mirror of
https://github.com/morten-olsen/homelab-operator.git
synced 2026-02-08 01:36:28 +01:00
Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
7319cf932b | ||
|
|
933b65b3dd | ||
|
|
8353dc8d0a | ||
|
|
abdd4b81c4 | ||
|
|
4691ab1139 |
15
.github/workflows/renovate.yml
vendored
Normal file
15
.github/workflows/renovate.yml
vendored
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
name: Renovate
|
||||||
|
on:
|
||||||
|
workflow_dispatch:
|
||||||
|
schedule:
|
||||||
|
- cron: '0 */6 * * *'
|
||||||
|
jobs:
|
||||||
|
renovate:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
- name: Self-hosted Renovate
|
||||||
|
uses: renovatebot/github-action@v40.2.2
|
||||||
|
with:
|
||||||
|
token: ${{ secrets.RENOVATE_TOKEN }}
|
||||||
1
.gitignore
vendored
1
.gitignore
vendored
@@ -1,3 +1,4 @@
|
|||||||
/secret.*.yaml
|
/secret.*.yaml
|
||||||
/data/
|
/data/
|
||||||
|
/.envrc
|
||||||
*.DS_Store
|
*.DS_Store
|
||||||
@@ -18,7 +18,7 @@ spec:
|
|||||||
|
|
||||||
containers:
|
containers:
|
||||||
- name: "{{ .Release.Name }}-whisper"
|
- name: "{{ .Release.Name }}-whisper"
|
||||||
image: "{{ .Values.whisper.image.repository }}:{{ .Values.piper.image.tag }}"
|
image: "{{ .Values.whisper.image.repository }}:{{ .Values.whisper.image.tag }}"
|
||||||
imagePullPolicy: "{{ .Values.whisper.image.pullPolicy }}"
|
imagePullPolicy: "{{ .Values.whisper.image.pullPolicy }}"
|
||||||
args:
|
args:
|
||||||
- --model
|
- --model
|
||||||
|
|||||||
@@ -36,6 +36,9 @@ data:
|
|||||||
},
|
},
|
||||||
"auth": {
|
"auth": {
|
||||||
"failDelay": 5,
|
"failDelay": 5,
|
||||||
|
"htpasswd": {
|
||||||
|
"path": "/etc/zot/htpasswd"
|
||||||
|
},
|
||||||
"openid": {
|
"openid": {
|
||||||
"providers": {
|
"providers": {
|
||||||
"oidc": {
|
"oidc": {
|
||||||
@@ -53,12 +56,22 @@ data:
|
|||||||
"actions": ["read", "create", "update", "delete"]
|
"actions": ["read", "create", "update", "delete"]
|
||||||
},
|
},
|
||||||
"repositories": {
|
"repositories": {
|
||||||
|
"public/**": {
|
||||||
|
"anonymousPolicy": ["read"],
|
||||||
|
"defaultPolicy": ["read"],
|
||||||
|
"policies": [
|
||||||
|
{
|
||||||
|
"users": ["*"],
|
||||||
|
"actions": ["create", "update", "delete"]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
"**": {
|
"**": {
|
||||||
"defaultPolicy": ["read"],
|
"defaultPolicy": ["read"],
|
||||||
"policies": [
|
"policies": [
|
||||||
{
|
{
|
||||||
"users": ["*"],
|
"users": ["*"],
|
||||||
"actions": ["push", "delete"]
|
"actions": ["create", "update", "delete"]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -6,6 +6,8 @@ metadata:
|
|||||||
app: "{{ .Release.Name }}"
|
app: "{{ .Release.Name }}"
|
||||||
spec:
|
spec:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
|
strategy:
|
||||||
|
type: Recreate
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: "{{ .Release.Name }}"
|
app: "{{ .Release.Name }}"
|
||||||
@@ -14,8 +16,6 @@ spec:
|
|||||||
labels:
|
labels:
|
||||||
app: "{{ .Release.Name }}"
|
app: "{{ .Release.Name }}"
|
||||||
spec:
|
spec:
|
||||||
strategy:
|
|
||||||
type: Recreate
|
|
||||||
initContainers:
|
initContainers:
|
||||||
- name: render-config
|
- name: render-config
|
||||||
image: alpine:3.20
|
image: alpine:3.20
|
||||||
@@ -36,9 +36,14 @@ spec:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: "{{ .Release.Name }}-client"
|
name: "{{ .Release.Name }}-client"
|
||||||
key: clientSecret
|
key: clientSecret
|
||||||
|
- name: PASSWORD
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: "{{ .Release.Name }}-cluster"
|
||||||
|
key: password
|
||||||
args:
|
args:
|
||||||
- |
|
- |
|
||||||
apk add --no-cache gettext >/dev/null
|
apk add --no-cache gettext apache2-utils >/dev/null
|
||||||
envsubst < /config-tpl/config.tpl.json > /config-out/config.json
|
envsubst < /config-tpl/config.tpl.json > /config-out/config.json
|
||||||
echo "Rendered /etc/zot/config.json"
|
echo "Rendered /etc/zot/config.json"
|
||||||
echo "---------------------------------------"
|
echo "---------------------------------------"
|
||||||
@@ -49,6 +54,7 @@ spec:
|
|||||||
echo "---------------------------------------"
|
echo "---------------------------------------"
|
||||||
cat /config-out/secrets.json
|
cat /config-out/secrets.json
|
||||||
echo "---------------------------------------"
|
echo "---------------------------------------"
|
||||||
|
htpasswd -nbB cluster "$PASSWORD" > /config-out/htpasswd
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: config-tpl
|
- name: config-tpl
|
||||||
mountPath: /config-tpl
|
mountPath: /config-tpl
|
||||||
|
|||||||
9
charts/apps/zot/templates/secret.yaml
Normal file
9
charts/apps/zot/templates/secret.yaml
Normal file
@@ -0,0 +1,9 @@
|
|||||||
|
apiVersion: homelab.mortenolsen.pro/v1
|
||||||
|
kind: GenerateSecret
|
||||||
|
metadata:
|
||||||
|
name: "{{ .Release.Name }}-cluster"
|
||||||
|
spec:
|
||||||
|
fields:
|
||||||
|
- name: password
|
||||||
|
encoding: hex
|
||||||
|
length: 64
|
||||||
26
renovate.json5
Normal file
26
renovate.json5
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
{
|
||||||
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||||
|
"extends": [
|
||||||
|
"config:base"
|
||||||
|
],
|
||||||
|
"packageRules": [
|
||||||
|
{
|
||||||
|
"matchDatasources": ["docker"],
|
||||||
|
"pinDigests": true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"helm-values": {
|
||||||
|
"fileMatch": ["^charts/.*/values\\.yaml$"]
|
||||||
|
},
|
||||||
|
"regexManagers": [
|
||||||
|
{
|
||||||
|
"fileMatch": ["^charts/.*/values\\.yaml$"],
|
||||||
|
"matchStrings": [
|
||||||
|
"repository:\s*'(?<depName>.*?)'\n\s*tag:\s*'(?<currentValue>.*?)'",
|
||||||
|
"repository:\s*\"(?<depName>.*?)\"\n\s*tag:\s*\"(?<currentValue>.*?)\"",
|
||||||
|
"repository:\s*(?<depName>.*?)\n\s*tag:\s*(?<currentValue>.*)"
|
||||||
|
],
|
||||||
|
"datasourceTemplate": "docker"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user