feat(homelab): add existing routes to services, setup both mc worlds

2025-12-27 03:46:18 -08:00
parent 402f1243a2
commit 60c17bf646
10 changed files with 419 additions and 81 deletions
--- a/nix/homelab/helm/helmfile.yaml
+++ b/nix/homelab/helm/helmfile.yaml
@@ -28,14 +28,6 @@ releases:
      - crds:
          enabled: true
  # Media Server
  - name: jellyfin
    namespace: media
    chart: jellyfin/jellyfin
    version: 2.7.0
    values:
      - values/jellyfin.yaml
  # Git
  - name: gitea
    namespace: git
@@ -70,6 +62,13 @@ releases:
    values:
      - values/minecraft/main.yaml
  - name: minecraft-creative
    namespace: minecraft
    chart: minecraft-charts/minecraft
    version: 5.0.0
    values:
      - values/minecraft/creative.yaml
  - name: home-assistant
    namespace: home
    chart: home-assistant/home-assistant
--- a/nix/homelab/helm/values/jellyfin.yaml
+++ b/nix/homelab/helm/values/jellyfin.yaml
@@ -1,5 +0,0 @@
 persistence:
  config:
    size: 5Gi
  media:
    size: 2Gi
--- a/nix/homelab/helm/values/minecraft/creative.yaml
+++ b/nix/homelab/helm/values/minecraft/creative.yaml
@@ -0,0 +1,30 @@
 resources:
  requests:
    cpu: 1
    memory: 500Mi
  limits:
    memory: 4Gi
    cpu: 2000m
 minecraftServer:
  eula: "TRUE"
  type: "PAPER"
  version: "1.21.11"
  difficulty: hard
  motd: "A Minecraft Server."
  gameMode: creative
  memory: 4G
  rcon:
    enabled: true
    withGeneratedPassword: false
    port: 25575
    existingSecret: rcon-credentials
    secretKey: rcon-password
 nodeSelector:
  kubernetes.io/hostname: kube
 persistence:
  dataDir:
    enabled: true
    Size: 4Gi
--- a/nix/homelab/helm/values/minecraft/main.yaml
+++ b/nix/homelab/helm/values/minecraft/main.yaml
@@ -20,6 +20,9 @@ minecraftServer:
    existingSecret: rcon-credentials
    secretKey: rcon-password
 nodeSelector:
  kubernetes.io/hostname: kube
 persistence:
  dataDir:
    enabled: true
@@ -69,49 +72,3 @@ extraVolumes:
        nfs:
          server: 192.168.27.2
          path: /backup/minecraft
 # initContainers:
 #   - name: world-restore
 #     image: busybox:latest
 #     command:
 #       - sh
 #       - -c
 #       - |
 #         set -e
 #
 #         echo "=== Minecraft World Restore ==="
 #
 #         BACKUP_FILE="/backups/latest.tgz"
 #
 #         # Check if backup exists
 #         if [[ ! -f "$BACKUP_FILE" ]]; then
 #           echo "Skipping restore, server will start with existing/new world"
 #           exit 0
 #         fi
 #
 #         echo "✓ Backup found: $BACKUP_FILE"
 #         echo "  Size: $(du -h $BACKUP_FILE | cut -f1)"
 #
 #         # Check if world already exists
 #         if [ -f /data/world/level.dat ]; then
 #           echo "⚠ World already exists at /data/world/"
 #           echo "  Replacing with backup..."
 #           rm -rf /data/world /data/world_nether /data/world_the_end
 #         fi
 #
 #         # Extract backup
 #         echo "Extracting backup to /data/..."
 #         tar -xzf "$BACKUP_FILE" -C /data/
 #         echo "✓ Extraction complete"
 #
 #         echo ""
 #         echo "=== Restore Complete ==="
 #         echo "Restored world size: $(du -sh /data/world 2>/dev/null | cut -f1 || echo 'unknown')"
 #         ls -lh /data/ | grep -E "^d" || true
 #         echo ""
 #     volumeMounts:
 #       - name: datadir
 #         mountPath: /data
 #       - name: backup-volume
 #         mountPath: /backup
 #         readOnly: true
--- a/nix/homelab/helm/values/minecraft/router.yaml
+++ b/nix/homelab/helm/values/minecraft/router.yaml
@@ -11,3 +11,6 @@ minecraftRouter:
    - externalHostname: "mc-rocket.duckdns.org"
      host: "minecraft-main"
      port: 25565
    - externalHostname: "mc-rocket-creative.duckdns.org"
      host: "minecraft-creative"
      port: 25565
--- a/nix/homelab/kustomize/kustomization.yaml
+++ b/nix/homelab/kustomize/kustomization.yaml
@@ -7,9 +7,10 @@ resources:
  - ./traefik/rfc1918-middleware.yaml
  - ./traefik/chain.yaml
  - ./cert-manager/config.yaml
  - ./routes/media.yaml
  - ./routes/minecraft.yaml
  - ./routes/gitea/ssh.yaml
  - ./routes/gitea/http.yaml
  - ./routes/longhorn.yaml
  - ./routes/home-assistant.yaml
  - ./routes/consul-media.yaml
  - ./routes/consul-vaultwarden.yaml
--- a/nix/homelab/kustomize/routes/consul-media.yaml
+++ b/nix/homelab/kustomize/routes/consul-media.yaml
@@ -0,0 +1,314 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: bazarr
  namespace: media
 spec:
  ports:
    - port: 6767
      targetPort: 6767
      protocol: TCP
 ---
 apiVersion: v1
 kind: Endpoints
 metadata:
  name: bazarr
  namespace: media
 subsets:
  - addresses:
      - ip: 192.168.20.20
    ports:
      - port: 6767
        protocol: TCP
 ---
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: bazarr
  namespace: media
 spec:
  parentRefs:
    - name: traefik-gateway
      namespace: kube-system
  hostnames:
    - "bazarr.lucalise.ca"
  rules:
    - backendRefs:
        - name: bazarr
          port: 6767
      filters:
        - type: ExtensionRef
          extensionRef:
            group: traefik.io
            kind: Middleware
            name: rfc1918-chain
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: prowlarr
  namespace: media
 spec:
  ports:
    - port: 9696
      targetPort: 9696
      protocol: TCP
 ---
 apiVersion: v1
 kind: Endpoints
 metadata:
  name: prowlarr
  namespace: media
 subsets:
  - addresses:
      - ip: 192.168.20.17
    ports:
      - port: 9696
        protocol: TCP
 ---
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: prowlarr
  namespace: media
 spec:
  parentRefs:
    - name: traefik-gateway
      namespace: kube-system
  hostnames:
    - "prowlarr.lucalise.ca"
  rules:
    - backendRefs:
        - name: prowlarr
          port: 9696
      filters:
        - type: ExtensionRef
          extensionRef:
            group: traefik.io
            kind: Middleware
            name: rfc1918-chain
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: radarr
  namespace: media
 spec:
  ports:
    - port: 7878
      targetPort: 7878
      protocol: TCP
 ---
 apiVersion: v1
 kind: Endpoints
 metadata:
  name: radarr
  namespace: media
 subsets:
  - addresses:
      - ip: 192.168.20.15
    ports:
      - port: 7878
        protocol: TCP
 ---
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: radarr
  namespace: media
 spec:
  parentRefs:
    - name: traefik-gateway
      namespace: kube-system
  hostnames:
    - "radarr.lucalise.ca"
  rules:
    - backendRefs:
        - name: radarr
          port: 7878
      filters:
        - type: ExtensionRef
          extensionRef:
            group: traefik.io
            kind: Middleware
            name: rfc1918-chain
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: sonarr
  namespace: media
 spec:
  ports:
    - port: 8989
      targetPort: 8989
      protocol: TCP
 ---
 apiVersion: v1
 kind: Endpoints
 metadata:
  name: sonarr
  namespace: media
 subsets:
  - addresses:
      - ip: 192.168.20.16
    ports:
      - port: 8989
        protocol: TCP
 ---
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: sonarr
  namespace: media
 spec:
  parentRefs:
    - name: traefik-gateway
      namespace: kube-system
  hostnames:
    - "sonarr.lucalise.ca"
  rules:
    - backendRefs:
        - name: sonarr
          port: 8989
      filters:
        - type: ExtensionRef
          extensionRef:
            group: traefik.io
            kind: Middleware
            name: rfc1918-chain
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: qbittorrent
  namespace: media
 spec:
  ports:
    - port: 8090
      targetPort: 8090
      protocol: TCP
 ---
 apiVersion: v1
 kind: Endpoints
 metadata:
  name: qbittorrent
  namespace: media
 subsets:
  - addresses:
      - ip: 192.168.20.6
    ports:
      - port: 8090
        protocol: TCP
 ---
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: qbittorrent
  namespace: media
 spec:
  parentRefs:
    - name: traefik-gateway
      namespace: kube-system
  hostnames:
    - "qbit.lucalise.ca"
  rules:
    - backendRefs:
        - name: qbittorrent
          port: 8090
      filters:
        - type: ExtensionRef
          extensionRef:
            group: traefik.io
            kind: Middleware
            name: rfc1918-chain
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: flaresolverr
  namespace: media
 spec:
  ports:
    - port: 8191
      targetPort: 8191
      protocol: TCP
 ---
 apiVersion: v1
 kind: Endpoints
 metadata:
  name: flaresolverr
  namespace: media
 subsets:
  - addresses:
      - ip: 192.168.20.4
    ports:
      - port: 8191
        protocol: TCP
 ---
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: flaresolverr
  namespace: media
 spec:
  parentRefs:
    - name: traefik-gateway
      namespace: kube-system
  hostnames:
    - "flare.lucalise.ca"
  rules:
    - backendRefs:
        - name: flaresolverr
          port: 8191
      filters:
        - type: ExtensionRef
          extensionRef:
            group: traefik.io
            kind: Middleware
            name: rfc1918-chain
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: jellyfin
  namespace: media
 spec:
  ports:
    - port: 8096
      targetPort: 8096
      protocol: TCP
 ---
 apiVersion: v1
 kind: Endpoints
 metadata:
  name: jellyfin
  namespace: media
 subsets:
  - addresses:
      - ip: 192.168.20.2
    ports:
      - port: 8096
        protocol: TCP
 ---
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: jellyfin
  namespace: media
 spec:
  parentRefs:
    - name: traefik-gateway
      namespace: kube-system
  hostnames:
    - "media.lucalise.ca"
  rules:
    - backendRefs:
        - name: jellyfin
          port: 8096
      filters:
        - type: ExtensionRef
          extensionRef:
            group: traefik.io
            kind: Middleware
            name: rfc1918-chain
--- a/nix/homelab/kustomize/routes/consul-vaultwarden.yaml
+++ b/nix/homelab/kustomize/routes/consul-vaultwarden.yaml
@@ -0,0 +1,49 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: vaultwarden
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: vaultwarden
  namespace: vaultwarden
 spec:
  ports:
    - port: 8000
      targetPort: 8000
      protocol: TCP
 ---
 apiVersion: v1
 kind: Endpoints
 metadata:
  name: vaultwarden
  namespace: vaultwarden
 subsets:
  - addresses:
      - ip: 192.168.20.22
    ports:
      - port: 8000
        protocol: TCP
 ---
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: vaultwarden
  namespace: vaultwarden
 spec:
  parentRefs:
    - name: traefik-gateway
      namespace: kube-system
  hostnames:
    - "vault.lucalise.ca"
  rules:
    - backendRefs:
        - name: vaultwarden
          port: 8000
      filters:
        - type: ExtensionRef
          extensionRef:
            group: traefik.io
            kind: Middleware
            name: rfc1918-chain
--- a/nix/homelab/kustomize/routes/media.yaml
+++ b/nix/homelab/kustomize/routes/media.yaml
@@ -1,21 +0,0 @@
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: jellyfin
  namespace: media
 spec:
  parentRefs:
    - name: traefik-gateway
      namespace: kube-system
  hostnames:
    - "media.lucalise.ca"
  rules:
    - backendRefs:
        - name: jellyfin
          port: 8096
      filters:
        - type: ExtensionRef
          extensionRef:
            group: traefik.io
            kind: Middleware
            name: rfc1918-chain
--- a/nix/homelab/kustomize/traefik/chain.yaml
+++ b/nix/homelab/kustomize/traefik/chain.yaml
@@ -30,3 +30,14 @@ spec:
    middlewares:
      - name: rfc1918-only
        namespace: default
 ---
 apiVersion: traefik.io/v1alpha1
 kind: Middleware
 metadata:
  name: rfc1918-chain
  namespace: vaultwarden
 spec:
  chain:
    middlewares:
      - name: rfc1918-only
        namespace: default