commit e9a772adbb9ae24d49382e39641e8718662cbf4a Author: Tanguy Herbron Date: Mon Feb 24 21:02:28 2025 +0100 feat: Initial commit diff --git a/README.md b/README.md new file mode 100644 index 0000000..e69de29 diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..a62f1e4 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,42 @@ +version: "3.7" +services: + mealie: + image: ghcr.io/mealie-recipes/mealie:v1.2.0 # + container_name: mealie + ports: + - "9000:9000" + deploy: + resources: + limits: + memory: 1000M + depends_on: + - postgres + volumes: + - ./data/mealie:/app/data/ + environment: + # Set Backend ENV Variables Here + - ALLOW_SIGNUP=false + - PUID=1000 + - PGID=1000 + - TZ=Europe/Copenhagen + - MAX_WORKERS=1 + - WEB_CONCURRENCY=1 + - BASE_URL=https://recipes.halis.io + # Database Settings + - DB_ENGINE=postgres + - POSTGRES_USER=mealie + - POSTGRES_PASSWORD=password + - POSTGRES_SERVER=postgres + - POSTGRES_PORT=5432 + - POSTGRES_DB=mealie + restart: unless-stopped + + postgres: + container_name: postgres + image: postgres:15 + restart: unless-stopped + volumes: + - ./data/db:/var/lib/postgresql/data + environment: + POSTGRES_PASSWORD: password + POSTGRES_USER: mealie diff --git a/manifests/database-backup.yaml b/manifests/database-backup.yaml new file mode 100644 index 0000000..fc297cd --- /dev/null +++ b/manifests/database-backup.yaml @@ -0,0 +1,10 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: ScheduledBackup +metadata: + name: mealie-db-backup + namespace: mealie +spec: + schedule: "0 0 0 * * *" + backupOwnerReference: self + cluster: + name: mealie-db diff --git a/manifests/database.yaml b/manifests/database.yaml new file mode 100644 index 0000000..eb3807c --- /dev/null +++ b/manifests/database.yaml @@ -0,0 +1,53 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: mealie-db + namespace: mealie + +spec: + imageName: ghcr.io/cloudnative-pg/postgresql:15.3 + instances: 3 + + storage: + size: 1Gi + storageClass: local-path + + bootstrap: + initdb: + database: mealie + owner: mealie + secret: + name: mealie-db + + postgresql: + pg_hba: + - host all all all md5 + + backup: + barmanObjectStore: + destinationPath: "s3://halis/cloudnativepg" + endpointURL: https://s3.halia.dev + s3Credentials: + accessKeyId: + name: s3-secret + key: AWS_ACCESS_KEY_ID + secretAccessKey: + name: s3-secret + key: AWS_SECRET_ACCESS_KEY + region: + name: s3-secret + key: AWS_REGION + wal: + compression: gzip + maxParallel: 8 + + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 500m + memory: 500Mi + + monitoring: + enablePodMonitor: true diff --git a/manifests/deployment.yaml b/manifests/deployment.yaml new file mode 100644 index 0000000..632791e --- /dev/null +++ b/manifests/deployment.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mealie + namespace: mealie +spec: + replicas: 1 + selector: + matchLabels: + app: mealie + template: + metadata: + labels: + app: mealie + spec: + containers: + - name: mealie + image: ghcr.io/mealie-recipes/mealie:v1.2.0 + ports: + - containerPort: 9000 + env: + - name: ALLOW_SIGNUP + value: "false" + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: TZ + value: "Europe/Copenhagen" + - name: MAX_WORKERS + value: "1" + - name: WEB_CONCURRENCY + value: "1" + - name: BASE_URL + value: "https://recipes.halis.io" + - name: DB_ENGINE + value: "postgres" + - name: POSTGRES_SERVER + value: "mealie-db-rw.mealie.svc.cluster.local" + - name: POSTGRES_DB + value: "mealie" + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: mealie-db + key: username + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: mealie-db + key: password + volumeMounts: + - mountPath: "/app/data" + name: mealie-data + volumes: + - name: mealie-data + persistentVolumeClaim: + claimName: mealie-pvc diff --git a/manifests/ingress.yaml b/manifests/ingress.yaml new file mode 100644 index 0000000..2a5f063 --- /dev/null +++ b/manifests/ingress.yaml @@ -0,0 +1,29 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: mealie-ingress + namespace: mealie + annotations: + cert-manager.io/cluster-issuer: letsencrypt-production + kubernetes.io/ingress.class: nginx-external + acme.cert-manager.io/http01-edit-in-place: "true" + nginx.ingress.kubernetes.io/proxy-body-size: "0" + nginx.ingress.kubernetes.io/proxy-read-timeout: "600" + nginx.ingress.kubernetes.io/proxy-send-timeout: "600" +spec: + tls: + - hosts: + - recipes.halis.io + secretName: recipes-halis-io-tls + ingressClassName: nginx-external + rules: + - host: recipes.halis.io + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: mealie-svc + port: + number: 80 diff --git a/manifests/kustomization.yaml b/manifests/kustomization.yaml new file mode 100644 index 0000000..244bb23 --- /dev/null +++ b/manifests/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - namespace.yaml + - secrets.yaml + - database.yaml + - database-backup.yaml + - service.yaml + - ingress.yaml + - pvc.yaml + - deployment.yaml diff --git a/manifests/namespace.yaml b/manifests/namespace.yaml new file mode 100644 index 0000000..b1b63f8 --- /dev/null +++ b/manifests/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: mealie diff --git a/manifests/pvc.yaml b/manifests/pvc.yaml new file mode 100644 index 0000000..8869597 --- /dev/null +++ b/manifests/pvc.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mealie-pvc + namespace: mealie + labels: + recurring-job.longhorn.io/source: enabled + recurring-job-group.longhorn.io/standard-pvc: enabled +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + storageClassName: redundant-storage-class diff --git a/manifests/secrets.yaml b/manifests/secrets.yaml new file mode 100644 index 0000000..98d5525 --- /dev/null +++ b/manifests/secrets.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: mealie-secrets + namespace: argocd +spec: + project: default + source: + repoURL: https://git.halis.io/athens-school/k3s-secrets + targetRevision: prod-migration + path: mealie + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=false + - ApplyOutOfSyncOnly=true + - PruneLast=true + destination: + server: https://kubernetes.default.svc + namespace: mealie diff --git a/manifests/service.yaml b/manifests/service.yaml new file mode 100644 index 0000000..31b054e --- /dev/null +++ b/manifests/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mealie-svc + namespace: mealie + labels: + app.kubernetes.io/name: mealie +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 9000 + selector: + app: mealie