homelab/archive/2022.07.bxl-k3s-pi/apps/hass/homeassistant.yaml

179 lines
3.9 KiB
YAML

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: hass
namespace: hass
spec:
storageClassName: longhorn-static
accessModes:
- ReadWriteMany
resources:
requests:
storage: 500Mi
---
apiVersion: v1
kind: ConfigMap
metadata:
name: hass
namespace: hass
data:
configuration.yaml: |
# Loads default set of integrations. Do not remove.
default_config:
http:
use_x_forwarded_for: true
trusted_proxies:
- 10.42.0.0/16
panel_iframe:
nodered:
title: 'Node-Red'
url: 'https://node-red.bhasher.com'
icon: mdi:sitemap
require_admin: true
binary_sensor:
- platform: ping
host: 192.168.1.2
name: "Bhasher's Desktop"
count: 2
scan_interval: 30
wake_on_lan:
switch:
- platform: wake_on_lan
name: "WOL Bhasher's Desktop"
mac: e0:d5:5e:08:3c:d4
broadcast_address: 192.168.1.255
recorder: !include recorder.yaml
automation: !include automations.yaml
script: !include scripts.yaml
scene: !include scenes.yaml
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: hass
name: hass
namespace: hass
annotations:
reloader.stakater.com/auto: "true"
spec:
replicas: 1
revisionHistoryLimit: 1
selector:
matchLabels:
app: hass
template:
metadata:
labels:
app: hass
spec:
affinity:
podAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- hass
topologyKey: kubernetes.io/hostname
weight: 100
volumes:
- name: data
persistentVolumeClaim:
claimName: hass
- name: config
configMap:
name: hass
- name: secrets
secret:
secretName: hass
containers:
- name: hass
image: homeassistant/home-assistant:latest
imagePullPolicy: IfNotPresent
volumeMounts:
- name: data
mountPath: "/config"
- name: config
mountPath: "/config/configuration.yaml"
subPath: "configuration.yaml"
- name: secrets
mountPath: "/config/recorder.yaml"
subPath: "recorder.yaml"
ports:
- name: http
containerPort: 8123
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
failureThreshold: 2
periodSeconds: 10
startupProbe:
httpGet:
path: /
port: http
failureThreshold: 24
periodSeconds: 5
---
apiVersion: v1
kind: Service
metadata:
name: hass
namespace: hass
spec:
type: ClusterIP
selector:
app: hass
ports:
- name: http
port: 8123
protocol: TCP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: hass
namespace: hass
annotations:
kubernetes.io/ingress.class: "nginx"
cert-manager.io/cluster-issuer: "bhasherca-k3s-issuer"
cert-manager.io/common-name: "hass.bhasher.com"
# nginx.ingress.kubernetes.io/auth-response-headers: Remote-User,Remote-Name,Remote-Groups,Remote-Email
# nginx.ingress.kubernetes.io/auth-signin: https://idp.bhasher.com
# #nginx.ingress.kubernetes.io/auth-snippet: proxy_set_header X-Forwarded-Method $request_method;
# nginx.ingress.kubernetes.io/auth-url: https://idp.bhasher.com/api/verify
# #nginx.ingress.kubernetes.io/configuration-snippet: proxy_set_header X-Forwarded-Method $request_method;
spec:
tls:
- hosts:
- hass.bhasher.com
secretName: hass-tls
rules:
- host: hass.bhasher.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: hass
port:
number: 8123