starting to switch to nginx-ingress

2024-10-23 11:18:30 +01:00
75 changed files with 51 additions and 2405 deletions
--- a/immich-argocd-apps/.helmignore
+++ b/immich-argocd-apps/.helmignore
@@ -1,23 +0,0 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
--- a/immich-argocd-apps/Chart.yaml
+++ b/immich-argocd-apps/Chart.yaml
@@ -1,5 +0,0 @@
 apiVersion: v2
 name: immich-argocd-apps
 description: A Helm chart for deploying Immich as an ArgoCD app
 type: application
 version: 0.1.0
--- a/immich-argocd-apps/templates/_helpers.tpl
+++ b/immich-argocd-apps/templates/_helpers.tpl
@@ -1,62 +0,0 @@
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "immich-argocd-apps.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "immich-argocd-apps.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- $name := default .Chart.Name .Values.nameOverride }}
 {{- if contains $name .Release.Name }}
 {{- .Release.Name | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "immich-argocd-apps.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Common labels
 */}}
 {{- define "immich-argocd-apps.labels" -}}
 helm.sh/chart: {{ include "immich-argocd-apps.chart" . }}
 {{ include "immich-argocd-apps.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "immich-argocd-apps.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "immich-argocd-apps.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "immich-argocd-apps.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
 {{- default (include "immich-argocd-apps.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
--- a/immich-argocd-apps/templates/immich-main-chart.yaml
+++ b/immich-argocd-apps/templates/immich-main-chart.yaml
@@ -1,63 +0,0 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: immich-main-chart
  namespace: argocd  # Ensure this is the namespace where Argo CD is installed
  finalizers:
    - resources-finalizer.argocd.argoproj.io
  annotations:
    argocd.argoproj.io/sync-wave: "0"
    notifications.argoproj.io/subscribe.on-sync-succeeded.telegram: "-1002270587578"
 spec:
  project: default
  source:
    repoURL: "https://immich-app.github.io/immich-charts"
    chart: immich
    targetRevision: 0.x
    helm:
      releaseName: immich
      valuesObject:
        immich:
          persistence:
            library:
              existingClaim: immich-library
        redis:
          enabled: true
        env:
          - name: DB_HOSTNAME
            valueFrom:
              secretKeyRef:
                name: immich-pg-app
                key: host
          - name: DB_PASSWORD
            valueFrom:
              secretKeyRef:
                name: immich-pg-app
                key: password
          - name: DB_USERNAME
            valueFrom:
              secretKeyRef:
                name: immich-pg-app
                key: username
          - name: DB_DATABASE_NAME
            valueFrom:
              secretKeyRef:
                name: immich-pg-app
                key: dbname
          - name: REDIS_HOSTNAME
            value: immich-redis-master
            # value: '{{ printf "%s-redis-master" .Release.Name }}'
          - name: IMMICH_MACHINE_LEARNING_URL
            value: "http://immich-machine-learning:3003"
            # value: '{{ printf "http://%s-machine-learning:3003" .Release.Name }}'
  destination:
    server: https://kubernetes.default.svc  # Targeting the current Kubernetes cluster
    namespace: {{ .Values.mainNamespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - ApplyOutOfSyncOnly=true
      - ServerSideApply=true
      - CreateNamespace=true
--- a/immich-argocd-apps/templates/immich-postinstall-app.yaml
+++ b/immich-argocd-apps/templates/immich-postinstall-app.yaml
@@ -1,33 +0,0 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: immich-postinstall
  namespace: argocd  # Ensure this is the namespace where Argo CD is installed
  finalizers:
    - resources-finalizer.argocd.argoproj.io
  annotations:
    argocd.argoproj.io/sync-wave: "1"
    notifications.argoproj.io/subscribe.on-sync-succeeded.telegram: "-1002270587578"
 spec:
  project: default
  source:
    repoURL: "https://git.blarre.net/thomas/helm-charts.git"
    targetRevision: HEAD
    path: immich-argocd-postInstall
    helm:
      releaseName: immich-postinstall
      valuesObject:
        tailscaleIngresses:
          immichHostName: {{ .Values.tailscaleIngresses.immichHostName }} 
          filebrowserHostName: {{ .Values.tailscaleIngresses.filebrowserHostName }}
  destination:
    server: https://kubernetes.default.svc  # Targeting the current Kubernetes cluster
    namespace: {{ .Values.mainNamespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - ApplyOutOfSyncOnly=true
      - ServerSideApply=true
      - CreateNamespace=true
--- a/immich-argocd-apps/templates/immich-pvc-filebrowser-chart.yaml
+++ b/immich-argocd-apps/templates/immich-pvc-filebrowser-chart.yaml
@@ -1,58 +0,0 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: immich-pvc-filebrowser-chart
  namespace: argocd  # Ensure this is the namespace where Argo CD is installed
  finalizers:
    - resources-finalizer.argocd.argoproj.io
  annotations:
    argocd.argoproj.io/sync-wave: "0"
    notifications.argoproj.io/subscribe.on-sync-succeeded.telegram: "-1002270587578"
 spec:
  project: default
  source:
    repoURL: "tccr.io/truecharts"
    chart: filebrowser
    targetRevision: 11.x
    helm:
      releaseName: filebrowser
      valuesObject:
        persistence:
          config:
            enabled: true
            mountPath: /config
            type: pvc
            namespace: {{ .Values.mainNamespace }}
            accessModes: ReadWriteOnce
            size: 100Mi
            storageClass: {{ .Values.filebrowser.configStorageClassName }}
          database:
            enabled: true
            mountPath: /database
            type: pvc
            namespace: {{ .Values.mainNamespace }}
            accessModes: ReadWriteOnce
            size: 100Mi
            storageClass: {{ .Values.filebrowser.configStorageClassName }}
          data:
            enabled: true
            mountPath: /data
            type: pvc
            namespace: {{ .Values.mainNamespace }}
            existingClaim: immich-library  
  destination:
    server: https://kubernetes.default.svc  # Targeting the current Kubernetes cluster
    namespace: {{ .Values.mainNamespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - ApplyOutOfSyncOnly=true
      - ServerSideApply=true
      - CreateNamespace=true
  ignoreDifferences:
  - group: apps
    kind: Deployment
    jsonPointers:
    - /spec/template/spec/hostUsers
--- a/immich-argocd-apps/templates/immich-requirements-app.yaml
+++ b/immich-argocd-apps/templates/immich-requirements-app.yaml
@@ -1,38 +0,0 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: immich-requirements
  namespace: argocd  # Ensure this is the namespace where Argo CD is installed
  finalizers:
    - resources-finalizer.argocd.argoproj.io
  annotations:
    argocd.argoproj.io/sync-wave: "-1"
    notifications.argoproj.io/subscribe.on-sync-succeeded.telegram: "-1002270587578"
 spec:
  project: default
  source:
    repoURL: "https://git.blarre.net/thomas/helm-charts.git"
    targetRevision: HEAD
    path: immich-argocd-requirements
    helm:
      releaseName: immich-requirements
      valuesObject:
        mainNamespace: {{ .Values.mainNamespace }}
        immichDb:
          dbClusterInstances: {{ .Values.immichDb.dbClusterInstances }}
          dbClusterStorageClass: {{ .Values.immichDb.dbClusterStorageClass }}
          dbClusterStorageSize: {{ .Values.immichDb.dbClusterStorageSize }}
        photosLibrary:
          storageClassName: {{ .Values.photosLibrary.storageClassName }}
          storageSize: {{ .Values.photosLibrary.storageSize }}
  destination:
    server: https://kubernetes.default.svc  # Targeting the current Kubernetes cluster
    namespace: {{ .Values.mainNamespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - ApplyOutOfSyncOnly=true
      - ServerSideApply=true
      - CreateNamespace=true
--- a/immich-argocd-apps/values.yaml
+++ b/immich-argocd-apps/values.yaml
@@ -1,13 +0,0 @@
 mainNamespace: immich
 tailscaleIngresses:
  immichHostName: photos
  filebrowserHostName: immich-files
 photosLibrary:
  storageClassName: 
  storageSize: 500Gi
 immichDb:
  dbClusterInstances: 3
  dbClusterStorageClass: 
  dbClusterStorageSize: 10Gi
 filebrowser:
  configStorageClassName:
--- a/immich-argocd-postInstall/.helmignore
+++ b/immich-argocd-postInstall/.helmignore
@@ -1,23 +0,0 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
--- a/immich-argocd-postInstall/Chart.yaml
+++ b/immich-argocd-postInstall/Chart.yaml
@@ -1,24 +0,0 @@
 apiVersion: v2
 name: immich-argocd-postInstall
 description: A Helm chart for Kubernetes
 # A chart can be either an 'application' or a 'library' chart.
 #
 # Application charts are a collection of templates that can be packaged into versioned archives
 # to be deployed.
 #
 # Library charts provide useful utilities or functions for the chart developer. They're included as
 # a dependency of application charts to inject those utilities and functions into the rendering
 # pipeline. Library charts do not define any templates and therefore cannot be deployed.
 type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
 version: 0.1.1
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
 appVersion: "1.16.0"
--- a/immich-argocd-postInstall/templates/_helpers.tpl
+++ b/immich-argocd-postInstall/templates/_helpers.tpl
@@ -1,62 +0,0 @@
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "immich-argocd-postInstall.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "immich-argocd-postInstall.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- $name := default .Chart.Name .Values.nameOverride }}
 {{- if contains $name .Release.Name }}
 {{- .Release.Name | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "immich-argocd-postInstall.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Common labels
 */}}
 {{- define "immich-argocd-postInstall.labels" -}}
 helm.sh/chart: {{ include "immich-argocd-postInstall.chart" . }}
 {{ include "immich-argocd-postInstall.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "immich-argocd-postInstall.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "immich-argocd-postInstall.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "immich-argocd-postInstall.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
 {{- default (include "immich-argocd-postInstall.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
--- a/immich-argocd-postInstall/templates/filebrowser-ingress.yaml
+++ b/immich-argocd-postInstall/templates/filebrowser-ingress.yaml
@@ -1,14 +0,0 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: ts-filebrowser-bis
 spec:
  defaultBackend:
    service:
      name: filebrowser
      port:
        number: 10187
  ingressClassName: tailscale
  tls:
    - hosts:
        - {{ .Values.tailscaleIngresses.filebrowserHostName }}
--- a/immich-argocd-postInstall/templates/immich-ingress.yaml
+++ b/immich-argocd-postInstall/templates/immich-ingress.yaml
@@ -1,16 +0,0 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: ts-immich
  annotations:
    tailscale.com/funnel: "true"
 spec:
  defaultBackend:
    service:
      name: immich-server
      port:
        name: http
  ingressClassName: tailscale
  tls:
    - hosts:
        - {{ .Values.tailscaleIngresses.immichHostName }}
--- a/immich-argocd-postInstall/values.yaml
+++ b/immich-argocd-postInstall/values.yaml
@@ -1,3 +0,0 @@
 tailscaleIngresses:
  immichHostName: photos
  filebrowserHostName: immich-files
--- a/immich-argocd-requirements/.helmignore
+++ b/immich-argocd-requirements/.helmignore
@@ -1,23 +0,0 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
--- a/immich-argocd-requirements/Chart.yaml
+++ b/immich-argocd-requirements/Chart.yaml
@@ -1,6 +0,0 @@
 apiVersion: v2
 name: immich-argocd-requirements
 description: A Helm chart for the underlying requirements to deploy Immich 
 type: application
 version: 0.1.0
 appVersion: "0.1.0"
--- a/immich-argocd-requirements/README
+++ b/immich-argocd-requirements/README
@@ -1 +0,0 @@
 This chart requires CNPG (Cloud Native Postgres) installed on the Kubernetes cluster, as well as the Tailscale operator (for the ingress)
--- a/immich-argocd-requirements/templates/_helpers.tpl
+++ b/immich-argocd-requirements/templates/_helpers.tpl
@@ -1,62 +0,0 @@
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "immich-argocd-requirements.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "immich-argocd-requirements.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- $name := default .Chart.Name .Values.nameOverride }}
 {{- if contains $name .Release.Name }}
 {{- .Release.Name | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "immich-argocd-requirements.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Common labels
 */}}
 {{- define "immich-argocd-requirements.labels" -}}
 helm.sh/chart: {{ include "immich-argocd-requirements.chart" . }}
 {{ include "immich-argocd-requirements.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "immich-argocd-requirements.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "immich-argocd-requirements.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "immich-argocd-requirements.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
 {{- default (include "immich-argocd-requirements.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
--- a/immich-argocd-requirements/templates/db-cluster.yaml
+++ b/immich-argocd-requirements/templates/db-cluster.yaml
@@ -1,43 +0,0 @@
 # From https://github.com/immich-app/immich/discussions/9060#discussioncomment-9688353
 apiVersion: postgresql.cnpg.io/v1                                                
 kind: Cluster
 metadata:
  name: immich-pg
  namespace: {{ .Values.mainNamespace }}
 spec:
  instances: {{ .Values.immichDb.dbClusterInstances }}
  imageName: ghcr.io/tensorchord/cloudnative-pgvecto.rs:16.3-v0.2.1
 #  superuserSecret:
 #    name: immich-pg-superuser
 #  enableSuperuserAccess: true
  startDelay: 30
  stopDelay: 100
 #  primaryUpdateStrategy: unsupervised
 #  primaryUpdateMethod: switchover
  postgresql:
    shared_preload_libraries:
      - "vectors.so"
    enableAlterSystem: true
  storage:
    storageClass: {{ .Values.immichDb.dbClusterStorageClass }}
    size: {{ .Values.immichDb.dbClusterStorageSize }}
 #  monitoring:
 #    enablePodMonitor: false
  bootstrap:
    initdb:
      database: immich
      owner: immich
 #      secret:
 #        name: immich-pg-user
      dataChecksums: true
      postInitApplicationSQL:
        - ALTER SYSTEM SET search_path TO "$user", public, vectors;
        - SET search_path TO "$user", public, vectors;
        - CREATE EXTENSION IF NOT EXISTS "vectors";
        - CREATE EXTENSION IF NOT EXISTS "cube";
        - CREATE EXTENSION IF NOT EXISTS "earthdistance";
        - ALTER SCHEMA vectors OWNER TO "immich";
        - GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA vectors TO "immich";
        - GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "immich";
        # - CREATE EXTENSION IF NOT EXISTS "vector";
        # - ALTER ROLE "immich" WITH "superuser";
--- a/immich-argocd-requirements/templates/library-pvc.yaml
+++ b/immich-argocd-requirements/templates/library-pvc.yaml
@@ -1,11 +0,0 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: immich-library
 spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: {{ .Values.photosLibrary.storageClassName }}
  resources:
    requests:
      storage: {{ .Values.photosLibrary.storageSize }}
--- a/immich-argocd-requirements/templates/pgvectrs-imagecatalog-cnpg.yaml
+++ b/immich-argocd-requirements/templates/pgvectrs-imagecatalog-cnpg.yaml
@@ -1,9 +0,0 @@
 apiVersion: postgresql.cnpg.io/v1
 kind: ImageCatalog
 metadata:
  name: pgvecto-rs
  namespace: {{ .Values.mainNamespace }}
 spec:
  images:
    - major: 16
      image: ghcr.io/tensorchord/cloudnative-pgvecto.rs:16-v0.2.1
--- a/immich-argocd-requirements/values.yaml
+++ b/immich-argocd-requirements/values.yaml
@@ -1,10 +0,0 @@
 mainNamespace: immich
 immichDb:
  dbClusterInstances: 3
  dbClusterStorageClass: null
  dbClusterStorageSize: "10Gi"
 photosLibrary:
  storageClassName: 
  storageSize: 500Gi
--- a/k3s-tooling/.helmignore
+++ b/k3s-tooling/.helmignore
@@ -1,23 +0,0 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
--- a/k3s-tooling/Chart.yaml
+++ b/k3s-tooling/Chart.yaml
@@ -1,5 +0,0 @@
 apiVersion: v2
 name: k3s-tooling
 description: A Helm chart for deploying some kubernetes ressources
 type: application
 version: 0.1.0
--- a/k3s-tooling/templates/_helpers.tpl
+++ b/k3s-tooling/templates/_helpers.tpl
@@ -1,62 +0,0 @@
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "k3s-tooling.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "k3s-tooling.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- $name := default .Chart.Name .Values.nameOverride }}
 {{- if contains $name .Release.Name }}
 {{- .Release.Name | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "k3s-tooling.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Common labels
 */}}
 {{- define "k3s-tooling.labels" -}}
 helm.sh/chart: {{ include "k3s-tooling.chart" . }}
 {{ include "k3s-tooling.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "k3s-tooling.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "k3s-tooling.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "k3s-tooling.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
 {{- default (include "k3s-tooling.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
--- a/k3s-tooling/templates/certmanager.yaml
+++ b/k3s-tooling/templates/certmanager.yaml
@@ -1,32 +0,0 @@
 {{- if .Values.certManager.enable -}}
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: cert-manager
  namespace: {{ .Values.argocd.namespace }}
  # finalizers:
    # - resources-finalizer.argocd.argoproj.io
  annotations:
    notifications.argoproj.io/subscribe.on-sync-succeeded.telegram: "-1002270587578"
 spec:
  project: {{ .Values.argocd.project }}
  source:
    repoURL: "https://charts.jetstack.io" 
    chart: cert-manager              # Chart name
    targetRevision: {{ .Values.certManager.targetRevision }}                # Version of the chart (update to latest if needed)
    helm:
      valuesObject:
        crds:
          enabled: true
  destination:
    server: {{ .Values.certManager.destination.server }}
    namespace: {{ .Values.certManager.destination.namespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - ApplyOutOfSyncOnly=true
      - ServerSideApply=true
      - CreateNamespace=true
 {{- end }}
--- a/k3s-tooling/templates/cnpg.yaml
+++ b/k3s-tooling/templates/cnpg.yaml
@@ -1,28 +0,0 @@
 {{- if .Values.cnpg.enable -}}
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: cnpg
  namespace: {{ .Values.argocd.namespace }}
  # finalizers:
    # - resources-finalizer.argocd.argoproj.io
  annotations:
    notifications.argoproj.io/subscribe.on-sync-succeeded.telegram: "-1002270587578"
 spec:
  project: {{ .Values.argocd.project }}
  source:
    repoURL: "https://cloudnative-pg.github.io/charts"  # Helm repository for Tailscale
    chart: cloudnative-pg              # Chart name
    targetRevision: {{ .Values.cnpg.targetRevision }}
  destination:
    server: {{ .Values.cnpg.destination.server }}
    namespace: {{ .Values.cnpg.destination.namespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - ApplyOutOfSyncOnly=true
      - ServerSideApply=true
      - CreateNamespace=true
 {{- end }}
--- a/k3s-tooling/templates/longhorn.yaml
+++ b/k3s-tooling/templates/longhorn.yaml
@@ -1,26 +0,0 @@
 {{- if .Values.longhorn.enable -}}
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: longhorn
  namespace: {{ .Values.argocd.namespace }}
  # finalizers:
    # - resources-finalizer.argocd.argoproj.io
  annotations:
    notifications.argoproj.io/subscribe.on-sync-succeeded.telegram: "-1002270587578" 
 spec:
  project: {{ .Values.argocd.project }}
  source:
    repoURL: "https://charts.longhorn.io"  # Helm repository for Tailscale
    chart: longhorn              # Chart name
    targetRevision: {{ .Values.longhorn.targetRevision }}
  destination:
    server: {{ .Values.longhorn.destination.server }}
    namespace: {{ .Values.longhorn.destination.namespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - CreateNamespace=true
 {{- end }}
--- a/k3s-tooling/templates/tailscale-operator.yaml
+++ b/k3s-tooling/templates/tailscale-operator.yaml
@@ -1,37 +0,0 @@
 {{- if .Values.tailscaleOperator.enable -}}
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: tailscale-operator
  namespace: {{ .Values.argocd.namespace }} 
  # finalizers:
    # - resources-finalizer.argocd.argoproj.io
  annotations:
    notifications.argoproj.io/subscribe.on-sync-succeeded.telegram: "-1002270587578"
 spec:
  project: {{ .Values.argocd.project }}
  source:
    repoURL: "https://pkgs.tailscale.com/helmcharts"
    chart: tailscale-operator
    targetRevision: {{ .Values.tailscaleOperator.targetRevision }}
    helm:
      valuesObject:
        oauth:
          clientId: {{ .Values.tailscaleOperator.oauth.clientId }}
          clientSecret: {{ .Values.tailscaleOperator.oauth.clientSecret }}
        operatorConfig:
          hostname: {{ .Values.tailscaleOperator.operatorHostname }}
        apiServerProxyConfig:
          mode: "true"
  destination:
    server: {{ .Values.tailscaleOperator.destination.server }} 
    namespace: {{ .Values.tailscaleOperator.destination.namespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - ApplyOutOfSyncOnly=true
      - ServerSideApply=true
      - CreateNamespace=true
 {{- end }}
--- a/k3s-tooling/templates/traefik.yaml
+++ b/k3s-tooling/templates/traefik.yaml
@@ -1,35 +0,0 @@
 {{- if .Values.traefik.enable -}}
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: traefik
  namespace: {{ .Values.argocd.namespace }}
  # finalizers:
    # - resources-finalizer.argocd.argoproj.io
  annotations:
    notifications.argoproj.io/subscribe.on-sync-succeeded.telegram: "-1002270587578"
 spec:
  project: {{ .Values.argocd.project }}
  source:
    repoURL: "https://traefik.github.io/charts"
    chart: traefik
    targetRevision: {{ .Values.traefik.targetRevision }}
    helm:
      valuesObject:
        ingressRoute:
          dashboard:
            enabled: false
            annotations: 
              test: test
  destination:
    server: {{ .Values.traefik.destination.server }}
    namespace: {{ .Values.traefik.destination.namespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - ApplyOutOfSyncOnly=true
      - ServerSideApply=true
      - CreateNamespace=true
 {{- end }}
--- a/k3s-tooling/values.yaml
+++ b/k3s-tooling/values.yaml
@@ -1,43 +0,0 @@
 argocd:
  namespace: argocd
  project: default
 certManager:
  enable: false
  targetRevision: v1.16.x
  destination:
    server: https://kubernetes.default.svc
    namespace: cert-manager
 cnpg:
  enable: false
  targetRevision: 0.22.x
  destination:
    server: https://kubernetes.default.svc
    namespace: cnpg-system
 longhorn:
  enable: false
  targetRevision: 1.7.x
  destination:
    server: https://kubernetes.default.svc
    namespace: longhorn-system
 tailscaleOperator:
  enable: false
  targetRevision: 1.x
  destination:
    server: https://kubernetes.default.svc
    namespace: tailscale
  oauth:
    clientId:
    clientSecret:
  operatorHostname: tailscale-operator
 traefik:
  enable: false
  targetRevision: 25.x
  destination:
    server: https://kubernetes.default.svc
    namespace: kube-system
--- a/nextcloud-linode/templates/ingress.yaml
+++ b/nextcloud-linode/templates/ingress.yaml
@@ -0,0 +1,16 @@
 # apiVersion: networking.k8s.io/v1
 # kind: Ingress
 # metadata:
  # name: ts-nextcloud
  # annotations:
    # tailscale.com/funnel: "false"
 # spec:
  # defaultBackend:
    # service:
      # name: {{ .Release.Name }}
      # port:
        # number: 8080
  # ingressClassName: tailscale
  # tls:
    # - hosts:
        # - "{{ .Values.tailscaleHostName }}"
--- a/nextcloud-linode/templates/ts-ingress.yaml
+++ b/nextcloud-linode/templates/ts-ingress.yaml
@@ -1,16 +0,0 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: ts-nextcloud
  annotations:
    tailscale.com/funnel: "false"
 spec:
  defaultBackend:
    service:
      name: {{ .Release.Name }}
      port:
        number: 8080
  ingressClassName: tailscale
  tls:
    - hosts:
        - "{{ .Values.tailscaleHostName }}"
--- a/nextcloud-linode/values.yaml
+++ b/nextcloud-linode/values.yaml
@@ -25,7 +25,7 @@ nextcloud:
      enabled: true
      secretName: nextcloud-db-app
      usernameKey: user 
-      passwordKey: password 
+      passwordKey: password
      databaseKey: dbname
      hostKey: host
  persistence:
@@ -34,3 +34,36 @@ nextcloud:
    nextcloudData:
      enabled: true
      size: 8Gi
  image:
    flavor: fpm
  nginx:
    enabled: true
  ingress:
    className: nginx
    annotations:
      nginx.ingress.kubernetes.io/server-snippet: |-
        server_tokens off;
        proxy_hide_header X-Powered-By;
        rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last;
        rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last;
        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
        location = /.well-known/carddav {
          return 301 $scheme://$host/remote.php/dav;
        }
        location = /.well-known/caldav {
          return 301 $scheme://$host/remote.php/dav;
        }
        location = /robots.txt {
          allow all;
          log_not_found off;
          access_log off;
        }
        location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
          deny all;
        }
        location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
          deny all;
        }
      nginx.ingress.kubernetes.io/enable-cors: "true"
      nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"
--- a/odoo-truechart/ingress-tailscale-odoo.yaml
+++ b/odoo-truechart/ingress-tailscale-odoo.yaml
@@ -11,4 +11,4 @@ spec:
  ingressClassName: tailscale
  tls:
    - hosts:
-        - odoo
+        - odoo  
--- a/odoo/.helmignore
+++ b/odoo/.helmignore
@@ -1,23 +0,0 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
--- a/odoo/Chart.yaml
+++ b/odoo/Chart.yaml
@@ -1,6 +0,0 @@
 apiVersion: v2
 name: odoo
 description: A Helm chart for deploying odoo
 type: application
 version: 0.1.0
 appVersion: "1.16.0"
--- a/odoo/templates/_helpers.tpl
+++ b/odoo/templates/_helpers.tpl
@@ -1,62 +0,0 @@
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "odoo.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "odoo.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- $name := default .Chart.Name .Values.nameOverride }}
 {{- if contains $name .Release.Name }}
 {{- .Release.Name | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "odoo.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Common labels
 */}}
 {{- define "odoo.labels" -}}
 helm.sh/chart: {{ include "odoo.chart" . }}
 {{ include "odoo.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "odoo.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "odoo.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "odoo.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
 {{- default (include "odoo.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
--- a/odoo/templates/db-deployment.yaml
+++ b/odoo/templates/db-deployment.yaml
@@ -1,26 +0,0 @@
 apiVersion: postgresql.cnpg.io/v1
 kind: Cluster
 metadata:
  name: odoo-db
 #  namespace: odoo
 spec:
  instances: 2
  storage:
    size: 2Gi
    storageClass: longhorn
  env:
    - name: POSTGRES_DB
      valueFrom:
        secretKeyRef:
          name: odoo-secret
          key: POSTGRES_DB
    - name: POSTGRES_PASSWORD
      valueFrom:
        secretKeyRef:
          name: odoo-secret
          key: POSTGRES_PASSWORD
    - name: POSTGRES_USER
      valueFrom:
        secretKeyRef:
          name: odoo-secret
          key: POSTGRES_USER
--- a/odoo/templates/odoo-deployment.yaml
+++ b/odoo/templates/odoo-deployment.yaml
@@ -1,36 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: odoo
 spec:
  replicas: {{ .Values.replicaCount }}
  template:
    spec:
      containers:
        - env:
            - name: HOST
              value: odoo-db-rw.odoo
            - name: USER
              valueFrom:
                secretKeyRef:
                  name: odoo-secret
                  key: POSTGRES_USER
            - name: PASSWORD
              valueFrom:
                secretKeyRef:
                  name: odoo-secret
                  key: POSTGRES_PASSWORD
          image: "{{ .Values.image.odoo.repository }}:{{ .Values.image.odoo.tag }}"
          imagePullPolicy: {{ .Values.image.odoo.pullPolicy }}
          name: odoo
          ports:
            - containerPort: 8000
              protocol: TCP
          volumeMounts:
            - mountPath: /code/media
              name: odoo-media
      restartPolicy: Always
      volumes:
        - name: odoo-media
          persistentVolumeClaim:
            claimName: odoo-media
--- a/odoo/templates/secrets.yaml
+++ b/odoo/templates/secrets.yaml
@@ -1,9 +0,0 @@
 apiVersion: v1
 kind: Secret
 metadata:
  name: odoo-secret
 type: Opaque
 data:
  POSTGRES_DB: YWR2ZW50dXJlbG9nCg==
  POSTGRES_PASSWORD: c2VjcmV0cGFzc3dvcmQK
  POSTGRES_USER: YWR2ZW50dXJlbG9nCg==
--- a/odoo/values.yaml
+++ b/odoo/values.yaml
@@ -1,80 +0,0 @@
 replicaCount: 1
 image:
  odoo:
    repository: odoo
    pullPolicy: IfNotPresent
    tag: "17.0"
 # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/
 service:
  # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
  type: ClusterIP
  # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports
  port: 80
 # This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/
 ingress:
  enabled: false
  className: ""
  annotations: {}
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  hosts:
    - host: chart-example.local
      paths:
        - path: /
          pathType: ImplementationSpecific
  tls: []
  #  - secretName: chart-example-tls
  #    hosts:
  #      - chart-example.local
 resources: {}
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  # limits:
  #   cpu: 100m
  #   memory: 128Mi
  # requests:
  #   cpu: 100m
  #   memory: 128Mi
 # This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
 livenessProbe:
  httpGet:
    path: /
    port: http
 readinessProbe:
  httpGet:
    path: /
    port: http
 # This section is for setting up autoscaling more information can be found here: https://kubernetes.io/docs/concepts/workloads/autoscaling/
 autoscaling:
  enabled: false
  minReplicas: 1
  maxReplicas: 100
  targetCPUUtilizationPercentage: 80
  # targetMemoryUtilizationPercentage: 80
 # Additional volumes on the output Deployment definition.
 volumes: []
 # - name: foo
 #   secret:
 #     secretName: mysecret
 #     optional: false
 # Additional volumeMounts on the output Deployment definition.
 volumeMounts: []
 # - name: foo
 #   mountPath: "/etc/foo"
 #   readOnly: true
 nodeSelector: {}
 tolerations: []
 affinity: {}
--- a/test/.helmignore
+++ b/test/.helmignore
@@ -1,23 +0,0 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
--- a/test/Chart.yaml
+++ b/test/Chart.yaml
@@ -1,24 +0,0 @@
 apiVersion: v2
 name: test
 description: A Helm chart for Kubernetes
 # A chart can be either an 'application' or a 'library' chart.
 #
 # Application charts are a collection of templates that can be packaged into versioned archives
 # to be deployed.
 #
 # Library charts provide useful utilities or functions for the chart developer. They're included as
 # a dependency of application charts to inject those utilities and functions into the rendering
 # pipeline. Library charts do not define any templates and therefore cannot be deployed.
 type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
 version: 0.1.0
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
 appVersion: "1.16.0"
--- a/test/templates/NOTES.txt
+++ b/test/templates/NOTES.txt
@@ -1,22 +0,0 @@
 1. Get the application URL by running these commands:
 {{- if .Values.ingress.enabled }}
 {{- range $host := .Values.ingress.hosts }}
  {{- range .paths }}
  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
  {{- end }}
 {{- end }}
 {{- else if contains "NodePort" .Values.service.type }}
  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "test.fullname" . }})
  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
  echo http://$NODE_IP:$NODE_PORT
 {{- else if contains "LoadBalancer" .Values.service.type }}
     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
           You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "test.fullname" . }}'
  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "test.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
  echo http://$SERVICE_IP:{{ .Values.service.port }}
 {{- else if contains "ClusterIP" .Values.service.type }}
  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "test.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
  echo "Visit http://127.0.0.1:8080 to use your application"
  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
 {{- end }}
--- a/test/templates/_helpers.tpl
+++ b/test/templates/_helpers.tpl
@@ -1,62 +0,0 @@
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "test.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "test.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- $name := default .Chart.Name .Values.nameOverride }}
 {{- if contains $name .Release.Name }}
 {{- .Release.Name | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "test.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Common labels
 */}}
 {{- define "test.labels" -}}
 helm.sh/chart: {{ include "test.chart" . }}
 {{ include "test.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "test.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "test.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "test.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
 {{- default (include "test.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
--- a/test/templates/deployment.yaml
+++ b/test/templates/deployment.yaml
@@ -1,68 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ include "test.fullname" . }}
  labels:
    {{- include "test.labels" . | nindent 4 }}
 spec:
  {{- if not .Values.autoscaling.enabled }}
  replicas: {{ .Values.replicaCount }}
  {{- end }}
  selector:
    matchLabels:
      {{- include "test.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      {{- with .Values.podAnnotations }}
      annotations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      labels:
        {{- include "test.labels" . | nindent 8 }}
        {{- with .Values.podLabels }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
    spec:
      {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      serviceAccountName: {{ include "test.serviceAccountName" . }}
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
      containers:
        - name: {{ .Chart.Name }}
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.port }}
              protocol: TCP
          livenessProbe:
            {{- toYaml .Values.livenessProbe | nindent 12 }}
          readinessProbe:
            {{- toYaml .Values.readinessProbe | nindent 12 }}
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
          {{- with .Values.volumeMounts }}
          volumeMounts:
            {{- toYaml . | nindent 12 }}
          {{- end }}
      {{- with .Values.volumes }}
      volumes:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
--- a/test/templates/hpa.yaml
+++ b/test/templates/hpa.yaml
@@ -1,32 +0,0 @@
 {{- if .Values.autoscaling.enabled }}
 apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
  name: {{ include "test.fullname" . }}
  labels:
    {{- include "test.labels" . | nindent 4 }}
 spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: {{ include "test.fullname" . }}
  minReplicas: {{ .Values.autoscaling.minReplicas }}
  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
  metrics:
    {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
    - type: Resource
      resource:
        name: cpu
        target:
          type: Utilization
          averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
    {{- end }}
    {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
    - type: Resource
      resource:
        name: memory
        target:
          type: Utilization
          averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
    {{- end }}
 {{- end }}
--- a/test/templates/ingress.yaml
+++ b/test/templates/ingress.yaml
@@ -1,43 +0,0 @@
 {{- if .Values.ingress.enabled -}}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: {{ include "test.fullname" . }}
  labels:
    {{- include "test.labels" . | nindent 4 }}
  {{- with .Values.ingress.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 spec:
  {{- with .Values.ingress.className }}
  ingressClassName: {{ . }}
  {{- end }}
  {{- if .Values.ingress.tls }}
  tls:
    {{- range .Values.ingress.tls }}
    - hosts:
        {{- range .hosts }}
        - {{ . | quote }}
        {{- end }}
      secretName: {{ .secretName }}
    {{- end }}
  {{- end }}
  rules:
    {{- range .Values.ingress.hosts }}
    - host: {{ .host | quote }}
      http:
        paths:
          {{- range .paths }}
          - path: {{ .path }}
            {{- with .pathType }}
            pathType: {{ . }}
            {{- end }}
            backend:
              service:
                name: {{ include "test.fullname" $ }}
                port:
                  number: {{ $.Values.service.port }}
          {{- end }}
    {{- end }}
 {{- end }}
--- a/test/templates/service.yaml
+++ b/test/templates/service.yaml
@@ -1,15 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "test.fullname" . }}
  labels:
    {{- include "test.labels" . | nindent 4 }}
 spec:
  type: {{ .Values.service.type }}
  ports:
    - port: {{ .Values.service.port }}
      targetPort: http
      protocol: TCP
      name: http
  selector:
    {{- include "test.selectorLabels" . | nindent 4 }}
--- a/test/templates/serviceaccount.yaml
+++ b/test/templates/serviceaccount.yaml
@@ -1,13 +0,0 @@
 {{- if .Values.serviceAccount.create -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ include "test.serviceAccountName" . }}
  labels:
    {{- include "test.labels" . | nindent 4 }}
  {{- with .Values.serviceAccount.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
 {{- end }}
--- a/test/templates/tests/test-connection.yaml
+++ b/test/templates/tests/test-connection.yaml
@@ -1,15 +0,0 @@
 apiVersion: v1
 kind: Pod
 metadata:
  name: "{{ include "test.fullname" . }}-test-connection"
  labels:
    {{- include "test.labels" . | nindent 4 }}
  annotations:
    "helm.sh/hook": test
 spec:
  containers:
    - name: wget
      image: busybox
      command: ['wget']
      args: ['{{ include "test.fullname" . }}:{{ .Values.service.port }}']
  restartPolicy: Never
--- a/test/values.yaml
+++ b/test/values.yaml
@@ -1,123 +0,0 @@
 # Default values for test.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
 # This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
 replicaCount: 1
 # This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/
 image:
  repository: nginx
  # This sets the pull policy for images.
  pullPolicy: IfNotPresent
  # Overrides the image tag whose default is the chart appVersion.
  tag: ""
 # This is for the secretes for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
 imagePullSecrets: []
 # This is to override the chart name.
 nameOverride: ""
 fullnameOverride: ""
 # This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/
 serviceAccount:
  # Specifies whether a service account should be created
  create: true
  # Automatically mount a ServiceAccount's API credentials?
  automount: true
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 # This is for setting Kubernetes Annotations to a Pod.
 # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
 podAnnotations: {}
 # This is for setting Kubernetes Labels to a Pod.
 # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
 podLabels: {}
 podSecurityContext: {}
  # fsGroup: 2000
 securityContext: {}
  # capabilities:
  #   drop:
  #   - ALL
  # readOnlyRootFilesystem: true
  # runAsNonRoot: true
  # runAsUser: 1000
 # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/
 service:
  # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
  type: ClusterIP
  # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports
  port: 80
 # This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/
 ingress:
  enabled: false
  className: ""
  annotations: {}
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  hosts:
    - host: chart-example.local
      paths:
        - path: /
          pathType: ImplementationSpecific
  tls: []
  #  - secretName: chart-example-tls
  #    hosts:
  #      - chart-example.local
 resources: {}
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  # limits:
  #   cpu: 100m
  #   memory: 128Mi
  # requests:
  #   cpu: 100m
  #   memory: 128Mi
 # This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
 livenessProbe:
  httpGet:
    path: /
    port: http
 readinessProbe:
  httpGet:
    path: /
    port: http
 # This section is for setting up autoscaling more information can be found here: https://kubernetes.io/docs/concepts/workloads/autoscaling/
 autoscaling:
  enabled: false
  minReplicas: 1
  maxReplicas: 100
  targetCPUUtilizationPercentage: 80
  # targetMemoryUtilizationPercentage: 80
 # Additional volumes on the output Deployment definition.
 volumes: []
 # - name: foo
 #   secret:
 #     secretName: mysecret
 #     optional: false
 # Additional volumeMounts on the output Deployment definition.
 volumeMounts: []
 # - name: foo
 #   mountPath: "/etc/foo"
 #   readOnly: true
 nodeSelector: {}
 tolerations: []
 affinity: {}
--- a/thomflix-argocd-apps/.helmignore
+++ b/thomflix-argocd-apps/.helmignore
@@ -1,23 +0,0 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
--- a/thomflix-argocd-apps/Chart.yaml
+++ b/thomflix-argocd-apps/Chart.yaml
@@ -1,5 +0,0 @@
 apiVersion: v2
 name: thomflix-argocd-apps
 description: A Helm chart gathering all the argocd apps for Thomflix
 type: application
 version: 0.1.0
--- a/thomflix-argocd-apps/templates/_helpers.tpl
+++ b/thomflix-argocd-apps/templates/_helpers.tpl
@@ -1,62 +0,0 @@
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "thomflix-argocd-apps.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "thomflix-argocd-apps.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- $name := default .Chart.Name .Values.nameOverride }}
 {{- if contains $name .Release.Name }}
 {{- .Release.Name | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "thomflix-argocd-apps.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Common labels
 */}}
 {{- define "thomflix-argocd-apps.labels" -}}
 helm.sh/chart: {{ include "thomflix-argocd-apps.chart" . }}
 {{ include "thomflix-argocd-apps.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "thomflix-argocd-apps.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "thomflix-argocd-apps.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "thomflix-argocd-apps.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
 {{- default (include "thomflix-argocd-apps.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
--- a/thomflix-argocd-apps/templates/thomflix-requirements-app.yaml
+++ b/thomflix-argocd-apps/templates/thomflix-requirements-app.yaml
@@ -1,30 +0,0 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: thomflix-requirements
  namespace: {{ .Values.argocd.namespace }}
  annotations:
    argocd.argoproj.io/sync-wave: "-1"
 spec:
  project: {{ .Values.argocd.project }}
  source:
    repoURL: "https://git.blarre.net/thomas/helm-charts.git"
    targetRevision: HEAD
    path: thomflix-requirements
    helm:
      releaseName: thomflix-requirements
      valuesObject:
        mediaLibrary:
          storageClassName: {{ .Values.mediaLibrary.storageClassName }} 
          storageSize: {{ .Values.mediaLibrary.storageSize }}
  destination:
    server: {{ .Values.mainDestination }} 
    namespace: {{ .Values.mainNamespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - ApplyOutOfSyncOnly=true
      - ServerSideApply=true
      - CreateNamespace=true
--- a/thomflix-argocd-apps/templates/transmission-chart.yaml
+++ b/thomflix-argocd-apps/templates/transmission-chart.yaml
@@ -1,136 +0,0 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: transmission
  namespace: {{ .Values.argocd.namespace }}
  annotations:
    argocd.argoproj.io/sync-wave: "0"
 spec:
  project: {{ .Values.argocd.project }}
  source:
    repoURL: "tccr.io/truecharts"
    chart: transmission
    targetRevision: 22.x
    helm:
      releaseName: transmission
      valuesObject:
        persistence:
          config:
            enabled: true
            mountPath: "/config"
            type: pvc
            namespace: {{ .Values.mainNamespace }}
            accessModes: ReadWriteOnce
            size: 100Mi
            storageClass: longhorn-config
          downloads:
            enabled: true
            mountPath: "/data/torrents"
            type: pvc 
            namespace: {{ .Values.mainNamespace }}
            existingClaim: thomflix-media
            subPath: "data/torrents"
        workload:
          main:
            podSpec:
              containers:
                main:
                  probes:
                    liveness:
                      enabled: true
                      type: tcp
                    startup:
                      enabled: true
                      type: tcp
                    readiness:
                      enabled: true
                      type: tcp
                  env:
                    # PUID: 1001
                    # URL is set here so it wont be able to get overwritten by the user
                    # as this will break the probes, if the need arises we can expose it.
                    TRANSMISSION__RPC_URL: "/transmission"
                    # TRANSMISSION__RPC_USERNAME: ""
                    # TRANSMISSION__RPC_PASSWORD: ""
                    # TRANSMISSION__RPC_AUTHENTICATION_REQUIRED: false
                    # TRANSMISSION__ALT_SPEED_DOWN: 50
                    # TRANSMISSION__ALT_SPEED_ENABLED: false
                    # TRANSMISSION__ALT_SPEED_TIME_BEGIN: 540
                    # TRANSMISSION__ALT_SPEED_TIME_DAY: 127
                    # TRANSMISSION__ALT_SPEED_TIME_ENABLED: false
                    # TRANSMISSION__ALT_SPEED_TIME_END: 1020
                    # TRANSMISSION__ALT_SPEED_UP: 50
                    # TRANSMISSION__BIND_ADDRESS_IPV4: "0.0.0.0"
                    # TRANSMISSION__BIND_ADDRESS_IPV6: "::"
                    # TRANSMISSION__BLOCKLIST_ENABLED: true
                    # TRANSMISSION__BLOCKLIST_URL: "https://github.com/Naunter/BT_BlockLists/releases/download/v.1/bt_blocklists.gz"
                    # TRANSMISSION__CACHE_SIZE_MB: 4
                    # TRANSMISSION__DHT_ENABLED: true
                    TRANSMISSION__DOWNLOAD_DIR: "/data/torrents"
                    # TRANSMISSION__DOWNLOAD_QUEUE_ENABLED: true
                    # TRANSMISSION__DOWNLOAD_QUEUE_SIZE: 5
                    # TRANSMISSION__ENCRYPTION: 1
                    # TRANSMISSION__IDLE_SEEDING_LIMIT: 30
                    # TRANSMISSION__IDLE_SEEDING_LIMIT_ENABLED: false
                    TRANSMISSION__INCOMPLETE_DIR: "/data/torrents/incomplete"
                    # TRANSMISSION__INCOMPLETE_DIR_ENABLED: true
                    # TRANSMISSION__LPD_ENABLED: false
                    # TRANSMISSION__MESSAGE_LEVEL: 2
                    # TRANSMISSION__PEER_CONGESTION_ALGORITHM: ""
                    # TRANSMISSION__PEER_ID_TTL_HOURS: 6
                    # TRANSMISSION__PEER_LIMIT_GLOBAL: 200
                    # TRANSMISSION__PEER_LIMIT_PER_TORRENT: 50
                    # TRANSMISSION__PEER_PORT: "{{ .Values.service.torrent.ports.torrent.port }}"
                    # TRANSMISSION__PEER_PORT_RANDOM_HIGH: 65535
                    # TRANSMISSION__PEER_PORT_RANDOM_LOW: 49152
                    # TRANSMISSION__PEER_PORT_RANDOM_ON_START: false
                    # TRANSMISSION__PEER_SOCKET_TOS: default"
                    # TRANSMISSION__PEX_ENABLED: true
                    # TRANSMISSION__PORT_FORWARDING_ENABLED: false
                    # TRANSMISSION__PREALLOCATION: 1
                    # TRANSMISSION__PREFETCH_ENABLED: true
                    # TRANSMISSION__QUEUE_STALLED_ENABLED: true
                    # TRANSMISSION__QUEUE_STALLED_MINUTES: 30
                    # TRANSMISSION__RATIO_LIMIT: 2
                    # TRANSMISSION__RATIO_LIMIT_ENABLED: false
                    # TRANSMISSION__RENAME_PARTIAL_FILES: true
                    # TRANSMISSION__RPC_BIND_ADDRESS: "0.0.0.0"
                    # TRANSMISSION__RPC_ENABLED: true
                    # TRANSMISSION__RPC_HOST_WHITELIST: ""
                    # TRANSMISSION__RPC_HOST_WHITELIST_ENABLED: false
                    # TRANSMISSION__RPC_PORT: "{{ .Values.service.main.ports.main.port }}"
                    # TRANSMISSION__RPC_URL: "/transmission/"
                    # TRANSMISSION__RPC_WHITELIST: ""
                    # TRANSMISSION__RPC_WHITELIST_ENABLED: false
                    # TRANSMISSION__SCRAPE_PAUSED_TORRENTS_ENABLED: true
                    # TRANSMISSION__SCRIPT_TORRENT_DONE_ENABLED: false
                    # TRANSMISSION__SCRIPT_TORRENT_DONE_FILENAME: ""
                    # TRANSMISSION__SEED_QUEUE_ENABLED: false
                    # TRANSMISSION__SEED_QUEUE_SIZE: 10
                    # TRANSMISSION__SPEED_LIMIT_DOWN: 100
                    # TRANSMISSION__SPEED_LIMIT_DOWN_ENABLED: false
                    # TRANSMISSION__SPEED_LIMIT_UP: 100
                    # TRANSMISSION__SPEED_LIMIT_UP_ENABLED: false
                    # TRANSMISSION__START_ADDED_TORRENTS: true
                    # TRANSMISSION__TRASH_ORIGINAL_TORRENT_FILES: false
                    # TRANSMISSION__UMASK: 2
                    # TRANSMISSION__UPLOAD_SLOTS_PER_TORRENT: 14
                    # TRANSMISSION__UTP_ENABLED: true
                    # TRANSMISSION__WATCH_DIR: "/watch"
                    # TRANSMISSION__WATCH_DIR_ENABLED: false
  destination:
    server: {{ .Values.mainDestination }}
    namespace: {{ .Values.mainNamespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - ApplyOutOfSyncOnly=true
      - ServerSideApply=true
      - CreateNamespace=true
  ignoreDifferences:
  - group: apps
    kind: Deployment
    jsonPointers:
    - /spec/template/spec/hostUsers
--- a/thomflix-argocd-apps/values.yaml
+++ b/thomflix-argocd-apps/values.yaml
@@ -1,12 +0,0 @@
 argocd:
  namespace: argocd
  project: default
 mainDestination: https://kubernetes.default.svc
 mainNamespace: thomflix
 mediaLibrary:
  storageClassName: default 
  storageSize: 1Ti
 generalConfigStorageClass: default
--- a/thomflix-postinstall/.helmignore
+++ b/thomflix-postinstall/.helmignore
@@ -1,23 +0,0 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
--- a/thomflix-postinstall/Chart.yaml
+++ b/thomflix-postinstall/Chart.yaml
@@ -1,24 +0,0 @@
 apiVersion: v2
 name: thomflix-postinstall
 description: A Helm chart for Kubernetes
 # A chart can be either an 'application' or a 'library' chart.
 #
 # Application charts are a collection of templates that can be packaged into versioned archives
 # to be deployed.
 #
 # Library charts provide useful utilities or functions for the chart developer. They're included as
 # a dependency of application charts to inject those utilities and functions into the rendering
 # pipeline. Library charts do not define any templates and therefore cannot be deployed.
 type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
 version: 0.1.0
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
 appVersion: "1.16.0"
--- a/thomflix-postinstall/templates/NOTES.txt
+++ b/thomflix-postinstall/templates/NOTES.txt
@@ -1,22 +0,0 @@
 1. Get the application URL by running these commands:
 {{- if .Values.ingress.enabled }}
 {{- range $host := .Values.ingress.hosts }}
  {{- range .paths }}
  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
  {{- end }}
 {{- end }}
 {{- else if contains "NodePort" .Values.service.type }}
  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "thomflix-postinstall.fullname" . }})
  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
  echo http://$NODE_IP:$NODE_PORT
 {{- else if contains "LoadBalancer" .Values.service.type }}
     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
           You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "thomflix-postinstall.fullname" . }}'
  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "thomflix-postinstall.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
  echo http://$SERVICE_IP:{{ .Values.service.port }}
 {{- else if contains "ClusterIP" .Values.service.type }}
  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "thomflix-postinstall.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
  echo "Visit http://127.0.0.1:8080 to use your application"
  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
 {{- end }}
--- a/thomflix-postinstall/templates/_helpers.tpl
+++ b/thomflix-postinstall/templates/_helpers.tpl
@@ -1,62 +0,0 @@
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "thomflix-postinstall.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "thomflix-postinstall.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- $name := default .Chart.Name .Values.nameOverride }}
 {{- if contains $name .Release.Name }}
 {{- .Release.Name | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "thomflix-postinstall.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Common labels
 */}}
 {{- define "thomflix-postinstall.labels" -}}
 helm.sh/chart: {{ include "thomflix-postinstall.chart" . }}
 {{ include "thomflix-postinstall.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "thomflix-postinstall.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "thomflix-postinstall.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "thomflix-postinstall.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
 {{- default (include "thomflix-postinstall.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
--- a/thomflix-postinstall/templates/deployment.yaml
+++ b/thomflix-postinstall/templates/deployment.yaml
@@ -1,68 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ include "thomflix-postinstall.fullname" . }}
  labels:
    {{- include "thomflix-postinstall.labels" . | nindent 4 }}
 spec:
  {{- if not .Values.autoscaling.enabled }}
  replicas: {{ .Values.replicaCount }}
  {{- end }}
  selector:
    matchLabels:
      {{- include "thomflix-postinstall.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      {{- with .Values.podAnnotations }}
      annotations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      labels:
        {{- include "thomflix-postinstall.labels" . | nindent 8 }}
        {{- with .Values.podLabels }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
    spec:
      {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      serviceAccountName: {{ include "thomflix-postinstall.serviceAccountName" . }}
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
      containers:
        - name: {{ .Chart.Name }}
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.port }}
              protocol: TCP
          livenessProbe:
            {{- toYaml .Values.livenessProbe | nindent 12 }}
          readinessProbe:
            {{- toYaml .Values.readinessProbe | nindent 12 }}
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
          {{- with .Values.volumeMounts }}
          volumeMounts:
            {{- toYaml . | nindent 12 }}
          {{- end }}
      {{- with .Values.volumes }}
      volumes:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
--- a/thomflix-postinstall/templates/hpa.yaml
+++ b/thomflix-postinstall/templates/hpa.yaml
@@ -1,32 +0,0 @@
 {{- if .Values.autoscaling.enabled }}
 apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
  name: {{ include "thomflix-postinstall.fullname" . }}
  labels:
    {{- include "thomflix-postinstall.labels" . | nindent 4 }}
 spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: {{ include "thomflix-postinstall.fullname" . }}
  minReplicas: {{ .Values.autoscaling.minReplicas }}
  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
  metrics:
    {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
    - type: Resource
      resource:
        name: cpu
        target:
          type: Utilization
          averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
    {{- end }}
    {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
    - type: Resource
      resource:
        name: memory
        target:
          type: Utilization
          averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
    {{- end }}
 {{- end }}
--- a/thomflix-postinstall/templates/ingress.yaml
+++ b/thomflix-postinstall/templates/ingress.yaml
@@ -1,43 +0,0 @@
 {{- if .Values.ingress.enabled -}}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: {{ include "thomflix-postinstall.fullname" . }}
  labels:
    {{- include "thomflix-postinstall.labels" . | nindent 4 }}
  {{- with .Values.ingress.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 spec:
  {{- with .Values.ingress.className }}
  ingressClassName: {{ . }}
  {{- end }}
  {{- if .Values.ingress.tls }}
  tls:
    {{- range .Values.ingress.tls }}
    - hosts:
        {{- range .hosts }}
        - {{ . | quote }}
        {{- end }}
      secretName: {{ .secretName }}
    {{- end }}
  {{- end }}
  rules:
    {{- range .Values.ingress.hosts }}
    - host: {{ .host | quote }}
      http:
        paths:
          {{- range .paths }}
          - path: {{ .path }}
            {{- with .pathType }}
            pathType: {{ . }}
            {{- end }}
            backend:
              service:
                name: {{ include "thomflix-postinstall.fullname" $ }}
                port:
                  number: {{ $.Values.service.port }}
          {{- end }}
    {{- end }}
 {{- end }}
--- a/thomflix-postinstall/templates/service.yaml
+++ b/thomflix-postinstall/templates/service.yaml
@@ -1,15 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "thomflix-postinstall.fullname" . }}
  labels:
    {{- include "thomflix-postinstall.labels" . | nindent 4 }}
 spec:
  type: {{ .Values.service.type }}
  ports:
    - port: {{ .Values.service.port }}
      targetPort: http
      protocol: TCP
      name: http
  selector:
    {{- include "thomflix-postinstall.selectorLabels" . | nindent 4 }}
--- a/thomflix-postinstall/templates/serviceaccount.yaml
+++ b/thomflix-postinstall/templates/serviceaccount.yaml
@@ -1,13 +0,0 @@
 {{- if .Values.serviceAccount.create -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ include "thomflix-postinstall.serviceAccountName" . }}
  labels:
    {{- include "thomflix-postinstall.labels" . | nindent 4 }}
  {{- with .Values.serviceAccount.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
 {{- end }}
--- a/thomflix-postinstall/templates/tests/test-connection.yaml
+++ b/thomflix-postinstall/templates/tests/test-connection.yaml
@@ -1,15 +0,0 @@
 apiVersion: v1
 kind: Pod
 metadata:
  name: "{{ include "thomflix-postinstall.fullname" . }}-test-connection"
  labels:
    {{- include "thomflix-postinstall.labels" . | nindent 4 }}
  annotations:
    "helm.sh/hook": test
 spec:
  containers:
    - name: wget
      image: busybox
      command: ['wget']
      args: ['{{ include "thomflix-postinstall.fullname" . }}:{{ .Values.service.port }}']
  restartPolicy: Never
--- a/thomflix-postinstall/values.yaml
+++ b/thomflix-postinstall/values.yaml
@@ -1,123 +0,0 @@
 # Default values for thomflix-postinstall.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
 # This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
 replicaCount: 1
 # This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/
 image:
  repository: nginx
  # This sets the pull policy for images.
  pullPolicy: IfNotPresent
  # Overrides the image tag whose default is the chart appVersion.
  tag: ""
 # This is for the secretes for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
 imagePullSecrets: []
 # This is to override the chart name.
 nameOverride: ""
 fullnameOverride: ""
 # This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/
 serviceAccount:
  # Specifies whether a service account should be created
  create: true
  # Automatically mount a ServiceAccount's API credentials?
  automount: true
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
 # This is for setting Kubernetes Annotations to a Pod.
 # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
 podAnnotations: {}
 # This is for setting Kubernetes Labels to a Pod.
 # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
 podLabels: {}
 podSecurityContext: {}
  # fsGroup: 2000
 securityContext: {}
  # capabilities:
  #   drop:
  #   - ALL
  # readOnlyRootFilesystem: true
  # runAsNonRoot: true
  # runAsUser: 1000
 # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/
 service:
  # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
  type: ClusterIP
  # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports
  port: 80
 # This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/
 ingress:
  enabled: false
  className: ""
  annotations: {}
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  hosts:
    - host: chart-example.local
      paths:
        - path: /
          pathType: ImplementationSpecific
  tls: []
  #  - secretName: chart-example-tls
  #    hosts:
  #      - chart-example.local
 resources: {}
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  # limits:
  #   cpu: 100m
  #   memory: 128Mi
  # requests:
  #   cpu: 100m
  #   memory: 128Mi
 # This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
 livenessProbe:
  httpGet:
    path: /
    port: http
 readinessProbe:
  httpGet:
    path: /
    port: http
 # This section is for setting up autoscaling more information can be found here: https://kubernetes.io/docs/concepts/workloads/autoscaling/
 autoscaling:
  enabled: false
  minReplicas: 1
  maxReplicas: 100
  targetCPUUtilizationPercentage: 80
  # targetMemoryUtilizationPercentage: 80
 # Additional volumes on the output Deployment definition.
 volumes: []
 # - name: foo
 #   secret:
 #     secretName: mysecret
 #     optional: false
 # Additional volumeMounts on the output Deployment definition.
 volumeMounts: []
 # - name: foo
 #   mountPath: "/etc/foo"
 #   readOnly: true
 nodeSelector: {}
 tolerations: []
 affinity: {}
--- a/thomflix-requirements/.helmignore
+++ b/thomflix-requirements/.helmignore
@@ -1,23 +0,0 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
--- a/thomflix-requirements/Chart.yaml
+++ b/thomflix-requirements/Chart.yaml
@@ -1,5 +0,0 @@
 apiVersion: v2
 name: thomflix-requirements
 description: A Helm chart for Thomflix's requirements, especially the media library
 type: application
 version: 0.1.0
--- a/thomflix-requirements/templates/_helpers.tpl
+++ b/thomflix-requirements/templates/_helpers.tpl
@@ -1,62 +0,0 @@
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "thomflix-requirements.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "thomflix-requirements.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- $name := default .Chart.Name .Values.nameOverride }}
 {{- if contains $name .Release.Name }}
 {{- .Release.Name | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "thomflix-requirements.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Common labels
 */}}
 {{- define "thomflix-requirements.labels" -}}
 helm.sh/chart: {{ include "thomflix-requirements.chart" . }}
 {{ include "thomflix-requirements.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "thomflix-requirements.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "thomflix-requirements.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "thomflix-requirements.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
 {{- default (include "thomflix-requirements.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
--- a/thomflix-requirements/templates/media-pvc.yaml
+++ b/thomflix-requirements/templates/media-pvc.yaml
@@ -1,11 +0,0 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: thomflix-media
 spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: {{ .Values.mediaLibrary.storageClassName }}
  resources:
    requests:
      storage: {{ .Values.mediaLibrary.storageSize }}
--- a/thomflix-requirements/values.yaml
+++ b/thomflix-requirements/values.yaml
@@ -1,3 +0,0 @@
 mediaLibrary:
  storageClassName: default 
  storageSize: 1Ti
		`@@ -1 +0,0 @@`
			`This chart requires CNPG (Cloud Native Postgres) installed on the Kubernetes cluster, as well as the Tailscale operator (for the ingress)`