From a958b153c490573ea816ab42bed8d2bd5afd18cd Mon Sep 17 00:00:00 2001 From: gwg313 Date: Mon, 5 Jan 2026 12:22:59 -0500 Subject: [PATCH] add focalboard Signed-off-by: gwg313 --- apps/focalboard.yaml | 20 ++++++++++++++++ focalboard/certificate.yaml | 14 +++++++++++ focalboard/configmap.yaml | 27 +++++++++++++++++++++ focalboard/deployment.yaml | 37 +++++++++++++++++++++++++++++ focalboard/gateway.yaml | 20 ++++++++++++++++ focalboard/iscsi-secret-sealed.yaml | 19 +++++++++++++++ focalboard/namespace.yaml | 4 ++++ focalboard/service.yaml | 11 +++++++++ focalboard/storage.yaml | 36 ++++++++++++++++++++++++++++ focalboard/virtualservice.yaml | 21 ++++++++++++++++ 10 files changed, 209 insertions(+) create mode 100644 apps/focalboard.yaml create mode 100644 focalboard/certificate.yaml create mode 100644 focalboard/configmap.yaml create mode 100644 focalboard/deployment.yaml create mode 100644 focalboard/gateway.yaml create mode 100644 focalboard/iscsi-secret-sealed.yaml create mode 100644 focalboard/namespace.yaml create mode 100644 focalboard/service.yaml create mode 100644 focalboard/storage.yaml create mode 100644 focalboard/virtualservice.yaml diff --git a/apps/focalboard.yaml b/apps/focalboard.yaml new file mode 100644 index 0000000..6699097 --- /dev/null +++ b/apps/focalboard.yaml @@ -0,0 +1,20 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: focalboard + namespace: argocd +spec: + project: default + source: + repoURL: https://github.com/gwg313/homelab-gitops + targetRevision: main + path: focalboard + destination: + server: https://kubernetes.default.svc + namespace: focalboard + syncPolicy: + automated: + selfHeal: true + prune: true + syncOptions: + - CreateNamespace=true diff --git a/focalboard/certificate.yaml b/focalboard/certificate.yaml new file mode 100644 index 0000000..35dcc80 --- /dev/null +++ b/focalboard/certificate.yaml @@ -0,0 +1,14 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: focalboard-cert + namespace: istio-system +spec: + secretName: focalboard-cert + issuerRef: + name: letsencrypt-dns + kind: ClusterIssuer + dnsNames: + - pm.local.gwg313.xyz + - pm.gwg313.xyz + - pm.zerotier.gwg313.xyz diff --git a/focalboard/configmap.yaml b/focalboard/configmap.yaml new file mode 100644 index 0000000..f5a6722 --- /dev/null +++ b/focalboard/configmap.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: focalboard-config + namespace: focalboard +data: + config.json: | + { + "serverRoot": "https://pm.gwg313.xyz", + "port": 8000, + + "dbtype": "sqlite3", + "dbconfig": "/opt/focalboard/data/focalboard.db", + + "useSSL": false, + "webpath": "./pack", + "filespath": "/data/files", + + "telemetry": false, + "prometheusaddress": ":9092", + + "session_expire_time": 2592000, + "session_refresh_time": 18000, + + "localOnly": false, + "enableLocalMode": false + } diff --git a/focalboard/deployment.yaml b/focalboard/deployment.yaml new file mode 100644 index 0000000..633092e --- /dev/null +++ b/focalboard/deployment.yaml @@ -0,0 +1,37 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: focalboard + namespace: focalboard +spec: + replicas: 1 + selector: + matchLabels: + app: focalboard + template: + metadata: + labels: + app: focalboard + spec: + enableServiceLinks: false + containers: + - name: focalboard + image: mattermost/focalboard:latest + ports: + - containerPort: 8000 + volumeMounts: + - name: data + mountPath: /data + - name: config + mountPath: /opt/focalboard/config.json + subPath: config.json + env: + - name: FB_PORT + value: "8000" + volumes: + - name: data + persistentVolumeClaim: + claimName: focalboard-data + - name: config + configMap: + name: focalboard-config diff --git a/focalboard/gateway.yaml b/focalboard/gateway.yaml new file mode 100644 index 0000000..5df27e6 --- /dev/null +++ b/focalboard/gateway.yaml @@ -0,0 +1,20 @@ +apiVersion: networking.istio.io/v1beta1 +kind: Gateway +metadata: + name: focalboard-gateway + namespace: focalboard +spec: + selector: + istio: gateway + servers: + - port: + number: 443 + name: https + protocol: HTTPS + tls: + mode: SIMPLE + credentialName: focalboard-cert + hosts: + - pm.local.gwg313.xyz + - pm.gwg313.xyz + - pm.zerotier.gwg313.xyz diff --git a/focalboard/iscsi-secret-sealed.yaml b/focalboard/iscsi-secret-sealed.yaml new file mode 100644 index 0000000..e495c7b --- /dev/null +++ b/focalboard/iscsi-secret-sealed.yaml @@ -0,0 +1,19 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: focalboard-iscsi-auth + namespace: focalboard +spec: + encryptedData: + discovery.sendtargets.auth.password: AgCQ43B6UutDThhw5gfI74RhhNAcBJkzeoeKMsnzYmMo8Mjz8XV7mNKFR6iWmyJ6FAI55Wt0pNTZi2KFtDCkGXB2isAarmtPdYUajWT6Naum3YFd3fKvNmx/Hk/wfkVqQnSwbw+pehu9uks2fiF/6n6S048JQW83LbCzs3Icb5b8Z761ivQXEwwpFJvRr1fUb0bBZnFxc0YU3d48zJyhX90ljyGql6Y/mXs1m62x3yZrTxojjhz359kDk7xpkYPUKLCW708fBITlhiwH2DwaztANCy+T9bRKBl8YnseAUpSa6ipP7xUyTw4kTSMS8UUTHfnd6OklUbPaAAYYLf8evOajArhZzfwsLIC+8vmhonf9MPZQTcdF8YJl23x4E/+k4xVL3Wh01QDnpTLwbLUyGM5hgQezmXIhYq9QNDSYHyJZC6jpeLJJuD4aHctkP2yZ22B6STybSAyPh7fuB4Br1qycMitjOSMTgiGi3+T2U8tOQ0bWZvQIyD6GqqMJPMZM/3wwt/AEVkmWNFkCkYcXtxacOTfzoUZGf1L0bF4rEQKTFXQxbVq+TGzfPiMLJ3jdj8ZpO79kafUINXr+gXwd4itKqGaV39lCg6drqiVMY5YVaE2V4kGZXRivgGe0+CpsdpsaHGsYYY/x3ONEw3IYm7HvHCVF8gdOqykxDSbrGMoyO2JJs1oyrOQ8USwFWOku5XUmFwjniXYWOgBghA2Q8g== + discovery.sendtargets.auth.username: AgAZsdwSsp/KNr4CpqXKD53tJLLMCAB+j8Ml9YRCnTG/6oKFs+4zthCBC5H8z7WOPyCi31bEuRwM+gTAVYz5cGdJlO2s+0mhnvXI+NoZSU0IoWqczkGq90Ss/2auQZq4edKnhZQh9guM/nGv79zyNzocIdQ4J/JJXXadVWJbkvhym3OdK/jh5sYIkkKKUbKVv3rJLRSw7pyQT+uJWw/+pgxcV4dVuczvfsodA6OWbAMIdouqsfpzKrfmzo5StKUQiNQxjyWhXuBoHXODtzf/ZI9+DJnKce5LueoiM/NrEfkL8tWcU0ty7FXbCynOYg+NM2RRXyaSzY4tSpRkU3Zkp3cy37gISA+n0o8vUokGpPCew2A2vFWpqktjR69RJJXO0lA7fvpM8auysHuHiJxDrUkGlo+aQoHODXrDVeQ/yeigoFBdgSXCrwHu+lTbw+Uu6WmdwWEPr/TQVDABLwzWxIwy8zkHD5MvugsM4jjwPxKzpC+ReEXbEZZly4lwlqliDQtVmdWxQ6fJF5+smLkMLlrbbmLSkuv+bODn2Jb+k5QtwVz//ZdOQBLaMuzKvjIng1fv8aPJR0kzA/0DIUmAOicCLDBOZZI7cXt75FHyQbxLQU1A7vn/dbn5mdwRw1P+Ha36QR4SpSPe5L83TxFgEMvkmnTAYURrnG6OKCfWjNiNWHaa5CFxnhDdaiZ6dj501M9ERteyI0irp1ah + node.session.auth.password: AgCQv/EkgJF/dSaEgoqNmKqV59wEHw0X+fNShJ4Wn6tBPbzGFggt4LcuvTIlhqCspsFL0HZB/sDoo32tGIcXpPKUt7iQZFpTVI20TaeI2f9vRoPHmZVwC4Y/qnoi2QvcnayzGT9fMy2LsditN6q7KwRYeU4Kl5AVXj57OjhDxau53/uEXkrXIgipdXjSHg/DoH0s08o4RKgsDS64YmbdZzVoJJ90U7TvcWi94ypg02y0w/vicpVUoEBQ2PKBTvP088zkCZSAwyfNtwyrLV4gBTyMdpHuYjuS1yFIlV4E77abfro2NP4iXnqiJnsXUfZ3gbMg+xzTmFcen8U8aYa3M+XXI/75lX0ET46pKevB5xNVnxBp+azGsBddSbzzpHOVlxqJYRa4EIQVfkXMCQKeWGnbutG0SLMv2PFtp9oGOkgij4I+Fhs5WAJ5luV/No4Z6ONyodc68Precp8yMoESA4noqaXC4py0sOAdnbliIFf+hTCJK/3Z6ecajKJ2wDd1xFlVr+x2kfdwmYQzROos+zNNrVy13pyDZgUnNqIP0yyQCnBrGJlhozNmMe/CkFZaTxPx3fBG24odfLfgNqub07cqiy0yUAF4IVVsCJtH9YzHKVklRG8b3OiHd3w4E/jOkwMsnXOFWbzHRMdiwwtxV8/M7BtWRA+VhYzp/DsV/gyZ6MthXtdkdW+vzIY3ZIVyinceknv9tYfRdOjpYS9ldQ== + node.session.auth.username: AgCYg4H4MoGfIoIkTfdAyMe7i2hF9IqiY9cHt07uv8finHnykgwo4s8jAnLdGRI1R+sQfs2IeLGcdNLUg/YsOXI4nvY18Bb7qAo+KrMmmSb1ZIKKHN/pP08rCVRJsqOKNd6lIDpfk921fpdn83i6Otp2lHabBU/z4a96LDU2cC2WGyIbK5IP/gS1EYHWK8ya12lbdPKglGG0NA+bbKpW2kRC4omJTZ6v1+GpJT524lZCGazsw0y+Hpa9UuswCEGsvhw4wDoxAxr+Dg25Fv9iL/UJCisx7lv+0/1t1KLBHFEJpJyvOA9BdIiUOWFzoN0wzcmGa0k0vCdZwHjFqmVRvQjUDl2iSpa97AAxIma+nZ0ToVDp2FJHShBnnNTKoQNf7P5mlAEfG7ffx+JCH7drLqDQvE1SUQBvT3NKm5kTZdpnzKIUX8FEiXGFBj1VmVc/ceRukgZ6qAm7yJl91nxdp30/16fnjGtjNn3TJgB+jCNnR28P26tzhIiEjYnHvY5vncG7Dxc5AJkrwI1kyLenbgvI9/m0IpSm49dXu0iaZF78KTn5M5RLxqhfx+58o+crL763yBkT7zkEpSGT7X2ud4B64NUE7PQLgiXtMe5Q6Rr5KI1KFGeBur5F71cey7oYCLqQaMAhstxE7iGSVCNBKOzLle94TkiGGe/HKGaRRyzxM1uGvw/jJwdWGOFXJ2JEN5Y6eWHNH1INPGt8 + template: + metadata: + creationTimestamp: null + name: focalboard-iscsi-auth + namespace: focalboard + type: kubernetes.io/iscsi-chap diff --git a/focalboard/namespace.yaml b/focalboard/namespace.yaml new file mode 100644 index 0000000..3339aea --- /dev/null +++ b/focalboard/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: focalboard diff --git a/focalboard/service.yaml b/focalboard/service.yaml new file mode 100644 index 0000000..b3bf05c --- /dev/null +++ b/focalboard/service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: focalboard + namespace: focalboard +spec: + selector: + app: focalboard + ports: + - port: 80 + targetPort: 8000 diff --git a/focalboard/storage.yaml b/focalboard/storage.yaml new file mode 100644 index 0000000..70973aa --- /dev/null +++ b/focalboard/storage.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: focalboard-pv +spec: + capacity: + storage: 10Gi + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + iscsi: + targetPortal: truenas.local.gwg313.xyz:3260 + iqn: iqn.2005-10.org.freenas.ctl:focalboard + lun: 0 + fsType: ext4 + chapAuthDiscovery: true + chapAuthSession: true + secretRef: + name: focalboard-iscsi-auth + claimRef: + namespace: focalboard + name: focalboard-data +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: focalboard-data + namespace: focalboard +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + volumeName: focalboard-pv diff --git a/focalboard/virtualservice.yaml b/focalboard/virtualservice.yaml new file mode 100644 index 0000000..d801569 --- /dev/null +++ b/focalboard/virtualservice.yaml @@ -0,0 +1,21 @@ +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + name: focalboard + namespace: focalboard +spec: + hosts: + - pm.local.gwg313.xyz + - pm.gwg313.xyz + - pm.zerotier.gwg313.xyz + gateways: + - focalboard-gateway + http: + - match: + - uri: + prefix: / + route: + - destination: + host: focalboard + port: + number: 80