feat: deploy n8n workflow automation

2026-05-30 00:46:35 +00:00 · 2026-05-30 00:46:35 +00:00 · 2026-05-30 00:46:35 +00:00 · 2026-05-24 14:17:54 +00:00 · 2026-05-24 14:16:22 +00:00 · 2026-05-24 14:16:22 +00:00
10 changed files with 297 additions and 0 deletions
@@ -0,0 +1,54 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: khalisio
+  namespace: apps
+  labels:
+    app: khalisio
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: khalisio
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 0
+  template:
+    metadata:
+      labels:
+        app: khalisio
+    spec:
+      imagePullSecrets:
+        - name: ghcr-pull-secret
+      nodeSelector:
+        kubernetes.io/arch: amd64
+      containers:
+        - name: web
+          image: ghcr.io/richard-callis/portfolio:latest
+          imagePullPolicy: Always
+          ports:
+            - name: http
+              containerPort: 8080
+          resources:
+            requests:
+              cpu: 10m
+              memory: 16Mi
+            limits:
+              cpu: 100m
+              memory: 64Mi
+          readinessProbe:
+            httpGet: { path: /, port: http }
+            initialDelaySeconds: 2
+            periodSeconds: 5
+          livenessProbe:
+            httpGet: { path: /, port: http }
+            initialDelaySeconds: 5
+            periodSeconds: 30
+          securityContext:
+            allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            runAsUser: 101
+            capabilities:
+              drop: ["ALL"]
@@ -0,0 +1,35 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: khalisio
+  namespace: apps
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+spec:
+  tls:
+    - hosts:
+        - khalisio.com
+        - www.khalisio.com
+      secretName: khalisio-tls
+  rules:
+    - host: khalisio.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: khalisio
+                port:
+                  number: 80
+    - host: www.khalisio.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: khalisio
+                port:
+                  number: 80
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: khalisio
+  namespace: apps
+spec:
+  selector:
+    app: khalisio
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+  type: ClusterIP
@@ -0,0 +1,32 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: n8n
+  namespace: apps
+  labels:
+    app: n8n
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: n8n
+  template:
+    metadata:
+      labels:
+        app: n8n
+    spec:
+      containers:
+        - name: n8n
+          image: n8nio/n8n:1.87.0
+          ports:
+            - containerPort: 5678
+          envFrom:
+            - secretRef:
+                name: n8n-secret
+          resources:
+            requests:
+              cpu: 100m
+              memory: 128Mi
+            limits:
+              cpu: 500m
+              memory: 512Mi
@@ -0,0 +1,24 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: n8n
+  namespace: apps
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+spec:
+  ingressClassName: traefik
+  rules:
+    - host: n8n.khalisio.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: n8n
+                port:
+                  number: 80
+  tls:
+    - hosts:
+        - n8n.khalisio.com
+      secretName: n8n-tls
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: n8n
+  namespace: apps
+  labels:
+    app: n8n
+spec:
+  selector:
+    app: n8n
+  ports:
+    - port: 80
+      targetPort: 5678
+  type: ClusterIP
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: transmission-config
+  namespace: media
+data:
+  peer-port: "0"
@@ -0,0 +1,85 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: transmission
+  namespace: media
+  labels:
+    app: transmission
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: transmission
+  template:
+    metadata:
+      labels:
+        app: transmission
+    spec:
+      containers:
+        - name: gluetun
+          image: ghcr.io/qmcgaw/gluetun:v3.40.0
+          env:
+            - name: OPENVPN_PROVIDER
+              value: "PROTONVPN"
+            - name: OPENVPN_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: transmission-vpn-secret
+                  key: username
+            - name: OPENVPN_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: transmission-vpn-secret
+                  key: password
+            - name: SERVER_COUNTRIES
+              value: "US"
+            - name: FIREWALL_ENABLED
+              value: "off"
+            - name: DOT_ENABLED
+              value: "true"
+          ports:
+            - name: http
+              containerPort: 8000
+          volumeMounts:
+            - name: config
+              mountPath: /config
+        - name: transmission
+          image: lscr.io/linuxserver/transmission:latest
+          env:
+            - name: PUID
+              value: "1000"
+            - name: PGID
+              value: "1000"
+            - name: TZ
+              value: "America/New_York"
+            - name: USER
+              value: "admin"
+            - name: PASS
+              value: "admin"
+            - name: TRANSMISSION_WEB_HOME
+              value: "/combui"
+            - name: PEER_PORT
+              valueFrom:
+                configMapKeyRef:
+                  name: transmission-config
+                  key: peer-port
+          ports:
+            - name: http
+              containerPort: 9091
+            - name: peer
+              containerPort: 0
+              protocol: TCP
+            - name: peer-udp
+              containerPort: 0
+              protocol: UDP
+          volumeMounts:
+            - name: config
+              mountPath: /config
+            - name: downloads
+              mountPath: /downloads
+      volumes:
+        - name: config
+          emptyDir: {}
+        - name: downloads
+          persistentVolumeClaim:
+            claimName: media-data
@@ -0,0 +1,20 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: transmission
+  namespace: media
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+spec:
+  rules:
+    - host: transmission.khalis.corp
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: transmission
+                port:
+                  name: http
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: transmission
+  namespace: media
+spec:
+  selector:
+    app: transmission
+  ports:
+    - name: http
+      port: 9091
+      targetPort: http
+  type: ClusterIP
Author	SHA1	Message	Date
gitea-admin	c08c6d12e2	feat: deploy n8n workflow automation Validate Manifests / validate (pull_request) Failing after 0s Details	2026-05-30 00:46:35 +00:00
gitea-admin	070120586d	feat: deploy n8n workflow automation	2026-05-30 00:46:35 +00:00
gitea-admin	7e3b6e6f83	feat: deploy n8n workflow automation	2026-05-30 00:46:35 +00:00
gitea-admin	78fe8748dd	Merge pull request 'fix: remove static peer port from transmission deployment' (#105 ) from orion/auto/fix-remove-static-peer-port-from-transmi-1779632181197 into main Reviewed-on: #105	2026-05-24 14:17:54 +00:00
gitea-admin	f4be4e0f01	fix: remove static peer port from transmission deployment Validate Manifests / validate (pull_request) Has been cancelled Details	2026-05-24 14:16:22 +00:00
gitea-admin	f4f2a7229d	fix: remove static peer port from transmission deployment	2026-05-24 14:16:22 +00:00
gitea-admin	ece7b8d562	fix: remove static peer port from transmission deployment	2026-05-24 14:16:21 +00:00
gitea-admin	a194beb7b7	fix: remove static peer port from transmission deployment	2026-05-24 14:16:21 +00:00
gitea-admin	9e2562897c	fix(khalisio): pin to amd64 nodes (image is amd64-only for now)	2026-05-20 09:24:18 +00:00
gitea-admin	277e834d5c	fix(khalisio): add ghcr-pull-secret imagePullSecret	2026-05-20 09:20:48 +00:00
gitea-admin	c4e088cc49	Merge pull request 'feat(khalisio): deploy khalisio.com to apps namespace' (#103 ) from add-khalisio into main Reviewed-on: #103	2026-05-20 09:13:18 +00:00
gitea-admin	5d5e004e71	feat(khalisio): add khalisio.com deployment, service, ingress Validate Manifests / validate (pull_request) Has been cancelled Details	2026-05-20 09:11:45 +00:00