DGSE/kubernetes
1
0
Fork 0
Code Issues 3 Pull Requests 8 Actions Packages Projects Releases Wiki Activity

chore(osx): Added OSX container

Browse Source
This commit is contained in:
Daniël Groothuis
2026-02-02 11:39:46 +01:00
parent bbfc8bbb27
commit 797dc958d2
27 changed files with 210 additions and 419 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
clusters/artemis/apps/osx/app-project.yaml → clusters/artemis/apps/kaneo/app-project.yaml
View File

@@ -2,15 +2,15 @@
apiVersion: argoproj.io/v1alpha1 apiVersion: argoproj.io/v1alpha1
kind: AppProject kind: AppProject
metadata: metadata:
name: osx name: kaneo
spec: spec:
description: osx container to proxy shortcuts description: Project Management
sourceRepos: sourceRepos:
- '*' - '*'
sourceNamespaces: sourceNamespaces:
- '*' - '*'
destinations: destinations:
- namespace: 'osx' - namespace: 'kaneo'
server: '*' server: '*'
clusterResourceWhitelist: clusterResourceWhitelist:
- group: '*' - group: '*'

10
clusters/artemis/apps/osx/application.yaml → clusters/artemis/apps/kaneo/application.yaml
View File

@@ -1,20 +1,20 @@
apiVersion: argoproj.io/v1alpha1 apiVersion: argoproj.io/v1alpha1
kind: Application kind: Application
metadata: metadata:
name: osx name: kaneo
namespace: osx namespace: kaneo
labels: labels:
platform.dgse.cloud/cluster: artemis platform.dgse.cloud/cluster: artemis
finalizers: finalizers:
- resources-finalizer.argocd.argoproj.io - resources-finalizer.argocd.argoproj.io
spec: spec:
project: osx project: kaneo
source: source:
repoURL: 'https://git.dgse.cloud/DGSE/kubernetes.git' repoURL: 'https://git.dgse.cloud/DGSE/kubernetes.git'
path: manifests/artemis/osx path: manifests/artemis/kaneo
targetRevision: main targetRevision: main
destination: destination:
namespace: osx namespace: kaneo
name: in-cluster name: in-cluster
syncPolicy: syncPolicy:
syncOptions: syncOptions:

0
clusters/artemis/apps/osx/kustomization.yaml → clusters/artemis/apps/kaneo/kustomization.yaml
View File

4
clusters/artemis/apps/kustomization.yaml
View File

@@ -13,9 +13,7 @@ resources:
- pocket-id - pocket-id
- vaultwarden - vaultwarden
- mailu - mailu
# - ntfy
- penpot - penpot
- immich - immich
- digital-garden - digital-garden
# - nextcloud - kaneo
# - osx

39
manifests/artemis/kaneo/api.yaml Normal file
View File

@@ -0,0 +1,39 @@
# api-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: kaneo-api
spec:
replicas: 1
selector:
matchLabels:
app: kaneo-api
template:
metadata:
labels:
app: kaneo-api
spec:
containers:
- name: api
image: ghcr.io/usekaneo/api:latest
ports:
- containerPort: 1337
envFrom:
- configMapRef:
name: kaneo-env
# If your API uses POSTGRES_HOST, point it to the postgres Service:
# env:
# - name: POSTGRES_HOST
# value: "postgres"
---
apiVersion: v1
kind: Service
metadata:
name: kaneo-api
spec:
type: ClusterIP
selector:
app: kaneo-api
ports:
- port: 1337
targetPort: 1337

11
manifests/artemis/kaneo/configMap.yaml Normal file
View File

@@ -0,0 +1,11 @@
# postgres-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: kaneo-env
data:
# Copy the contents of your .env file here as key: value pairs
# Example:
POSTGRES_USER: "kaneo"
POSTGRES_PASSWORD: "appelsap"
POSTGRES_DB: "kaneo"

62
manifests/artemis/kaneo/db.yaml Normal file
View File

@@ -0,0 +1,62 @@
# postgres-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres
spec:
replicas: 1
selector:
matchLabels:
app: postgres
template:
metadata:
labels:
app: postgres
spec:
containers:
- name: postgres
image: postgres:16-alpine
ports:
- containerPort: 5432
envFrom:
- configMapRef:
name: kaneo-env
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
readinessProbe:
exec:
command:
- sh
- -c
- pg_isready -U kaneo -d kaneo
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
livenessProbe:
exec:
command:
- sh
- -c
- pg_isready -U kaneo -d kaneo
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
volumes:
- name: postgres-data
persistentVolumeClaim:
claimName: postgres-data
---
apiVersion: v1
kind: Service
metadata:
name: postgres
spec:
type: ClusterIP
selector:
app: postgres
ports:
- port: 5432
targetPort: 5432

11
manifests/artemis/osx/ingress.yaml → manifests/artemis/kaneo/ingress.yaml
View File

@@ -1,22 +1,23 @@
---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt cert-manager.io/cluster-issuer: letsencrypt
name: osx-ingress name: kaneo-ingress
spec: spec:
rules: rules:
- host: osx.dgse.cloud - host: projects.dgse.cloud
http: http:
paths: paths:
- backend: - backend:
service: service:
name: macos name: kaneo-web
port: port:
number: 8006 number: 5173
path: / path: /
pathType: Prefix pathType: Prefix
tls: tls:
- hosts: - hosts:
- osx.dgse.cloud - projects.dgse.cloud
secretName: letsencrypt secretName: letsencrypt

11
manifests/artemis/kener/kustomization.yaml → manifests/artemis/kaneo/kustomization.yaml
View File

@@ -2,12 +2,13 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
metadata: metadata:
name: kener name: kaneo
resources: resources:
- secret.yaml - configMap.yaml
- db-cluster.yaml
- service.yaml
- pvc.yaml - pvc.yaml
- deployment.yaml - api.yaml
- web.yaml
- db.yaml
- services.yaml
- ingress.yaml - ingress.yaml

13
manifests/artemis/kaneo/pvc.yaml Normal file
View File

@@ -0,0 +1,13 @@
# postgres-pv-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
# For managed clusters, often you don't need storageClassName and use default.
# storageClassName: standard

25
manifests/artemis/kaneo/services.yaml Normal file
View File

@@ -0,0 +1,25 @@
# api-service.yaml (unchanged from before)
apiVersion: v1
kind: Service
metadata:
name: kaneo-api
spec:
type: ClusterIP
selector:
app: kaneo-api
ports:
- port: 1337
targetPort: 1337
---
# web-service.yaml (unchanged from before)
apiVersion: v1
kind: Service
metadata:
name: kaneo-web
spec:
type: ClusterIP
selector:
app: kaneo-web
ports:
- port: 5173
targetPort: 5173

39
manifests/artemis/kaneo/web.yaml Normal file
View File

@@ -0,0 +1,39 @@
# web-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: kaneo-web
spec:
replicas: 1
selector:
matchLabels:
app: kaneo-web
template:
metadata:
labels:
app: kaneo-web
spec:
containers:
- name: web
image: ghcr.io/usekaneo/web:latest
ports:
- containerPort: 5173
envFrom:
- configMapRef:
name: kaneo-env
# If the web app needs the API URL, ensure env var points to the API Service:
# env:
# - name: VITE_API_BASE_URL
# value: "http://kaneo-api:1337"
---
apiVersion: v1
kind: Service
metadata:
name: kaneo-web
spec:
type: ClusterIP
selector:
app: kaneo-web
ports:
- port: 5173
targetPort: 5173

21
manifests/artemis/kener/db-cluster.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: kener-postgres
spec:
instances: 1
managed:
roles:
- name: kener
superuser: true
login: true
bootstrap:
initdb:
database: kener
owner: kener
secret:
name: kener-postgres-user
storage:
size: 4Gi
storageClass: local-path

79
manifests/artemis/kener/deployment.yaml
View File

@@ -1,79 +0,0 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kener
spec:
selector:
matchLabels:
app: kener
template:
metadata:
labels:
app: kener
spec:
containers:
- name: kener
image: rajnandan1/kener:latest
ports:
- containerPort: 3000
name: http
volumeMounts:
- name: kener-uploads
mountPath: "/app/uploads"
env:
- name: ORIGIN
valueFrom:
secretKeyRef:
name: kener-secret
key: ORIGIN
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: kener-secret
key: DATABASE_URL
- name: KENER_SECRET_KEY
valueFrom:
secretKeyRef:
name: kener-secret
key: KENER_SECRET_KEY
- name: SMTP_HOST
valueFrom:
secretKeyRef:
name: kener-secret
key: SMTP_HOST
- name: SMTP_PORT
valueFrom:
secretKeyRef:
name: kener-secret
key: SMTP_PORT
- name: SMTP_USER
valueFrom:
secretKeyRef:
name: kener-secret
key: SMTP_USER
- name: SMTP_PASS
valueFrom:
secretKeyRef:
name: kener-secret
key: SMTP_PASS
- name: SMTP_SECURE
valueFrom:
secretKeyRef:
name: kener-secret
key: SMTP_SECURE
- name: SMTP_FROM_EMAIL
valueFrom:
secretKeyRef:
name: kener-secret
key: SMTP_FROM_EMAIL
- name: TZ
valueFrom:
secretKeyRef:
name: kener-secret
key: TZ
volumes:
- name: kener-uploads
persistentVolumeClaim:
claimName: kener-pvc

22
manifests/artemis/kener/ingress.yaml
View File

@@ -1,22 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt
name: kener-ingress
spec:
rules:
- host: monitor.dgse.cloud
http:
paths:
- backend:
service:
name: kener
port:
number: 3000
path: /
pathType: Prefix
tls:
- hosts:
- monitor.dgse.cloud
secretName: letsencrypt

11
manifests/artemis/kener/pvc.yaml
View File

@@ -1,11 +0,0 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kener-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi

74
manifests/artemis/kener/secret.yaml
View File

@@ -1,74 +0,0 @@
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: kener-secret
spec:
refreshInterval: 1h
secretStoreRef:
name: platform
kind: ClusterSecretStore
target:
name: kener-secret
data:
- secretKey: ORIGIN
remoteRef:
key: kener
property: ORIGIN
- secretKey: DATABASE_URL
remoteRef:
key: kener
property: DATABASE_URL
- secretKey: KENER_SECRET_KEY
remoteRef:
key: kener
property: KENER_SECRET_KEY
- secretKey: SMTP_HOST
remoteRef:
key: kener
property: SMTP_HOST
- secretKey: SMTP_PORT
remoteRef:
key: kener
property: SMTP_PORT
- secretKey: SMTP_USER
remoteRef:
key: kener
property: SMTP_USER
- secretKey: SMTP_PASS
remoteRef:
key: kener
property: SMTP_PASS
- secretKey: SMTP_SECURE
remoteRef:
key: kener
property: SMTP_SECURE
- secretKey: SMTP_FROM_EMAIL
remoteRef:
key: kener
property: SMTP_FROM_EMAIL
- secretKey: TZ
remoteRef:
key: kener
property: TZ
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: kener-postgres-user
spec:
refreshInterval: 1h
secretStoreRef:
name: platform
kind: ClusterSecretStore
target:
name: kener-postgres-user
data:
- secretKey: username
remoteRef:
key: kener
property: postgres_username
- secretKey: password
remoteRef:
key: kener
property: postgres_password

12
manifests/artemis/kener/service.yaml
View File

@@ -1,12 +0,0 @@
---
apiVersion: v1
kind: Service
metadata:
name: kener
spec:
selector:
app: kener
ports:
- protocol: TCP
port: 3000
targetPort: 3000

8
manifests/artemis/ntfy/basicauth.yaml
View File

@@ -1,8 +0,0 @@
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: basic-auth
spec:
basicAuth:
secret: basic-auth

12
manifests/artemis/ntfy/configmap.yaml
View File

@@ -1,12 +0,0 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: ntfy
data:
server.yml: |
# Template: https://github.com/binwiederhier/ntfy/blob/main/server/server.yml
base-url: https://notifications.dgse.cloud
enable-login: true
enable-signup: false
upstream-base-url: "https://ntfy.sh"

33
manifests/artemis/ntfy/deployment.yaml
View File

@@ -1,33 +0,0 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ntfy
spec:
selector:
matchLabels:
app: ntfy
template:
metadata:
labels:
app: ntfy
spec:
containers:
- name: ntfy
image: binwiederhier/ntfy
args: ["serve"]
resources:
limits:
memory: "128Mi"
cpu: "500m"
ports:
- containerPort: 80
name: http
volumeMounts:
- name: config
mountPath: "/etc/ntfy"
readOnly: true
volumes:
- name: config
configMap:
name: ntfy

18
manifests/artemis/ntfy/ingress.yaml
View File

@@ -1,18 +0,0 @@
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: ntfy-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`notifications.dgse.cloud`)
kind: Rule
middlewares:
- name: basic-auth
services:
- name: ntfy
port: 80
tls:
secretName: letsencrypt

12
manifests/artemis/ntfy/service.yaml
View File

@@ -1,12 +0,0 @@
---
# Basic service for port 80
apiVersion: v1
kind: Service
metadata:
name: ntfy
spec:
selector:
app: ntfy
ports:
- port: 80
targetPort: 80

58
manifests/artemis/osx/deployment.yaml
View File

@@ -1,58 +0,0 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: macos
labels:
name: macos
spec:
replicas: 1
selector:
matchLabels:
app: macos
template:
metadata:
labels:
app: macos
spec:
containers:
- name: macos
image: dockurr/macos
env:
- name: VERSION
value: "14"
- name: DISK_SIZE
value: "64G"
- name: KVM
value: "N"
ports:
- containerPort: 8006
name: http
protocol: TCP
- containerPort: 5900
name: vnc
protocol: TCP
securityContext:
capabilities:
add:
- NET_ADMIN
privileged: true
volumeMounts:
- mountPath: /storage
name: storage
- mountPath: /dev/kvm
name: dev-kvm
- mountPath: /dev/net/tun
name: dev-tun
terminationGracePeriodSeconds: 120
volumes:
- name: storage
persistentVolumeClaim:
claimName: macos-pvc
- hostPath:
path: /dev/kvm
name: dev-kvm
- hostPath:
path: /dev/net/tun
type: CharDevice
name: dev-tun

8
manifests/artemis/osx/kustomization.yaml
View File

@@ -1,8 +0,0 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- service.yaml
- deployment.yaml
- pvc.yaml

11
manifests/artemis/osx/pvc.yaml
View File

@@ -1,11 +0,0 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: macos-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 64Gi

19
manifests/artemis/osx/service.yaml
View File

@@ -1,19 +0,0 @@
---
apiVersion: v1
kind: Service
metadata:
name: macos
spec:
internalTrafficPolicy: Cluster
ports:
- name: http
port: 8006
protocol: TCP
targetPort: 8006
- name: vnc
port: 5900
protocol: TCP
targetPort: 5900
selector:
app: macos
type: ClusterIP