henry/HomeLabScripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ADD: update Nextcloud and Gitea configurations for domain and Docker settings; enhance Homarr deployment with resource limits and OIDC authentication

Browse Source 
Co-authored-by: Copilot <copilot@github.com>
This commit is contained in:
henry
2026-04-25 14:13:07 +02:00
parent 39079615f5
commit 1125b8b072
4 changed files with 44 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
k3s/apps/Nextcloud/manifest/nextcloud-deployment.yaml
+3 -3
View File
@@ -51,15 +51,15 @@ spec:
- name: REDIS_HOST - name: REDIS_HOST
value: redis.nextcloud.svc.cluster.local value: redis.nextcloud.svc.cluster.local
- name: NEXTCLOUD_TRUSTED_DOMAINS - name: NEXTCLOUD_TRUSTED_DOMAINS
value: "henryathome.home64.de,192.168.178.0/24,192.168.178.138,nextcloud.nextcloud.svc.cluster.local" value: "cloud.henryathome.home64.de,192.168.178.0/24,192.168.178.138,nextcloud.nextcloud.svc.cluster.local"
- name: TRUSTED_PROXIES - name: TRUSTED_PROXIES
value: "192.168.178.120" value: "192.168.178.120"
- name: OVERWRITEHOST - name: OVERWRITEHOST
value: "henryathome.home64.de" value: "cloud.henryathome.home64.de"
- name: OVERWRITEPROTOCOL - name: OVERWRITEPROTOCOL
value: "https" value: "https"
- name: OVERWRITECLIURL - name: OVERWRITECLIURL
value: "https://henryathome.home64.de" value: "https://cloud.henryathome.home64.de"
resources: resources:
requests: requests:
memory: "512Mi" memory: "512Mi"
k3s/apps/gitea/gitea-runner.yaml
+18 -2
View File
@@ -37,20 +37,28 @@ spec:
- name: GITEA_RUNNER_NAME - name: GITEA_RUNNER_NAME
value: "k3s-runner-1" value: "k3s-runner-1"
- name: GITEA_RUNNER_LABELS - name: GITEA_RUNNER_LABELS
value: "linux-x64:host,ubuntu-latest:docker://node:20-bookworm,alpine:docker://alpine:3.20" value: "linux-x64:host,ubuntu-latest:docker://catthehacker/ubuntu:act-latest,ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04,alpine:docker://alpine:3.20"
- name: GITEA_RUNNER_REGISTRATION_TOKEN - name: GITEA_RUNNER_REGISTRATION_TOKEN
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gitea-runner-secret name: gitea-runner-secret
key: GITEA_RUNNER_REGISTRATION_TOKEN key: GITEA_RUNNER_REGISTRATION_TOKEN
- name: DOCKER_HOST - name: DOCKER_HOST
value: "tcp://localhost:2375" value: "unix:///var/run/docker.sock"
command: command:
- /bin/sh - /bin/sh
- -c - -c
args: args:
- | - |
set -e set -e
until [ -S /var/run/docker.sock ]; do
echo "Waiting for Docker socket..."
sleep 2
done
if [ -f /data/.runner_labels ] && [ "$(cat /data/.runner_labels)" != "${GITEA_RUNNER_LABELS}" ]; then
rm -f /data/.runner
fi
printf '%s' "${GITEA_RUNNER_LABELS}" > /data/.runner_labels
if [ ! -f /data/.runner ]; then if [ ! -f /data/.runner ]; then
act_runner register \ act_runner register \
--no-interactive \ --no-interactive \
@@ -63,20 +71,28 @@ spec:
volumeMounts: volumeMounts:
- name: runner-data - name: runner-data
mountPath: /data mountPath: /data
- name: docker-run
mountPath: /var/run
- name: dind - name: dind
image: docker:27-dind image: docker:27-dind
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
securityContext: securityContext:
privileged: true privileged: true
args:
- --insecure-registry=gitea.gitea.svc.cluster.local
env: env:
- name: DOCKER_TLS_CERTDIR - name: DOCKER_TLS_CERTDIR
value: "" value: ""
volumeMounts: volumeMounts:
- name: docker-lib - name: docker-lib
mountPath: /var/lib/docker mountPath: /var/lib/docker
- name: docker-run
mountPath: /var/run
volumes: volumes:
- name: runner-data - name: runner-data
persistentVolumeClaim: persistentVolumeClaim:
claimName: gitea-runner-data claimName: gitea-runner-data
- name: docker-lib - name: docker-lib
emptyDir: {} emptyDir: {}
- name: docker-run
emptyDir: {}
k3s/apps/gitea/gitea.yaml
+6
View File
@@ -173,6 +173,10 @@ spec:
value: giteapassword value: giteapassword
- name: GITEA__server__ROOT_URL - name: GITEA__server__ROOT_URL
value: "https://git.henryathome.home64.de" value: "https://git.henryathome.home64.de"
- name: GITEA__server__DOMAIN
value: git.henryathome.home64.de
- name: GITEA__server__PROTOCOL
value: http
- name: GITEA__server__SSH_DOMAIN - name: GITEA__server__SSH_DOMAIN
value: git.henryathome.home64.de value: git.henryathome.home64.de
- name: GITEA__server__START_SSH_SERVER - name: GITEA__server__START_SSH_SERVER
@@ -181,6 +185,8 @@ spec:
value: "32000" value: "32000"
- name: GITEA__server__SSH_PORT - name: GITEA__server__SSH_PORT
value: "32000" value: "32000"
- name: GITEA__packages__ENABLED
value: "true"
ports: ports:
- containerPort: 3000 # HTTP - containerPort: 3000 # HTTP
- containerPort: 32000 # SSH - containerPort: 32000 # SSH
k3s/apps/homarr/homarr-deployment.yaml
+17
View File
@@ -21,7 +21,24 @@ spec:
- name: homarr - name: homarr
image: ghcr.io/homarr-labs/homarr:latest image: ghcr.io/homarr-labs/homarr:latest
imagePullPolicy: Always imagePullPolicy: Always
resources:
requests:
cpu: 100m
memory: 512Mi
limits:
cpu: 1000m
memory: 1Gi
env: env:
- name: AUTH_PROVIDERS
value: "credentials,oidc"
- name: AUTH_OIDC_ISSUER
value: "https://authentik.henryathome.home64.de/application/o/homarr/"
- name: AUTH_OIDC_CLIENT_ID
value: "gLJekZnT5uwDXqWoTolP6YyktjdTAPmSAx7EVLcK"
- name: AUTH_OIDC_CLIENT_SECRET
value: "nX9qYyvtIH1PO3FFM13dvvKakv2eovyO9pFKNDYUKF0sycM8UFl0MgGkysqG5irpFsValNb2QkBLUKCRnCIcUt3M6ztCEe4po1Qqfvr0QZHRdH8d21vSHXMMdQmjQ2WN"
- name: AUTH_OIDC_CLIENT_NAME
value: "Authentik"
- name: SECRET_ENCRYPTION_KEY - name: SECRET_ENCRYPTION_KEY
valueFrom: valueFrom:
secretKeyRef: secretKeyRef: