From c4c1b6d195c9edbdc52c212ad76f8c90ef4dd4fa Mon Sep 17 00:00:00 2001 From: JacekZubielik Date: Wed, 22 May 2024 15:45:30 +0200 Subject: [PATCH 1/2] chore(init): init --- charts/home-assistant/Chart.yaml | 17 ++ charts/home-assistant/ci/ci-values.yaml | 2 + charts/home-assistant/templates/_helpers.tpl | 50 +++++ charts/home-assistant/templates/ingress.yaml | 40 ++++ charts/home-assistant/templates/pvc.yaml | 21 +++ charts/home-assistant/templates/service.yaml | 41 ++++ .../templates/serviceaccount.yaml | 16 ++ .../templates/servicemonitor.yaml | 68 +++++++ .../home-assistant/templates/statefulset.yaml | 141 ++++++++++++++ charts/home-assistant/values.yaml | 178 ++++++++++++++++++ 10 files changed, 574 insertions(+) create mode 100644 charts/home-assistant/Chart.yaml create mode 100644 charts/home-assistant/ci/ci-values.yaml create mode 100644 charts/home-assistant/templates/_helpers.tpl create mode 100644 charts/home-assistant/templates/ingress.yaml create mode 100644 charts/home-assistant/templates/pvc.yaml create mode 100644 charts/home-assistant/templates/service.yaml create mode 100644 charts/home-assistant/templates/serviceaccount.yaml create mode 100644 charts/home-assistant/templates/servicemonitor.yaml create mode 100644 charts/home-assistant/templates/statefulset.yaml create mode 100644 charts/home-assistant/values.yaml diff --git a/charts/home-assistant/Chart.yaml b/charts/home-assistant/Chart.yaml new file mode 100644 index 0000000..0474cab --- /dev/null +++ b/charts/home-assistant/Chart.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v2 +appVersion: 2024.4.0 +description: Home Assistant automation +name: home-assistant +version: 0.0.1 +keywords: + - home-assistant + - automation +type: application +home: https://github.com/JacekZubielik/jz-helm-charts/tree/master/charts/home-assistant +icon: https://raw.githubusercontent.com/home-assistant/assets/master/misc/logo-icon_template.png +sources: + - https://github.com/home-assistant/home-assistant +maintainers: + - name: jacekzubielik + diff --git a/charts/home-assistant/ci/ci-values.yaml b/charts/home-assistant/ci/ci-values.yaml new file mode 100644 index 0000000..4d278e9 --- /dev/null +++ b/charts/home-assistant/ci/ci-values.yaml @@ -0,0 +1,2 @@ +provider: + name: inmemory diff --git a/charts/home-assistant/templates/_helpers.tpl b/charts/home-assistant/templates/_helpers.tpl new file mode 100644 index 0000000..5d0b852 --- /dev/null +++ b/charts/home-assistant/templates/_helpers.tpl @@ -0,0 +1,50 @@ +{{/* Expand the name of the chart. */}} +{{- define "app.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. */}} +{{- define "app.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* Create chart name and version as used by the chart label. */}} +{{- define "app.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* Common labels */}} +{{- define "app.labels" -}} +helm.sh/chart: {{ include "app.chart" . }} +{{ include "app.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* Selector labels */}} +{{- define "app.selectorLabels" -}} +app.kubernetes.io/name: {{ include "app.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* Create the name of the service account to use */}} +{{- define "app.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "app.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/home-assistant/templates/ingress.yaml b/charts/home-assistant/templates/ingress.yaml new file mode 100644 index 0000000..da112aa --- /dev/null +++ b/charts/home-assistant/templates/ingress.yaml @@ -0,0 +1,40 @@ +{{- if and .Values.ingress .Values.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "app.fullname" . }} + labels: + {{- include "app.labels" . | nindent 4 }} + # helm.sh/chart: {{ include "app.chart" . }} + # app.kubernetes.io/instance: {{ .Release.Name }} + # app.kubernetes.io/managed-by: {{ .Release.Service }} + # app.kubernetes.io/name: {{ include "app.name" . }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + ingressClassName: {{ $.Values.ingress.ingressClassName }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ .Values.ingress.path }} + pathType: Prefix + backend: + serviceName: {{ include "app.fullname" . }} + servicePort: {{ .Values.service.port }} + {{- end }} + +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/home-assistant/templates/pvc.yaml b/charts/home-assistant/templates/pvc.yaml new file mode 100644 index 0000000..fe136e9 --- /dev/null +++ b/charts/home-assistant/templates/pvc.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.persistence.pvc.enabled (not .Values.persistence.configstorage.hostPath) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "app.fullname" . }} + labels: + {{- include "app.labels" . | nindent 4 }} +spec: + accessModes: + - {{ .Values.persistence.pvc.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.pvc.size }} + {{- if .Values.persistence.pvc.storageClass }} + {{- if (eq "-" .Values.persistence.pvc.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: "{{ .Values.persistence.pvc.storageClass }}" + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/home-assistant/templates/service.yaml b/charts/home-assistant/templates/service.yaml new file mode 100644 index 0000000..2fc91e0 --- /dev/null +++ b/charts/home-assistant/templates/service.yaml @@ -0,0 +1,41 @@ +apiVersion: v1 +kind: Service +metadata: + {{- if .Values.service.annotations }} + annotations: + {{- toYaml .Values.service.annotations | nindent 4 }} + {{- end }} + name: {{ template "app.fullname" . }} + labels: + {{- include "app.labels" . | nindent 4 }} + {{- if .Values.service.labels }} + {{ toYaml .Values.service.labels | indent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + {{- if .Values.service.externalIPs }} + externalIPs: + {{- toYaml .Values.service.externalIPs | nindent 4 }} + {{- end }} + {{- if .Values.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} + {{- end }} + {{- if .Values.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }} + {{- end }} + publishNotReadyAddresses: {{ .Values.service.publishNotReadyAddresses }} + ports: + - name: http + port: {{ .Values.service.httpPort }} + protocol: TCP + targetPort: http + - name: metrics + port: {{ .Values.service.metricsPort }} + targetPort: metrics + + selector: + {{- include "app.selectorLabels" . | nindent 4 }} diff --git a/charts/home-assistant/templates/serviceaccount.yaml b/charts/home-assistant/templates/serviceaccount.yaml new file mode 100644 index 0000000..446a8c9 --- /dev/null +++ b/charts/home-assistant/templates/serviceaccount.yaml @@ -0,0 +1,16 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: +{{- if .Values.serviceAccount.annotations }} + annotations: +{{- toYaml .Values.serviceAccount.annotations | nindent 4 }} +{{- end }} + name: {{ template "app.fullname" . }} + labels: +{{- include "app.labels" . | nindent 4 }} +{{- if .Values.serviceAccount.labels }} +{{ toYaml .Values.serviceAccount.labels | indent 4 }} +{{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/charts/home-assistant/templates/servicemonitor.yaml b/charts/home-assistant/templates/servicemonitor.yaml new file mode 100644 index 0000000..2851713 --- /dev/null +++ b/charts/home-assistant/templates/servicemonitor.yaml @@ -0,0 +1,68 @@ +{{- if and ( .Values.monitoring.serviceMonitor.enabled ) ( .Values.monitoring.enabled ) }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "app.fullname" . }}-prometheus-exporter + labels: + {{- include "app.labels" . | nindent 4 }} + {{- with .Values.monitoring.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.monitoring.serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if .Values.monitoring.serviceMonitor.namespace }} + namespace: {{ .Values.monitoring.serviceMonitor.namespace }} + {{- end }} + +spec: + selector: + matchLabels: + {{- include "app.selectorLabels" . | nindent 6 }} + {{- if .Values.podLabels }} + {{- toYaml .Values.podLabels | nindent 6 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + endpoints: + - targetPort: {{ .Values.service.metricsPort }} + path: /metrics + {{- with .Values.monitoring.serviceMonitor.honorLabels }} + honorLabels: {{ . }} + {{- end }} + {{- if .Values.monitoring.serviceMonitor.interval }} + interval: {{ .Values.monitoring.serviceMonitor.interval }} + {{- end }} + {{- if .Values.monitoring.serviceMonitor.scrapeTimeout}} + scrapeTimeout: {{ .Values.monitoring.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- with .Values.monitoring.serviceMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .Values.monitoring.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.monitoring.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.monitoring.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- if .Values.monitoring.serviceMonitor.bearerTokenFile }} + bearerTokenFile: {{ .Values.monitoring.serviceMonitor.bearerTokenFile }} + {{- end }} + {{- if .Values.monitoring.serviceMonitor.bearerTokenSecret }} + bearerTokenSecret: + name: {{ .Values.monitoring.serviceMonitor.bearerTokenSecret.name }} + key: {{ .Values.monitoring.serviceMonitor.bearerTokenSecret.key }} + {{- if .Values.monitoring.serviceMonitor.bearerTokenSecret.optional }} + optional: {{ .Values.monitoring.serviceMonitor.bearerTokenSecret.optional }} + {{- end }} + {{- end }} + jobLabel: {{ template "app.fullname" . }}-prometheus-exporter +{{- end }} diff --git a/charts/home-assistant/templates/statefulset.yaml b/charts/home-assistant/templates/statefulset.yaml new file mode 100644 index 0000000..312f65a --- /dev/null +++ b/charts/home-assistant/templates/statefulset.yaml @@ -0,0 +1,141 @@ +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "app.fullname" . }} + labels: + {{- include "app.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicas }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "app.selectorLabels" . | nindent 6 }} + serviceName: {{ include "app.fullname" . }} + updateStrategy: {{ toYaml .Values.updateStrategy | nindent 4 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "app.selectorLabels" . | nindent 8 }} + {{- if .Values.podLabels }} + {{- toYaml .Values.podLabels | nindent 8 }} + {{- end }} + spec: + {{- with .Values.image.PullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} + shareProcessNamespace: {{ .Values.sidecarSingleProcessNamespace }} + serviceAccountName: {{ include "app.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.securityContext | nindent 8 }} + {{- if .Values.hostNetwork }} + hostNetwork: {{ .Values.hostNetwork }} + dnsPolicy: ClusterFirstWithHostNet + {{- end }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{- range $key, $value := .Values.extraEnv }} + - name: {{ $key | }} + value: {{ $value | }} + {{- end }} + {{- range $name, $opts := .Values.extraEnvSecrets }} + - name: {{ $name }} + valueFrom: + secretKeyRef: + name: {{ $opts.secret }} + key: {{ $opts.key }} + {{- end }} + envFrom: + {{- range .Values.extraSecretForEnvFrom }} + - secretRef: + name: {{ . }} + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + ports: + - name: http + containerPort: {{ .Values.service.httpPort }} + protocol: TCP + - name: metrics + containerPort: {{ .Values.service.metricsPort }} + protocol: TCP + {{- if .Values.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: / + port: {{ .Values.service.httpPort }} + scheme: {{ .Values.livenessProbe.scheme }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds}} + {{- end }} + {{- if .Values.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: / + port: {{ .Values.service.httpPort }} + scheme: {{ .Values.readinessProbe.scheme }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds}} + {{- end }} + volumeMounts: + - mountPath: /config + name: data + #subPath: config + {{- range .Values.hostMounts }} + {{- if .mountPath }} + - mountPath: {{ .mountPath }} + {{- else }} + - mountPath: {{ .hostPath }} + {{- end }} + name: {{ .name }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: data + {{- if .Values.persistence.enabled }} + {{- if .Values.persistence.configstorage.hostPath }} + hostPath: + path: {{.Values.persistence.configstorage.hostPath}} + {{- else }} + persistentVolumeClaim: + claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "app.fullname" . }}{{- end }} + {{- end }} + {{- else }} + emptyDir: {} + {{ end }} + {{- range .Values.hostMounts }} + - name: {{ .name }} + hostPath: + path: {{.hostPath}} + {{- if .type }} + type: {{ .type }} + {{- end }} + {{- end }} diff --git a/charts/home-assistant/values.yaml b/charts/home-assistant/values.yaml new file mode 100644 index 0000000..bed2d7f --- /dev/null +++ b/charts/home-assistant/values.yaml @@ -0,0 +1,178 @@ +image: + repository: homeassistant/home-assistant + tag: "" + pullPolicy: IfNotPresent + pullSecrets: [] + +nameOverride: "" +fullnameOverride: "" +revisionHistoryLimit: 4 +hostNetwork: false + +# strategyType: RollingUpdate + +replicas: 1 +updateStrategy: + type: RollingUpdate + # rollingUpdate: + # maxUnavailable: 0 + # maxSurge: 1 + +serviceAccount: + create: true + annotations: {} + automountServiceAccountToken: false + +podAnnotations: {} +podLabels: {} + +extraEnv: {} + +extraEnvSecrets: + # This will set ${MQTT_PASSWORD} to the 'password' key from the 'mqtt' secret + # MQTT_PASSWORD: + # secret: mqtt + # key: password + +## If you'd like to provide your own Kubernetes Secret object instead of passing your values +## individually, pass in the name of a created + populated Secret. +## All secrets will be mounted as environment variables, with each key/value mapping to a +## corresponding environment variable. +extraSecretForEnvFrom: [] +# - esphome-secrets + +podSecurityContext: + privileged: true + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + annotations: {} + # prometheus.io/scrape: "false" + # prometheus.io/port: {{ .Values.service.metricsPort }} + labels: {} + type: ClusterIP + externalIPs: [] + loadBalancerIP: "" + externalTrafficPolicy: {} + loadBalancerSourceRanges: [] + publishNotReadyAddresses: false + httpPort: "8123" + metricsPort: "9100" + +monitoring: + enabled: false + serviceMonitor: + enabled: false + labels: {} + honorLabels: true + interval: 60s + selector: {} + namespace: {} + scrapeTimeout: 10s + scheme: http + tlsConfig: {} + relabelings: [] + # - sourceLabels: [__meta_kubernetes_pod_node_name] + # separator: ; + # regex: ^(.*)$ + # target_label: nodename + # replacement: $1 + # action: replace + metricRelabelings: [] + # - action: keep + # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+' + # sourceLabels: [__name__] + bearerTokenFile: {} + # (use long lived access tokens) + bearerTokenSecret: {} + # name: + # key: + # optional: + +livenessProbe: + enabled: true + scheme: HTTP + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 6 + initialDelaySeconds: 30 +readinessProbe: + enabled: true + scheme: HTTP + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 6 + initialDelaySeconds: 30 + +ingress: + enabled: false + # className: "" + annotations: + nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" + nginx.ingress.kubernetes.io/proxy-send-timeout: "3600" + nginx.ingress.kubernetes.io/server-snippets: | + location / { + proxy_set_header Upgrade $http_upgrade; + proxy_http_version 1.1; + proxy_set_header X-Forwarded-Host $http_host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $host; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Upgrade $http_upgrade; + proxy_cache_bypass $http_upgrade; + } + hosts: + - host: hass.local + paths: + - path: / + pathType: ImplementationSpecific + tls: + [] + # - secretName: letsencrypt-staging + # hosts: + # - home-assistant.local + +resources: {} +# requests: +# cpu: "1" +# memory: "256Mi" +# limits: +# cpu: "1" +# memory: "512Mi" + +nodeSelector: + kubernetes.io/hostname: {} +affinity: {} +tolerations: [] + +persistence: + enabled: false + configstorage: + hostPath: /mnt/volume-0/apps/home-assistant + pvc: + enabled: false + # accessModes: + # - {} + # resources: + # requests: + # storage: 2Gi + # storageClassName: "" + +# Mount devices or folders from the host machine. Can be used for USB device mounting. +hostMounts: [] + # Example + # - name: cdrw + # hostPath: /dev/cdrw From 3567cb874775d3bb272a2e61d3b9c7eacbdd6f92 Mon Sep 17 00:00:00 2001 From: JacekZubielik Date: Wed, 22 May 2024 15:48:14 +0200 Subject: [PATCH 2/2] style(lint): remove blank lines --- charts/home-assistant/Chart.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/charts/home-assistant/Chart.yaml b/charts/home-assistant/Chart.yaml index 0474cab..ec72eb1 100644 --- a/charts/home-assistant/Chart.yaml +++ b/charts/home-assistant/Chart.yaml @@ -14,4 +14,3 @@ sources: - https://github.com/home-assistant/home-assistant maintainers: - name: jacekzubielik -