/templates/pvc.yaml index bc1d0a6..379bad9 100644 --- a/apps/charts/mealie/templates/pvc.yaml +++ b/apps/charts/mealie/templates/pvc.yaml @@ -1,11 +1 @@ -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: '{{ .Release.Name }}-data' -spec: - accessModes: - - 'ReadWriteOnce' - resources: - requests: - storage: '1Gi' - storageClassName: '{{ .Values.globals.environment }}' +{{ include "common.pvc" . }} diff --git a/apps/charts/mealie/templates/service.yaml b/apps/charts/mealie/templates/service.yaml index 8ad8f42..f024c64 100644 --- a/apps/charts/mealie/templates/service.yaml +++ b/apps/charts/mealie/templates/service.yaml @@ -1,15 +1 @@ -apiVersion: v1 -kind: Service -metadata: - name: "{{ .Release.Name }}" - labels: - app: "{{ .Release.Name }}" -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 9000 - protocol: TCP - name: http - selector: - app: "{{ .Release.Name }}" +{{ include "common.service" . }} diff --git a/apps/charts/mealie/templates/virtual-service.yaml b/apps/charts/mealie/templates/virtual-service.yaml index 36e9d43..766f6b9 100644 --- a/apps/charts/mealie/templates/virtual-service.yaml +++ b/apps/charts/mealie/templates/virtual-service.yaml @@ -1,39 +1 @@ -apiVersion: networking.istio.io/v1 -kind: VirtualService -metadata: - name: "{{ .Release.Name }}-public" - namespace: "{{ .Release.Namespace }}" -spec: - gateways: - - "{{ .Values.globals.istio.gateways.public }}" - - mesh - hosts: - - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" - - mesh - http: - - route: - - destination: - host: "{{ .Release.Name }}" - port: - number: 80 - ---- -apiVersion: networking.istio.io/v1 -kind: VirtualService -metadata: - name: "{{ .Release.Name }}-private" - namespace: "{{ .Release.Namespace }}" -spec: - gateways: - - "{{ .Values.globals.istio.gateways.private }}" - - mesh - hosts: - - "{{ .Values.subdomain }}.{{ .Values.globals.domain }}" - - mesh - http: - - route: - - destination: - host: "{{ .Release.Name }}" - port: - number: 80 - +{{ include "common.virtualService" . }} diff --git a/apps/charts/mealie/values.yaml b/apps/charts/mealie/values.yaml index 023c9bd..cb543ef 100644 --- a/apps/charts/mealie/values.yaml +++ b/apps/charts/mealie/values.yaml @@ -1,4 +1,77 @@ subdomain: mealie + image: repository: ghcr.io/mealie-recipes/mealie tag: latest@sha256:8c5c7765ca5f7f3070f08482aca8102c2b43193777fe958e06d86b153ec18f5f + pullPolicy: IfNotPresent + +# Deployment configuration +deployment: + strategy: Recreate + replicas: 1 + +# Container configuration +container: + port: 9000 + healthProbe: + type: tcpSocket + port: http # Use named port + +# Service configuration +service: + port: 80 + type: ClusterIP + +# Volume configuration +volumes: + - name: data + mountPath: /app/data + persistentVolumeClaim: data + +# Persistent volume claims +persistentVolumeClaims: + - name: data + size: 1Gi + +# VirtualService configuration +virtualService: + enabled: true + gateways: + public: true + private: true + +# OIDC client configuration +oidc: + enabled: true + redirectUris: + - "/login" + subjectMode: user_username + +# Environment variables +env: + TZ: + value: "{timezone}" + BASE_URL: + value: "https://{subdomain}.{domain}" + ALLOW_SIGNUP: "false" + PUID: "1000" + PGID: "1000" + OIDC_AUTH_ENABLED: "true" + OIDC_SIGNUP_ENABLED: "true" + OIDC_USER_GROUP: "mealie-users" + OIDC_ADMIN_GROUP: "admin" + OIDC_AUTO_REDIRECT: "true" + OIDC_PROVIDER_NAME: Authentik + OIDC_REMEMBER_ME: "true" + OIDC_SIGNING_ALGORITHM: RS256 + OIDC_CLIENT_ID: + valueFrom: + secretKeyRef: + name: "{release}-oidc-credentials" + key: clientId + OIDC_CLIENT_SECRET: + valueFrom: + secretKeyRef: + name: "{release}-oidc-credentials" + key: clientSecret + OIDC_CONFIGURATION_URL: "https://auth.{domain}/application/o/{namespace}-{release}/.well-known/openid-configuration" # TODO: fix!