Actualizar repo

CreaCluster/50-creaCalico.sh

@@ -1,3 +1,5 @@
-kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml 
+#kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml 
+kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.3/manifests/tigera-operator.yaml
+
 kubectl create -f ./custom-resources.yaml
 

CreaCluster/65-instalaCertManager.sh

@@ -0,0 +1,4 @@
+# Fuente: https://cert-manager.io/docs/installation/kubectl/
+
+kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.1/cert-manager.yaml
+

CreaCluster/66-creaIngressController.sh

@@ -0,0 +1,24 @@
+# Fuente: https://docs.k0sproject.io/v1.24.4+k0s.0/examples/nginx-ingress/
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/baremetal/deploy.yaml
+watch kubectl get pods -n ingress-nginx
+kubectl get services -n ingress-nginx
+kubectl -n ingress-nginx get ingressclasses
+kubectl -n ingress-nginx annotate ingressclasses nginx ingressclass.kubernetes.io/is-default-class="true"
+
+echo "Intenta conectar:  curl <worker-external-ip>:<node-port>"
+echo "La dirección es la del servidor y el puerto NodePort el resultado de kubectl get services -n ingress-nginx"
+echo "Como no hay ningún servicio configurado, dará 404 Not Found"
+
+
+# crear pequeña app verificación
+
+kubectl apply -f app-verificacion.yaml
+
+# conectar (dirección y puerto igual que arriba)
+
+curl k8s-server:32478 -H 'Host: web.example.com'
+
+# resultado correcto:
+#
+# <html><body><h1>It works!</h1></body></html>
+#

CreaCluster/README.md

@@ -8,3 +8,7 @@ https://blog.radwell.codes/2021/05/provisioning-single-node-kubernetes-cluster-u
 ## Como resetearlo
 
 https://www.techrunnr.com/how-to-reset-kubernetes-cluster/
+
+## cert-manager
+
+Instrucciones en https://cert-manager.io/docs/installation/kubectl/

CreaCluster/Tests/test-resources.yaml

@@ -0,0 +1,24 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: cert-manager-test
+---
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: test-selfsigned
+  namespace: cert-manager-test
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: selfsigned-cert
+  namespace: cert-manager-test
+spec:
+  dnsNames:
+    - example.com
+  secretName: selfsigned-cert-tls
+  issuerRef:
+    name: test-selfsigned

CreaCluster/app-verificacion.yaml

@@ -0,0 +1,60 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: web
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: web-server
+  namespace: web
+spec:
+  selector:
+    matchLabels:
+      app: web
+  template:
+    metadata:
+      labels:
+        app: web
+    spec:
+      containers:
+      - name: httpd
+        image: httpd:2.4.53-alpine
+        ports:
+        - containerPort: 80
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: web-server-service
+  namespace: web
+spec:
+  selector:
+    app: web
+  ports:
+    - protocol: TCP
+      #      port: 5000
+      port: 80
+      targetPort: 80
+  type: LoadBalancer
+  externalIPs:
+    - 192.168.1.147
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: web-server-ingress
+  namespace: web
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: web.example.com
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: web-server-service
+            port:
+              number: 5000

Enphase/extrae/app/extrae.sh

@@ -33,11 +33,11 @@ pi_whLifetime=`echo $datos|jq .production[0].whLifetime`
 # Mostrar resultados
 #
 
-#echo "Type: '$pi_type'"
-#echo "activeCount: '$pi_activeCount'"
-#echo "readingTime: '$pi_readingTime'"
-#echo "wNow: '$pi_wNow'"
-#echo "whLifetime: '$pi_whLifetime'"
+echo "Type: '$pi_type'"
+echo "activeCount: '$pi_activeCount'"
+echo "readingTime: '$pi_readingTime'"
+echo "wNow: '$pi_wNow'"
+echo "whLifetime: '$pi_whLifetime'"
 
 # insertar en la tabla
 

Enphase/extrae/app/formateado.json

@@ -0,0 +1,86 @@
+{
+  "production": [
+    {
+      "type": "inverters",
+      "activeCount": 9,
+      "readingTime": 1696834651,
+      "wNow": 44,
+      "whLifetime": 280317
+    },
+    {
+      "type": "eim",
+      "activeCount": 1,
+      "measurementType": "production",
+      "readingTime": 1696834652,
+      "wNow": 57.714,
+      "whLifetime": 10746201.644,
+      "varhLeadLifetime": 0.064,
+      "varhLagLifetime": 2892249.348,
+      "vahLifetime": 12747185.198,
+      "rmsCurrent": 0.808,
+      "rmsVoltage": 228.763,
+      "reactPwr": 144.055,
+      "apprntPwr": 183.451,
+      "pwrFactor": 0.31,
+      "whToday": 12.644,
+      "whLastSevenDays": 106938.644,
+      "vahToday": 1312.198,
+      "varhLeadToday": 0.064,
+      "varhLagToday": 1263.348
+    }
+  ],
+  "consumption": [
+    {
+      "type": "eim",
+      "activeCount": 1,
+      "measurementType": "total-consumption",
+      "readingTime": 1696834652,
+      "wNow": 221.534,
+      "whLifetime": 15933238.526,
+      "varhLeadLifetime": 6361261.526,
+      "varhLagLifetime": -2714503.178,
+      "vahLifetime": 18970707.158,
+      "rmsCurrent": 3.189,
+      "rmsVoltage": 228.728,
+      "reactPwr": -304.033,
+      "apprntPwr": 729.311,
+      "pwrFactor": 0.3,
+      "whToday": 2254.526,
+      "whLastSevenDays": 96.526,
+      "vahToday": 5011.158,
+      "varhLeadToday": 4154.526,
+      "varhLagToday": 0
+    },
+    {
+      "type": "eim",
+      "activeCount": 1,
+      "measurementType": "net-consumption",
+      "readingTime": 1696834652,
+      "wNow": 163.82,
+      "whLifetime": 5188228.188,
+      "varhLeadLifetime": 6361261.59,
+      "varhLagLifetime": 177746.171,
+      "vahLifetime": 18970707.158,
+      "rmsCurrent": 2.38,
+      "rmsVoltage": 228.728,
+      "reactPwr": -448.088,
+      "apprntPwr": 544.464,
+      "pwrFactor": 0.3,
+      "whToday": 0,
+      "whLastSevenDays": 0,
+      "vahToday": 0,
+      "varhLeadToday": 0,
+      "varhLagToday": 0
+    }
+  ],
+  "storage": [
+    {
+      "type": "acb",
+      "activeCount": 0,
+      "readingTime": 0,
+      "wNow": 0,
+      "whNow": 0,
+      "state": "idle"
+    }
+  ]
+}

Enphase/extrae/app/production.json

@@ -0,0 +1 @@
+{"production":[{"type":"inverters","activeCount":9,"readingTime":1696834651,"wNow":44,"whLifetime":280317},{"type":"eim","activeCount":1,"measurementType":"production","readingTime":1696834652,"wNow":57.714,"whLifetime":10746201.644,"varhLeadLifetime":0.064,"varhLagLifetime":2892249.348,"vahLifetime":12747185.198,"rmsCurrent":0.808,"rmsVoltage":228.763,"reactPwr":144.055,"apprntPwr":183.451,"pwrFactor":0.31,"whToday":12.644,"whLastSevenDays":106938.644,"vahToday":1312.198,"varhLeadToday":0.064,"varhLagToday":1263.348}],"consumption":[{"type":"eim","activeCount":1,"measurementType":"total-consumption","readingTime":1696834652,"wNow":221.534,"whLifetime":15933238.526,"varhLeadLifetime":6361261.526,"varhLagLifetime":-2714503.178,"vahLifetime":18970707.158,"rmsCurrent":3.189,"rmsVoltage":228.728,"reactPwr":-304.033,"apprntPwr":729.311,"pwrFactor":0.3,"whToday":2254.526,"whLastSevenDays":96.526,"vahToday":5011.158,"varhLeadToday":4154.526,"varhLagToday":0.0},{"type":"eim","activeCount":1,"measurementType":"net-consumption","readingTime":1696834652,"wNow":163.82,"whLifetime":5188228.188,"varhLeadLifetime":6361261.59,"varhLagLifetime":177746.171,"vahLifetime":18970707.158,"rmsCurrent":2.38,"rmsVoltage":228.728,"reactPwr":-448.088,"apprntPwr":544.464,"pwrFactor":0.3,"whToday":0,"whLastSevenDays":0,"vahToday":0,"varhLeadToday":0,"varhLagToday":0}],"storage":[{"type":"acb","activeCount":0,"readingTime":0,"wNow":0,"whNow":0,"state":"idle"}]}

Enphase/precios/app/pillaPrecios.sh

@@ -21,6 +21,7 @@ echo $datos|jq -c -r '.[]' | while read linea; do
 
 #echo "insert into precios (date,ischeap,isunderavg,price,units) values('$fechayhora', $ischeap, $isunderavg, $price, '$units');"
 
+#echo "$linea2"
 mysql -h $DB_HOST -u root -p'Dsa-0213' enphase <<EOFMYSQL
 insert into precios (date,ischeap,isunderavg,price,units) values('$fechayhora', $ischeap, $isunderavg, $price, '$units');
 EOFMYSQL

HelmCharts/cluster-ingress.yaml

@@ -0,0 +1,18 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: cluster-ingress
+  annotations:
+    kubernetes.io/ingress.class: nginx
+spec:
+  rules:
+  - http:
+      paths:
+        - pathType: Prefix
+          path: "/"
+          backend:
+            service:
+              name: vaultwarden
+              port:
+                number: 80
+

HelmCharts/enphase-chart/templates/extrae-cronjob.yaml

@@ -12,11 +12,13 @@ spec:
         spec:
           containers:
           - name: extrae
-            image: docker-registry:32000/extrae:4
+            image: docker-registry:32000/extrae:5
             imagePullPolicy: IfNotPresent
             env:
-              - name: DB_HOST
-                value: enphase-mysql
+                    #            - name: TZ
+                    #              value: "Europe/Madrid"
+            - name: DB_HOST
+              value: enphase-mysql
           restartPolicy: Never
           imagePullSecrets:
           - name: reg-cred-secret

HelmCharts/enphase-chart/templates/grafana.yaml

@@ -35,6 +35,9 @@ spec:
         - name: grafana
           image: grafana/grafana:9.1.0
           imagePullPolicy: IfNotPresent
+          env:
+          - name: TZ
+            value: "Europe/Madrid"
           ports:
             - containerPort: 3000
               name: http-grafana

HelmCharts/enphase-chart/templates/mysql-deployment-en.yaml

@@ -54,6 +54,8 @@ spec:
       - image: docker-registry:32000/mariadb:1.0
         name: mysql
         env:
+                #        - name: TZ
+                #          value: "Europe/Madrid"
         - name: MYSQL_ROOT_PASSWORD
           valueFrom:
             secretKeyRef:

HelmCharts/enphase-chart/templates/precios-cronjob.yaml

@@ -15,8 +15,10 @@ spec:
             image: docker-registry:32000/precios:6
             imagePullPolicy: IfNotPresent
             env:
-              - name: DB_HOST
-                value: enphase-mysql
+                    #            - name: TZ
+                    #              value: "Europe/Madrid"
+            - name: DB_HOST
+              value: enphase-mysql
           restartPolicy: Never
           imagePullSecrets:
           - name: reg-cred-secret

HelmCharts/gestionaApps

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+if [ "$1" = "i" ]
+then
+   for i in firefly gogs mealie mediawiki navidrome nextcloud repostajes wordpress
+   do
+      helm install $i ./$i-chart --namespace=$i --create-namespace
+   done
+elif [ "$1" = "u" ]
+then
+   for i in firefly gogs mealie mediawiki navidrome nextcloud repostajes wordpress
+   do
+      helm uninstall $i -n $i
+   done
+else
+	echo "Falta comando: i=instalar, u=desinstalar"
+fi

HelmCharts/mattermost-chart/templates/pv-local-mattermost.yaml

@@ -8,5 +8,5 @@ spec:
   accessModes:
     - ReadWriteOnce
   hostPath:
-    path: "/mnt/Externo/mattermost/mattermost"
+    path: "/mnt/Externo/mattermost2/mattermost"
 

HelmCharts/mattermost-chart/templates/pv-local-mysql-mm.yaml

@@ -8,4 +8,4 @@ spec:
   accessModes:
     - ReadWriteOnce
   hostPath:
-    path: "/mnt/Externo/mattermost/db"
+    path: "/mnt/Externo/mattermost2/db"

HelmCharts/mediawiki-ingress.yaml

@@ -0,0 +1,24 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: mediawiki-ingress
+  namespace: mediawiki
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    cert-manager.io/cluster-issuer: letsencrypt-production
+spec:
+  tls:
+  - hosts:
+    - reymota.ddns.net
+    secretName: letsencrypt-production
+  rules:
+  - host: "reymota.ddns.net"
+    http:
+      paths:
+        - pathType: Prefix
+          path: "/mediawiki"
+          backend:
+            service:
+              name: mediawiki
+              port:
+                number: 80

HelmCharts/vaultwarden-chart/templates/issuer-production.yaml

@@ -12,3 +12,4 @@ spec:
       - http01:
           ingress:
             class: nginx
+

HelmCharts/vaultwarden-chart/templates/vaultwarden-deployment.yaml

@@ -9,7 +9,7 @@ spec:
   type: NodePort
   ports:
     - port: 80
-      nodePort: 30798
+      nodePort: 31078
       targetPort: vaultwarden
   selector:
     app: vaultwarden
@@ -66,3 +66,4 @@ spec:
       - name: vaultwarden-persistent-storage
         persistentVolumeClaim:
           claimName: vw-pv-claim
+

HelmCharts/vw-chart/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

HelmCharts/vw-chart/Chart.yaml

@@ -0,0 +1,24 @@
+apiVersion: v2
+name: vw-chart
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"

HelmCharts/vw-chart/templates/ca.crt

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDFzCCAf+gAwIBAgIUIyQe/5Krya0OsorqxPbx1KutKDAwDQYJKoZIhvcNAQEL
+BQAwGzEZMBcGA1UEAwwQcmV5bW90YS5kZG5zLm5ldDAeFw0yMzEwMjQxMjMzMDNa
+Fw0yNDEwMjMxMjMzMDNaMBsxGTAXBgNVBAMMEHJleW1vdGEuZGRucy5uZXQwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyABwr1N5aKBpgWkbkg326d047
+xblOry9EXeAuV3GXI7FObpJPwIV6kKYrfnWgPz4mff5lNrh8ZmCGbP4PJMkRvmp0
+em46arPRP47Blf9kdKuIJQwCu2l8n4yGnLEMIQalJU7BI5F3AM9HnlYagafHYJOU
+pzKhdWk3lq8oelDvHVYNZNt5Bc9xkHKn9tAziv91ooSQvRMM4r8Jl3KYsOb4dAbH
+bBFY+ubBSjUp30TUqcwBw1MTrcy2jhwPtTUXRXsR+41sGobU1u+TIY0mgVonDror
+ryElPS4eCYHrJK64BuiHMJtuAWadeXOsnZk+UKIrjcJQmnLkihr70s4gc7SbAgMB
+AAGjUzBRMB0GA1UdDgQWBBQZQQ/aIg7STe53syLfFdk1kyVU0zAfBgNVHSMEGDAW
+gBQZQQ/aIg7STe53syLfFdk1kyVU0zAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3
+DQEBCwUAA4IBAQAP1QlFNI7FjGsW9uCQebqSX/MUQ0Qt3z3Rn00IVYb1dTlmQGmo
+Sv4B6aEtwkugsxJoSqnDKIY94ZYpS9EHD6t9wYbiBmL+mXFOpJk1b/QMb5sB/rMA
+CWQbz6/7MHbphe5/lp3uVo9MEBzhi2DfUCkJ61n6iQIOOuUBjdmD8qhUTA80W0JB
+oxhgMh9z0ZpkJ7OlMbrkl3kVGHz0OxS8W3MAWQJke0F6sZlFC0UEqUWbgvBzQXrv
+9MeNChPB382X5USTn3N7Ge3gigDYEbURJJ/7y2sJpoX8sa8LKD0aag5eX9MbkXEN
+oucnXJSQ8q/Q55uesiHb3sjvgP9GyGgK2J8X
+-----END CERTIFICATE-----

HelmCharts/vw-chart/templates/ca.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAsgAcK9TeWigaYFpG5IN9undOO8W5Tq8vRF3gLldxlyOxTm6S
+T8CFepCmK351oD8+Jn3+ZTa4fGZghmz+DyTJEb5qdHpuOmqz0T+OwZX/ZHSriCUM
+ArtpfJ+MhpyxDCEGpSVOwSORdwDPR55WGoGnx2CTlKcyoXVpN5avKHpQ7x1WDWTb
+eQXPcZByp/bQM4r/daKEkL0TDOK/CZdymLDm+HQGx2wRWPrmwUo1Kd9E1KnMAcNT
+E63Mto4cD7U1F0V7EfuNbBqG1NbvkyGNJoFaJw66K68hJT0uHgmB6ySuuAbohzCb
+bgFmnXlzrJ2ZPlCiK43CUJpy5Ioa+9LOIHO0mwIDAQABAoIBAGIVf3CDtxa0/HvV
+ozTuZAypC1oShR8fl4szs4G1u6kOCPjwIv2BV8wHAxn6cDSiRMwPJ2x8b8JU46GP
+U5viqE13wM94W18jRvzp6e8wiW/Afnjh+TFUNjdu74+JrmHBnRjJaxEwWUrbDl0n
+mci3Y02RISGL1HF18kmoZdKHPCvV8kAh/Hj4qDi5X1N3lsKOzubYk2THHtlDy7V7
+qo9KhTthgGjemSljFQBuyUDaj2+HVoeRtm5dK+m1VjoRuaX6VagW0oMQqz64+b3N
+GLX/TClzx7zKgY4fSkrhNcpxPUG5I4cg3yuZnm5kO4zNCRKk9l4nETMNE6D9Xd//
+yliEtEECgYEA1X6L3RL4KRgsVsMk4gUHXSI4G4S5WTGGTaklkOqI/ZDgGnXBTjZY
+73jKaKSeO0KZ74gm1nFERs5B5MY+/SwnXPF1uTpcjq4JELpEecqRzwc3qNt80vxL
+F6RE7REU+cBOLCT1XMujLhe5NjFU9Ra4iCbbYP2cjAf0NCd/uo4mRqECgYEA1XB/
+oJXA2tUYM3rHRGNmcFviKvefk8XVsrEHQfnFr04Uwe6dRZzp7eanNxcEOiK9d401
+03N+bRjlrRKUhnqyDsUCYDp7ObwkxQCycIjQst3FuEe83mnuKirUctso8DPTRIfM
+r0estywFxKM2Dh03Pxee9+eoTIs2amrUmgYR/bsCgYBmx/CPsvUz24ZlErer9F3S
+MYovfVs6HISa2MbUGIVxBZFOS8iPXcy9JTrU3AOtZef0EGkaLhd/uwawG9zxR5N/
+xGM3lGhA7HpCylnzBFnkAIaETX6vmHSSYiwosWOWxUUdLYHOdd8Obq9k7qUHBTQ7
+n/FXpWD7bUzc2vM8HflBYQKBgBhggeMYV29m2R3ADxQreh6pD9qyb2JUPQTsnRSW
+71IHS+2eUA4MTtdh+YUcNtpg71zBHv2oei8BofGzZo05ZC61p4DQDRTZ/SUW4Epk
+Bdn35EYYw2RvmsjsHVmE2FcexClWjTUTrZE6EOqVbW4NPisRipFrvtgHKk7bJq70
+tIdTAoGBAIKN54AP9ole2XsJA4+bvdRYYvRZ+yXb365y8MyP95oVi4+dxpkgbMoX
+wULVI1/aOwqXGZPJNJDMfahD/SPy7jnOgJofUBHwnp4/5asZ/vE4CsXTHnEVYgey
+trnmHVEj7GKXKr/Z/smo0J2Z28yT/bAv7N1d4GJ4zxBjVEKazNR1
+-----END RSA PRIVATE KEY-----

HelmCharts/vw-chart/templates/pv-local-vaultwarden.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: vw-folder
+spec:
+  capacity:
+    storage: 10Gi
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/mnt/Externo/vaultwarden"
+

HelmCharts/vw-chart/templates/registry-secrets.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+data:
+  .dockerconfigjson: eyJhdXRocyI6eyJkb2NrZXItcmVnaXN0cnk6MzIwMDAiOnsidXNlcm5hbWUiOiJjcmV5bG9wZXoiLCJwYXNzd29yZCI6IlJleS0xMTc2IiwiYXV0aCI6IlkzSmxlV3h2Y0dWNk9sSmxlUzB4TVRjMiJ9fX0=
+kind: Secret
+metadata:
+  creationTimestamp: "2023-01-29T10:54:14Z"
+  name: reg-cred-secret
+  namespace: vaultwarden
+  resourceVersion: "19890385"
+  uid: 66b3b7c5-26c1-4e5a-af4e-dc973aaafe4b
+type: kubernetes.io/dockerconfigjson

HelmCharts/vw-chart/templates/vaultwarden-deployment.yaml

@@ -0,0 +1,72 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: vaultwarden
+  namespace: vaultwarden
+  labels:
+    app: vaultwarden
+spec:
+        #  type: NodePort
+  ports:
+    - port: 80
+      #      nodePort: 31078
+      targetPort: vaultwarden
+      protocol: TCP
+  type: LoadBalancer
+  externalIPs:
+    - 192.168.1.147    
+  selector:
+    app: vaultwarden
+    tier: frontend
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: vw-pv-claim
+  namespace: vaultwarden
+  labels:
+    app: vaultwarden
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: ""
+  resources:
+    requests:
+      storage: 10Gi
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: vaultwarden
+  namespace: vaultwarden
+  labels:
+    app: vaultwarden
+spec:
+  selector:
+    matchLabels:
+      app: vaultwarden
+      tier: frontend
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: vaultwarden
+        tier: frontend
+    spec:
+      containers:
+              # - image: vaultwarden
+      - image: docker-registry:32000/vaultwarden:1.0
+        name: vaultwarden
+        ports:
+        - containerPort: 80
+          name: vaultwarden
+        volumeMounts:
+        - name: vaultwarden-persistent-storage
+          mountPath: /data
+      imagePullSecrets:
+      - name: reg-cred-secret
+      volumes:
+      - name: vaultwarden-persistent-storage
+        persistentVolumeClaim:
+          claimName: vw-pv-claim

HelmCharts/vw-chart/templates/vaultwarden-ingress.yaml

@@ -0,0 +1,21 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: vaultwarden-ingress
+  namespace: vaultwarden
+spec:
+  tls:
+  - hosts:
+    - reymota.ddns.net
+    secretName: mi-tls-secret
+  rules:
+  - host: "reymota.ddns.net"
+    http:
+      paths:
+        - pathType: Prefix
+          path: "/"
+          backend:
+            service:
+              name: vaultwarden
+              port:
+                number: 80

HelmCharts/vw-chart/values.yaml

@@ -0,0 +1,82 @@
+# Default values for vw-chart.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: nginx
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: false
+  className: ""
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: chart-example.local
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 100
+  targetCPUUtilizationPercentage: 80
+  # targetMemoryUtilizationPercentage: 80
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}

Jellyfin/docker-compose.yml

@@ -1,13 +0,0 @@
-version: '3.5'
-services:
-  jellyfin:
-    image: jellyfin/jellyfin
-    container_name: jellyfin
-    network_mode: "host"
-    volumes:
-      - /mnt/Externo/jellyfin/config:/config
-      - /mnt/Externo/jellyfin/cache:/cache
-      - /mnt/Externo/jellyfin/media:/media
-      - /mnt/Externo/jellyfin/media2:/media2:ro
-    restart: 'unless-stopped'
-    

Jellyfin/jellyfin-claim0-persistentvolumeclaim.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  creationTimestamp: null
-  labels:
-    io.kompose.service: jellyfin-claim0
-  name: jellyfin-claim0
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 100Mi
-status: {}

Jellyfin/jellyfin-claim1-persistentvolumeclaim.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  creationTimestamp: null
-  labels:
-    io.kompose.service: jellyfin-claim1
-  name: jellyfin-claim1
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 100Mi
-status: {}

Jellyfin/jellyfin-claim2-persistentvolumeclaim.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  creationTimestamp: null
-  labels:
-    io.kompose.service: jellyfin-claim2
-  name: jellyfin-claim2
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 100Mi
-status: {}

Jellyfin/jellyfin-claim3-persistentvolumeclaim.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  creationTimestamp: null
-  labels:
-    io.kompose.service: jellyfin-claim3
-  name: jellyfin-claim3
-spec:
-  accessModes:
-    - ReadOnlyMany
-  resources:
-    requests:
-      storage: 100Mi
-status: {}

Jellyfin/jellyfin-deployment.yaml

@@ -1,56 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  annotations:
-    kompose.cmd: kompose convert
-    kompose.version: 1.26.0 (40646f47)
-  creationTimestamp: null
-  labels:
-    io.kompose.service: jellyfin
-  name: jellyfin
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      io.kompose.service: jellyfin
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      annotations:
-        kompose.cmd: kompose convert
-        kompose.version: 1.26.0 (40646f47)
-      creationTimestamp: null
-      labels:
-        io.kompose.service: jellyfin
-    spec:
-      containers:
-        - image: jellyfin/jellyfin
-          name: jellyfin
-          resources: {}
-          volumeMounts:
-            - mountPath: /config
-              name: jellyfin-claim0
-            - mountPath: /cache
-              name: jellyfin-claim1
-            - mountPath: /media
-              name: jellyfin-claim2
-            - mountPath: /media2
-              name: jellyfin-claim3
-              readOnly: true
-      restartPolicy: Always
-      volumes:
-        - name: jellyfin-claim0
-          persistentVolumeClaim:
-            claimName: jellyfin-claim0
-        - name: jellyfin-claim1
-          persistentVolumeClaim:
-            claimName: jellyfin-claim1
-        - name: jellyfin-claim2
-          persistentVolumeClaim:
-            claimName: jellyfin-claim2
-        - name: jellyfin-claim3
-          persistentVolumeClaim:
-            claimName: jellyfin-claim3
-            readOnly: true
-status: {}

Kanboard/db-deployment.yaml

@@ -1,50 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  annotations:
-    kompose.cmd: kompose convert
-    kompose.version: 1.26.0 (40646f47)
-  creationTimestamp: null
-  labels:
-    io.kompose.service: db
-  name: db
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      io.kompose.service: db
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      annotations:
-        kompose.cmd: kompose convert
-        kompose.version: 1.26.0 (40646f47)
-      creationTimestamp: null
-      labels:
-        io.kompose.service: db
-    spec:
-      containers:
-        - args:
-            - --default-authentication-plugin=mysql_native_password
-          env:
-            - name: MYSQL_DATABASE
-              value: kanboard
-            - name: MYSQL_PASSWORD
-              value: kanboard-secret
-            - name: MYSQL_ROOT_PASSWORD
-              value: secret
-            - name: MYSQL_USER
-              value: kanboard
-          image: mariadb:latest
-          name: db
-          resources: {}
-          volumeMounts:
-            - mountPath: /var/lib/mysql
-              name: db
-      restartPolicy: Always
-      volumes:
-        - name: db
-          persistentVolumeClaim:
-            claimName: db
-status: {}

Kanboard/db-persistentvolumeclaim.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  creationTimestamp: null
-  labels:
-    io.kompose.service: db
-  name: db
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 100Mi
-status: {}

Kanboard/docker-compose.yml

@@ -1,28 +0,0 @@
-version: '2'
-services:
-  kanboard:
-    image: kanboard/kanboard:latest
-    ports:
-      - "80:80"
-      - "443:443"
-    volumes:
-      - kanboard_data:/var/www/app/data
-      - kanboard_plugins:/var/www/app/plugins
-      - kanboard_ssl:/etc/nginx/ssl
-    environment:
-      DATABASE_URL: mysql://kanboard:kanboard-secret@db/kanboard
-  db:
-    image: mariadb:latest
-    command: --default-authentication-plugin=mysql_native_password
-    environment:
-      MYSQL_ROOT_PASSWORD: secret
-      MYSQL_DATABASE: kanboard
-      MYSQL_USER: kanboard
-      MYSQL_PASSWORD: kanboard-secret
-    volumes:
-    - db:/var/lib/mysql
-volumes:
-  kanboard_data:
-  kanboard_plugins:
-  kanboard_ssl:
-  db:

Kanboard/kanboard-data-persistentvolumeclaim.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  creationTimestamp: null
-  labels:
-    io.kompose.service: kanboard-data
-  name: kanboard-data
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 100Mi
-status: {}

Kanboard/kanboard-deployment.yaml

@@ -1,55 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  annotations:
-    kompose.cmd: kompose convert
-    kompose.version: 1.26.0 (40646f47)
-  creationTimestamp: null
-  labels:
-    io.kompose.service: kanboard
-  name: kanboard
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      io.kompose.service: kanboard
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      annotations:
-        kompose.cmd: kompose convert
-        kompose.version: 1.26.0 (40646f47)
-      creationTimestamp: null
-      labels:
-        io.kompose.service: kanboard
-    spec:
-      containers:
-        - env:
-            - name: DATABASE_URL
-              value: mysql://kanboard:kanboard-secret@db/kanboard
-          image: kanboard/kanboard:latest
-          name: kanboard
-          ports:
-            - containerPort: 80
-            - containerPort: 443
-          resources: {}
-          volumeMounts:
-            - mountPath: /var/www/app/data
-              name: kanboard-data
-            - mountPath: /var/www/app/plugins
-              name: kanboard-plugins
-            - mountPath: /etc/nginx/ssl
-              name: kanboard-ssl
-      restartPolicy: Always
-      volumes:
-        - name: kanboard-data
-          persistentVolumeClaim:
-            claimName: kanboard-data
-        - name: kanboard-plugins
-          persistentVolumeClaim:
-            claimName: kanboard-plugins
-        - name: kanboard-ssl
-          persistentVolumeClaim:
-            claimName: kanboard-ssl
-status: {}

Kanboard/kanboard-plugins-persistentvolumeclaim.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  creationTimestamp: null
-  labels:
-    io.kompose.service: kanboard-plugins
-  name: kanboard-plugins
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 100Mi
-status: {}

Kanboard/kanboard-service.yaml

@@ -1,22 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  annotations:
-    kompose.cmd: kompose convert
-    kompose.version: 1.26.0 (40646f47)
-  creationTimestamp: null
-  labels:
-    io.kompose.service: kanboard
-  name: kanboard
-spec:
-  ports:
-    - name: "80"
-      port: 80
-      targetPort: 80
-    - name: "443"
-      port: 443
-      targetPort: 443
-  selector:
-    io.kompose.service: kanboard
-status:
-  loadBalancer: {}

Kanboard/kanboard-ssl-persistentvolumeclaim.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  creationTimestamp: null
-  labels:
-    io.kompose.service: kanboard-ssl
-  name: kanboard-ssl
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 100Mi
-status: {}

LetsEncrypt/clusterissuer.yaml

@@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer # I'm using ClusterIssuer here
+metadata:
+  name: letsencrypt-prod
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: king.bernard.b@gmail.com
+    privateKeySecretRef:
+      name: letsencrypt-prod
+    solvers:
+    - http01:
+        ingress:
+          class: nginx 

LetsEncrypt/instalaCertManager.sh

@@ -1,4 +0,0 @@
-helm repo add jetstack https://charts.jetstack.io
-helm repo update
-
-helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.5.3 --set installCRDs=true

Metallb/obtenExternalIP.sh

@@ -0,0 +1 @@
+kubectl get svc --namespace=ingress-nginx ingress-nginx-controller -o jsonpath='{.status.loadBalancer.ingress[0].ip}'