From 2364a9a5609671451beaa07ae5b05a3d9b5be72e Mon Sep 17 00:00:00 2001
From: Chris Smith <chris.b.smith@gmail.com>
Date: Tue, 9 Apr 2024 16:19:51 -0400
Subject: [PATCH] add orbital-sync

---
 kubernetes/apps/networking/kustomization.yaml |  3 +-
 .../orbital-sync/app/externalsecret.yaml      | 25 +++++++++
 .../orbital-sync/app/helmrelease.yaml         | 51 +++++++++++++++++++
 .../orbital-sync/app/kustomization.yaml       |  7 +++
 .../apps/networking/orbital-sync/ks.yaml      | 20 ++++++++
 5 files changed, 105 insertions(+), 1 deletion(-)
 create mode 100644 kubernetes/apps/networking/orbital-sync/app/externalsecret.yaml
 create mode 100644 kubernetes/apps/networking/orbital-sync/app/helmrelease.yaml
 create mode 100644 kubernetes/apps/networking/orbital-sync/app/kustomization.yaml
 create mode 100644 kubernetes/apps/networking/orbital-sync/ks.yaml

diff --git a/kubernetes/apps/networking/kustomization.yaml b/kubernetes/apps/networking/kustomization.yaml
index 2f788cff..6bc4ddaf 100644
--- a/kubernetes/apps/networking/kustomization.yaml
+++ b/kubernetes/apps/networking/kustomization.yaml
@@ -7,4 +7,5 @@ resources:
   - ./echo-server/ks.yaml
   - ./external-dns/ks.yaml
   - ./nginx/ks.yaml
-  - ./pihole/ks.yaml
\ No newline at end of file
+  - ./pihole/ks.yaml
+  - ./orbital-sync/ks.yaml
\ No newline at end of file
diff --git a/kubernetes/apps/networking/orbital-sync/app/externalsecret.yaml b/kubernetes/apps/networking/orbital-sync/app/externalsecret.yaml
new file mode 100644
index 00000000..2714d3b8
--- /dev/null
+++ b/kubernetes/apps/networking/orbital-sync/app/externalsecret.yaml
@@ -0,0 +1,25 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: orbital-sync
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: onepassword-connect
+  target:
+    name: orbital-sync-secret
+    template:
+      engineVersion: v2
+      data:
+        PRIMARY_HOST_BASE_URL: "{{ .PIHOLE_LOCAL_DNS_IP }}"
+        PRIMARY_HOST_PASSWORD: "{{ .pihole-password }}"
+        SECONDARY_HOSTS_1_BASE_URL: "{{ .ORBITAL_SYNC_PIHOLE_1 }}"
+        SECONDARY_HOSTS_1_PASSWORD: "{{ .ORBITAL_SYNC_PIHOLE_1_PASSWORD }}"
+
+  dataFrom:
+    - extract:
+        key: orbital-sync
+    - extract:
+        key: pihole
\ No newline at end of file
diff --git a/kubernetes/apps/networking/orbital-sync/app/helmrelease.yaml b/kubernetes/apps/networking/orbital-sync/app/helmrelease.yaml
new file mode 100644
index 00000000..4292aa11
--- /dev/null
+++ b/kubernetes/apps/networking/orbital-sync/app/helmrelease.yaml
@@ -0,0 +1,51 @@
+---
+# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
+apiVersion: helm.toolkit.fluxcd.io/v2beta2
+kind: HelmRelease
+metadata:
+  name: orbital-sync
+spec:
+  interval: 30m
+  chart:
+    spec:
+      chart: app-template
+      version: 3.1.0
+      sourceRef:
+        kind: HelmRepository
+        name: bjw-s
+        namespace: flux-system
+  maxHistory: 2
+  install:
+    remediation:
+      retries: 3
+  upgrade:
+    cleanupOnFail: true
+    remediation:
+      retries: 3
+  uninstall:
+    keepHistory: false
+  values:
+    controllers:
+      orbital-sync:
+        replicas: 1
+        strategy: RollingUpdate
+        containers:
+          app:
+            image:
+              repository: FROM ghcr.io/mattwebbio/orbital-sync
+              tag: 1.8.0
+            env:
+              INTERVAL_MINUTES: 5
+            envFrom: &envFrom
+              - secretRef:
+                  name: orbital-sync-secret
+            resources:
+              requests:
+                cpu: 5m
+                memory: 10M
+              limits:
+                memory: 64M
+        pod:
+          securityContext:
+            runAsUser: 568
+            runAsGroup: 568
\ No newline at end of file
diff --git a/kubernetes/apps/networking/orbital-sync/app/kustomization.yaml b/kubernetes/apps/networking/orbital-sync/app/kustomization.yaml
new file mode 100644
index 00000000..c7036f84
--- /dev/null
+++ b/kubernetes/apps/networking/orbital-sync/app/kustomization.yaml
@@ -0,0 +1,7 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ./externalsecret.yaml
+  - ./helmrelease.yaml
+  - ../../../../templates/gatus/external
diff --git a/kubernetes/apps/networking/orbital-sync/ks.yaml b/kubernetes/apps/networking/orbital-sync/ks.yaml
new file mode 100644
index 00000000..d51d297a
--- /dev/null
+++ b/kubernetes/apps/networking/orbital-sync/ks.yaml
@@ -0,0 +1,20 @@
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: &app orbital-sync
+  namespace: flux-system
+spec:
+  targetNamespace: networking
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: *app
+  path: ./kubernetes/apps/networking/orbital-sync/app
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: home-kubernetes
+  wait: false
+  interval: 30m
+  retryInterval: 1m
+  timeout: 5m