diff --git a/charts/home-assistant/.helmignore b/charts/home-assistant/.helmignore new file mode 100644 index 00000000..a9fe7278 --- /dev/null +++ b/charts/home-assistant/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +# OWNERS file for Kubernetes +OWNERS \ No newline at end of file diff --git a/charts/home-assistant/Chart.yaml b/charts/home-assistant/Chart.yaml new file mode 100644 index 00000000..0e46031a --- /dev/null +++ b/charts/home-assistant/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +appVersion: 0.110.6 +description: Home Assistant +name: home-assistant +version: 1.0.0 +keywords: +- home-assistant +- hass +- homeassistant +home: https://github.com/billimek/billimek-charts/tree/master/charts/home-assistant +icon: https://upload.wikimedia.org/wikipedia/commons/thumb/6/6e/Home_Assistant_Logo.svg/519px-Home_Assistant_Logo.svg.png +sources: +- https://github.com/home-assistant/home-assistant +- https://github.com/danielperna84/hass-configurator +- https://github.com/cdr/code-server +- https://github.com/billimek/billimek-charts/tree/master/charts/home-assistant +maintainers: +- name: billimek + email: jeff@billimek.com +- name: runningman84 + email: phil@hellmi.de diff --git a/charts/home-assistant/OWNERS b/charts/home-assistant/OWNERS new file mode 100644 index 00000000..b7fc7f20 --- /dev/null +++ b/charts/home-assistant/OWNERS @@ -0,0 +1,7 @@ +approvers: +- billimek +- runningman84 +reviewers: +- billimek +- runningman84 + diff --git a/charts/home-assistant/README.md b/charts/home-assistant/README.md new file mode 100644 index 00000000..c6cd8cac --- /dev/null +++ b/charts/home-assistant/README.md @@ -0,0 +1,227 @@ +# Home Assistant + +This is a helm chart for [Home Assistant](https://www.home-assistant.io/) + +## TL;DR; + +```shell +helm repo add billimek https://billimek.com/billimek-charts/ +helm install billimek/home-assistant +``` + +## Introduction + +This code is adapted for [the official home assistant docker image](https://hub.docker.com/r/homeassistant/home-assistant/) + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```shell +helm install --name my-release billimek/home-assistant +``` +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```shell +helm delete my-release --purge +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Configuration + +The following tables lists the configurable parameters of the Home Assistant chart and their default values. + +| Parameter | Description | Default | +|----------------------------|-------------------------------------|---------------------------------------------------------| +| `image.repository` | Image repository | `homeassistant/home-assistant` | +| `image.tag` | Image tag. Possible values listed [here](https://hub.docker.com/r/homeassistant/home-assistant/tags/).| `0.110.6`| +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Secrets to use when pulling the image | `[]` | +| `strategyType` | Specifies the strategy used to replace old Pods by new ones | `Recreate` | +| `probes.liveness.enabled` | Use the livenessProbe? | `true` | +| `probes.liveness.scheme ` | Specify liveness `scheme` parameter for the deployment | `HTTP` | +| `probes.liveness.initialDelaySeconds` | Specify liveness `initialDelaySeconds` parameter for the deployment | `60` | +| `probes.liveness.failureThreshold` | Specify liveness `failureThreshold` parameter for the deployment | `5` | +| `probes.liveness.timeoutSeconds` | Specify liveness `timeoutSeconds` parameter for the deployment | `10` | +| `probes.readiness.enabled` | Use the readinessProbe? | `true` | +| `probes.readiness.scheme ` | Specify readiness `scheme` parameter for the deployment | `HTTP` | +| `probes.readiness.initialDelaySeconds` | Specify readiness `initialDelaySeconds` parameter for the deployment | `60` | +| `probes.readiness.failureThreshold` | Specify readiness `failureThreshold` parameter for the deployment | `5` | +| `probes.readiness.timeoutSeconds` | Specify readiness `timeoutSeconds` parameter for the deployment | `10` | +| `probes.startup.enabled` | Use the startupProbe? (new in kubernetes 1.16) | `false` | +| `probes.startup.scheme ` | Specify startup `scheme` parameter for the deployment | `HTTP` | +| `probes.startup.failureThreshold` | Specify startup `failureThreshold` parameter for the deployment | `5` | +| `probes.startup.periodSeconds` | Specify startup `periodSeconds` parameter for the deployment | `10` | +| `service.type` | Kubernetes service type for the home-assistant GUI | `ClusterIP` | +| `service.port` | Kubernetes port where the home-assistant GUI is exposed| `8123` | +| `service.portName` | Kubernetes port name where the home-assistant GUI is exposed | `api` | +| `service.additionalPorts` | Add additional ports exposed by the home assistant container integrations. Example homematic needs to expose a proxy port | `{}` | +| `service.annotations` | Service annotations for the home-assistant GUI | `{}` | +| `service.clusterIP` | Cluster IP for the home-assistant GUI | `` | +| `service.externalIPs` | External IPs for the home-assistant GUI | `[]` | +| `service.loadBalancerIP` | Loadbalancer IP for the home-assistant GUI | `` | +| `service.loadBalancerSourceRanges` | Loadbalancer client IP restriction range for the home-assistant GUI | `[]` | +| `service.publishNotReadyAddresses` | Set to true if the editors (vscode or configurator) should be reachable when home assistant does not run | `false` | +| `service.externalTrafficPolicy` | Loadbalancer externalTrafficPolicy | `` | +| `hostNetwork` | Enable hostNetwork - might be needed for discovery to work | `false` | +| `service.nodePort` | nodePort to listen on for the home-assistant GUI | `` | +| `ingress.enabled` | Enables Ingress | `false` | +| `ingress.annotations` | Ingress annotations | `{}` | +| `ingress.path` | Ingress path | `/` | +| `ingress.hosts` | Ingress accepted hostnames | `chart-example.local` | +| `ingress.tls` | Ingress TLS configuration | `[]` | +| `persistence.enabled` | Use persistent volume to store data | `true` | +| `persistence.size` | Size of persistent volume claim | `5Gi` | +| `persistence.existingClaim`| Use an existing PVC to persist data | `nil` | +| `persistence.hostPath`| The path to the config directory on the host, instead of a PVC | `nil` | +| `persistence.storageClass` | Type of persistent volume claim | `-` | +| `persistence.accessMode` | Persistence access modes | `ReadWriteMany` | +| `git.enabled` | Use git-sync in init container | `false` | +| `git.secret` | Git secret to use for git-sync | `git-creds` | +| `git.syncPath` | Git sync path | `/config` | +| `git.keyPath` | Git ssh key path | `/root/.ssh` | +| `git.user.name` | Human-readable name in the “committer” and “author” fields | `` | +| `git.user.email` | Email address for the “committer” and “author” fields | `` | +| `zwave.enabled` | Enable zwave host device passthrough. Also enables privileged container mode. | `false` | +| `zwave.device` | Device to passthrough to guest | `ttyACM0` | +| `hostMounts` | Array of host directories to mount; can be used for devices | [] | +| `hostMounts.name` | Name of the volume | `nil` | +| `hostMounts.hostPath` | The path on the host machine | `nil` | +| `hostMounts.mountPath` | The path at which to mount (optional; assumed same as hostPath) | `nil` | +| `hostMounts.type` | The type to mount (optional, i.e., `Directory`) | `nil` | +| `extraEnv` | Extra ENV vars to pass to the home-assistant container | `{}` | +| `extraEnvSecrets` | Extra env vars to pass to the home-assistant container from k8s secrets - see `values.yaml` for an example | `{}` | +| `configurator.enabled` | Enable the optional [configuration UI](https://github.com/danielperna84/hass-configurator) | `false` | +| `configurator.image.repository` | Image repository | `billimek/hass-configurator-docker` | +| `configurator.image.tag` | Image tag | `0.3.5-x86_64`| +| `configurator.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `configurator.hassApiUrl` | Home Assistant API URL (e.g. 'http://home-assistant:8123/api/') - will auto-configure to proper URL if not set | ``| +| `configurator.hassApiPassword` | Home Assistant API Password | `` | +| `configurator.basepath` | Base path of the home assistant configuration files | `/config` | +| `configurator.enforceBasepath` | If set to true, will prevent navigation to other directories in the configurator UI | `true` | +| `configurator.username` | If this and password (below) are set, will require basic auth to access the configurator UI | `` | +| `configurator.password` | If this and username (above) are set, will require basic auth to access the configurator UI. password is in the format of a sha256 hash (e.g. "test" would be "{sha256}9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08") | `` | +| `configurator.extraEnv` | Extra ENV vars to pass to the configuration UI | `{}` | +| `configurator.ingress.enabled` | Enables Ingress for the configurator UI | `false` | +| `configurator.ingress.annotations` | Ingress annotations for the configurator UI | `{}` | +| `configurator.ingress.hosts` | Ingress accepted hostnames for the configurator UI | `chart-example.local` | +| `configurator.ingress.tls` | Ingress TLS configuration for the configurator UI | `[]` | +| `configurator.strategy.type` | hass-configurator Deployment Strategy type | `` | +| `configurator.tolerations` | Toleration labels for pod assignment for the configurator UI | `[]` | +| `configurator.nodeSelector` | Node labels for pod assignment for the configurator UI | `{}` | +| `configurator.schedulerName` | Use an alternate scheduler, e.g. "stork" for the configurator UI | `` | +| `configurator.podAnnotations` | Affinity settings for pod assignment for the configurator UI | `{}` | +| `configurator.resources` | CPU/Memory resource requests/limits for the configurator UI | `{}` | +| `configurator.securityContext` | Security context to be added to hass-configurator pods for the configurator UI | `{}` | +| `configurator.service.type` | Kubernetes service type for the configurator UI | `ClusterIP` | +| `configurator.service.port` | Kubernetes port where the configurator UI is exposed| `3218` | +| `configurator.service.nodePort` | nodePort to listen on for the configurator UI | `` | +| `configurator.service.annotations` | Service annotations for the configurator UI | `{}` | +| `configurator.service.labels` | Service labels to use for the configurator UI | `{}` | +| `configurator.service.clusterIP` | Cluster IP for the configurator UI | `` | +| `configurator.service.externalIPs` | External IPs for the configurator UI | `[]` | +| `configurator.service.loadBalancerIP` | Loadbalancer IP for the configurator UI | `` | +| `configurator.service.loadBalancerSourceRanges` | Loadbalancer client IP restriction range for the configurator UI | `[]` | +| `vscode.enabled` | Enable the optional [VS Code Server Sidecar](https://github.com/cdr/code-server) | `false` | +| `vscode.image.repository` | Image repository | `codercom/code-server` | +| `vscode.image.tag` | Image tag | `3.1.1`| +| `vscode.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `vscode.hassConfig` | Base path of the home assistant configuration files | `/config` | +| `vscode.vscodePath` | Base path of the VS Code configuration files | `/config/.vscode` | +| `vscode.password` | If this is set, will require a password to access the VS Code Server UI | `` | +| `vscode.extraEnv` | Extra ENV vars to pass to the configuration UI | `{}` | +| `vscode.ingress.enabled` | Enables Ingress for the VS Code UI | `false` | +| `vscode.ingress.annotations` | Ingress annotations for the VS Code UI | `{}` | +| `vscode.ingress.hosts` | Ingress accepted hostnames for the VS Code UI | `chart-example.local` | +| `vscode.ingress.tls` | Ingress TLS configuration for the VS Code UI | `[]` | +| `vscode.resources` | CPU/Memory resource requests/limits for the VS Code UI | `{}` | +| `vscode.securityContext` | Security context to be added to hass-vscode pods for the VS Code UI | `{}` | +| `vscode.service.type` | Kubernetes service type for the VS Code UI | `ClusterIP` | +| `vscode.service.port` | Kubernetes port where the vscode UI is exposed| `80` | +| `vscode.service.nodePort` | nodePort to listen on for the VS Code UI | `` | +| `vscode.service.annotations` | Service annotations for the VS Code UI | `{}` | +| `vscode.service.labels` | Service labels to use for the VS Code UI | `{}` | +| `vscode.service.clusterIP` | Cluster IP for the VS Code UI | `` | +| `vscode.service.externalIPs` | External IPs for the VS Code UI | `[]` | +| `vscode.service.loadBalancerIP` | Loadbalancer IP for the VS Code UI | `` | +| `vscode.service.loadBalancerSourceRanges` | Loadbalancer client IP restriction range for the VS Code UI | `[]` | +| `appdaemon.enabled` | Enable the optional [Appdaemon Sidecar](https://appdaemon.readthedocs.io/en/latest/) | `false` | +| `appdaemon.image.repository` | Image repository | `acockburn/appdaemon` | +| `appdaemon.image.tag` | Image tag | `3.0.5`| +| `appdaemon.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `appdaemon.haToken` | Home Assistant API token - you need to generate it in your Home Assistant profile and then copy here | `` | +| `appdaemon.extraEnv` | Extra ENV vars to pass to the AppDaemon container | `{}` | +| `appdaemon.ingress.enabled` | Enables Ingress for the AppDaemon UI | `false` | +| `appdaemon.ingress.annotations` | Ingress annotations for the AppDaemon UI | `{}` | +| `appdaemon.ingress.hosts` | Ingress accepted hostnames for the AppDaemonUI | `appdaemon.local` | +| `appdaemon.ingress.tls` | Ingress TLS configuration for the AppDaemon UI | `[]` | +| `appdaemon.resources` | CPU/Memory resource requests/limits for the AppDaemon | `{}` | +| `appdaemon.securityContext` | Security context to be added to hass-appdaemon container | `{}` | +| `appdaemon.service.type` | Kubernetes service type for the AppDaemon UI | `ClusterIP` | +| `appdaemon.service.port` | Kubernetes port where the AppDaemon UI is exposed| `5050` | +| `appdaemon.service.nodePort` | nodePort to listen on for the AppDaemon UI | `` | +| `appdaemon.service.annotations` | Service annotations for the AppDaemon UI | `{}` | +| `appdaemon.service.labels` | Service labels to use for the AppDaemon UI | `{}` | +| `appdaemon.service.clusterIP` | Cluster IP for the AppDaemon UI | `` | +| `appdaemon.service.externalIPs` | External IPs for the AppDaemon UI | `[]` | +| `appdaemon.service.loadBalancerIP` | Loadbalancer IP for the AppDaemon UI | `` | +| `appdaemon.service.loadBalancerSourceRanges` | Loadbalancer client IP restriction range for the VS Code UI | `[]` | +| `resources` | CPU/Memory resource requests/limits or the home-assistant GUI | `{}` | +| `nodeSelector` | Node labels for pod assignment or the home-assistant GUI | `{}` | +| `tolerations` | Toleration labels for pod assignment or the home-assistant GUI | `[]` | +| `affinity` | Affinity settings for pod assignment or the home-assistant GUI | `{}` | +| `podAnnotations` | Key-value pairs to add as pod annotations | `{}` | +| `extraVolumes` | Any extra volumes to define for the pod | `{}` | +| `extraVolumeMounts` | Any extra volumes mounts to define for each container of the pod | `{}` | +| `monitoring.enabled` | Enables Monitoring support | `false` | +| `monitoring.serviceMonitor.enabled` | Setup a ServiceMonitor to configure scraping | `false` | +| `monitoring.serviceMonitor.namespace` | Set the namespace the ServiceMonitor should be deployed | `false` | +| `monitoring.serviceMonitor.interval` | Set how frequently Prometheus should scrape | `30` | +| `monitoring.serviceMonitor.labels` | Set labels for the ServiceMonitor, use this to define your scrape label for Prometheus Operator | `{}` | +| `monitoring.serviceMonitor.bearerTokenFile` | Set bearerTokenFile for home-assistant auth (use long lived access tokens) | `nil` | +| `monitoring.serviceMonitor.bearerTokenSecret` | Set bearerTokenSecret for home-assistant auth (use long lived access tokens) | `nil` | + + + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```shell +helm install --name my-release \ + --set configurator.hassApiPassword="$HASS_API_PASSWORD" \ + billimek/home-assistant +``` + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, + +```shell +helm install --name my-release -f values.yaml billimek/home-assistant +``` + +Read through the [values.yaml](values.yaml) file. It has several commented out suggested values. + +## Configuring home assistant + +Much of the home assistant configuration occurs inside the various files persisted to the `/config` directory. This will require external access to the persistent storage location where the home assistant configuration data is stored. Because this may be a limitation, there are two options built-in to this chart: + +### Configurator UI + +[Home Assistant Configurator UI](https://github.com/danielperna84/hass-configurator) is added as an optional sidecar container to Home Assistant with access to the home assistant configuration for easy in-browser editing and manipulation of Home Assistant. + +### VS Code Server + +[VS Code Server](https://github.com/cdr/code-server) is added as an optional sidecar container to Home Assistant with access to the home assistant configuration for easy in-browser editing and manipulation of Home Assistant. If using this, it is possible to manually install the [Home Assistant Config Helper Extension](https://github.com/keesschollaart81/vscode-home-assistant) in order to have a deeper integration with Home Assistant within VS Code while editing the configuration files. + +### AppDaemon +[AppDaemon](https://www.home-assistant.io/docs/ecosystem/appdaemon/) is added as an optional sidecar container to Home Assistant with access to the home assistant configuration `/config/appdaemon`. This allows downloading apps with [HACS](https://github.com/hacs/integration) +[Home Assistant Configurator UI](https://github.com/danielperna84/hass-configurator) is added as an optional sidecar container to Home Assistant with access to the home assistant configuration for easy in-browser editing and manipulation of Home Assistant. + +## Git sync secret + +In order to sync the home assistant from a git repo, you have to store a ssh key as a kubernetes git secret +```shell +kubectl create secret generic git-creds --from-file=id_rsa=git/k8s_id_rsa --from-file=known_hosts=git/known_hosts --from-file=id_rsa.pub=git/k8s_id_rsa.pub +``` diff --git a/charts/home-assistant/templates/NOTES.txt b/charts/home-assistant/templates/NOTES.txt new file mode 100644 index 00000000..8bc0903c --- /dev/null +++ b/charts/home-assistant/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "home-assistant.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ template "home-assistant.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "home-assistant.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "home-assistant.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/charts/home-assistant/templates/_helpers.tpl b/charts/home-assistant/templates/_helpers.tpl new file mode 100644 index 00000000..d277f82d --- /dev/null +++ b/charts/home-assistant/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "home-assistant.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "home-assistant.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "home-assistant.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/charts/home-assistant/templates/appdaemon-ingress.yaml b/charts/home-assistant/templates/appdaemon-ingress.yaml new file mode 100644 index 00000000..7cb65509 --- /dev/null +++ b/charts/home-assistant/templates/appdaemon-ingress.yaml @@ -0,0 +1,39 @@ +{{- if and (.Values.appdaemon.enabled) (.Values.appdaemon.ingress.enabled) }} +{{- $fullName := include "home-assistant.fullname" . -}} +{{- $servicePort := .Values.appdaemon.service.port -}} +{{- $ingressPath := .Values.appdaemon.ingress.path -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $fullName }}-appdaemon + labels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + helm.sh/chart: {{ include "home-assistant.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- with .Values.appdaemon.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.appdaemon.ingress.tls }} + tls: + {{- range .Values.appdaemon.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.appdaemon.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $servicePort }} + {{- end }} +{{- end }} diff --git a/charts/home-assistant/templates/configurator-ingress.yaml b/charts/home-assistant/templates/configurator-ingress.yaml new file mode 100644 index 00000000..77836558 --- /dev/null +++ b/charts/home-assistant/templates/configurator-ingress.yaml @@ -0,0 +1,39 @@ +{{- if and (.Values.configurator.enabled) (.Values.configurator.ingress.enabled) }} +{{- $fullName := include "home-assistant.fullname" . -}} +{{- $servicePort := .Values.configurator.service.port -}} +{{- $ingressPath := .Values.configurator.ingress.path -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $fullName }}-configurator + labels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + helm.sh/chart: {{ include "home-assistant.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- with .Values.configurator.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.configurator.ingress.tls }} + tls: + {{- range .Values.configurator.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.configurator.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $servicePort }} + {{- end }} +{{- end }} diff --git a/charts/home-assistant/templates/deployment.yaml b/charts/home-assistant/templates/deployment.yaml new file mode 100644 index 00000000..75da07db --- /dev/null +++ b/charts/home-assistant/templates/deployment.yaml @@ -0,0 +1,407 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "home-assistant.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + helm.sh/chart: {{ include "home-assistant.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + replicas: 1 + strategy: + type: {{ .Values.strategyType }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- if .Values.podAnnotations }} + annotations: + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + spec: + {{- with .Values.image.pullSecrets }} + imagePullSecrets: + {{- range . }} + - name: {{ . }} + {{- end }} + {{- end }} + {{- if .Values.hostNetwork }} + hostNetwork: {{ .Values.hostNetwork }} + dnsPolicy: ClusterFirstWithHostNet + {{- end }} + initContainers: + {{- if .Values.git.enabled }} + - name: git-sync + image: "{{ .Values.git.image.repository }}:{{ .Values.git.image.tag }}" + imagePullPolicy: {{ .Values.git.image.pullPolicy }} + {{- if .Values.git.command }} + command: + {{- range .Values.git.command }} + - {{ . | quote }} + {{- end }} + {{- else }} + command: ['sh', '-c', '[ "$(ls {{ .Values.git.syncPath }})" ] || git clone {{ .Values.git.repo }} {{ .Values.git.syncPath }}'] + {{- end }} + volumeMounts: + - mountPath: /config + name: config + - mountPath: {{ .Values.git.keyPath }} + name: git-secret + {{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 8 }}{{ end }} + {{- if .Values.usePodSecurityContext }} + securityContext: + runAsUser: {{ default 0 .Values.runAsUser }} + {{- if and (.Values.runAsUser) (.Values.fsGroup) }} + {{- if not (eq .Values.runAsUser 0.0) }} + fsGroup: {{ .Values.fsGroup }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: api + containerPort: {{ .Values.service.port }} + protocol: TCP + {{- range .Values.service.additionalPorts }} + - name: {{ .name }} + containerPort: {{ .targetPort }} + {{- end }} + {{- if .Values.probes.liveness.enabled }} + livenessProbe: + httpGet: + path: / + port: api + scheme: {{ .Values.probes.liveness.scheme }} + initialDelaySeconds: {{ .Values.probes.liveness.initialDelaySeconds }} + failureThreshold: {{ .Values.probes.liveness.failureThreshold }} + timeoutSeconds: {{ .Values.probes.liveness.timeoutSeconds }} + {{- end }} + {{- if .Values.probes.readiness.enabled }} + readinessProbe: + httpGet: + path: / + port: api + scheme: {{ .Values.probes.readiness.scheme }} + initialDelaySeconds: {{ .Values.probes.readiness.initialDelaySeconds }} + failureThreshold: {{ .Values.probes.readiness.failureThreshold }} + timeoutSeconds: {{ .Values.probes.readiness.timeoutSeconds }} + {{- end }} + {{- if .Values.probes.startup.enabled }} + startupProbe: + httpGet: + path: / + port: api + scheme: {{ .Values.probes.startup.scheme }} + failureThreshold: {{ .Values.probes.startup.failureThreshold }} + periodSeconds: {{ .Values.probes.startup.periodSeconds }} + {{- end }} + env: + {{- range $key, $value := .Values.extraEnv }} + - name: {{ $key }} + value: {{ $value }} + {{- end }} + {{- range $name, $opts := .Values.extraEnvSecrets }} + - name: {{ $name }} + valueFrom: + secretKeyRef: + name: {{ $opts.secret }} + key: {{ $opts.key }} + {{- end }} + envFrom: + {{- range .Values.extraSecretForEnvFrom }} + - secretRef: + name: {{ . }} + {{- end }} + volumeMounts: + - mountPath: /config + name: config + {{- if .Values.zwave.enabled }} + - mountPath: /dev/ttyACM0 + name: ttyacm + {{- end }} + {{- range .Values.hostMounts }} + {{- if .mountPath }} + - mountPath: {{ .mountPath }} + {{- else }} + - mountPath: {{ .hostPath }} + {{- end }} + name: {{ .name }} + {{- end }} + {{- if .Values.git.enabled }} + - mountPath: {{ .Values.git.keyPath }} + name: git-secret + {{- end }} + {{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 10 }}{{ end }} + {{- if .Values.usePodSecurityContext }} + securityContext: + runAsUser: {{ default 0 .Values.runAsUser }} + {{- if and (.Values.runAsUser) (.Values.fsGroup) }} + {{- if not (eq .Values.runAsUser 0.0) }} + fsGroup: {{ .Values.fsGroup }} + {{- end }} + {{- end }} + {{- end }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if or .Values.zwave.enabled (.Values.hostMounts) }} + securityContext: + privileged: true + {{- end }} + {{- if .Values.configurator.enabled }} + - name: configurator + image: "{{ .Values.configurator.image.repository }}:{{ .Values.configurator.image.tag }}" + imagePullPolicy: {{ .Values.configurator.image.pullPolicy }} + ports: + - name: configurator + containerPort: {{ .Values.configurator.service.port }} + protocol: TCP + env: + {{- if .Values.configurator.hassApiPassword }} + - name: HC_HASS_API_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "home-assistant.fullname" . }}-configurator + key: hass-api-password + {{- end }} + {{- if and (.Values.configurator.username) (.Values.configurator.password) }} + - name: HC_USERNAME + valueFrom: + secretKeyRef: + name: {{ template "home-assistant.fullname" . }}-configurator + key: username + - name: HC_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "home-assistant.fullname" . }}-configurator + key: password + {{- end }} + {{- if .Values.configurator.hassApiUrl }} + - name: HC_HASS_API + value: "{{ .Values.configurator.hassApiUrl }}" + {{- else }} + - name: HC_HASS_API + value: "http://127.0.0.1:8123/api/" + {{- end }} + {{- if .Values.configurator.basepath }} + - name: HC_BASEPATH + value: "{{ .Values.configurator.basepath }}" + {{- end }} + {{- if .Values.configurator.enforceBasepath }} + - name: HC_ENFORCE_BASEPATH + value: "{{ .Values.configurator.enforceBasepath }}" + {{- end }} + {{- if and (.Values.git.enabled) (.Values.git.user.name) }} + - name: GIT_AUTHOR_NAME + value: {{ .Values.git.user.name }} + - name: GIT_COMMITTER_NAME + value: {{ .Values.git.user.name }} + {{ end }} + {{- if and (.Values.git.enabled) (.Values.git.user.email) }} + - name: GIT_AUTHOR_EMAIL + value: {{ .Values.git.user.email }} + - name: GIT_COMMITTER_EMAIL + value: {{ .Values.git.user.email }} + {{ end }} + {{- range $key, $value := .Values.configurator.extraEnv }} + - name: {{ $key }} + value: {{ $value }} + {{- end }} + volumeMounts: + - mountPath: /config + name: config + {{- if .Values.git.enabled }} + - mountPath: {{ .Values.git.keyPath }} + name: git-secret + {{- end }} + {{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 10 }}{{ end }} + {{- if .Values.usePodSecurityContext }} + securityContext: + runAsUser: {{ default 0 .Values.runAsUser }} + {{- if and (.Values.runAsUser) (.Values.fsGroup) }} + {{- if not (eq .Values.runAsUser 0.0) }} + fsGroup: {{ .Values.fsGroup }} + {{- end }} + {{- end }} + {{- end }} + resources: +{{ toYaml .Values.configurator.resources | indent 12 }} + {{- end }} + {{- if .Values.vscode.enabled }} + - name: vscode + image: "{{ .Values.vscode.image.repository }}:{{ .Values.vscode.image.tag }}" + imagePullPolicy: {{ .Values.vscode.image.pullPolicy }} + workingDir: {{ .Values.vscode.hassConfig }} + args: + - --port={{ .Values.vscode.service.port }} + {{- if not (.Values.vscode.password) }} + - --auth=none + {{- end }} + {{- if .Values.vscode.vscodePath }} + - --extensions-dir={{ .Values.vscode.vscodePath }} + - --user-data-dir={{ .Values.vscode.vscodePath }} + - {{ .Values.vscode.hassConfig }} + {{- end }} + ports: + - name: vscode + containerPort: {{ .Values.vscode.service.port }} + protocol: TCP + env: + {{- if .Values.vscode.password }} + - name: PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "home-assistant.fullname" . }}-vscode + key: password + {{- end }} + {{- if and (.Values.git.enabled) (.Values.git.user.name) }} + - name: GIT_AUTHOR_NAME + value: {{ .Values.git.user.name }} + - name: GIT_COMMITTER_NAME + value: {{ .Values.git.user.name }} + {{ end }} + {{- if and (.Values.git.enabled) (.Values.git.user.email) }} + - name: GIT_AUTHOR_EMAIL + value: {{ .Values.git.user.email }} + - name: GIT_COMMITTER_EMAIL + value: {{ .Values.git.user.email }} + {{ end }} + {{- range $key, $value := .Values.vscode.extraEnv }} + - name: {{ $key }} + value: {{ $value }} + {{- end }} + volumeMounts: + - mountPath: /config + name: config + {{- if .Values.git.enabled }} + - mountPath: {{ .Values.git.keyPath }} + name: git-secret + {{- end }} + {{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 10 }}{{ end }} + {{- if .Values.usePodSecurityContext }} + securityContext: + runAsUser: {{ default 0 .Values.runAsUser }} + {{- if and (.Values.runAsUser) (.Values.fsGroup) }} + {{- if not (eq .Values.runAsUser 0.0) }} + fsGroup: {{ .Values.fsGroup }} + {{- end }} + {{- end }} + {{- end }} + resources: +{{ toYaml .Values.vscode.resources | indent 12 }} + {{- end }} + {{- if .Values.appdaemon.enabled }} + - name: appdaemon + image: "{{ .Values.appdaemon.image.repository }}:{{ .Values.appdaemon.image.tag }}" + imagePullPolicy: {{ .Values.appdaemon.image.pullPolicy }} + ports: + - name: appdaemon + containerPort: {{ .Values.appdaemon.service.port }} + protocol: TCP + env: + - name: HA_URL + value: "http://localhost:{{ .Values.service.port }}" + {{- if .Values.appdaemon.ingress.enabled }} + - name: DASH_URL + #value: http{{ if .Values.appdaemon.ingress.tls }}s{{ end }}://{{ index .Values.appdaemon.ingress.hosts 0 }} + value: http://0.0.0.0:{{ .Values.appdaemon.service.port }} + {{- end }} + {{- if .Values.appdaemon.haToken }} + - name: TOKEN + valueFrom: + secretKeyRef: + name: {{ template "home-assistant.fullname" . }}-appdaemon + key: token + {{- end }} + {{- if and (.Values.git.enabled) (.Values.git.user.name) }} + - name: GIT_AUTHOR_NAME + value: {{ .Values.git.user.name }} + - name: GIT_COMMITTER_NAME + value: {{ .Values.git.user.name }} + {{ end }} + {{- if and (.Values.git.enabled) (.Values.git.user.email) }} + - name: GIT_AUTHOR_EMAIL + value: {{ .Values.git.user.email }} + - name: GIT_COMMITTER_EMAIL + value: {{ .Values.git.user.email }} + {{ end }} + {{- range $key, $value := .Values.vscode.extraEnv }} + - name: {{ $key }} + value: {{ $value }} + {{- end }} + volumeMounts: + - mountPath: /ha-conf + name: config + - mountPath: /conf + subPath: appdaemon + name: config + {{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 10 }}{{ end }} + {{- if .Values.usePodSecurityContext }} + securityContext: + runAsUser: {{ default 0 .Values.runAsUser }} + {{- if and (.Values.runAsUser) (.Values.fsGroup) }} + {{- if not (eq .Values.runAsUser 0.0) }} + fsGroup: {{ .Values.fsGroup }} + {{- end }} + {{- end }} + {{- end }} + resources: +{{ toYaml .Values.appdaemon.resources | indent 12 }} + {{- end }} + volumes: + - name: config + {{- if .Values.persistence.enabled }} + {{- if .Values.persistence.hostPath }} + hostPath: + path: {{.Values.persistence.hostPath}} + type: Directory + {{- else }} + persistentVolumeClaim: + claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "home-assistant.fullname" . }}{{- end }} + {{- end }} + {{- else }} + emptyDir: {} + {{ end }} + {{- if .Values.zwave.enabled }} + - name: ttyacm + hostPath: + path: /dev/{{.Values.zwave.device}} + {{- end }} + {{- range .Values.hostMounts }} + - name: {{ .name }} + hostPath: + path: {{.hostPath}} + {{- if .type }} + type: {{ .type }} + {{- end }} + {{- end }} + {{- if .Values.git.enabled }} + - name: git-secret + secret: + defaultMode: 256 + secretName: {{ .Values.git.secret }} + {{ end }} + {{- if .Values.extraVolumes }}{{ toYaml .Values.extraVolumes | trim | nindent 6 }}{{ end }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} diff --git a/charts/home-assistant/templates/ingress.yaml b/charts/home-assistant/templates/ingress.yaml new file mode 100644 index 00000000..71eb3508 --- /dev/null +++ b/charts/home-assistant/templates/ingress.yaml @@ -0,0 +1,39 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "home-assistant.fullname" . -}} +{{- $servicePort := .Values.service.port -}} +{{- $ingressPath := .Values.ingress.path -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + helm.sh/chart: {{ include "home-assistant.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $servicePort }} + {{- end }} +{{- end }} diff --git a/charts/home-assistant/templates/pvc.yaml b/charts/home-assistant/templates/pvc.yaml new file mode 100644 index 00000000..13616b7c --- /dev/null +++ b/charts/home-assistant/templates/pvc.yaml @@ -0,0 +1,26 @@ +{{- if .Values.persistence.enabled -}} +{{- if not .Values.persistence.existingClaim -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "home-assistant.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + helm.sh/chart: {{ include "home-assistant.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/home-assistant/templates/secret.yaml b/charts/home-assistant/templates/secret.yaml new file mode 100644 index 00000000..9cf83a4f --- /dev/null +++ b/charts/home-assistant/templates/secret.yaml @@ -0,0 +1,56 @@ +{{- if .Values.configurator.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "home-assistant.fullname" . }}-configurator + labels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + helm.sh/chart: {{ include "home-assistant.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +type: Opaque +data: + {{- if .Values.configurator.hassApiPassword }} + hass-api-password: {{ .Values.configurator.hassApiPassword | b64enc | quote }} + {{- end }} + {{- if .Values.configurator.username }} + username: {{ .Values.configurator.username | b64enc | quote }} + {{- end }} + {{- if .Values.configurator.password }} + password: {{ .Values.configurator.password | b64enc | quote }} + {{- end }} +{{- end }} +--- +{{- if .Values.vscode.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "home-assistant.fullname" . }}-vscode + labels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + helm.sh/chart: {{ include "home-assistant.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +type: Opaque +data: + {{- if .Values.vscode.password }} + password: {{ .Values.vscode.password | b64enc | quote }} + {{- end }} +{{- end }} +--- +{{- if .Values.appdaemon.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "home-assistant.fullname" . }}-appdaemon + labels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + helm.sh/chart: {{ include "home-assistant.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +type: Opaque +data: + {{- if .Values.appdaemon.haToken }} + token: {{ .Values.appdaemon.haToken | b64enc | quote }} + {{- end }} +{{- end }} diff --git a/charts/home-assistant/templates/service.yaml b/charts/home-assistant/templates/service.yaml new file mode 100644 index 00000000..5476c7db --- /dev/null +++ b/charts/home-assistant/templates/service.yaml @@ -0,0 +1,83 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "home-assistant.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + helm.sh/chart: {{ include "home-assistant.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- if .Values.service.labels }} +{{ toYaml .Values.service.labels | indent 4 }} +{{- end }} +{{- with .Values.service.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if (or (eq .Values.service.type "ClusterIP") (empty .Values.service.type)) }} + type: ClusterIP + {{- if .Values.service.clusterIP }} + clusterIP: {{ .Values.service.clusterIP }} + {{end}} +{{- else if eq .Values.service.type "LoadBalancer" }} + type: {{ .Values.service.type }} + {{- if .Values.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if .Values.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} + {{- end }} + {{- if .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: +{{ toYaml .Values.service.loadBalancerSourceRanges | indent 4 }} + {{- end -}} +{{- else }} + type: {{ .Values.service.type }} +{{- end }} +{{- if .Values.service.externalIPs }} + externalIPs: +{{ toYaml .Values.service.externalIPs | indent 4 }} +{{- end }} + publishNotReadyAddresses: {{ .Values.service.publishNotReadyAddresses }} + ports: + - name: {{ .Values.service.portName }} + port: {{ .Values.service.port }} + protocol: TCP + targetPort: 8123 +{{ if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }} + nodePort: {{.Values.service.nodePort}} +{{ end }} +{{- if .Values.configurator.enabled }} + - name: configurator + port: {{ .Values.configurator.service.port }} + protocol: TCP + targetPort: 3218 +{{ if (and (eq .Values.configurator.service.type "NodePort") (not (empty .Values.configurator.service.nodePort))) }} + nodePort: {{.Values.configurator.service.nodePort}} +{{ end }} +{{- end }} +{{- if .Values.vscode.enabled }} + - name: vscode + port: {{ .Values.vscode.service.port }} + protocol: TCP + targetPort: {{ .Values.vscode.service.port }} +{{ if (and (eq .Values.vscode.service.type "NodePort") (not (empty .Values.vscode.service.nodePort))) }} + nodePort: {{.Values.vscode.service.nodePort}} +{{ end }} +{{- end }} +{{- if .Values.appdaemon.enabled }} + - name: appdaemon + port: {{ .Values.appdaemon.service.port }} + protocol: TCP + targetPort: 5050 +{{ if (and (eq .Values.appdaemon.service.type "NodePort") (not (empty .Values.appdaemon.service.nodePort))) }} + nodePort: {{.Values.appdaemon.service.nodePort}} +{{ end }} +{{- end }} +{{- if .Values.service.additionalPorts }} + {{- .Values.service.additionalPorts | toYaml | indent 4 }} +{{- end }} + selector: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/charts/home-assistant/templates/servicemonitor.yaml b/charts/home-assistant/templates/servicemonitor.yaml new file mode 100644 index 00000000..7f8e9c0c --- /dev/null +++ b/charts/home-assistant/templates/servicemonitor.yaml @@ -0,0 +1,39 @@ +{{- if and ( .Values.monitoring.serviceMonitor.enabled ) ( .Values.monitoring.enabled ) }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: +{{- if .Values.monitoring.serviceMonitor.labels }} + labels: +{{ toYaml .Values.monitoring.serviceMonitor.labels | indent 4}} +{{- end }} + name: {{ template "home-assistant.fullname" . }}-prometheus-exporter +{{- if .Values.monitoring.serviceMonitor.namespace }} + namespace: {{ .Values.monitoring.serviceMonitor.namespace }} +{{- end }} +spec: + endpoints: + - targetPort: {{ .Values.service.portName }} + path: /api/prometheus +{{- if .Values.monitoring.serviceMonitor.interval }} + interval: {{ .Values.monitoring.serviceMonitor.interval }} +{{- end }} +{{- if .Values.monitoring.serviceMonitor.bearerTokenFile }} + bearerTokenFile: {{ .Values.monitoring.serviceMonitor.bearerTokenFile }} +{{- end }} +{{- if .Values.monitoring.serviceMonitor.bearerTokenSecret }} + bearerTokenSecret: + name: {{ .Values.monitoring.serviceMonitor.bearerTokenSecret.name }} + key: {{ .Values.monitoring.serviceMonitor.bearerTokenSecret.key }} + {{- if .Values.monitoring.serviceMonitor.bearerTokenSecret.optional }} + optional: {{ .Values.monitoring.serviceMonitor.bearerTokenSecret.optional }} + {{- end }} +{{- end }} + jobLabel: {{ template "home-assistant.fullname" . }}-prometheus-exporter + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} diff --git a/charts/home-assistant/templates/vscode-ingress.yaml b/charts/home-assistant/templates/vscode-ingress.yaml new file mode 100644 index 00000000..d3e17efd --- /dev/null +++ b/charts/home-assistant/templates/vscode-ingress.yaml @@ -0,0 +1,39 @@ +{{- if and (.Values.vscode.enabled) (.Values.vscode.ingress.enabled) }} +{{- $fullName := include "home-assistant.fullname" . -}} +{{- $servicePort := .Values.vscode.service.port -}} +{{- $ingressPath := .Values.vscode.ingress.path -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $fullName }}-vscode + labels: + app.kubernetes.io/name: {{ include "home-assistant.name" . }} + helm.sh/chart: {{ include "home-assistant.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- with .Values.vscode.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.vscode.ingress.tls }} + tls: + {{- range .Values.vscode.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.vscode.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $servicePort }} + {{- end }} +{{- end }} diff --git a/charts/home-assistant/values.yaml b/charts/home-assistant/values.yaml new file mode 100644 index 00000000..efbb09bc --- /dev/null +++ b/charts/home-assistant/values.yaml @@ -0,0 +1,355 @@ +# Default values for home-assistant. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +image: + repository: homeassistant/home-assistant + tag: 0.110.6 + pullPolicy: IfNotPresent + pullSecrets: [] + +# upgrade strategy type (e.g. Recreate or RollingUpdate) +strategyType: Recreate + +# Probes configuration +probes: + liveness: + enabled: true + scheme: HTTP + initialDelaySeconds: 60 + failureThreshold: 5 + timeoutSeconds: 10 + readiness: + enabled: true + scheme: HTTP + initialDelaySeconds: 60 + failureThreshold: 5 + timeoutSeconds: 10 + startup: + enabled: false + scheme: HTTP + failureThreshold: 30 + periodSeconds: 10 +service: + type: ClusterIP + port: 8123 + portName: api + additionalPorts: [] + # - name: homematicproxy + # port: 2001 + # targetPort: 2001 + annotations: {} + labels: {} + clusterIP: "" + ## List of IP addresses at which the hass-configurator service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + loadBalancerIP: "" + loadBalancerSourceRanges: [] + # nodePort: 30000 + publishNotReadyAddresses: false + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: + - home-assistant.local + tls: [] + # - secretName: home-assistant-tls + # hosts: + # - home-assistant.local + +hostNetwork: false + +persistence: + enabled: true + ## home-assistant data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + ## + ## If you want to reuse an existing claim, you can pass the name of the PVC using + ## the existingClaim variable + # existingClaim: your-claim + ## + ## If you want to use a volume on the host machine instead of a PVC: + # hostPath: /path/to/the/config/folder + accessMode: ReadWriteOnce + size: 5Gi + +## Additional hass container environment variable +## For instance to add a http_proxy +## +extraEnv: {} + +## Additional hass container environment variable from k8s secrets +## For instance to add a password +## can use `!env_var` in the home assistant configuration to reference these variables +extraEnvSecrets: + # Example + # This will set ${MQTT_PASSWORD} to the 'password' key from the 'mqtt' secret + # MQTT_PASSWORD: + # secret: mqtt + # key: password + +## If you'd like to provide your own Kubernetes Secret object instead of passing your values +## individually, pass in the name of a created + populated Secret. +## All secrets will be mounted as environment variables, with each key/value mapping to a +## corresponding environment variable. +## +extraSecretForEnvFrom: [] +# - home-assistant-secrets + +# Enable pod security context (must be `true` if runAsUser or fsGroup are set) +usePodSecurityContext: true +# Set runAsUser to 1000 to let home-assistant run as non-root user 'hass' which exists in 'runningman84/alpine-homeassistant' docker image. +# When setting runAsUser to a different value than 0 also set fsGroup to the same value: +# runAsUser: +# fsGroup: + +git: + enabled: false + + ## we just use the hass-configurator container image + ## you can use any image which has git and openssh installed + ## + image: + repository: causticlab/hass-configurator-docker + tag: 0.3.5-x86_64 + pullPolicy: IfNotPresent + + ## Specify the command that runs in the git-sync container to pull in configuration. + # command: [] + + # Committer settings + user: + name: "" + email: "" + + # repo: + secret: git-creds + syncPath: /config + keyPath: /root/.ssh + +zwave: + enabled: false + device: ttyACM0 + +# Mount devices or folders from the host machine. Can be used for USB device mounting. +hostMounts: [] + # Example + # - name: zha + # hostPath: /dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_6120245D-if01-port0 + +configurator: + enabled: false + + ## hass-configurator container image + ## + image: + repository: causticlab/hass-configurator-docker + tag: 0.3.5-x86_64 + pullPolicy: IfNotPresent + + ## URL for the home assistant API endpoint + # hassApiUrl: http://home-assistant:8123/api/ + ## home assistant API password + # hassApiPassword: + ## path where the home assistant configuration is stored + basepath: /config + ## don't allow switching out of the base path + enforceBasepath: true + ## username for basic auth for accessing the configurator + # username: + ## password (sha256-hash) for basic auth for accessing the configurator + ## For example "test" would be "{sha256}9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08" + # password: + + ## Additional hass-configurator container environment variable + ## For instance to add a http_proxy + ## + extraEnv: {} + + ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: + - home-assistant.local + tls: [] + # - secretName: home-assistant-tls + # hosts: + # - home-assistant.local + + service: + type: ClusterIP + port: 3218 + annotations: {} + labels: {} + clusterIP: "" + ## List of IP addresses at which the hass-configurator service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + loadBalancerIP: "" + loadBalancerSourceRanges: [] + # externalTrafficPolicy: Local + # nodePort: 30000 + +## Add support for Prometheus +# settings has to be enabled in configuration.yaml +# https://www.home-assistant.io/components/prometheus/ +monitoring: + enabled: false + serviceMonitor: + # When set true and if Prometheus Operator is installed then use a ServiceMonitor to configure scraping + enabled: true + # Set the namespace the ServiceMonitor should be deployed + # namespace: monitoring + # Set how frequently Prometheus should scrape + # interval: 30s + # Set labels for the ServiceMonitor, use this to define your scrape label for Prometheus Operator + # labels: + # Set bearerTokenFile for home assistant auth (use long lived access tokens) + # bearerTokenFile: + # Set bearerTokenSecret for home assistant auth (use long lived access tokens) + # bearerTokenSecret: + + +vscode: + enabled: false + + ## code-server container image + ## + image: + repository: codercom/code-server + tag: 3.1.1 + pullPolicy: IfNotPresent + + ## VSCode password + # password: + + ## path where the home assistant configuration is stored + hassConfig: /config + + ## path where the VS Code data should reside + vscodePath: /config/.vscode + + ## Additional hass-vscode container environment variable + ## For instance to add a http_proxy + ## + extraEnv: {} + + ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: + - home-assistant.local + tls: [] + # - secretName: home-assistant-tls + # hosts: + # - home-assistant.local + + service: + type: ClusterIP + port: 80 + annotations: {} + labels: {} + clusterIP: "" + ## List of IP addresses at which the hass-vscode service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + loadBalancerIP: "" + loadBalancerSourceRanges: [] + # nodePort: 30000 + +appdaemon: + enabled: false + + ## code-server container image + ## + image: + repository: acockburn/appdaemon + tag: 3.0.5 + pullPolicy: IfNotPresent + + ## Home Assistant API token + # haToken: + + ## Additional hass-vscode container environment variable + ## For instance to add a http_proxy + ## + extraEnv: {} + + ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: + - appdaemon.local + tls: [] + # - secretName: appdaemon-tls + # hosts: + # - appdaemon.local + + service: + type: ClusterIP + port: 5050 + annotations: {} + labels: {} + clusterIP: "" + ## List of IP addresses at which the hass-appdaemon service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + loadBalancerIP: "" + loadBalancerSourceRanges: [] + # nodePort: 30000 + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +podAnnotations: {} + +# Any extra volumes to define for the pod +extraVolumes: [] + # - name: example-name + # hostPath: + # path: /path/on/host + # type: DirectoryOrCreate + +# Any extra volume mounts to define for the containers +extraVolumeMounts: [] +# - name: example-name +# mountPath: /path/in/container diff --git a/home-assistant/README.md b/home-assistant/README.md deleted file mode 100644 index 5ffcbe04..00000000 --- a/home-assistant/README.md +++ /dev/null @@ -1 +0,0 @@ -The Home Assistant chart is now an official helm chart: https://github.com/helm/charts/tree/master/stable/home-assistant