add netbood.xyz (#251)

Co-authored-by: Ronald Philipsen <[email protected]>

.mise.toml

@@ -15,7 +15,7 @@ run = "uv pip install -r requirements.txt"
 python = "3.13"
 uv = "0.5.26"
 # Operations tools
-"aqua:budimanjojo/talhelper" = "3.0.16"
+"aqua:budimanjojo/talhelper" = "3.0.17"
 "aqua:cloudflare/cloudflared" = "2025.1.1"
 "aqua:FiloSottile/age" = "1.2.1"
 "aqua:fluxcd/flux2" = "2.4.0"

kubernetes/apps/database/cloudnative-pg/cluster/cluster.yaml

@@ -58,7 +58,7 @@ metadata:
   name: postgres-lb
   annotations:
     external-dns.alpha.kubernetes.io/hostname: postgres.${SECRET_DOMAIN}
-    lbipam.cilium.io/ips: ${POSTGRES_IP}
+    lbipam.cilium.io/ips: ${LB_POSTGRES}
 spec:
   type: LoadBalancer
   ports:

kubernetes/apps/database/emqx/cluster/cluster.yaml

@@ -50,6 +50,6 @@ spec:
       annotations:
         external-dns.alpha.kubernetes.io/hostname: mqtt.${SECRET_DOMAIN}
         external-dns.alpha.kubernetes.io/target: "external.${SECRET_DOMAIN}"
-        lbipam.cilium.io/ips: ${MQTT_IP}
+        lbipam.cilium.io/ips: ${LB_MQTT}
     spec:
       type: LoadBalancer

kubernetes/apps/network/blocky/app/helmrelease.yaml

@@ -84,7 +84,7 @@ spec:
         controller: *app
         type: LoadBalancer
         annotations:
-          io.cilium/lb-ipam-ips: ${BLOCKY_IP}
+          io.cilium/lb-ipam-ips: ${LB_BLOCKY}
         ports:
           dns-tcp:
             port: *port

kubernetes/apps/network/kustomization.yaml

@@ -9,6 +9,7 @@ resources:
   - ./external-dns/ks.yaml
   - ./ingress-nginx/ks.yaml
   - ./k8s-gateway/ks.yaml
+  - ./netboot/ks.yaml
 components:
   - ../../components/namespace
 patches:

kubernetes/apps/network/netboot/app/helmrelease.yaml

@@ -0,0 +1,86 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: netboot
+spec:
+  interval: 15m
+  chart:
+    spec:
+      chart: app-template
+      version: 3.6.1
+      sourceRef:
+        kind: HelmRepository
+        name: bjw-s
+        namespace: flux-system
+      interval: 15m
+  values:
+    controllers:
+      main:
+        containers:
+          main:
+            image:
+              repository: ghcr.io/netbootxyz/netbootxyz
+              tag: 0.7.3-nbxyz2
+    defaultPodOptions:
+      hostNetwork: true
+    service:
+      main:
+        controller: main
+        ports:
+          http:
+            port: 3000
+      web:
+        enabled: true
+        primary: false
+        type: LoadBalancer
+        annotations:
+          io.cilium/lb-ipam-ips: ${LB_NETBOOT_XYZ}
+        controller: main
+        ports:
+          web:
+            enabled: true
+            primary: false
+            port: 80
+            targetPort: 80
+            protocol: HTTP
+      tftp:
+        enabled: true
+        primary: false
+        controller: main
+        type: NodePort
+        ports:
+          tftp:
+            enabled: true
+            primary: false
+            port: 69
+            targetPort: 69
+            protocol: UDP
+    ingress:
+      main:
+        enabled: true
+        className: "internal"
+        annotations:
+          external-dns.alpha.kubernetes.io/target: "internal.${SECRET_DOMAIN}"
+          hajimari.io/enable: "true"
+          hajimari.io/appName: "Netboot.xyz"
+          hajimari.io/info: "Network boot system"
+          hajimari.io/icon: "refresh-auto"
+        hosts:
+          - host: &host netboot.${SECRET_DOMAIN}
+            paths:
+              - path: "/"
+                pathType: "Prefix"
+                service:
+                  identifier: main
+                  port: http
+        tls:
+          - hosts:
+              - *host
+    persistence:
+      config:
+        enabled: true
+        existingClaim: netboot
+      assets:
+        enabled: true
+        type: emptyDir

kubernetes/apps/network/netboot/app/kustomization.yaml

@@ -0,0 +1,8 @@
+---
+# yaml-language-server: $schema=https://json.schemastore.org/kustomization
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: services
+resources:
+  - ./helmrelease.yaml
+  - ./pvc.yaml

kubernetes/apps/network/netboot/app/pvc.yaml

@@ -0,0 +1,13 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: netboot
+  namespace: default
+spec:
+  storageClassName: nfs-provision
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 5Gi

kubernetes/apps/network/netboot/ks.yaml

@@ -0,0 +1,20 @@
+---
+# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: &app netboot
+  namespace: flux-system
+spec:
+  targetNamespace: network
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: *app
+  path: "./kubernetes/apps/network/netboot/app"
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  wait: false
+  interval: 30m
+  timeout: 5m

kubernetes/flux/meta/settings/cluster-settings.yaml

@@ -17,10 +17,10 @@ data:
   CLUSTER_INGRESS_WAN: 172.16.20.13
 
   # Services
-  BLOCKY_IP: "172.16.20.100"
-  POSTGRES_IP: "172.16.20.101"
-  MQTT_IP: "172.16.20.102"
-
+  LB_BLOCKY: "172.16.20.100"
+  LB_POSTGRES: "172.16.20.101"
+  LB_MQTT: "172.16.20.102"
+  LB_NETBOOT_XYZ: "172.16.20.103"
   # IOT
   HA_IP: "172.16.20.130"
   ESPHOME_IP: "172.16.20.131"