From 17321b5d619bc5725649179f010780675a1d2ad6 Mon Sep 17 00:00:00 2001 From: Ultradesu Date: Mon, 24 Nov 2025 16:32:00 +0200 Subject: [PATCH] Added Remnawave --- k8s/apps/remnawave/app.yaml | 21 +++++++ k8s/apps/remnawave/deployment.yaml | 71 ++++++++++++++++++++++++ k8s/apps/remnawave/external-secrets.yaml | 64 +++++++++++++++++++++ k8s/apps/remnawave/kustomization.yaml | 9 +++ k8s/apps/remnawave/redis-deployment.yaml | 71 ++++++++++++++++++++++++ k8s/apps/remnawave/servicemonitor.yaml | 21 +++++++ 6 files changed, 257 insertions(+) create mode 100644 k8s/apps/remnawave/app.yaml create mode 100644 k8s/apps/remnawave/deployment.yaml create mode 100644 k8s/apps/remnawave/external-secrets.yaml create mode 100644 k8s/apps/remnawave/kustomization.yaml create mode 100644 k8s/apps/remnawave/redis-deployment.yaml create mode 100644 k8s/apps/remnawave/servicemonitor.yaml diff --git a/k8s/apps/remnawave/app.yaml b/k8s/apps/remnawave/app.yaml new file mode 100644 index 0000000..02db2f5 --- /dev/null +++ b/k8s/apps/remnawave/app.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: remnawave + namespace: argocd +spec: + project: apps + destination: + namespace: remnawave + server: https://kubernetes.default.svc + source: + repoURL: ssh://git@gt.hexor.cy:30022/ab/homelab.git + targetRevision: HEAD + path: k8s/apps/remnawave + syncPolicy: + automated: + selfHeal: true + prune: true + syncOptions: + - CreateNamespace=true + diff --git a/k8s/apps/remnawave/deployment.yaml b/k8s/apps/remnawave/deployment.yaml new file mode 100644 index 0000000..05d0447 --- /dev/null +++ b/k8s/apps/remnawave/deployment.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: remnawave + labels: + app: remnawave + annotations: + reloader.stakater.com/auto: "true" +spec: + selector: + matchLabels: + app: remnawave + replicas: 1 + strategy: + type: RollingUpdate + template: + metadata: + labels: + app: remnawave + spec: + containers: + - name: remnawave + image: 'remnawave/backend:2' + imagePullPolicy: Always + envFrom: + - secretRef: + name: remnawave-secrets + env: + - name: REDIS_URL + value: "redis://remnawave-redis:6379" + ports: + - name: http + containerPort: 3000 + protocol: TCP + - name: metrics + containerPort: 3001 + protocol: TCP + livenessProbe: + httpGet: + path: /health + port: 3001 + initialDelaySeconds: 30 + periodSeconds: 30 + timeoutSeconds: 5 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /health + port: 3001 + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 3 + failureThreshold: 3 +--- +apiVersion: v1 +kind: Service +metadata: + name: remnawave +spec: + selector: + app: remnawave + ports: + - name: http + protocol: TCP + port: 3000 + targetPort: 3000 + - name: metrics + protocol: TCP + port: 3001 + targetPort: 3001 diff --git a/k8s/apps/remnawave/external-secrets.yaml b/k8s/apps/remnawave/external-secrets.yaml new file mode 100644 index 0000000..9c0a28b --- /dev/null +++ b/k8s/apps/remnawave/external-secrets.yaml @@ -0,0 +1,64 @@ +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: remnawave-secrets +spec: + target: + name: remnawave-secrets + deletionPolicy: Delete + template: + type: Opaque + data: + DATABASE_URL: |- + postgresql://remnawave:{{ .pg_pass }}@psql.psql.svc:5432/remnawave +# JWT_AUTH_SECRET: |- +# {{ .jwt_auth_secret }} +# JWT_API_TOKENS_SECRET: |- +# {{ .jwt_api_tokens_secret }} +# METRICS_USER: |- +# {{ .metrics_user }} +# METRICS_PASS: |- +# {{ .metrics_pass }} + + data: + - secretKey: pg_pass + sourceRef: + storeRef: + name: vaultwarden-login + kind: ClusterSecretStore + remoteRef: + key: 2a9deb39-ef22-433e-a1be-df1555625e22 + property: fields[10].value +# - secretKey: jwt_auth_secret +# sourceRef: +# storeRef: +# name: vaultwarden-login +# kind: ClusterSecretStore +# remoteRef: +# key: 35ec5880-2576-401b-a89a-3c9d56b9c1de +# property: login.password +# - secretKey: jwt_api_tokens_secret +# sourceRef: +# storeRef: +# name: vaultwarden-login +# kind: ClusterSecretStore +# remoteRef: +# key: 35ec5880-2576-401b-a89a-3c9d56b9c1de +# property: login.password +# - secretKey: metrics_user +# sourceRef: +# storeRef: +# name: vaultwarden-login +# kind: ClusterSecretStore +# remoteRef: +# key: 35ec5880-2576-401b-a89a-3c9d56b9c1de +# property: login.username +# - secretKey: metrics_pass +# sourceRef: +# storeRef: +# name: vaultwarden-login +# kind: ClusterSecretStore +# remoteRef: +# key: 35ec5880-2576-401b-a89a-3c9d56b9c1de +# property: login.password diff --git a/k8s/apps/remnawave/kustomization.yaml b/k8s/apps/remnawave/kustomization.yaml new file mode 100644 index 0000000..38a3a29 --- /dev/null +++ b/k8s/apps/remnawave/kustomization.yaml @@ -0,0 +1,9 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ./app.yaml + - ./external-secrets.yaml + - ./deployment.yaml + - ./redis-deployment.yaml + - ./servicemonitor.yaml diff --git a/k8s/apps/remnawave/redis-deployment.yaml b/k8s/apps/remnawave/redis-deployment.yaml new file mode 100644 index 0000000..9473c91 --- /dev/null +++ b/k8s/apps/remnawave/redis-deployment.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: remnawave-redis + labels: + app: remnawave-redis +spec: + selector: + matchLabels: + app: remnawave-redis + replicas: 1 + strategy: + type: RollingUpdate + template: + metadata: + labels: + app: remnawave-redis + spec: + containers: + - name: redis + image: 'valkey/valkey:8.1-alpine' + imagePullPolicy: Always + ports: + - name: redis + containerPort: 6379 + protocol: TCP + livenessProbe: + exec: + command: + - valkey-cli + - ping + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + readinessProbe: + exec: + command: + - valkey-cli + - ping + initialDelaySeconds: 5 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 3 + volumeMounts: + - name: redis-data + mountPath: /data + resources: + requests: + memory: "64Mi" + cpu: "50m" + limits: + memory: "256Mi" + cpu: "200m" + volumes: + - name: redis-data + emptyDir: {} +--- +apiVersion: v1 +kind: Service +metadata: + name: remnawave-redis +spec: + selector: + app: remnawave-redis + ports: + - name: redis + protocol: TCP + port: 6379 + targetPort: 6379 \ No newline at end of file diff --git a/k8s/apps/remnawave/servicemonitor.yaml b/k8s/apps/remnawave/servicemonitor.yaml new file mode 100644 index 0000000..75aa687 --- /dev/null +++ b/k8s/apps/remnawave/servicemonitor.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: remnawave-metrics + labels: + app: remnawave + release: prometheus +spec: + selector: + matchLabels: + app: remnawave + endpoints: + - port: metrics + path: /metrics + interval: 30s + scrapeTimeout: 10s + honorLabels: true + namespaceSelector: + matchNames: + - remnawave \ No newline at end of file