From 4bbf882dedf70c7093ecc4b9a8b043f30e70c208 Mon Sep 17 00:00:00 2001
From: Marcus Noble <github@marcusnoble.co.uk>
Date: Fri, 13 Dec 2024 10:46:58 +0000
Subject: [PATCH] Added ntfy

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
---
 manifests/_apps/ntfy.yaml                  | 29 +++++++++++
 manifests/auth-proxy/non-auth-ingress.yaml | 11 ----
 manifests/ntfy/configmap.yaml              | 25 ++++++++++
 manifests/ntfy/ingress.yaml                | 27 ++++++++++
 manifests/ntfy/sts.yaml                    | 58 ++++++++++++++++++++++
 5 files changed, 139 insertions(+), 11 deletions(-)
 create mode 100644 manifests/_apps/ntfy.yaml
 create mode 100644 manifests/ntfy/configmap.yaml
 create mode 100644 manifests/ntfy/ingress.yaml
 create mode 100644 manifests/ntfy/sts.yaml

diff --git a/manifests/_apps/ntfy.yaml b/manifests/_apps/ntfy.yaml
new file mode 100644
index 0000000..ca3f65b
--- /dev/null
+++ b/manifests/_apps/ntfy.yaml
@@ -0,0 +1,29 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: cluster-fun-ntfy
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: cluster.fun
+  destination:
+    namespace: ntfy
+    name: cluster-fun (v2)
+  source:
+    path: manifests/ntfy
+    repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
+    targetRevision: HEAD
+  syncPolicy:
+    automated: {}
+    syncOptions:
+      - CreateNamespace=true
+  ignoreDifferences:
+  - kind: Secret
+    jsonPointers:
+    - /data
+  - group: apps
+    kind: Deployment
+    jqPathExpressions:
+    - .spec.template.spec.containers[]?.image
+---
diff --git a/manifests/auth-proxy/non-auth-ingress.yaml b/manifests/auth-proxy/non-auth-ingress.yaml
index 3f8b133..22d88c9 100644
--- a/manifests/auth-proxy/non-auth-ingress.yaml
+++ b/manifests/auth-proxy/non-auth-ingress.yaml
@@ -11,7 +11,6 @@ spec:
   tls:
   - hosts:
     - hello-world.cluster.fun
-    - ntfy.cluster.fun
     secretName: non-auth-proxy-ingress
   rules:
   - host: hello-world.cluster.fun
@@ -24,13 +23,3 @@ spec:
             name: tailscale-proxy
             port:
               name: non-auth
-  - host: ntfy.cluster.fun
-    http:
-      paths:
-      - path: /
-        pathType: ImplementationSpecific
-        backend:
-          service:
-            name: tailscale-proxy
-            port:
-              name: non-auth
diff --git a/manifests/ntfy/configmap.yaml b/manifests/ntfy/configmap.yaml
new file mode 100644
index 0000000..eac6421
--- /dev/null
+++ b/manifests/ntfy/configmap.yaml
@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: ntfy
+  labels:
+    app.kubernetes.io/name: ntfy
+data:
+  server.yml: |
+    # Template: https://github.com/binwiederhier/ntfy/blob/main/server/server.yml
+    base-url: https://ntfy.cluster.fun
+    upstream-base-url: "https://ntfy.sh"
+    behind-proxy: true
+    cache-file: "/var/cache/ntfy/db/cache.db"
+    cache-duration: "12h"
+    auth-file: "/var/cache/ntfy/db/user.db"
+    auth-default-access: "deny-all"
+    attachment-cache-dir: "/var/cache/ntfy/attachments"
+    attachment-file-size-limit: "50M"
+    attachment-expiry-duration: "24h"
+    enable-metrics: true
+    metrics-listen-http: "0.0.0.0:9090"
+    log-format: json
+    enable-signup: false
+    enable-login: true
+    enable-reservations: false
diff --git a/manifests/ntfy/ingress.yaml b/manifests/ntfy/ingress.yaml
new file mode 100644
index 0000000..d6602c7
--- /dev/null
+++ b/manifests/ntfy/ingress.yaml
@@ -0,0 +1,27 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ntfy-ingress
+  labels:
+    app.kubernetes.io/name: ntfy
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+spec:
+  ingressClassName: nginx
+  tls:
+  - hosts:
+    - ntfy.cluster.fun
+    secretName: ntfy-ingress
+  rules:
+    - host: ntfy.cluster.fun
+      http:
+        paths:
+        - pathType: Prefix
+          path: /
+          backend:
+            service:
+              name: ntfy
+              port:
+                number: 80
+---
diff --git a/manifests/ntfy/sts.yaml b/manifests/ntfy/sts.yaml
new file mode 100644
index 0000000..b869be2
--- /dev/null
+++ b/manifests/ntfy/sts.yaml
@@ -0,0 +1,58 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: ntfy
+  labels:
+    app.kubernetes.io/name: ntfy
+  annotations:
+    prometheus.io/scrape: "true"
+    prometheus.io/port: "9090"
+    reloader.stakater.com/search: "true"
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: ntfy
+  serviceName: ntfy
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: ntfy
+    spec:
+      containers:
+      - name: ntfy
+        image: binwiederhier/ntfy:v2.11.0
+        args: ["serve"]
+        ports:
+        - containerPort: 80
+          name: http
+        - containerPort: 9090
+          name: metrics
+        volumeMounts:
+        - name: config
+          mountPath: "/etc/ntfy"
+          readOnly: true
+        - name: cache
+          mountPath: "/var/cache/ntfy"
+      volumes:
+        - name: config
+          configMap:
+            name: ntfy
+  volumeClaimTemplates:
+  - metadata:
+      name: cache
+    spec:
+      accessModes: [ "ReadWriteOnce" ]
+      resources:
+        requests:
+          storage: 1Gi
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: ntfy
+spec:
+  selector:
+    app.kubernetes.io/name: ntfy
+  ports:
+  - port: 80
+    targetPort: 80