lucalise/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(homelab): add existing routes to services, setup both mc worlds

Browse Source
This commit is contained in:
lucalise
2025-12-27 03:46:18 -08:00
parent 402f1243a2
commit 60c17bf646
10 changed files with 419 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
nix/homelab/helm/helmfile.yaml
View File

@@ -28,14 +28,6 @@ releases:
- crds:
enabled: true
# Media Server
- name: jellyfin
namespace: media
chart: jellyfin/jellyfin
version: 2.7.0
values:
- values/jellyfin.yaml
# Git
- name: gitea
namespace: git
@@ -70,6 +62,13 @@ releases:
values:
- values/minecraft/main.yaml
- name: minecraft-creative
namespace: minecraft
chart: minecraft-charts/minecraft
version: 5.0.0
values:
- values/minecraft/creative.yaml
- name: home-assistant
namespace: home
chart: home-assistant/home-assistant

5
nix/homelab/helm/values/jellyfin.yaml
View File

@@ -1,5 +0,0 @@
persistence:
config:
size: 5Gi
media:
size: 2Gi

30
nix/homelab/helm/values/minecraft/creative.yaml Normal file
View File

@@ -0,0 +1,30 @@
resources:
requests:
cpu: 1
memory: 500Mi
limits:
memory: 4Gi
cpu: 2000m
minecraftServer:
eula: "TRUE"
type: "PAPER"
version: "1.21.11"
difficulty: hard
motd: "A Minecraft Server."
gameMode: creative
memory: 4G
rcon:
enabled: true
withGeneratedPassword: false
port: 25575
existingSecret: rcon-credentials
secretKey: rcon-password
nodeSelector:
kubernetes.io/hostname: kube
persistence:
dataDir:
enabled: true
Size: 4Gi

49
nix/homelab/helm/values/minecraft/main.yaml
View File

@@ -20,6 +20,9 @@ minecraftServer:
existingSecret: rcon-credentials
secretKey: rcon-password
nodeSelector:
kubernetes.io/hostname: kube
persistence:
dataDir:
enabled: true
@@ -69,49 +72,3 @@ extraVolumes:
nfs:
server: 192.168.27.2
path: /backup/minecraft
# initContainers:
# - name: world-restore
# image: busybox:latest
# command:
# - sh
# - -c
# - |
# set -e
#
# echo "=== Minecraft World Restore ==="
#
# BACKUP_FILE="/backups/latest.tgz"
#
# # Check if backup exists
# if [[ ! -f "$BACKUP_FILE" ]]; then
# echo "Skipping restore, server will start with existing/new world"
# exit 0
# fi
#
# echo "✓ Backup found: $BACKUP_FILE"
# echo " Size: $(du -h $BACKUP_FILE | cut -f1)"
#
# # Check if world already exists
# if [ -f /data/world/level.dat ]; then
# echo "⚠ World already exists at /data/world/"
# echo " Replacing with backup..."
# rm -rf /data/world /data/world_nether /data/world_the_end
# fi
#
# # Extract backup
# echo "Extracting backup to /data/..."
# tar -xzf "$BACKUP_FILE" -C /data/
# echo "✓ Extraction complete"
#
# echo ""
# echo "=== Restore Complete ==="
# echo "Restored world size: $(du -sh /data/world 2>/dev/null | cut -f1 || echo 'unknown')"
# ls -lh /data/ | grep -E "^d" || true
# echo ""
# volumeMounts:
# - name: datadir
# mountPath: /data
# - name: backup-volume
# mountPath: /backup
# readOnly: true

3
nix/homelab/helm/values/minecraft/router.yaml
View File

@@ -11,3 +11,6 @@ minecraftRouter:
- externalHostname: "mc-rocket.duckdns.org"
host: "minecraft-main"
port: 25565
- externalHostname: "mc-rocket-creative.duckdns.org"
host: "minecraft-creative"
port: 25565

3
nix/homelab/kustomize/kustomization.yaml
View File

@@ -7,9 +7,10 @@ resources:
- ./traefik/rfc1918-middleware.yaml
- ./traefik/chain.yaml
- ./cert-manager/config.yaml
- ./routes/media.yaml
- ./routes/minecraft.yaml
- ./routes/gitea/ssh.yaml
- ./routes/gitea/http.yaml
- ./routes/longhorn.yaml
- ./routes/home-assistant.yaml
- ./routes/consul-media.yaml
- ./routes/consul-vaultwarden.yaml

314
nix/homelab/kustomize/routes/consul-media.yaml Normal file
View File

@@ -0,0 +1,314 @@
apiVersion: v1
kind: Service
metadata:
name: bazarr
namespace: media
spec:
ports:
- port: 6767
targetPort: 6767
protocol: TCP
---
apiVersion: v1
kind: Endpoints
metadata:
name: bazarr
namespace: media
subsets:
- addresses:
- ip: 192.168.20.20
ports:
- port: 6767
protocol: TCP
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: bazarr
namespace: media
spec:
parentRefs:
- name: traefik-gateway
namespace: kube-system
hostnames:
- "bazarr.lucalise.ca"
rules:
- backendRefs:
- name: bazarr
port: 6767
filters:
- type: ExtensionRef
extensionRef:
group: traefik.io
kind: Middleware
name: rfc1918-chain
---
apiVersion: v1
kind: Service
metadata:
name: prowlarr
namespace: media
spec:
ports:
- port: 9696
targetPort: 9696
protocol: TCP
---
apiVersion: v1
kind: Endpoints
metadata:
name: prowlarr
namespace: media
subsets:
- addresses:
- ip: 192.168.20.17
ports:
- port: 9696
protocol: TCP
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: prowlarr
namespace: media
spec:
parentRefs:
- name: traefik-gateway
namespace: kube-system
hostnames:
- "prowlarr.lucalise.ca"
rules:
- backendRefs:
- name: prowlarr
port: 9696
filters:
- type: ExtensionRef
extensionRef:
group: traefik.io
kind: Middleware
name: rfc1918-chain
---
apiVersion: v1
kind: Service
metadata:
name: radarr
namespace: media
spec:
ports:
- port: 7878
targetPort: 7878
protocol: TCP
---
apiVersion: v1
kind: Endpoints
metadata:
name: radarr
namespace: media
subsets:
- addresses:
- ip: 192.168.20.15
ports:
- port: 7878
protocol: TCP
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: radarr
namespace: media
spec:
parentRefs:
- name: traefik-gateway
namespace: kube-system
hostnames:
- "radarr.lucalise.ca"
rules:
- backendRefs:
- name: radarr
port: 7878
filters:
- type: ExtensionRef
extensionRef:
group: traefik.io
kind: Middleware
name: rfc1918-chain
---
apiVersion: v1
kind: Service
metadata:
name: sonarr
namespace: media
spec:
ports:
- port: 8989
targetPort: 8989
protocol: TCP
---
apiVersion: v1
kind: Endpoints
metadata:
name: sonarr
namespace: media
subsets:
- addresses:
- ip: 192.168.20.16
ports:
- port: 8989
protocol: TCP
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: sonarr
namespace: media
spec:
parentRefs:
- name: traefik-gateway
namespace: kube-system
hostnames:
- "sonarr.lucalise.ca"
rules:
- backendRefs:
- name: sonarr
port: 8989
filters:
- type: ExtensionRef
extensionRef:
group: traefik.io
kind: Middleware
name: rfc1918-chain
---
apiVersion: v1
kind: Service
metadata:
name: qbittorrent
namespace: media
spec:
ports:
- port: 8090
targetPort: 8090
protocol: TCP
---
apiVersion: v1
kind: Endpoints
metadata:
name: qbittorrent
namespace: media
subsets:
- addresses:
- ip: 192.168.20.6
ports:
- port: 8090
protocol: TCP
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: qbittorrent
namespace: media
spec:
parentRefs:
- name: traefik-gateway
namespace: kube-system
hostnames:
- "qbit.lucalise.ca"
rules:
- backendRefs:
- name: qbittorrent
port: 8090
filters:
- type: ExtensionRef
extensionRef:
group: traefik.io
kind: Middleware
name: rfc1918-chain
---
apiVersion: v1
kind: Service
metadata:
name: flaresolverr
namespace: media
spec:
ports:
- port: 8191
targetPort: 8191
protocol: TCP
---
apiVersion: v1
kind: Endpoints
metadata:
name: flaresolverr
namespace: media
subsets:
- addresses:
- ip: 192.168.20.4
ports:
- port: 8191
protocol: TCP
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: flaresolverr
namespace: media
spec:
parentRefs:
- name: traefik-gateway
namespace: kube-system
hostnames:
- "flare.lucalise.ca"
rules:
- backendRefs:
- name: flaresolverr
port: 8191
filters:
- type: ExtensionRef
extensionRef:
group: traefik.io
kind: Middleware
name: rfc1918-chain
---
apiVersion: v1
kind: Service
metadata:
name: jellyfin
namespace: media
spec:
ports:
- port: 8096
targetPort: 8096
protocol: TCP
---
apiVersion: v1
kind: Endpoints
metadata:
name: jellyfin
namespace: media
subsets:
- addresses:
- ip: 192.168.20.2
ports:
- port: 8096
protocol: TCP
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: jellyfin
namespace: media
spec:
parentRefs:
- name: traefik-gateway
namespace: kube-system
hostnames:
- "media.lucalise.ca"
rules:
- backendRefs:
- name: jellyfin
port: 8096
filters:
- type: ExtensionRef
extensionRef:
group: traefik.io
kind: Middleware
name: rfc1918-chain

49
nix/homelab/kustomize/routes/consul-vaultwarden.yaml Normal file
View File

@@ -0,0 +1,49 @@
apiVersion: v1
kind: Namespace
metadata:
name: vaultwarden
---
apiVersion: v1
kind: Service
metadata:
name: vaultwarden
namespace: vaultwarden
spec:
ports:
- port: 8000
targetPort: 8000
protocol: TCP
---
apiVersion: v1
kind: Endpoints
metadata:
name: vaultwarden
namespace: vaultwarden
subsets:
- addresses:
- ip: 192.168.20.22
ports:
- port: 8000
protocol: TCP
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: vaultwarden
namespace: vaultwarden
spec:
parentRefs:
- name: traefik-gateway
namespace: kube-system
hostnames:
- "vault.lucalise.ca"
rules:
- backendRefs:
- name: vaultwarden
port: 8000
filters:
- type: ExtensionRef
extensionRef:
group: traefik.io
kind: Middleware
name: rfc1918-chain

21
nix/homelab/kustomize/routes/media.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: jellyfin
namespace: media
spec:
parentRefs:
- name: traefik-gateway
namespace: kube-system
hostnames:
- "media.lucalise.ca"
rules:
- backendRefs:
- name: jellyfin
port: 8096
filters:
- type: ExtensionRef
extensionRef:
group: traefik.io
kind: Middleware
name: rfc1918-chain

11
nix/homelab/kustomize/traefik/chain.yaml
View File

@@ -30,3 +30,14 @@ spec:
middlewares:
- name: rfc1918-only
namespace: default
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: rfc1918-chain
namespace: vaultwarden
spec:
chain:
middlewares:
- name: rfc1918-only
namespace: default