From 2169a03b8e662593c5166c7585b9f48df6b5c5c4 Mon Sep 17 00:00:00 2001 From: Jonathan Leech-Pepin Date: Mon, 31 Mar 2025 20:58:54 -0400 Subject: [PATCH] Switch syncthing stateful set kustomize --- kustomize/statefulset/statefulset.yaml | 1 - namespaces/apps/kustomization.yaml | 1 + namespaces/apps/syncthing/kustomization.yaml | 145 ++++++++++++++++++ .../apps/syncthing/patches/statefulset.yaml | 36 +++++ namespaces/core/syncthing.yaml | 91 ----------- 5 files changed, 182 insertions(+), 92 deletions(-) create mode 100644 namespaces/apps/syncthing/kustomization.yaml create mode 100644 namespaces/apps/syncthing/patches/statefulset.yaml delete mode 100644 namespaces/core/syncthing.yaml diff --git a/kustomize/statefulset/statefulset.yaml b/kustomize/statefulset/statefulset.yaml index 149dafd..771bfc5 100644 --- a/kustomize/statefulset/statefulset.yaml +++ b/kustomize/statefulset/statefulset.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: StatefulSet metadata: name: ss - namespace: core spec: serviceName: ss-svc replicas: 1 diff --git a/namespaces/apps/kustomization.yaml b/namespaces/apps/kustomization.yaml index 8ff9905..566a8f2 100644 --- a/namespaces/apps/kustomization.yaml +++ b/namespaces/apps/kustomization.yaml @@ -10,4 +10,5 @@ resources: - linkwarden/ - mealie/ - paperless/ + - syncthing/ - vaultwarden/ diff --git a/namespaces/apps/syncthing/kustomization.yaml b/namespaces/apps/syncthing/kustomization.yaml new file mode 100644 index 0000000..e09fa01 --- /dev/null +++ b/namespaces/apps/syncthing/kustomization.yaml @@ -0,0 +1,145 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: notImportantHere + namespace: apps + unsetOnly: true + +namePrefix: syncthing- +resources: + - ../../../kustomize/statefulset/ + +labels: + - includeSelectors: true + pairs: + app.kubernetes.io/appName: syncthing + - pairs: + app.kubernetes.io/appNamespace: apps + +patches: + - path: patches/statefulset.yaml + target: + kind: StatefulSet + name: ss + +replacements: + # Infisical Secret + - source: + kind: StatefulSet + name: ss + fieldPath: metadata.labels.[app.kubernetes.io/appNamespace] + targets: + - select: + kind: InfisicalSecret + fieldPaths: + - spec.managedSecretReference.secretNamespace + - select: + kind: InfisicalSecret + options: + delimiter: "/" + index: 1 + fieldPaths: + - spec.authentication.universalAuth.secretsScope.secretsPath + - select: + kind: InfisicalSecret + options: + delimiter: "/" + index: 2 + fieldPaths: + - spec.authentication.universalAuth.secretsScope.secretsPath + - source: + kind: StatefulSet + name: ss + fieldPath: metadata.labels.[app.kubernetes.io/appName] + targets: + - select: + kind: InfisicalSecret + options: + delimiter: "-" + index: 0 + fieldPaths: + - spec.managedSecretReference.secretName + - select: + kind: InfisicalSecret + options: + delimiter: "/" + index: 2 + fieldPaths: + - spec.authentication.universalAuth.secretsScope.secretsPath + # Service + - source: + kind: StatefulSet + name: ss + fieldPath: spec.template.spec.containers.0.ports.0.name + targets: + - select: + kind: Service + fieldPaths: + - spec.ports.0.name + - spec.ports.0.targetPort + - source: + kind: Service + targets: + - select: + kind: HTTPRoute + fieldPaths: + - spec.rules.0.backendRefs.0.name + - source: + kind: StatefulSet + name: ss + fieldPath: spec.template.spec.containers.0.ports.0.containerPort + targets: + - select: + kind: Service + fieldPaths: + - spec.ports.0.port + # HTTPRoute + - source: + kind: StatefulSet + name: ss + fieldPath: metadata.labels.[app.kubernetes.io/appName] + targets: + - select: + kind: HTTPRoute + options: + create: true + delimiter: "." + index: 0 + fieldPaths: + - spec.hostnames.0 + - source: + kind: Service + targets: + - select: + kind: HTTPRoute + fieldPaths: + - spec.rules.0.backendRefs.0.name + - source: + kind: StatefulSet + name: ss + fieldPath: spec.template.spec.containers.0.ports.0.containerPort + targets: + - select: + kind: HTTPRoute + fieldPaths: + - spec.rules.0.backendRefs.0.port + # StatefulSet + - source: + kind: StatefulSet + name: ss + fieldPath: metadata.labels.[app.kubernetes.io/appName] + targets: + - select: + kind: StatefulSet + options: + delimiter: "-" + index: 0 + fieldPaths: + - spec.volumeClaimTemplates.0.metadata.annotations.name + - spec.volumeClaimTemplates.0.metadata.name + - spec.serviceName diff --git a/namespaces/apps/syncthing/patches/statefulset.yaml b/namespaces/apps/syncthing/patches/statefulset.yaml new file mode 100644 index 0000000..f074d05 --- /dev/null +++ b/namespaces/apps/syncthing/patches/statefulset.yaml @@ -0,0 +1,36 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: app +spec: + template: + spec: + restartPolicy: Always + containers: + - name: syncthing + image: syncthing/syncthing:1.29 + ports: + - name: syncthing + containerPort: 8384 + protocol: TCP + volumeMounts: + - mountPath: /var/syncthing + name: syncthing-data + subPath: "data" + env: + - name: PUID + value: "976" + - name: PGID + value: "976" + volumeClaimTemplates: + - metadata: + name: ss-data + annotations: + name: ss-data + spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn-private + resources: + requests: + storage: 50Gi diff --git a/namespaces/core/syncthing.yaml b/namespaces/core/syncthing.yaml deleted file mode 100644 index 43e3a77..0000000 --- a/namespaces/core/syncthing.yaml +++ /dev/null @@ -1,91 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: syncthing - namespace: core -spec: - replicas: 1 - selector: - matchLabels: - name: syncthing - template: - metadata: - labels: - name: syncthing - spec: - restartPolicy: Always - containers: - - name: syncthing - image: syncthing/syncthing:1.29 - ports: - - name: http - containerPort: 8384 - protocol: TCP - volumeMounts: - - mountPath: /var/syncthing - name: syncthing-data - subPath: "data" - env: - - name: PUID - value: "976" - - name: PGID - value: "976" - volumes: - - name: syncthing-data - persistentVolumeClaim: - claimName: syncthing-data ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: syncthing-data - namespace: core -spec: - accessModes: - - ReadWriteOnce - storageClassName: longhorn-private - resources: - requests: - storage: 50Gi ---- -apiVersion: v1 -kind: Service -metadata: - name: syncthing - namespace: core -spec: - type: ClusterIP - selector: - name: syncthing - ports: - - port: 8384 - name: http - targetPort: http - protocol: TCP ---- -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: syncthing - namespace: core -spec: - parentRefs: - - name: homelab-gateway - sectionName: web - kind: Gateway - namespace: homelab - - hostnames: - - syncthing.leechpepin.local - - rules: - - matches: - - path: - type: PathPrefix - value: / - - backendRefs: - - name: syncthing - namespace: core - port: 8384