Lumpiasty/klaster
0
0
Fork 0
Code Issues Pull Requests 4 Packages Projects Releases Wiki Activity

Compare commits

base: Lumpiasty:renovate/renovate-renovate-43.x
Branches Tags
Lumpiasty:fresh-start Lumpiasty:renovate/renovate-renovate-43.x Lumpiasty:renovate/alpine-k8s-1.x Lumpiasty:renovate/open-webui-13.x Lumpiasty:renovate/cloudnative-pg-0.x Lumpiasty:renovate/renovate-renovate-41.x
...
compare: Lumpiasty:1c8ccd0fc447cb3ecd7d39e5aa8af53bc4cbcc9a
Branches Tags
Lumpiasty:renovate/renovate-renovate-43.x Lumpiasty:fresh-start Lumpiasty:renovate/alpine-k8s-1.x Lumpiasty:renovate/open-webui-13.x Lumpiasty:renovate/cloudnative-pg-0.x Lumpiasty:renovate/renovate-renovate-41.x

73 Commits
renovate/r ... 1c8ccd0fc4

Author SHA1 Message Date
Renovate Bot
1c8ccd0fc4 Update renovate/renovate Docker tag to v39.253.2 2025-04-21 10:00:40 +00:00
Lumpiasty
847fd3557b use tavily and openrouter in gpt researcher 2025-04-20 03:06:46 +02:00
Lumpiasty
d2c2f5038f change models used by gpt-researcher 2025-04-20 00:19:34 +02:00
Lumpiasty
afb9dcec65 enable support for websockets for researcher 2025-04-19 05:21:29 +02:00
Lumpiasty
ba51980cec use our own image for gpt researcher 2025-04-19 04:49:55 +02:00
Lumpiasty
e0eb26b63d add docker registry 2025-04-19 04:43:27 +02:00
Lumpiasty
eda5ba08a0 add gpt-researcher 2025-04-19 04:07:21 +02:00
Lumpiasty
318aedf89d update network config 2025-04-17 22:35:53 +02:00
Lumpiasty
a109290c18 increase ollama proxy timeout 2025-04-15 23:28:03 +02:00
Lumpiasty
46cacb339d Merge pull request 'Update renovate/renovate Docker tag to v39.240.1' (#18) from renovate/renovate-renovate-39.x into fresh-start 
Reviewed-on: #18
 2025-04-13 00:13:01 +00:00
Lumpiasty
1e7dd52721 Merge pull request 'Update Helm release ollama to v1.14.0' (#19) from renovate/ollama-1.x into fresh-start 
Reviewed-on: #19
 2025-04-13 00:12:53 +00:00
Lumpiasty
044cc37392 Merge pull request 'Update registry.k8s.io/coredns/coredns Docker tag to v1.12.1' (#20) from renovate/registry.k8s.io-coredns-coredns-1.x into fresh-start 
Reviewed-on: #20
 2025-04-13 00:07:17 +00:00
Lumpiasty
68ba891abc Merge pull request 'Update Helm release community-operator to v0.13.0' (#21) from renovate/community-operator-0.x into fresh-start 
Reviewed-on: #21
 2025-04-13 00:07:04 +00:00
Renovate Bot
81ed455ff8 Update renovate/renovate Docker tag to v39.240.1 2025-04-12 19:00:28 +00:00
Renovate Bot
b7c2da4419 Update Helm release community-operator to v0.13.0 2025-04-11 19:00:24 +00:00
Lumpiasty
4bc01e2e78 disable proxy bufferring in ollama ingress 2025-04-11 03:24:45 +02:00
Renovate Bot
94d51de471 Update registry.k8s.io/coredns/coredns Docker tag to v1.12.1 2025-04-08 20:00:30 +00:00
Renovate Bot
dc0104c55d Update Helm release ollama to v1.14.0 2025-04-08 13:00:44 +00:00
Lumpiasty
83be6619e8 deploy gitea postgres cluster 2025-04-05 22:34:57 +02:00
Lumpiasty
48ccacefdd Fix librechat kustomization typo 2025-04-05 22:12:40 +02:00
Lumpiasty
cfeef90515 Split renovate deployment to files 2025-04-05 22:11:37 +02:00
Lumpiasty
ce0bef4970 Split librechat deployment to files 2025-04-05 22:09:59 +02:00
Lumpiasty
bd5fd97ed0 split ollama deployment to files 2025-04-05 22:08:02 +02:00
Lumpiasty
52641779bc split gitea deployment to files 2025-04-05 22:01:53 +02:00
Lumpiasty
e98e02705d Move gitea kustomization to subdir 2025-04-05 20:22:29 +02:00
Lumpiasty
3c849f52f7 install cloudnativepg 2025-04-05 20:05:54 +02:00
Lumpiasty
36187fff41 Merge pull request 'Update renovate/renovate Docker tag to v39.233.3' (#15) from renovate/renovate-renovate-39.x into fresh-start 
Reviewed-on: #15
 2025-04-05 13:37:14 +00:00
Lumpiasty
1ac7504585 Merge pull request 'Update Helm release community-operator to v0.12.1' (#16) from renovate/community-operator-0.x into fresh-start 
Reviewed-on: #16
 2025-04-05 13:36:59 +00:00
Lumpiasty
879c013e89 Merge pull request 'Update Helm release ollama to v1.13.0' (#17) from renovate/ollama-1.x into fresh-start 
Reviewed-on: #17
 2025-04-05 13:36:35 +00:00
Lumpiasty
aa7fe8d3cf enable search in librechat 2025-04-05 03:56:02 +02:00
Lumpiasty
fd280f1fca add ingress to librechat 2025-04-05 03:54:11 +02:00
Lumpiasty
2ad381e35c Install librechat from different chart 2025-04-05 02:59:41 +02:00
Lumpiasty
e63a285dc3 Remove old librechat deployment 2025-04-04 23:01:49 +02:00
Renovate Bot
5336df3134 Update renovate/renovate Docker tag to v39.233.3 2025-04-04 12:00:48 +00:00
Renovate Bot
966639e3c8 Update Helm release ollama to v1.13.0 2025-04-04 04:00:32 +00:00
Renovate Bot
97924a8064 Update Helm release community-operator to v0.12.1 2025-04-01 09:00:25 +00:00
Lumpiasty
37b78f079e Add librechat 2025-04-01 02:55:59 +02:00
Lumpiasty
0d17825eab Add mongodb database for librechat 2025-04-01 00:35:50 +02:00
Lumpiasty
ffeecf65f6 Mongodb operator 2025-03-31 23:38:58 +02:00
Lumpiasty
fea49ae167 Merge pull request 'Update renovate/renovate Docker tag to v39.221.0' (#14) from renovate/renovate-renovate-39.x into fresh-start 
Reviewed-on: #14
 2025-03-30 16:31:27 +00:00
Renovate Bot
6b6e7937c1 Update renovate/renovate Docker tag to v39.221.0 2025-03-30 13:00:33 +00:00
Lumpiasty
487baa2813 vulkan support in ollama 2025-03-30 03:05:51 +02:00
Lumpiasty
fe2f79d13c Disable flux network policy 2025-03-29 23:12:35 +01:00
Lumpiasty
c3a747c03c Merge pull request 'Update renovate/renovate Docker tag to v39.220.4' (#12) from renovate/renovate-renovate-39.x into fresh-start 
Reviewed-on: #12
 2025-03-29 22:10:11 +00:00
Lumpiasty
f1f6ffb9a0 Merge pull request 'Update Helm release ollama to v1.12.0' (#13) from renovate/ollama-1.x into fresh-start 
Reviewed-on: #13
 2025-03-29 22:10:03 +00:00
Renovate Bot
e851f6ab8c Update Helm release ollama to v1.12.0 2025-03-29 17:00:29 +00:00
Renovate Bot
2ecd20c9d7 Update renovate/renovate Docker tag to v39.220.4 2025-03-29 14:00:39 +00:00
Lumpiasty
bdb3bd3234 Ollama proxy fix secret ref 2025-03-27 01:47:23 +01:00
Lumpiasty
47e957e444 add cert-manager annotation to ollama ingress 2025-03-27 01:34:23 +01:00
Lumpiasty
b2dfb2dc0b disable https for caddy 2025-03-27 01:32:37 +01:00
Lumpiasty
6ccc964c87 add ollama proxy and ingress 2025-03-27 01:30:12 +01:00
Lumpiasty
5c7b258ccf Merge pull request 'Update renovate/renovate Docker tag to v39.218.1' (#10) from renovate/renovate-renovate-39.x into fresh-start 
Reviewed-on: #10
 2025-03-26 23:13:23 +00:00
Lumpiasty
351426f055 Merge pull request 'Update Helm release gitea to v11.0.1' (#11) from renovate/gitea-11.x into fresh-start 
Reviewed-on: #11
 2025-03-26 23:12:11 +00:00
Renovate Bot
ca598f9750 Update Helm release gitea to v11.0.1 2025-03-26 18:00:58 +00:00
Renovate Bot
0cb93ce8a1 Update renovate/renovate Docker tag to v39.218.1 2025-03-26 17:00:31 +00:00
Lumpiasty
6fde991ba9 add ollama deployment 2025-03-26 02:17:53 +01:00
Lumpiasty
5f3840cc02 Reapply "Merge pull request 'Update Helm release gitea to v11' (#9) from renovate/gitea-11.x into fresh-start" 
This reverts commit d9a22723ef.
 2025-03-26 01:48:36 +01:00
Lumpiasty
d9a22723ef Revert "Merge pull request 'Update Helm release gitea to v11' (#9) from renovate/gitea-11.x into fresh-start" 
This reverts commit f97a655ad5, reversing
changes made to f36ce88026.
 2025-03-26 01:16:23 +01:00
Lumpiasty
f97a655ad5 Merge pull request 'Update Helm release gitea to v11' (#9) from renovate/gitea-11.x into fresh-start 
Reviewed-on: #9
 2025-03-26 00:07:23 +00:00
Lumpiasty
c2aacd0ef4 Remove custom gitea tag from values 2025-03-26 01:06:24 +01:00
Lumpiasty
f36ce88026 Merge pull request 'Update Helm release openebs to v4.2.0' (#7) from renovate/openebs-4.x into fresh-start 
Reviewed-on: #7
 2025-03-26 00:01:50 +00:00
Lumpiasty
d19d332b59 Merge pull request 'Update renovate/renovate Docker tag to v39.216.1' (#8) from renovate/renovate-renovate-39.x into fresh-start 
Reviewed-on: #8
 2025-03-26 00:00:00 +00:00
Lumpiasty
5cf9de7997 renovate improve yaml matching 2025-03-26 00:58:03 +01:00
Lumpiasty
3c84632a2d Merge pull request 'Update Helm release openbao to v0.10.1' (#6) from renovate/openbao-0.x into fresh-start 
Reviewed-on: #6
 2025-03-25 23:54:58 +00:00
Lumpiasty
14bcc8546c Merge pull request 'Update Helm release k8up to v4.8.4' (#4) from renovate/k8up-4.x into fresh-start 
Reviewed-on: #4
 2025-03-25 23:53:54 +00:00
Lumpiasty
ca8a63fdbe Merge pull request 'Update Helm release cert-manager to v1.17.1' (#3) from renovate/cert-manager-1.x into fresh-start 
Reviewed-on: #3
 2025-03-25 23:44:47 +00:00
Renovate Bot
3a46d17f02 Update Helm release gitea to v11 2025-03-25 23:42:27 +00:00
Renovate Bot
add851ee9e Update renovate/renovate Docker tag to v39.216.1 2025-03-25 23:42:26 +00:00
Renovate Bot
edbfd26bde Update Helm release openebs to v4.2.0 2025-03-25 23:42:25 +00:00
Renovate Bot
dea0dfb7cc Update Helm release openbao to v0.10.1 2025-03-25 23:42:24 +00:00
Renovate Bot
874fc826cd Update Helm release k8up to v4.8.4 2025-03-25 23:42:21 +00:00
Renovate Bot
33cb5c72c7 Update Helm release cert-manager to v1.17.1 2025-03-25 23:42:20 +00:00
Lumpiasty
31df54fcf0 Merge pull request 'Configure Renovate' (#2) from renovate/configure into fresh-start 
Reviewed-on: #2
 2025-03-25 23:41:34 +00:00
40 changed files with 12545 additions and 11663 deletions
Expand all files Collapse all files

33
apps/gitea/backups.yaml Normal file
View File

@@ -0,0 +1,33 @@
apiVersion: k8up.io/v1
kind: Schedule
metadata:
name: gitea-backup
namespace: gitea
spec:
backend:
# Manually adding secrets for now
repoPasswordSecretRef:
name: restic-repo
key: password
s3:
endpoint: https://s3.eu-central-003.backblazeb2.com
bucket: lumpiasty-backups
accessKeyIDSecretRef:
name: backblaze
key: keyid
secretAccessKeySecretRef:
name: backblaze
key: secret
backup:
schedule: "@daily-random"
failedJobsHistoryLimit: 2
successfulJobsHistoryLimit: 2
check:
schedule: "@daily-random"
prune:
schedule: "@daily-random"
retention:
keepLast: 14
keepDaily: 14
keepWeekly: 50
keepYearly: 10

7
apps/gitea/kustomization.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- release.yaml
- backups.yaml
- postgres-cluster.yaml

5
apps/gitea/namespace.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: gitea

12
apps/gitea/postgres-cluster.yaml Normal file
View File

@@ -0,0 +1,12 @@
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: gitea-postgresql-cluster
namespace: gitea
spec:
instances: 1
storage:
size: 10Gi
storageClass: mayastor-single-hdd

45
apps/gitea.yaml → apps/gitea/release.yaml
View File

@@ -1,9 +1,3 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: gitea
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
@@ -23,7 +17,7 @@ spec:
chart:
spec:
chart: gitea
version: 10.6.0
version: 11.0.1
sourceRef:
kind: HelmRepository
name: gitea-charts
@@ -60,9 +54,6 @@ spec:
enabled: true
storageClass: mayastor-single-hdd
image:
tag: 1.23.3
gitea:
config:
database:
@@ -111,37 +102,3 @@ spec:
resources:
requests:
cpu: 0
---
apiVersion: k8up.io/v1
kind: Schedule
metadata:
name: gitea-backup
namespace: gitea
spec:
backend:
# Manually adding secrets for now
repoPasswordSecretRef:
name: restic-repo
key: password
s3:
endpoint: https://s3.eu-central-003.backblazeb2.com
bucket: lumpiasty-backups
accessKeyIDSecretRef:
name: backblaze
key: keyid
secretAccessKeySecretRef:
name: backblaze
key: secret
backup:
schedule: "@daily-random"
failedJobsHistoryLimit: 2
successfulJobsHistoryLimit: 2
check:
schedule: "@daily-random"
prune:
schedule: "@daily-random"
retention:
keepLast: 14
keepDaily: 14
keepWeekly: 50
keepYearly: 10

8
apps/kustomization.yaml
View File

@@ -1,5 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- gitea.yaml
- renovate.yaml
- gitea
- registry
- renovate
- ollama
- librechat
- researcher

5
apps/librechat/kustomization.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- release.yaml

5
apps/librechat/namespace.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: librechat

90
apps/librechat/release.yaml Normal file
View File

@@ -0,0 +1,90 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: bat-librechat
namespace: librechat
spec:
interval: 24h
url: https://charts.blue-atlas.de
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: librechat
namespace: librechat
spec:
interval: 30m
chart:
spec:
chart: librechat
version: 1.8.9
sourceRef:
kind: HelmRepository
name: bat-librechat
values:
global:
librechat:
existingSecretName: librechat
librechat:
configEnv:
PLUGIN_MODELS: null
ALLOW_REGISTRATION: "false"
TRUST_PROXY: "1"
DOMAIN_CLIENT: https://librechat.lumpiasty.xyz
SEARCH: "true"
existingSecretName: librechat
configYamlContent: |
version: 1.0.3
endpoints:
custom:
- name: "Ollama"
apiKey: "ollama"
baseURL: "http://ollama.ollama.svc.cluster.local:11434/v1/chat/completions"
models:
default: [
"llama2",
"mistral",
"codellama",
"dolphin-mixtral",
"mistral-openorca"
]
# fetching list of models is supported but the `name` field must start
# with `ollama` (case-insensitive), as it does in this example.
fetch: true
titleConvo: true
titleModel: "current_model"
summarize: false
summaryModel: "current_model"
forcePrompt: false
modelDisplayLabel: "Ollama"
imageVolume:
enabled: true
size: 10G
accessModes: ReadWriteOnce
storageClassName: mayastor-single-hdd
ingress:
enabled: true
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt
hosts:
- host: librechat.lumpiasty.xyz
paths:
- path: /
pathType: ImplementationSpecific
tls:
- hosts:
- librechat.lumpiasty.xyz
secretName: librechat-ingress
mongodb:
persistence:
storageClass: mayastor-single-hdd
meilisearch:
persistence:
storageClass: mayastor-single-hdd
auth:
existingMasterKeySecret: librechat

68
apps/ollama/auth-proxy.yaml Normal file
View File

@@ -0,0 +1,68 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ollama-proxy
namespace: ollama
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: ollama-proxy
template:
metadata:
labels:
app.kubernetes.io/name: ollama-proxy
spec:
containers:
- name: caddy
image: caddy:2.9.1-alpine
imagePullPolicy: IfNotPresent
volumeMounts:
- mountPath: /etc/caddy
name: proxy-config
env:
- name: API_KEY
valueFrom:
secretKeyRef:
name: ollama-api-key
key: API_KEY
volumes:
- name: proxy-config
configMap:
name: ollama-proxy-config
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: ollama
name: ollama-proxy-config
data:
Caddyfile: |
http://ollama.lumpiasty.xyz {
@requireAuth {
not header Authorization "Bearer {env.API_KEY}"
}
respond @requireAuth "Unauthorized" 401
reverse_proxy ollama:11434 {
flush_interval -1
}
}
---
apiVersion: v1
kind: Service
metadata:
namespace: ollama
name: ollama-proxy
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: ollama-proxy
ports:
- name: http
port: 80
targetPort: 80
protocol: TCP

28
apps/ollama/ingress.yaml Normal file
View File

@@ -0,0 +1,28 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: ollama
name: ollama
annotations:
cert-manager.io/cluster-issuer: letsencrypt
acme.cert-manager.io/http01-edit-in-place: "true"
nginx.ingress.kubernetes.io/proxy-buffering: "false"
nginx.ingress.kubernetes.io/proxy-read-timeout: 30m
spec:
ingressClassName: nginx
rules:
- host: ollama.lumpiasty.xyz
http:
paths:
- backend:
service:
name: ollama-proxy
port:
number: 80
path: /
pathType: Prefix
tls:
- hosts:
- ollama.lumpiasty.xyz
secretName: ollama-ingress

7
apps/ollama/kustomization.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- release.yaml
- auth-proxy.yaml
- ingress.yaml

5
apps/ollama/namespace.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: ollama

60
apps/ollama/release.yaml Normal file
View File

@@ -0,0 +1,60 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: ollama-helm
namespace: ollama
spec:
interval: 24h
url: https://otwld.github.io/ollama-helm/
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: ollama
namespace: ollama
spec:
interval: 30m
chart:
spec:
chart: ollama
version: 1.14.0
sourceRef:
kind: HelmRepository
name: ollama-helm
namespace: ollama
interval: 12h
values:
ollama:
gpu:
enabled: false
persistentVolume:
enabled: true
storageClass: mayastor-single-hdd
size: 200Gi
# GPU support
# Rewrite of options in
# https://hub.docker.com/r/grinco/ollama-amd-apu
image:
repository: grinco/ollama-amd-apu
tag: vulkan
securityContext:
# Not ideal
privileged: true
capabilities:
add:
- PERFMON
volumeMounts:
- name: kfd
mountPath: /dev/kfd
- name: dri
mountPath: /dev/dri
volumes:
- name: kfd
hostPath:
path: /dev/kfd
type: CharDevice
- name: dri
hostPath:
path: /dev/dri
type: Directory

40
apps/registry/deployment.yaml Normal file
View File

@@ -0,0 +1,40 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: registry
namespace: registry
spec:
replicas: 1
selector:
matchLabels:
app: registry
template:
metadata:
labels:
app: registry
spec:
containers:
- name: registry
image: registry:3.0.0
ports:
- containerPort: 5000
volumeMounts:
- name: data
mountPath: /var/lib/registry
volumes:
- name: data
persistentVolumeClaim:
claimName: registry-data
---
apiVersion: v1
kind: Service
metadata:
name: registry-service
namespace: registry
spec:
selector:
app: registry
ports:
- protocol: TCP
port: 80
targetPort: 5000

26
apps/registry/ingress.yaml Normal file
View File

@@ -0,0 +1,26 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: registry
name: registry
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.org/client-max-body-size: "0"
spec:
ingressClassName: nginx
rules:
- host: registry.lumpiasty.xyz
http:
paths:
- backend:
service:
name: registry-service
port:
number: 80
path: /
pathType: Prefix
tls:
- hosts:
- registry.lumpiasty.xyz
secretName: researcher-ingress

8
apps/registry/kustomization.yaml Normal file
View File

@@ -0,0 +1,8 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- volume.yaml
- deployment.yaml
- ingress.yaml

5
apps/registry/namespace.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: registry

13
apps/registry/volume.yaml Normal file
View File

@@ -0,0 +1,13 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: registry-data
namespace: registry
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 50Gi
storageClassName: mayastor-single-hdd

7
apps/renovate.yaml → apps/renovate/cronjob.yaml
View File

@@ -1,9 +1,4 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: renovate
---
apiVersion: batch/v1
kind: CronJob
metadata:
@@ -20,7 +15,7 @@ spec:
- name: renovate
# Update this to the latest available and then enable Renovate on
# the manifest
image: renovate/renovate:39.215.2-full
image: renovate/renovate:39.253.2-full
envFrom:
- secretRef:
name: renovate-env

5
apps/renovate/kustomization.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- cronjob.yaml

5
apps/renovate/namespace.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: renovate

73
apps/researcher/deployment.yaml Normal file
View File

@@ -0,0 +1,73 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: gpt-resercher
namespace: gpt-researcher
spec:
replicas: 1
selector:
matchLabels:
app: gpt-resercher
template:
metadata:
labels:
app: gpt-resercher
spec:
imagePullPolicy: Always
containers:
- name: gpt-resercher
image: registry.lumpiasty.xyz/gpt-researcher:latest
ports:
- containerPort: 8000
resources:
requests:
cpu: "2"
memory: "4Gi"
limits:
cpu: "3"
memory: "5Gi"
env:
- name: OPENAI_BASE_URL
value: https://openrouter.ai/api/v1
- name: OPENROUTER_API_KEY
valueFrom:
secretKeyRef:
name: openrouter
key: OPENROUTER_API_KEY
- name: OPENROUTER_LIMIT_RPS
value: "1"
- name: FAST_LLM
value: openrouter:google/gemini-2.0-flash-lite-001
- name: SMART_LLM
value: openrouter:google/gemini-2.5-flash-preview
- name: STRATEGIC_LLM
value: openrouter:google/gemini-2.5-flash-preview
- name: OLLAMA_BASE_URL
value: "http://ollama.ollama.svc.cluster.local:11434"
- name: EMBEDDING
value: "ollama:nomic-embed-text"
- name: RETRIEVER
value: tavily
- name: SCRAPER
value: tavily_extract
- name: TAVILY_API_KEY
valueFrom:
secretKeyRef:
name: tavily
key: TAVILY_API_KEY
---
apiVersion: v1
kind: Service
metadata:
name: gpt-resercher-service
namespace: gpt-researcher
spec:
selector:
app: gpt-resercher
ports:
- protocol: TCP
port: 80
targetPort: 8000

29
apps/researcher/ingress.yaml Normal file
View File

@@ -0,0 +1,29 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: gpt-researcher
name: researcher
annotations:
cert-manager.io/cluster-issuer: letsencrypt
acme.cert-manager.io/http01-edit-in-place: "true"
nginx.ingress.kubernetes.io/proxy-buffering: "false"
nginx.ingress.kubernetes.io/proxy-read-timeout: 30m
nginx.org/websocket-services: "gpt-resercher-service"
spec:
ingressClassName: nginx
rules:
- host: researcher.lumpiasty.xyz
http:
paths:
- backend:
service:
name: gpt-resercher-service
port:
number: 80
path: /
pathType: Prefix
tls:
- hosts:
- researcher.lumpiasty.xyz
secretName: researcher-ingress

7
apps/researcher/kustomization.yaml Normal file
View File

@@ -0,0 +1,7 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- deployment.yaml
- ingress.yaml

5
apps/researcher/namespace.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: gpt-researcher

23491
cluster/flux-system/gotk-components.yaml
View File

File diff suppressed because it is too large Load Diff

2
infra/controllers/cert-manager.yaml
View File

@@ -23,7 +23,7 @@ spec:
chart:
spec:
chart: cert-manager
version: 1.17.0
version: v1.17.1
sourceRef:
kind: HelmRepository
name: cert-manager

31
infra/controllers/cloudnative-pg.yaml Normal file
View File

@@ -0,0 +1,31 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: cnpg-system
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: cnpg
namespace: cnpg-system
spec:
interval: 24h
url: https://cloudnative-pg.github.io/charts
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: cnpg
namespace: cnpg-system
spec:
interval: 30m
chart:
spec:
chart: cloudnative-pg
version: 0.23.2
sourceRef:
kind: HelmRepository
name: cnpg
namespace: cnpg-system
interval: 12h

2
infra/controllers/dns-public.yaml
View File

@@ -97,7 +97,7 @@ spec:
env:
- name: GOMEMLIMIT
value: 161MiB
image: registry.k8s.io/coredns/coredns:v1.12.0
image: registry.k8s.io/coredns/coredns:v1.12.1
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 5

2
infra/controllers/k8up.yaml
View File

@@ -23,7 +23,7 @@ spec:
chart:
spec:
chart: k8up
version: 4.8.3
version: 4.8.4
sourceRef:
kind: HelmRepository
name: k8up-io

33
infra/controllers/mongodb-operator.yaml Normal file
View File

@@ -0,0 +1,33 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: mongodb
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: mongodb
namespace: mongodb
spec:
interval: 24h
url: https://mongodb.github.io/helm-charts
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: mongodb-operator
namespace: mongodb
spec:
interval: 30m
chart:
spec:
chart: community-operator
version: 0.13.0
sourceRef:
kind: HelmRepository
name: mongodb
namespace: mongodb
values:
operator:
watchNamespace: "*"

3
infra/controllers/nginx.yaml
View File

@@ -54,3 +54,6 @@ spec:
lbipam.cilium.io/sharing-key: gitea
lbipam.cilium.io/sharing-cross-namespace: gitea
lbipam.cilium.io/ips: 10.44.0.0,2001:470:61a3:400::1
config:
entries:
proxy-buffering: "false"

2
infra/controllers/openbao.yaml
View File

@@ -23,7 +23,7 @@ spec:
chart:
spec:
chart: openbao
version: 0.8.1
version: 0.10.1
sourceRef:
kind: HelmRepository
name: openbao

2
infra/controllers/openebs.yaml
View File

@@ -23,7 +23,7 @@ spec:
chart:
spec:
chart: openebs
version: 4.1.3
version: 4.2.0
sourceRef:
kind: HelmRepository
name: openebs

2
infra/kustomization.yaml
View File

@@ -10,6 +10,8 @@ resources:
- controllers/openebs.yaml
- controllers/k8up.yaml
- controllers/openbao.yaml
- controllers/mongodb-operator.yaml
- controllers/cloudnative-pg.yaml
- diskpools/anapistula-delrosalae-hdd.yaml
- configs/bgp-cluster-config.yaml
- configs/loadbalancer-ippool.yaml

16
monke/gpt-researcher.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: v1
kind: Secret
metadata:
name: tavily
namespace: gpt-researcher
stringData:
TAVILY_API_KEY: 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
---
apiVersion: v1
kind: Secret
metadata:
name: openrouter
namespace: gpt-researcher
stringData:
OPENROUTER_API_KEY: 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

8
renovate.json
View File

@@ -1,10 +1,14 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"kubernetes": {
"fileMatch": ["\\.yaml$"]
"fileMatch": ["infra/.+\\.yaml$", "apps/.+\\.yaml$"]
},
"flux": {
"fileMatch": ["infra/.+\\.yaml$", "apps/.+\\.yaml$"]
"fileMatch": [
"infra/.+\\.yaml$",
"apps/.+\\.yaml$",
"gotk-components\\.ya?ml$"
]
},
"prHourlyLimit": 9
}

2
talos/patches/anapistula-delrosalae.patch
View File

@@ -1,7 +1,7 @@
machine:
network:
interfaces:
- interface: enp4s0
- interface: enp5s0
addresses:
- 2001:470:61a3:100::3/64
- 192.168.1.35/24

11
talos/patches/ollama.patch Normal file
View File

@@ -0,0 +1,11 @@
# CSI driver requirement
cluster:
apiServer:
admissionControl:
- name: PodSecurity
configuration:
apiVersion: pod-security.admission.config.k8s.io/v1beta1
kind: PodSecurityConfiguration
exemptions:
namespaces:
- ollama