From b31f0dc3aa04ba9d4f51d1e77a680dd1a123abfa Mon Sep 17 00:00:00 2001 From: Martyn Date: Tue, 27 Jan 2026 19:51:22 +0100 Subject: [PATCH] adding actual --- apps-kustomized/actual/backup-creds.yaml | 8 +++ apps-kustomized/actual/backup-repo.yaml | 7 +++ apps-kustomized/actual/backup-schedule.yaml | 27 ++++++++++ apps-kustomized/actual/deploy.yaml | 60 +++++++++++++++++++++ apps-kustomized/actual/ing.yaml | 27 ++++++++++ apps-kustomized/actual/pvc.yaml | 13 +++++ apps-kustomized/actual/svc.yaml | 13 +++++ 7 files changed, 155 insertions(+) create mode 100644 apps-kustomized/actual/backup-creds.yaml create mode 100644 apps-kustomized/actual/backup-repo.yaml create mode 100644 apps-kustomized/actual/backup-schedule.yaml create mode 100644 apps-kustomized/actual/deploy.yaml create mode 100644 apps-kustomized/actual/ing.yaml create mode 100644 apps-kustomized/actual/pvc.yaml create mode 100644 apps-kustomized/actual/svc.yaml diff --git a/apps-kustomized/actual/backup-creds.yaml b/apps-kustomized/actual/backup-creds.yaml new file mode 100644 index 0000000..c53cc04 --- /dev/null +++ b/apps-kustomized/actual/backup-creds.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: backup-creds +data: + accesskey: UUtJNkVONFJQNjhJWTJKQko1R1U= + secretkey: bzVSN2QxK2pxNkJScHF5Ri9GUGdhRm5XZXdKU3YxNjE1SWYzMHl0Vw== +type: Opaque diff --git a/apps-kustomized/actual/backup-repo.yaml b/apps-kustomized/actual/backup-repo.yaml new file mode 100644 index 0000000..b6cbc6c --- /dev/null +++ b/apps-kustomized/actual/backup-repo.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: backup-repo +data: + password: MTkyNzY5MTJlNGJiOTQyZmU1MGE3MGEyNjlhNjA1NmE= +type: Opaque diff --git a/apps-kustomized/actual/backup-schedule.yaml b/apps-kustomized/actual/backup-schedule.yaml new file mode 100644 index 0000000..71b3cee --- /dev/null +++ b/apps-kustomized/actual/backup-schedule.yaml @@ -0,0 +1,27 @@ +apiVersion: k8up.io/v1 +kind: Schedule +metadata: + name: backup-actual +spec: + backend: + repoPasswordSecretRef: + key: password + name: backup-repo + s3: + accessKeyIDSecretRef: + key: accesskey + name: backup-creds + bucket: k3sup-backups-armnleg + endpoint: http://s3.s3:8333 + secretAccessKeySecretRef: + key: secretkey + name: backup-creds + backup: + failedJobsHistoryLimit: 2 + schedule: 3 5 * * * + successfulJobsHistoryLimit: 2 + prune: + retention: + keepDaily: 14 + keepLast: 5 + schedule: 0 1 * * 0 diff --git a/apps-kustomized/actual/deploy.yaml b/apps-kustomized/actual/deploy.yaml new file mode 100644 index 0000000..af1b827 --- /dev/null +++ b/apps-kustomized/actual/deploy.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: actual + name: actual +spec: + replicas: 1 + selector: + matchLabels: + app: actual + strategy: + type: Recreate + template: + metadata: + creationTimestamp: null + labels: + app: actual + spec: + enableServiceLinks: false + containers: + - env: + - name: ACTUAL_OPENID_CLIENT_ID + value: "92c919af43ed3d82a9cfd281f7e16355" + - name: ACTUAL_OPENID_CLIENT_SECRET + value: "6a98e994d036d7c3fe9fecfe918aac89b072be8747cd6952dc1328c63aee9925" + - name: ACTUAL_OPENID_SERVER_HOSTNAME + value: "https://auth.martyn.berlin" + - name: ACTUAL_OPENID_AUTHORIZATION_ENDPOINT + value: "https://auth.martyn.berlin/oauth2/outhorize" + - name: ACTUAL_OPENID_TOKEN_ENDPOINT + value: "https://auth.martyn.berlin/oauth2/token" + - name: ACTUAL_OPENID_USERINFO_ENDPOINT + value: "https://auth.martyn.berlin/oauth2/userinfo" + - name: ACTUAL_OPENID_AUTH_METHOD + value: "oauth2" + image: docker.io/actualbudget/actual-server:25.9.0 + imagePullPolicy: IfNotPresent + name: actual + ports: + - containerPort: 5006 + name: http + protocol: TCP + resources: + requests: + cpu: 25m + memory: "920733364" + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + terminationGracePeriodSeconds: 30 + volumes: + - name: data + persistentVolumeClaim: + claimName: actual-data diff --git a/apps-kustomized/actual/ing.yaml b/apps-kustomized/actual/ing.yaml new file mode 100644 index 0000000..63b8cfd --- /dev/null +++ b/apps-kustomized/actual/ing.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + cert-manager.io/cluster-issuer: letsencrypt + external-dns.alpha.kubernetes.io/target: armnleg.martyn.berlin + nginx.ingress.kubernetes.io/auth-signin: https://homeauth.martyn.berlin/oauth2/start?rd=https://$host$escaped_request_uri + nginx.ingress.kubernetes.io/auth-url: https://homeauth.martyn.berlin/oauth2/auth + labels: + app.kubernetes.io/name: actual + name: actual +spec: + ingressClassName: nginx + rules: + - host: actual.martyn.berlin + http: + paths: + - backend: + service: + name: actual + port: + number: 5006 + path: / + pathType: Prefix + tls: + - hosts: + - actual.martyn.berlin diff --git a/apps-kustomized/actual/pvc.yaml b/apps-kustomized/actual/pvc.yaml new file mode 100644 index 0000000..5d22d9b --- /dev/null +++ b/apps-kustomized/actual/pvc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: actual-data + annotations: + k8up.io/backup: "true" +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: longhorn-fast diff --git a/apps-kustomized/actual/svc.yaml b/apps-kustomized/actual/svc.yaml new file mode 100644 index 0000000..7360c8b --- /dev/null +++ b/apps-kustomized/actual/svc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: actual + name: actual +spec: + ports: + - port: 80 + targetPort: 5006 + selector: + app: actual + type: LoadBalancer