Skip to content

Commit

Permalink
feat: deploy dashbrr (#3275)
Browse files Browse the repository at this point in the history
  • Loading branch information
joryirving authored Nov 29, 2024
1 parent 2d6a5f3 commit fd129e7
Show file tree
Hide file tree
Showing 17 changed files with 258 additions and 7 deletions.
Binary file added docs/src/assets/icons/dashbrr.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,10 @@ spec:
databases: ["bazarr"]
password:
type: AlphaNumeric
- name: "dashbrr"
databases: ["dashbrr"]
password:
type: AlphaNumeric
- name: "lubelog"
databases: ["lubelog"]
password:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ spec:
data:
# App
BAZARR__API_KEY: '{{ .BAZARR_API_KEY }}'
PLEX_TOKEN: "{{ .PLEX_TOKEN }}"
PLEX_TOKEN: "{{ .PLEX_API_KEY }"
dataFrom:
- extract:
key: bazarr
Expand Down
63 changes: 63 additions & 0 deletions kubernetes/main/apps/downloads/dashbrr/app/externalsecret.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
---
# yaml-language-server: $schema=https://kube-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: &name dashbrr-secret
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: *name
template:
engineVersion: v2
data:
# App
DASHBRR_RADARR_API_KEY: "{{ .RADARR_API_KEY }}"
DASHBRR_SONARR_API_KEY: "{{ .SONARR_API_KEY }}"
DASHBRR_PROWLARR_API_KEY: "{{ .PROWLARR_API_KEY }}"
DASHBRR_PLEX_API_KEY: "{{ .PLEX_API_KEY }}"
# OIDC
OIDC_ISSUER: "https://sso.${SECRET_DOMAIN}/application/o/dashbrr/"
OIDC_CLIENT_ID: "{{ .DASHBRR_CLIENT_ID }}"
OIDC_CLIENT_SECRET: "{{ .DASHBRR_CLIENT_SECRET }}"
OIDC_REDIRECT_URL: "https://dashbrr.${SECRET_DOMAIN}/api/auth/callback"
dataFrom:
- extract:
key: radarr
- extract:
key: sonarr
- extract:
key: prowlarr
- extract:
key: plex
- extract:
key: dashbrr
---
# yaml-language-server: $schema=https://kube-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: &name dashbrr-db-secret
spec:
refreshInterval: 1m
secretStoreRef:
name: crunchy-pgo-secrets
kind: ClusterSecretStore
target:
name: dashbrr-secret
creationPolicy: Merge
deletionPolicy: Retain
template:
type: Opaque
data:
DASHBRR__DB_TYPE: postgres
DASHBRR__DB_NAME: '{{ .dbname }}'
DASHBRR__DB_HOST: '{{ index . "pgbouncer-host" }}'
DASHBRR__DB_PORT: '{{ index . "pgbouncer-port" }}'
DASHBRR__DB_USER: '{{ .user }}'
DASHBRR__DB_PASSWORD: '{{ .password }}'
dataFrom:
- extract:
key: postgres-pguser-dashbrr
107 changes: 107 additions & 0 deletions kubernetes/main/apps/downloads/dashbrr/app/helmrelease.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: &app dashbrr
spec:
interval: 30m
chart:
spec:
chart: app-template
version: 3.5.1
sourceRef:
kind: HelmRepository
name: bjw-s
namespace: flux-system
install:
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
strategy: rollback
retries: 3
dependsOn:
- name: rook-ceph-cluster
namespace: rook-ceph
- name: volsync
namespace: storage
values:
controllers:
dashbrr:
labels:
postgres: "true"
annotations:
reloader.stakater.com/auto: "true"
containers:
app:
image:
repository: ghcr.io/autobrr/dashbrr
tag: v0.2.0@sha256:b3b898d4bf9b463bf802e7af188de45e6ca08eb96e828b4e9cbfde6e418441ad
env:
DASHBRR__CONFIG_PATH: /config/config.toml
DASHBRR__DB_PATH: /cache/._ # cache path is derived from DASHBRR__DB_PATH
DASHBRR__LISTEN_ADDR: 0.0.0.0:8080
GIN_MODE: debug
TZ: ${TIMEZONE}
envFrom:
- secretRef:
name: dashbrr-secret
probes:
liveness: &probes
enabled: true
custom: true
spec:
httpGet:
path: /health
port: &port 8080
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness: *probes
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities: { drop: ["ALL"] }
resources:
requests:
cpu: 100m
limits:
memory: 2Gi
service:
app:
controller: *app
ports:
http:
port: *port
ingress:
app:
className: internal
annotations:
# gethomepage.dev/enabled: "true"
# gethomepage.dev/group: Downloads
# gethomepage.dev/name: dashbrr
# gethomepage.dev/icon: dashbrr.png
# gethomepage.dev/description: Media stack management
# gethomepage.dev/widget.type: dashbrr
# gethomepage.dev/widget.url: http://dashbrr.downloads
# gethomepage.dev/widget.key: "{{ `{{HOMEPAGE_VAR_DASHBRR_TOKEN}}` }}"
external-dns.alpha.kubernetes.io/target: internal.${SECRET_DOMAIN}
hosts:
- host: "{{ .Release.Name }}.${SECRET_DOMAIN}"
paths:
- path: /
service:
identifier: app
port: http
serviceAccount:
create: true
name: dashbrr
persistence:
cache:
type: emptyDir
sizeLimit: 1Gi
config:
type: configMap
name: dashbrr-config
18 changes: 18 additions & 0 deletions kubernetes/main/apps/downloads/dashbrr/app/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./externalsecret.yaml
- ./helmrelease.yaml
- ./rbac.yaml
- ../../../../../shared/templates/gatus/guarded
configMapGenerator:
- name: dashbrr-config
files:
- ./resources/config.toml
options:
annotations:
kustomize.toolkit.fluxcd.io/substitute: disabled
generatorOptions:
disableNameSuffixHash: true
22 changes: 22 additions & 0 deletions kubernetes/main/apps/downloads/dashbrr/app/rbac.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: dashbrr
rules:
- apiGroups: [""]
resources: ["services"]
verbs: ["get", "watch", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dashbrr
roleRef:
kind: ClusterRole
name: dashbrr
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: dashbrr
namespace: downloads
Empty file.
27 changes: 27 additions & 0 deletions kubernetes/main/apps/downloads/dashbrr/ks.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
---
# yaml-language-server: $schema=https://kube-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: &app dashbrr
namespace: flux-system
spec:
targetNamespace: downloads
commonMetadata:
labels:
app.kubernetes.io/name: *app
dependsOn:
- name: crunchy-postgres-operator-cluster
- name: crunchy-postgres-stores
- name: external-secrets-stores
path: ./kubernetes/main/apps/downloads/dashbrr/app
prune: true
sourceRef:
kind: GitRepository
name: home-kubernetes
wait: false # no flux ks dependents
interval: 30m
timeout: 5m
postBuild:
substitute:
APP: *app
1 change: 1 addition & 0 deletions kubernetes/main/apps/downloads/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ resources:
- ./namespace.yaml
# Flux-Kustomizations
- ./bazarr/ks.yaml
- ./dashbrr/ks.yaml
- ./flaresolverr/ks.yaml
- ./kapowarr/ks.yaml
- ./metube/ks.yaml
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ spec:
RADARR__POSTGRES__PORT: '{{ index . "pgbouncer-port" }}'
RADARR__POSTGRES__USER: '{{ .user }}'
RADARR__POSTGRES__PASSWORD: '{{ .password }}'
RADARR__POSTGRES__MAINDB: radarr_main
RADARR__POSTGRES__MAINDB: '{{ .dbname }}'
dataFrom:
- extract:
key: postgres-pguser-radarr
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ spec:
READARR__POSTGRES__PORT: '{{ index . "pgbouncer-port" }}'
READARR__POSTGRES__USER: '{{ .user }}'
READARR__POSTGRES__PASSWORD: '{{ .password }}'
READARR__POSTGRES__MAINDB: readarr_main
READARR__POSTGRES__MAINDB: '{{ .dbname }}'
READARR__POSTGRES__LOGDB: readarr_log
READARR__POSTGRES__CACHEDB: readarr_cache
dataFrom:
Expand Down
2 changes: 1 addition & 1 deletion kubernetes/main/apps/media/plex/app/externalsecret.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ spec:
template:
engineVersion: v2
data:
PLEX_TOKEN: "{{ .PLEX_TOKEN }}"
PLEX_TOKEN: "{{ .PLEX_API_KEY }"
dataFrom:
- extract:
key: plex
2 changes: 1 addition & 1 deletion kubernetes/main/apps/media/plex/kometa/externalsecret.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ spec:
KOMETA_MYANIMELIST_LOCALHOST_URL: "{{ .MYANIMELIST_LOCALHOST_URL }}"
KOMETA_MYANIMELIST_REFRESH_TOKEN: "{{ .MYANIMELIST_REFRESH_TOKEN }}"
KOMETA_OMDB_API_KEY: "{{ .OMDB_API_KEY }}"
KOMETA_PLEX_API_KEY: "{{ .PLEX_TOKEN }}"
KOMETA_PLEX_API_KEY: "{{ .PLEX_API_KEY }"
KOMETA_RADARR_API_KEY: "{{ .RADARR_API_KEY }}"
KOMETA_SONARR_API_KEY: "{{ .SONARR_API_KEY }}"
KOMETA_TAUTULLI_API_KEY: "{{ .TAUTULLI_API_KEY }}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ spec:
template:
engineVersion: v2
data:
PLEX_TOKEN: "{{ .PLEX_TOKEN }}"
PLEX_TOKEN: "{{ .PLEX_API_KEY }"
PLEX_POSTER_USERS: "{{ .PLEX_POSTER_USERS }}"
dataFrom:
- extract:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ spec:
HOMEPAGE_VAR_SONARR_TOKEN: "{{ .SONARR_API_KEY }}"
## Media
HOMEPAGE_VAR_OVERSEERR_TOKEN: "{{ .OVERSEERR_API_KEY }}"
HOMEPAGE_VAR_PLEX_TOKEN: "{{ .PLEX_TOKEN }}"
HOMEPAGE_VAR_PLEX_TOKEN: "{{ .PLEX_API_KEY }"
HOMEPAGE_VAR_TAUTULLI_TOKEN: "{{ .TAUTULLI_API_KEY }}"
HOMEPAGE_VAR_KAVITA_USERNAME: "{{ .KAVITA_USERNAME }}"
HOMEPAGE_VAR_KAVITA_PASSWORD: "{{ .KAVITA_PASSWORD }}"
Expand Down
9 changes: 9 additions & 0 deletions terraform/authentik/applications.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
locals {
oauth_apps = [
"dashbrr",
"grafana",
"headscale",
"kyoo",
Expand All @@ -20,6 +21,14 @@ module "onepassword_application" {
# Step 2: Parse the secrets using regex to extract client_id and client_secret
locals {
applications = {
dashbrr = {
client_id = module.onepassword_application["dashbrr"].fields["DASHBRR_CLIENT_ID"]
client_secret = module.onepassword_application["dashbrr"].fields["DASHBRR_CLIENT_SECRET"]
group = authentik_group.monitoring.name
icon_url = "https://raw.githubusercontent.com/joryirving/home-ops/main/docs/src/assets/icons/dashbrr.png"
redirect_uri = "https://dashbrr.${var.cluster_domain}/api/auth/callback"
launch_url = "https://dashbrr.${var.cluster_domain}/api/auth/callback"
},
grafana = {
client_id = module.onepassword_application["grafana"].fields["GRAFANA_CLIENT_ID"]
client_secret = module.onepassword_application["grafana"].fields["GRAFANA_CLIENT_SECRET"]
Expand Down

0 comments on commit fd129e7

Please sign in to comment.