ivanch/haven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Jose Henrique
2025-09-17 15:41:23 -03:00
commit 1961816c54
23 changed files with 2024 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
SETUP.md Normal file
View File

@@ -0,0 +1,65 @@
## Install nfs-subdir-external-provisioner
```bash
helm install nfs-subdir-external-provisioner nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \
--set nfs.server=192.168.15.61 \
--set nfs.path=/export/config \
--set storageClass.name=nfs-client \
--set storageClass.pathPattern='${.PVC.namespace}/${.PVC.annotations.nfs.io/storage-path}'
```
Make it default by:
```bash
current_default=$(kubectl get storageclass -o jsonpath='{.items[?(@.metadata.annotations.storageclass\.kubernetes\.io/is-default-class=="true")].metadata.name}')
if [ -n "$current_default" ]; then
kubectl annotate storageclass "$current_default" storageclass.kubernetes.io/is-default-class- --overwrite
fi
kubectl annotate storageclass nfs-client storageclass.kubernetes.io/is-default-class=true --overwrite
```
PVC Usage:
```yaml
apiVersion: storage.k8s.io/v1
kind: PersistentVolumeClaim
metadata:
name: app-config
namespace: default
annotations:
nfs.io/storage-path: "app-config"
spec:
storageClassName: "nfs-client"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
```
## Install MetalLB
```bash
kubectl create ns metallb-system
helm repo add metallb https://metallb.github.io/metallb
helm install metallb metallb/metallb --namespace metallb-system
```
Configure MetalLB with the config map from [metallb-system/address-pool.yaml](metallb-system/address-pool.yaml), and apply it:
```bash
kubectl apply -f metallb-system/address-pool.yaml
```
## Install cert-manager
```bash
kubectl create namespace cert-manager
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.15.1/cert-manager.yaml
# Create the private key for local CA
openssl genrsa -out ca.key 4096
# Create the root certificate, valid for 10 years
openssl req -x509 -new -nodes -key ca.key -sha256 -days 3650 -out ca.crt -subj "/CN=Homelab CA"
# Create secret and ClusterIssuer
kubectl create secret tls internal-ca-secret -cert=ca.crt --key=ca.key -n cert-manager
kubectl apply -f cert-manager/cluster-issuer.yaml
```