diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000..1cad5933 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,49 @@ +--- +fail_fast: false + +exclude: | + (?x)^( + | .*\.sops\.toml + )$ + +repos: + - repo: https://github.com/adrienverge/yamllint + rev: v1.35.1 + hooks: + - id: yamllint + + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.6.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - id: fix-byte-order-marker + - id: mixed-line-ending + - id: check-added-large-files + args: [--maxkb=2048] + - id: check-merge-conflict + - id: check-executables-have-shebangs + + - repo: https://github.com/Lucas-C/pre-commit-hooks + rev: v1.5.5 + hooks: + - id: forbid-crlf + - id: forbid-tabs + + - repo: https://github.com/sirosen/fix-smartquotes + rev: 0.2.0 + hooks: + - id: fix-smartquotes + + - repo: https://github.com/jumanjihouse/pre-commit-hooks + rev: 3.0.0 + hooks: + - id: shellcheck + language: script + args: [--severity=error] + additional_dependencies: [] + + - repo: https://github.com/k8s-at-home/sops-pre-commit + rev: v2.1.1 + hooks: + - id: forbid-secrets diff --git a/.yamllint.yaml b/.yamllint.yaml new file mode 100644 index 00000000..bb7b058d --- /dev/null +++ b/.yamllint.yaml @@ -0,0 +1,29 @@ +--- +ignore: | + .ansible/ + .direnv/ + .private/ + .vscode/ + *.sops.* + ansible/roles/xanmanning.k3s/ + +extends: default + +rules: + truthy: + allowed-values: ["true", "false", "on"] + + comments: + min-spaces-from-content: 1 + + line-length: disable + + braces: + min-spaces-inside: 0 + max-spaces-inside: 1 + + brackets: + min-spaces-inside: 0 + max-spaces-inside: 0 + + indentation: enable diff --git a/gitattributes b/gitattributes new file mode 100644 index 00000000..af37c0fd --- /dev/null +++ b/gitattributes @@ -0,0 +1 @@ +*.sops.* diff=sopsdiffer diff --git a/kubernetes/apps/media/kustomization.yaml b/kubernetes/apps/media/kustomization.yaml index fc828bcd..97e69df8 100644 --- a/kubernetes/apps/media/kustomization.yaml +++ b/kubernetes/apps/media/kustomization.yaml @@ -5,3 +5,4 @@ resources: - ./namespace.yaml - ./jellyfin/ks.yaml - ./prowlarr/ks.yaml + - ./radarr/ks.yaml diff --git a/kubernetes/apps/media/prowlarr/ks.yaml b/kubernetes/apps/media/prowlarr/ks.yaml index 68a349e9..5e7f3a67 100644 --- a/kubernetes/apps/media/prowlarr/ks.yaml +++ b/kubernetes/apps/media/prowlarr/ks.yaml @@ -1,5 +1,5 @@ --- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: diff --git a/kubernetes/apps/media/radarr/app/helmrelease.yaml b/kubernetes/apps/media/radarr/app/helmrelease.yaml new file mode 100644 index 00000000..649ab9f4 --- /dev/null +++ b/kubernetes/apps/media/radarr/app/helmrelease.yaml @@ -0,0 +1,95 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: radarr +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 3.1.0 + interval: 30m + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + values: + controllers: + radarr: + annotations: + reloader.stakater.com/auto: "true" + pod: + securityContext: + runAsUser: 2000 + runAsGroup: 2000 + runAsNonRoot: true + fsGroup: 2000 + fsGroupChangePolicy: "OnRootMismatch" + supplementalGroups: + - 65542 + containers: + app: + image: + repository: ghcr.io/onedr0p/radarr-develop + tag: 5.5.2.8781@sha256:4b7de43df00613272532de7ecfc6a3207cb0a74fdcb2b05dd110ec2ebb493352 + env: + COMPlus_EnableDiagnostics: "0" + RADARR__INSTANCE_NAME: Radarr + RADARR__PORT: &port 7878 + RADARR__LOG_LEVEL: info + probes: + liveness: + enabled: true + readiness: + enabled: true + startup: + enabled: true + spec: + failureThreshold: 30 + periodSeconds: 5 + resources: + requests: + memory: 256Mi + limits: + memory: 512Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + service: + app: + controller: radarr + ports: + http: + port: *port + ingress: + app: + enabled: true + className: internal + hosts: + - host: &host radarr.${SECRET_DOMAIN} + paths: + - path: / + service: + identifier: app + port: http + tls: + - hosts: + - *host + persistence: + config: + enabled: true + type: persistentVolumeClaim + accessMode: ReadWriteOnce + size: 1Gi + movies: + enabled: true + type: nfs + server: ${NFS_SERVER} + path: /movies + globalMounts: + - path: /media/movies diff --git a/kubernetes/apps/media/radarr/app/kustomization.yaml b/kubernetes/apps/media/radarr/app/kustomization.yaml new file mode 100644 index 00000000..2e22a067 --- /dev/null +++ b/kubernetes/apps/media/radarr/app/kustomization.yaml @@ -0,0 +1,7 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: media +resources: + - ./helmrelease.yaml diff --git a/kubernetes/apps/media/radarr/ks.yaml b/kubernetes/apps/media/radarr/ks.yaml new file mode 100644 index 00000000..ede90add --- /dev/null +++ b/kubernetes/apps/media/radarr/ks.yaml @@ -0,0 +1,21 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app radarr + namespace: flux-system +spec: + targetNamespace: media + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/apps/media/radarr/app + prune: true + sourceRef: + kind: GitRepository + name: home-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 15m