From 79a2aa3784f896ee460052fe9c7ca35f0125ca98 Mon Sep 17 00:00:00 2001 From: Viktor Barzin Date: Mon, 2 Mar 2026 00:15:39 +0000 Subject: [PATCH] [ci skip] migrate 29 services from inline NFS to CSI-backed PV/PVC Batch migration of all single-volume and simple multi-volume stacks. All services verified healthy after migration. Uses nfs-truenas StorageClass with soft,timeo=30,retrans=3 mount options to eliminate stale NFS mount hangs. Services: atuin, audiobookshelf, calibre, changedetection, diun, excalidraw, forgejo, freshrss, grampsweb, hackmd, health, isponsorblocktv, matrix, meshcentral, n8n, navidrome, ntfy, ollama, onlyoffice, owntracks, paperless-ngx, poison-fountain, send, stirling-pdf, tandoor, wealthfolio, whisper, woodpecker, ytdlp --- stacks/atuin/main.tf | 13 ++++++-- stacks/audiobookshelf/main.tf | 52 ++++++++++++++++++++++++------- stacks/calibre/main.tf | 57 +++++++++++++++++++++++++--------- stacks/changedetection/main.tf | 13 ++++++-- stacks/diun/main.tf | 13 ++++++-- stacks/excalidraw/main.tf | 13 ++++++-- stacks/forgejo/main.tf | 13 ++++++-- stacks/freshrss/main.tf | 26 ++++++++++++---- stacks/grampsweb/main.tf | 13 ++++++-- stacks/hackmd/main.tf | 20 ++++++------ stacks/health/main.tf | 13 ++++++-- stacks/isponsorblocktv/main.tf | 13 ++++++-- stacks/matrix/main.tf | 13 ++++++-- stacks/meshcentral/main.tf | 39 +++++++++++++++++------ stacks/n8n/main.tf | 13 ++++++-- stacks/navidrome/main.tf | 39 +++++++++++++++++------ stacks/ntfy/main.tf | 13 ++++++-- stacks/ollama/main.tf | 53 ++++++++++--------------------- stacks/onlyoffice/main.tf | 13 ++++++-- stacks/owntracks/main.tf | 13 ++++++-- stacks/paperless-ngx/main.tf | 13 ++++++-- stacks/poison-fountain/main.tf | 18 +++++++---- stacks/send/main.tf | 13 ++++++-- stacks/stirling-pdf/main.tf | 13 ++++++-- stacks/tandoor/main.tf | 13 ++++++-- stacks/wealthfolio/main.tf | 13 ++++++-- stacks/whisper/main.tf | 18 +++++++---- stacks/woodpecker/main.tf | 15 ++++++--- stacks/ytdlp/main.tf | 26 ++++++++++++---- 29 files changed, 423 insertions(+), 174 deletions(-) diff --git a/stacks/atuin/main.tf b/stacks/atuin/main.tf index fb7cb75c..51ea6ada 100644 --- a/stacks/atuin/main.tf +++ b/stacks/atuin/main.tf @@ -18,6 +18,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_config" { + source = "../../modules/kubernetes/nfs_volume" + name = "atuin-config" + namespace = kubernetes_namespace.atuin.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/atuin" +} + resource "kubernetes_deployment" "atuin" { wait_for_rollout = false metadata { @@ -110,9 +118,8 @@ resource "kubernetes_deployment" "atuin" { volume { name = "config" - nfs { - server = var.nfs_server - path = "/mnt/main/atuin" + persistent_volume_claim { + claim_name = module.nfs_config.claim_name } } } diff --git a/stacks/audiobookshelf/main.tf b/stacks/audiobookshelf/main.tf index 19c46255..e1176926 100644 --- a/stacks/audiobookshelf/main.tf +++ b/stacks/audiobookshelf/main.tf @@ -18,6 +18,38 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_audiobooks" { + source = "../../modules/kubernetes/nfs_volume" + name = "audiobookshelf-audiobooks" + namespace = kubernetes_namespace.audiobookshelf.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/audiobookshelf/audiobooks" +} + +module "nfs_podcasts" { + source = "../../modules/kubernetes/nfs_volume" + name = "audiobookshelf-podcasts" + namespace = kubernetes_namespace.audiobookshelf.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/audiobookshelf/podcasts" +} + +module "nfs_config" { + source = "../../modules/kubernetes/nfs_volume" + name = "audiobookshelf-config" + namespace = kubernetes_namespace.audiobookshelf.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/audiobookshelf/config" +} + +module "nfs_metadata" { + source = "../../modules/kubernetes/nfs_volume" + name = "audiobookshelf-metadata" + namespace = kubernetes_namespace.audiobookshelf.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/audiobookshelf/metadata" +} + resource "kubernetes_deployment" "audiobookshelf" { metadata { name = "audiobookshelf" @@ -83,30 +115,26 @@ resource "kubernetes_deployment" "audiobookshelf" { } volume { name = "audiobooks" - nfs { - path = "/mnt/main/audiobookshelf/audiobooks" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_audiobooks.claim_name } } volume { name = "podcasts" - nfs { - path = "/mnt/main/audiobookshelf/podcasts" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_podcasts.claim_name } } volume { name = "config" - nfs { - path = "/mnt/main/audiobookshelf/config" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_config.claim_name } } volume { name = "metadata" - nfs { - path = "/mnt/main/audiobookshelf/metadata" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_metadata.claim_name } } } diff --git a/stacks/calibre/main.tf b/stacks/calibre/main.tf index 57550545..36921c96 100644 --- a/stacks/calibre/main.tf +++ b/stacks/calibre/main.tf @@ -21,6 +21,38 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_library" { + source = "../../modules/kubernetes/nfs_volume" + name = "calibre-library" + namespace = kubernetes_namespace.calibre.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/calibre-web-automated/calibre-library" +} + +module "nfs_config" { + source = "../../modules/kubernetes/nfs_volume" + name = "calibre-config" + namespace = kubernetes_namespace.calibre.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/calibre-web-automated/config" +} + +module "nfs_ingest" { + source = "../../modules/kubernetes/nfs_volume" + name = "calibre-ingest" + namespace = kubernetes_namespace.calibre.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/calibre-web-automated/cwa-book-ingest" +} + +module "nfs_stacks_config" { + source = "../../modules/kubernetes/nfs_volume" + name = "calibre-stacks-config" + namespace = kubernetes_namespace.calibre.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/calibre-web-automated/stacks" +} + # resource "kubernetes_deployment" "calibre" { # metadata { # name = "calibre" @@ -181,23 +213,20 @@ resource "kubernetes_deployment" "calibre-web-automated" { } volume { name = "library" - nfs { - path = "/mnt/main/calibre-web-automated/calibre-library" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_library.claim_name } } volume { name = "config" - nfs { - path = "/mnt/main/calibre-web-automated/config" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_config.claim_name } } volume { name = "ingest" - nfs { - path = "/mnt/main/calibre-web-automated/cwa-book-ingest" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_ingest.claim_name } } } @@ -292,16 +321,14 @@ resource "kubernetes_deployment" "annas-archive-stacks" { } volume { name = "config" - nfs { - path = "/mnt/main/calibre-web-automated/stacks" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_stacks_config.claim_name } } volume { name = "ingest" - nfs { - path = "/mnt/main/calibre-web-automated/cwa-book-ingest" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_ingest.claim_name } } } diff --git a/stacks/changedetection/main.tf b/stacks/changedetection/main.tf index fa53d9b2..5f3f9e5f 100644 --- a/stacks/changedetection/main.tf +++ b/stacks/changedetection/main.tf @@ -18,6 +18,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "changedetection-data" + namespace = kubernetes_namespace.changedetection.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/changedetection" +} + resource "kubernetes_deployment" "changedetection" { metadata { name = "changedetection" @@ -114,9 +122,8 @@ resource "kubernetes_deployment" "changedetection" { # } volume { name = "data" - nfs { - path = "/mnt/main/changedetection" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/diun/main.tf b/stacks/diun/main.tf index 063ba6f5..23356c20 100644 --- a/stacks/diun/main.tf +++ b/stacks/diun/main.tf @@ -54,6 +54,14 @@ resource "kubernetes_cluster_role_binding" "diun" { } } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "diun-data" + namespace = kubernetes_namespace.diun.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/diun" +} + resource "kubernetes_deployment" "diun" { metadata { name = "diun" @@ -176,9 +184,8 @@ resource "kubernetes_deployment" "diun" { } volume { name = "data" - nfs { - path = "/mnt/main/diun" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/excalidraw/main.tf b/stacks/excalidraw/main.tf index 9e195edb..cff5b99d 100644 --- a/stacks/excalidraw/main.tf +++ b/stacks/excalidraw/main.tf @@ -19,6 +19,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "excalidraw-data" + namespace = kubernetes_namespace.excalidraw.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/excalidraw" +} + resource "kubernetes_deployment" "excalidraw" { metadata { name = "excalidraw" @@ -78,9 +86,8 @@ resource "kubernetes_deployment" "excalidraw" { } volume { name = "data" - nfs { - server = var.nfs_server - path = "/mnt/main/excalidraw" + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/forgejo/main.tf b/stacks/forgejo/main.tf index 3cf37cc6..079e700c 100644 --- a/stacks/forgejo/main.tf +++ b/stacks/forgejo/main.tf @@ -18,6 +18,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "forgejo-data" + namespace = kubernetes_namespace.forgejo.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/forgejo" +} + resource "kubernetes_deployment" "forgejo" { metadata { name = "forgejo" @@ -77,9 +85,8 @@ resource "kubernetes_deployment" "forgejo" { } volume { name = "data" - nfs { - path = "/mnt/main/forgejo" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/freshrss/main.tf b/stacks/freshrss/main.tf index a09b6a96..79fb5243 100644 --- a/stacks/freshrss/main.tf +++ b/stacks/freshrss/main.tf @@ -17,6 +17,22 @@ resource "kubernetes_namespace" "immich" { } } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "freshrss-data" + namespace = kubernetes_namespace.immich.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/freshrss/data" +} + +module "nfs_extensions" { + source = "../../modules/kubernetes/nfs_volume" + name = "freshrss-extensions" + namespace = kubernetes_namespace.immich.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/freshrss/extensions" +} + resource "kubernetes_deployment" "freshrss" { metadata { @@ -88,16 +104,14 @@ resource "kubernetes_deployment" "freshrss" { } volume { name = "data" - nfs { - path = "/mnt/main/freshrss/data" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } volume { name = "extensions" - nfs { - path = "/mnt/main/freshrss/extensions" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_extensions.claim_name } } } diff --git a/stacks/grampsweb/main.tf b/stacks/grampsweb/main.tf index 3c817b04..7b7b972d 100644 --- a/stacks/grampsweb/main.tf +++ b/stacks/grampsweb/main.tf @@ -21,6 +21,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "grampsweb-data" + namespace = kubernetes_namespace.grampsweb.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/grampsweb" +} + resource "random_password" "secret_key" { length = 64 special = false @@ -233,9 +241,8 @@ resource "kubernetes_deployment" "grampsweb" { volume { name = "data" - nfs { - server = var.nfs_server - path = "/mnt/main/grampsweb" + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/hackmd/main.tf b/stacks/hackmd/main.tf index 4c8cf279..17faab7b 100644 --- a/stacks/hackmd/main.tf +++ b/stacks/hackmd/main.tf @@ -20,6 +20,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "hackmd-data" + namespace = kubernetes_namespace.hackmd.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/hackmd" +} + resource "kubernetes_deployment" "hackmd" { metadata { name = "hackmd" @@ -122,17 +130,9 @@ resource "kubernetes_deployment" "hackmd" { } volume { name = "data" - nfs { - path = "/mnt/main/hackmd" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } - # iscsi { - # target_portal = "iscsi.viktorbarzin.lan:3260" - # fs_type = "ext4" - # iqn = "iqn.2020-12.lan.viktorbarzin:storage:hackmd" - # lun = 0 - # read_only = false - # } } } } diff --git a/stacks/health/main.tf b/stacks/health/main.tf index 19f38d04..6bad10c7 100644 --- a/stacks/health/main.tf +++ b/stacks/health/main.tf @@ -20,6 +20,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_uploads" { + source = "../../modules/kubernetes/nfs_volume" + name = "health-uploads" + namespace = kubernetes_namespace.health.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/health" +} + resource "kubernetes_deployment" "health" { metadata { name = "health" @@ -94,9 +102,8 @@ resource "kubernetes_deployment" "health" { } volume { name = "uploads" - nfs { - server = var.nfs_server - path = "/mnt/main/health" + persistent_volume_claim { + claim_name = module.nfs_uploads.claim_name } } } diff --git a/stacks/isponsorblocktv/main.tf b/stacks/isponsorblocktv/main.tf index 2cf285ce..d61ecb90 100644 --- a/stacks/isponsorblocktv/main.tf +++ b/stacks/isponsorblocktv/main.tf @@ -12,6 +12,14 @@ resource "kubernetes_namespace" "isponsorblocktv" { # Before running, setup config using # docker run --rm -it -v ./youtube:/app/data -e TERM=$TERM -e COLORTERM=$COLORTERM ghcr.io/dmunozv04/isponsorblocktv --setup +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "isponsorblocktv-data" + namespace = kubernetes_namespace.isponsorblocktv.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/isponsorblocktv/vermont" +} + # Mute and skip ads for vermont smart tv resource "kubernetes_deployment" "isponsorblocktv-vermont" { metadata { @@ -56,9 +64,8 @@ resource "kubernetes_deployment" "isponsorblocktv-vermont" { } volume { name = "data" - nfs { - server = var.nfs_server - path = "/mnt/main/isponsorblocktv/vermont" + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/matrix/main.tf b/stacks/matrix/main.tf index 7f172b11..1ab2acfb 100644 --- a/stacks/matrix/main.tf +++ b/stacks/matrix/main.tf @@ -18,6 +18,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "matrix-data" + namespace = kubernetes_namespace.matrix.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/matrix" +} + resource "kubernetes_deployment" "matrix" { metadata { name = "matrix" @@ -62,9 +70,8 @@ resource "kubernetes_deployment" "matrix" { } volume { name = "data" - nfs { - server = var.nfs_server - path = "/mnt/main/matrix" + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/meshcentral/main.tf b/stacks/meshcentral/main.tf index 41811c38..f3ed751e 100644 --- a/stacks/meshcentral/main.tf +++ b/stacks/meshcentral/main.tf @@ -18,6 +18,30 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "meshcentral-data" + namespace = kubernetes_namespace.meshcentral.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/meshcentral/meshcentral-data" +} + +module "nfs_files" { + source = "../../modules/kubernetes/nfs_volume" + name = "meshcentral-files" + namespace = kubernetes_namespace.meshcentral.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/meshcentral/meshcentral-files" +} + +module "nfs_backups" { + source = "../../modules/kubernetes/nfs_volume" + name = "meshcentral-backups" + namespace = kubernetes_namespace.meshcentral.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/meshcentral/meshcentral-backups" +} + resource "kubernetes_deployment" "meshcentral" { metadata { name = "meshcentral" @@ -106,23 +130,20 @@ resource "kubernetes_deployment" "meshcentral" { } volume { name = "data" - nfs { - path = "/mnt/main/meshcentral/meshcentral-data" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } volume { name = "files" - nfs { - path = "/mnt/main/meshcentral/meshcentral-files" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_files.claim_name } } volume { name = "backups" - nfs { - path = "/mnt/main/meshcentral/meshcentral-backups" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_backups.claim_name } } } diff --git a/stacks/n8n/main.tf b/stacks/n8n/main.tf index cf6b8385..76464d5b 100644 --- a/stacks/n8n/main.tf +++ b/stacks/n8n/main.tf @@ -19,6 +19,14 @@ resource "kubernetes_namespace" "n8n" { } } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "n8n-data" + namespace = kubernetes_namespace.n8n.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/n8n" +} + resource "kubernetes_deployment" "n8n" { metadata { name = "n8n" @@ -115,9 +123,8 @@ resource "kubernetes_deployment" "n8n" { } volume { name = "data" - nfs { - path = "/mnt/main/n8n" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/navidrome/main.tf b/stacks/navidrome/main.tf index 16597414..832a40f1 100644 --- a/stacks/navidrome/main.tf +++ b/stacks/navidrome/main.tf @@ -18,6 +18,30 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "navidrome-data" + namespace = kubernetes_namespace.navidrome.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/navidrome" +} + +module "nfs_music" { + source = "../../modules/kubernetes/nfs_volume" + name = "navidrome-music" + namespace = kubernetes_namespace.navidrome.metadata[0].name + nfs_server = "192.168.1.13" + nfs_path = "/volume1/music" +} + +module "nfs_lidarr" { + source = "../../modules/kubernetes/nfs_volume" + name = "navidrome-lidarr" + namespace = kubernetes_namespace.navidrome.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/servarr/lidarr" +} + resource "kubernetes_deployment" "navidrome" { metadata { name = "navidrome" @@ -79,23 +103,20 @@ resource "kubernetes_deployment" "navidrome" { } volume { name = "data" - nfs { - path = "/mnt/main/navidrome" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } volume { name = "music" - nfs { - path = "/volume1/music" - server = "192.168.1.13" + persistent_volume_claim { + claim_name = module.nfs_music.claim_name } } volume { name = "lidarr" - nfs { - path = "/mnt/main/servarr/lidarr" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_lidarr.claim_name } } } diff --git a/stacks/ntfy/main.tf b/stacks/ntfy/main.tf index 17b7366f..0c571540 100644 --- a/stacks/ntfy/main.tf +++ b/stacks/ntfy/main.tf @@ -17,6 +17,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "ntfy-data" + namespace = kubernetes_namespace.ntfy.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/ntfy" +} + resource "kubernetes_deployment" "ntfy" { metadata { name = "ntfy" @@ -100,9 +108,8 @@ resource "kubernetes_deployment" "ntfy" { } volume { name = "data" - nfs { - server = var.nfs_server - path = "/mnt/main/ntfy" + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/ollama/main.tf b/stacks/ollama/main.tf index 58d80e30..30bca477 100644 --- a/stacks/ollama/main.tf +++ b/stacks/ollama/main.tf @@ -18,39 +18,21 @@ module "tls_secret" { namespace = kubernetes_namespace.ollama.metadata[0].name tls_secret_name = var.tls_secret_name } -resource "kubernetes_persistent_volume_claim" "ollama-pvc" { - metadata { - name = "ollama-pvc" - namespace = kubernetes_namespace.ollama.metadata[0].name - } - spec { - access_modes = ["ReadWriteOnce"] - resources { - requests = { - storage = "30Gi" - } - } - volume_name = "ollama-pv" - } +module "nfs_ollama_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "ollama-data" + namespace = kubernetes_namespace.ollama.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/ssd/ollama" } -resource "kubernetes_persistent_volume" "ollama-pv" { - metadata { - name = "ollama-pv" - } - spec { - capacity = { - "storage" = "30Gi" - } - access_modes = ["ReadWriteOnce"] - persistent_volume_source { - nfs { - path = "/mnt/main/ollama" - server = var.nfs_server - } - } - } +module "nfs_ollama_ui_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "ollama-ui-data" + namespace = kubernetes_namespace.ollama.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/ollama" } # resource "helm_release" "ollama" { @@ -132,10 +114,8 @@ resource "kubernetes_deployment" "ollama" { } volume { name = "ollama-data" - nfs { - # path = "/mnt/main/ollama" - path = "/mnt/ssd/ollama" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_ollama_data.claim_name } } } @@ -282,9 +262,8 @@ resource "kubernetes_deployment" "ollama-ui" { } volume { name = "data" - nfs { - path = "/mnt/main/ollama" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_ollama_ui_data.claim_name } } } diff --git a/stacks/onlyoffice/main.tf b/stacks/onlyoffice/main.tf index 8bef58ad..33b62dd0 100644 --- a/stacks/onlyoffice/main.tf +++ b/stacks/onlyoffice/main.tf @@ -64,6 +64,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "onlyoffice-data" + namespace = kubernetes_namespace.onlyoffice.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/onlyoffice" +} + resource "kubernetes_deployment" "onlyoffice-document-server" { metadata { name = "onlyoffice-document-server" @@ -149,9 +157,8 @@ resource "kubernetes_deployment" "onlyoffice-document-server" { } volume { name = "data" - nfs { - path = "/mnt/main/onlyoffice" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/owntracks/main.tf b/stacks/owntracks/main.tf index b71bff25..aa5beac3 100644 --- a/stacks/owntracks/main.tf +++ b/stacks/owntracks/main.tf @@ -40,6 +40,14 @@ resource "kubernetes_secret" "basic_auth" { } } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "owntracks-data" + namespace = kubernetes_namespace.owntracks.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/owntracks" +} + resource "kubernetes_deployment" "owntracks" { metadata { name = "owntracks" @@ -107,9 +115,8 @@ resource "kubernetes_deployment" "owntracks" { } volume { name = "data" - nfs { - path = "/mnt/main/owntracks" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/paperless-ngx/main.tf b/stacks/paperless-ngx/main.tf index 37b4f7a1..04df177d 100644 --- a/stacks/paperless-ngx/main.tf +++ b/stacks/paperless-ngx/main.tf @@ -23,6 +23,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "paperless-ngx-data" + namespace = kubernetes_namespace.paperless-ngx.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/paperless-ngx" +} + resource "kubernetes_deployment" "paperless-ngx" { metadata { @@ -127,9 +135,8 @@ resource "kubernetes_deployment" "paperless-ngx" { } volume { name = "data" - nfs { - path = "/mnt/main/paperless-ngx" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/poison-fountain/main.tf b/stacks/poison-fountain/main.tf index 9055c38b..1897163b 100644 --- a/stacks/poison-fountain/main.tf +++ b/stacks/poison-fountain/main.tf @@ -18,6 +18,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "poison-fountain-data" + namespace = kubernetes_namespace.poison_fountain.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/poison-fountain" +} + # ConfigMap for the Python service code resource "kubernetes_config_map" "poison_fountain_code" { metadata { @@ -157,9 +165,8 @@ resource "kubernetes_deployment" "poison_fountain" { } volume { name = "data" - nfs { - server = var.nfs_server - path = "/mnt/main/poison-fountain" + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } @@ -264,9 +271,8 @@ resource "kubernetes_cron_job_v1" "poison_fetcher" { } volume { name = "data" - nfs { - server = var.nfs_server - path = "/mnt/main/poison-fountain" + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } diff --git a/stacks/send/main.tf b/stacks/send/main.tf index 7288058d..7fe70325 100644 --- a/stacks/send/main.tf +++ b/stacks/send/main.tf @@ -19,6 +19,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "send-data" + namespace = kubernetes_namespace.send.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/send" +} + resource "kubernetes_deployment" "send" { metadata { name = "send" @@ -93,9 +101,8 @@ resource "kubernetes_deployment" "send" { } volume { name = "data" - nfs { - path = "/mnt/main/send" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/stirling-pdf/main.tf b/stacks/stirling-pdf/main.tf index 65311678..a9ee0b05 100644 --- a/stacks/stirling-pdf/main.tf +++ b/stacks/stirling-pdf/main.tf @@ -18,6 +18,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_configs" { + source = "../../modules/kubernetes/nfs_volume" + name = "stirling-pdf-configs" + namespace = kubernetes_namespace.stirling-pdf.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/stirling-pdf" +} + resource "kubernetes_deployment" "stirling-pdf" { metadata { name = "stirling-pdf" @@ -65,9 +73,8 @@ resource "kubernetes_deployment" "stirling-pdf" { } volume { name = "configs" - nfs { - server = var.nfs_server - path = "/mnt/main/stirling-pdf" + persistent_volume_claim { + claim_name = module.nfs_configs.claim_name } } } diff --git a/stacks/tandoor/main.tf b/stacks/tandoor/main.tf index 87bcab69..69407ad9 100644 --- a/stacks/tandoor/main.tf +++ b/stacks/tandoor/main.tf @@ -29,6 +29,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "tandoor-data" + namespace = kubernetes_namespace.tandoor.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/tandoor" +} + resource "kubernetes_deployment" "tandoor" { metadata { name = "tandoor" @@ -150,9 +158,8 @@ resource "kubernetes_deployment" "tandoor" { volume { name = "data" - nfs { - path = "/mnt/main/tandoor" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/wealthfolio/main.tf b/stacks/wealthfolio/main.tf index e81bd6fe..4177fe23 100644 --- a/stacks/wealthfolio/main.tf +++ b/stacks/wealthfolio/main.tf @@ -31,6 +31,14 @@ resource "random_string" "random" { lower = true } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "wealthfolio-data" + namespace = kubernetes_namespace.wealthfolio.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/wealthfolio" +} + resource "kubernetes_deployment" "wealthfolio" { metadata { name = "wealthfolio" @@ -101,9 +109,8 @@ resource "kubernetes_deployment" "wealthfolio" { } volume { name = "data" - nfs { - server = var.nfs_server - path = "/mnt/main/wealthfolio" + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/whisper/main.tf b/stacks/whisper/main.tf index 05e206e3..b6ae610a 100644 --- a/stacks/whisper/main.tf +++ b/stacks/whisper/main.tf @@ -17,6 +17,14 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "whisper-data" + namespace = kubernetes_namespace.whisper.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/whisper" +} + resource "kubernetes_deployment" "whisper" { metadata { name = "whisper" @@ -81,9 +89,8 @@ resource "kubernetes_deployment" "whisper" { volume { name = "data" - nfs { - server = var.nfs_server - path = "/mnt/main/whisper" + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } @@ -201,9 +208,8 @@ resource "kubernetes_deployment" "piper" { volume { name = "data" - nfs { - server = var.nfs_server - path = "/mnt/main/whisper" + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } } diff --git a/stacks/woodpecker/main.tf b/stacks/woodpecker/main.tf index b0b58876..ea0a7d10 100644 --- a/stacks/woodpecker/main.tf +++ b/stacks/woodpecker/main.tf @@ -101,11 +101,18 @@ resource "kubernetes_persistent_volume" "woodpecker_server_data" { capacity = { storage = "10Gi" } - access_modes = ["ReadWriteOnce"] + access_modes = ["ReadWriteOnce"] + persistent_volume_reclaim_policy = "Retain" + storage_class_name = "nfs-truenas" + volume_mode = "Filesystem" persistent_volume_source { - nfs { - server = var.nfs_server - path = "/mnt/main/woodpecker" + csi { + driver = "nfs.csi.k8s.io" + volume_handle = "woodpecker-server-data" + volume_attributes = { + server = var.nfs_server + share = "/mnt/main/woodpecker" + } } } claim_ref { diff --git a/stacks/ytdlp/main.tf b/stacks/ytdlp/main.tf index 0677055c..3f3d05f8 100644 --- a/stacks/ytdlp/main.tf +++ b/stacks/ytdlp/main.tf @@ -23,6 +23,22 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } +module "nfs_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "ytdlp-data" + namespace = kubernetes_namespace.ytdlp.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/ytdlp" +} + +module "nfs_highlights_data" { + source = "../../modules/kubernetes/nfs_volume" + name = "ytdlp-highlights-data" + namespace = kubernetes_namespace.ytdlp.metadata[0].name + nfs_server = var.nfs_server + nfs_path = "/mnt/main/ytdlp-highlights" +} + resource "kubernetes_deployment" "ytdlp" { # resource "kubernetes_daemonset" "technitium" { metadata { @@ -92,9 +108,8 @@ resource "kubernetes_deployment" "ytdlp" { } volume { name = "data" - nfs { - path = "/mnt/main/ytdlp" - server = var.nfs_server + persistent_volume_claim { + claim_name = module.nfs_data.claim_name } } # } @@ -288,9 +303,8 @@ resource "kubernetes_deployment" "yt_highlights" { } volume { name = "data" - nfs { - server = var.nfs_server - path = "/mnt/main/ytdlp-highlights" + persistent_volume_claim { + claim_name = module.nfs_highlights_data.claim_name } } }