feat: add gts-robo

kube/clusters/biohazard/flux/kustomization.yaml

@@ -88,7 +88,7 @@ resources:
   - ../../../deploy/apps/excalidraw/
   - ../../../deploy/apps/velociraptor/
   - ../../../deploy/apps/gotosocial/
-  - ../../../deploy/apps/gotosocial-valetudo/
+  - ../../../deploy/apps/gts-robo/
   - ../../../deploy/apps/ntfy/
   - ../../../deploy/apps/satisfactory/
   # - ../../../deploy/apps/headscale/

kube/deploy/apps/gotosocial-valetudo/ks.yaml

@@ -1,14 +0,0 @@
----
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: gotosocial-valetudo-app
-  namespace: flux-system
-  labels: &l
-    app.kubernetes.io/name: "gotosocial-valetudo"
-spec:
-  targetNamespace: "gotosocial-valetudo"
-  commonMetadata:
-    labels: *l
-  path: ./kube/deploy/apps/gotosocial-valetudo/app
-  dependsOn: []

kube/deploy/apps/gts-robo/app/crunchy.yaml

@@ -3,8 +3,8 @@
 apiVersion: postgres-operator.crunchydata.com/v1beta1
 kind: PostgresCluster
 metadata:
-  name: &name "pg-gotosocial-valetudo"
-  namespace: "gotosocial-valetudo"
+  name: &name "pg-gts-robo"
+  namespace: "gts-robo"
 spec:
   postgresVersion: 16
   # patroni: # turn on sync writes to at least 1 other replica
@@ -53,9 +53,9 @@ spec:
           s3.home.arpa/store: "rgw-${CLUSTER_NAME}"
       configuration: &brcfg
         - secret:
-            name: "pg-gotosocial-valetudo-secrets"
+            name: "pg-gts-robo-secrets"
         - secret:
-            name: "pg-gotosocial-valetudo-s3-crunchy"
+            name: "pg-gts-robo-s3-crunchy"
       global: &brflag
         archive-timeout: "60"
         compress-type: "bz2"
@@ -73,7 +73,7 @@ spec:
         - name: "repo3" # Ceph RGW in-cluster
           s3: &rgw
             endpoint: "${APP_DNS_RGW_HTTPS}" # trailing dot to prevent ndots
-            bucket: "pg-gotosocial-valetudo"
+            bucket: "pg-gts-robo"
             region: "us-east-1"
           schedules: # times staggered to avoid NFS schedule causing failed jobs due to locks
             full: "15 6 * * 1" # every Monday at 06:15

kube/deploy/apps/gts-robo/app/netpol.yaml

@@ -3,12 +3,12 @@
 apiVersion: cilium.io/v2
 kind: CiliumNetworkPolicy
 metadata:
-  name: "pg-gotosocial-valetudo"
-  namespace: &app "gotosocial-valetudo"
+  name: "pg-gts-robo"
+  namespace: &app "gts-robo"
 spec:
   endpointSelector: &crunchy
     matchLabels:
-      postgres-operator.crunchydata.com/cluster: "pg-gotosocial-valetudo"
+      postgres-operator.crunchydata.com/cluster: "pg-gts-robo"
   ingress:
     # allow Postgres pods to talk to each other
     - fromEndpoints: [*crunchy]

kube/deploy/apps/gts-robo/app/s3.yaml

@@ -2,28 +2,28 @@
 apiVersion: objectbucket.io/v1alpha1
 kind: ObjectBucketClaim
 metadata:
-  name: gotosocial-valetudo-media-s3
-  namespace: gotosocial-valetudo
+  name: gts-robo-media-s3
+  namespace: gts-robo
 spec:
-  bucketName: "gotosocial-valetudo-media"
+  bucketName: "gts-robo-media"
   storageClassName: "rgw-${CLUSTER_NAME}"
 ---
 apiVersion: objectbucket.io/v1alpha1
 kind: ObjectBucketClaim
 metadata:
-  name: "pg-gotosocial-valetudo-s3"
-  namespace: "gotosocial-valetudo"
+  name: "pg-gts-robo-s3"
+  namespace: "gts-robo"
   labels:
     kustomize.toolkit.fluxcd.io/prune: "Disabled"
 spec:
-  bucketName: "pg-gotosocial-valetudo"
+  bucketName: "pg-gts-robo"
   storageClassName: "rgw-${CLUSTER_NAME}"
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
   name: "external-secrets-kubernetes-provider"
-  namespace: "gotosocial-valetudo"
+  namespace: "gts-robo"
 rules:
   - apiGroups: [""]
     resources: ["secrets"]
@@ -36,7 +36,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   name: &name "external-secrets-kubernetes-provider"
-  namespace: "gotosocial-valetudo"
+  namespace: "gts-robo"
 roleRef:
   apiGroup: "rbac.authorization.k8s.io"
   kind: "Role"
@@ -49,13 +49,13 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: "external-secrets-kubernetes-provider"
-  namespace: "gotosocial-valetudo"
+  namespace: "gts-robo"
 ---
 apiVersion: external-secrets.io/v1beta1
 kind: SecretStore
 metadata:
-  name: "kubernetes-gotosocial-valetudo"
-  namespace: &ns "gotosocial-valetudo"
+  name: "kubernetes-gts-robo"
+  namespace: &ns "gts-robo"
 spec:
   provider:
     kubernetes:
@@ -74,15 +74,15 @@ spec:
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret
 metadata:
-  name: &name "pg-gotosocial-valetudo-s3"
-  namespace: "gotosocial-valetudo"
+  name: &name "pg-gts-robo-s3"
+  namespace: "gts-robo"
 spec:
   refreshInterval: "1m"
   secretStoreRef:
     kind: "SecretStore"
-    name: "kubernetes-gotosocial-valetudo"
+    name: "kubernetes-gts-robo"
   target:
-    name: "pg-gotosocial-valetudo-s3-crunchy"
+    name: "pg-gts-robo-s3-crunchy"
     creationPolicy: "Owner"
     deletionPolicy: "Retain"
     template:

kube/deploy/apps/gts-robo/ks.yaml

@@ -0,0 +1,14 @@
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: gts-robo-app
+  namespace: flux-system
+  labels: &l
+    app.kubernetes.io/name: "gts-robo"
+spec:
+  targetNamespace: "gts-robo"
+  commonMetadata:
+    labels: *l
+  path: ./kube/deploy/apps/gts-robo/app
+  dependsOn: []

kube/deploy/apps/gts-robo/ns.yaml

@@ -2,7 +2,7 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: gotosocial-valetudo
+  name: gts-robo
   labels:
     kustomize.toolkit.fluxcd.io/prune: disabled
     pod-security.kubernetes.io/enforce: &ps restricted