From aeb19a521c1666c289915694385f7cd5daccddab Mon Sep 17 00:00:00 2001 From: Alvin Wang Date: Mon, 20 Apr 2026 12:09:03 -0400 Subject: [PATCH] set up mealie --- AGENTS.md | 3 ++ charts/headlamp/templates/headlamp.yaml | 2 +- .../mealie/templates/mealie-ingressroute.yaml | 32 +++++++++++++++++++ charts/mealie/templates/mealie.yaml | 20 +++--------- charts/mealie/values.yaml | 5 ++- charts/paperless/values.yaml | 2 +- 6 files changed, 44 insertions(+), 20 deletions(-) create mode 100644 charts/mealie/templates/mealie-ingressroute.yaml diff --git a/AGENTS.md b/AGENTS.md index 5e90880..0c12685 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -9,3 +9,6 @@ The mac-worker is running inside orbstack linux VM if that matters. I have a DNS rewrite pointing *.internal to 10.0.1.250 which is traefik-internal. /dogstore/ is a NFS path that's available to all nodes + + +secrets are managed by sops diff --git a/charts/headlamp/templates/headlamp.yaml b/charts/headlamp/templates/headlamp.yaml index 3d9fa07..bd58dd3 100644 --- a/charts/headlamp/templates/headlamp.yaml +++ b/charts/headlamp/templates/headlamp.yaml @@ -43,7 +43,7 @@ spec: args: - -in-cluster - -plugins-dir=/headlamp/plugins - - -insecure-no-authentication + - -enable-helm ports: - containerPort: 4466 --- diff --git a/charts/mealie/templates/mealie-ingressroute.yaml b/charts/mealie/templates/mealie-ingressroute.yaml new file mode 100644 index 0000000..b348bc9 --- /dev/null +++ b/charts/mealie/templates/mealie-ingressroute.yaml @@ -0,0 +1,32 @@ +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: mealie + annotations: + kubernetes.io/ingress.class: traefik-internal +spec: + entryPoints: + - web + routes: + - match: Host(`mealie.{{ .Values.internalDomain }}`) + kind: Rule + services: + - name: mealie + port: 9000 +--- +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: mealie-tls + annotations: + kubernetes.io/ingress.class: traefik-internal +spec: + entryPoints: + - websecure + routes: + - match: Host(`mealie.{{ .Values.internalDomain }}`) + kind: Rule + services: + - name: mealie + port: 9000 + tls: {} diff --git a/charts/mealie/templates/mealie.yaml b/charts/mealie/templates/mealie.yaml index 8533eb1..deed1ac 100644 --- a/charts/mealie/templates/mealie.yaml +++ b/charts/mealie/templates/mealie.yaml @@ -1,16 +1,3 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: mealie-data - labels: - app: mealie -spec: - accessModes: [ReadWriteOnce] - storageClassName: {{ .Values.storageClass }} - resources: - requests: - storage: {{ .Values.storageSize }} ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -29,6 +16,8 @@ spec: labels: app: mealie spec: + nodeSelector: + homelab/node-role: worker containers: - name: mealie image: {{ .Values.image }} @@ -66,8 +55,9 @@ spec: mountPath: /app/data volumes: - name: data - persistentVolumeClaim: - claimName: mealie-data + hostPath: + path: /dogstore/service-data/mealie + type: DirectoryOrCreate --- apiVersion: v1 kind: Service diff --git a/charts/mealie/values.yaml b/charts/mealie/values.yaml index 6d5cd2d..904b1f4 100644 --- a/charts/mealie/values.yaml +++ b/charts/mealie/values.yaml @@ -1,14 +1,13 @@ domain: ratboo.me +internalDomain: dog certResolver: myresolver tz: America/Los_Angeles puid: "1000" pgid: "1000" -image: ghcr.io/mealie-recipes/mealie:v3.14.0 +image: ghcr.io/mealie-recipes/mealie:v3.16.0 secretName: mealie-secrets -storageClass: longhorn -storageSize: 5Gi resources: limits: diff --git a/charts/paperless/values.yaml b/charts/paperless/values.yaml index 8068a9b..2edb47d 100644 --- a/charts/paperless/values.yaml +++ b/charts/paperless/values.yaml @@ -11,7 +11,7 @@ storageClass: longhorn webserver: image: ghcr.io/paperless-ngx/paperless-ngx:latest - csrfTrustedOrigins: "https://paperless.ratboo.me" + csrfTrustedOrigins: "https://paperless.ratboo.me,http://paperless.dog,https://paperless.dog" redis: image: docker.io/library/redis:7