REFACTOR(apps): migrate to app-template

- docusaurus: Replace with app-template, configmap in manifests/ - homer: Replace with app-template, configMapGenerator for config.yml - crafty: Replace with app-template, pvc/ingress/service in manifests/ - mas: Replace with app-template, rbac/external-secret in manifests/ - All apps use app-template chart v3.6.1
2026-01-06 15:42:07 +09:00
parent 753543648b
commit be6723cc55
29 changed files with 453 additions and 532 deletions
--- a/mas/argocd.yaml
+++ b/mas/argocd.yaml
@@ -8,6 +8,15 @@ metadata:
 spec:
  project: default
  sources:
+  - repoURL: https://bjw-s.github.io/helm-charts
+    chart: app-template
+    targetRevision: 3.6.1
+    helm:
+      valueFiles:
+      - $values/mas/helm-values.yaml
+  - repoURL: https://github.com/K3S-HOME/applications.git
+    targetRevision: main
+    ref: values
  - repoURL: https://github.com/K3S-HOME/applications.git
    targetRevision: main
    path: mas
@@ -18,11 +27,8 @@ spec:
    automated:
      prune: true
      selfHeal: true
-      allowEmpty: false
    syncOptions:
    - CreateNamespace=true
-    - PrunePropagationPolicy=foreground
-    - PruneLast=true
    retry:
      limit: 5
      backoff:
@@ -32,4 +38,3 @@ spec:
    managedNamespaceMetadata:
      labels:
        goldilocks.fairwinds.com/enabled: 'true'
-  revisionHistoryLimit: 10
--- a/mas/deployment.yaml
+++ b/mas/deployment.yaml
@@ -1,77 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: mas
-  labels:
-    app: mas
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: mas
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
-  revisionHistoryLimit: 3
-  template:
-    metadata:
-      labels:
-        app: mas
-    spec:
-      hostPID: true
-      serviceAccountName: mas
-      imagePullSecrets:
-      - name: ghcr-secret
-      containers:
-      - name: mas
-        image: ghcr.io/mayne0213/mas:latest
-        imagePullPolicy: Always
-        securityContext:
-          privileged: true
-        ports:
-        - containerPort: 8000
-          name: http
-        env:
-        - name: ANTHROPIC_API_KEY
-          valueFrom:
-            secretKeyRef:
-              name: mas-api-keys
-              key: anthropic-api-key
-        - name: POSTGRES_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: postgresql-password
-              key: password
-        - name: CHAINLIT_DATABASE_URL
-          value: "postgresql://bluemayne:$(POSTGRES_PASSWORD)@postgresql-rw.postgresql.svc.cluster.local:5432/mas"
-        - name: DATABASE_URL
-          value: "postgresql://bluemayne:$(POSTGRES_PASSWORD)@postgresql-rw.postgresql.svc.cluster.local:5432/mas"
-        - name: POSTGRES_HOST
-          value: "postgresql-rw.postgresql.svc.cluster.local"
-        - name: POSTGRES_PORT
-          value: "5432"
-        - name: POSTGRES_USER
-          value: "bluemayne"
-        - name: REDIS_URL
-          value: "redis://redis:6379/0"
-        resources:
-          requests:
-            memory: 256Mi
-            cpu: 100m
-          limits:
-            memory: 1Gi
-        livenessProbe:
-          httpGet:
-            path: /
-            port: 8000
-          initialDelaySeconds: 30
-          periodSeconds: 10
-        readinessProbe:
-          httpGet:
-            path: /
-            port: 8000
-          initialDelaySeconds: 10
-          periodSeconds: 5
-      restartPolicy: Always
--- a/mas/helm-values.yaml
+++ b/mas/helm-values.yaml
@@ -0,0 +1,102 @@
+# mas - bjw-s/app-template values
+# Multi-Agent System
+
+defaultPodOptions:
+  hostPID: true
+  imagePullSecrets:
+    - name: ghcr-secret
+
+serviceAccount:
+  create: false
+  name: mas
+
+controllers:
+  main:
+    strategy: RollingUpdate
+    rollingUpdate:
+      unavailable: 0
+      surge: 1
+    revisionHistoryLimit: 3
+    containers:
+      main:
+        image:
+          repository: ghcr.io/mayne0213/mas
+          tag: latest
+          pullPolicy: Always
+        securityContext:
+          privileged: true
+        env:
+          ANTHROPIC_API_KEY:
+            valueFrom:
+              secretKeyRef:
+                name: mas-api-keys
+                key: anthropic-api-key
+          POSTGRES_PASSWORD:
+            valueFrom:
+              secretKeyRef:
+                name: postgresql-password
+                key: password
+          CHAINLIT_DATABASE_URL: "postgresql://bluemayne:$(POSTGRES_PASSWORD)@postgresql-rw.postgresql.svc.cluster.local:5432/mas"
+          DATABASE_URL: "postgresql://bluemayne:$(POSTGRES_PASSWORD)@postgresql-rw.postgresql.svc.cluster.local:5432/mas"
+          POSTGRES_HOST: "postgresql-rw.postgresql.svc.cluster.local"
+          POSTGRES_PORT: "5432"
+          POSTGRES_USER: "bluemayne"
+          REDIS_URL: "redis://redis:6379/0"
+        resources:
+          requests:
+            cpu: 100m
+            memory: 256Mi
+          limits:
+            memory: 1Gi
+        probes:
+          liveness:
+            enabled: true
+            custom: true
+            spec:
+              httpGet:
+                path: /
+                port: 8000
+              initialDelaySeconds: 30
+              periodSeconds: 10
+          readiness:
+            enabled: true
+            custom: true
+            spec:
+              httpGet:
+                path: /
+                port: 8000
+              initialDelaySeconds: 10
+              periodSeconds: 5
+
+service:
+  main:
+    controller: main
+    ports:
+      http:
+        port: 8000
+
+ingress:
+  main:
+    enabled: true
+    className: traefik
+    annotations:
+      cert-manager.io/cluster-issuer: letsencrypt-prod
+      traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
+    hosts:
+      - host: mas0213.kro.kr
+        paths:
+          - path: /
+            service:
+              identifier: main
+              port: http
+      - host: www.mas0213.kro.kr
+        paths:
+          - path: /
+            service:
+              identifier: main
+              port: http
+    tls:
+      - secretName: mas-tls
+        hosts:
+          - mas0213.kro.kr
+          - www.mas0213.kro.kr
--- a/mas/ingress.yaml
+++ b/mas/ingress.yaml
@@ -1,35 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: mas-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-    traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
-spec:
-  ingressClassName: traefik
-  tls:
-  - hosts:
-    - mas0213.kro.kr
-    - www.mas0213.kro.kr
-    secretName: mas-tls
-  rules:
-  - host: mas0213.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: mas
-            port:
-              number: 8000
-  - host: www.mas0213.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: mas
-            port:
-              number: 8000
--- a/mas/kustomization.yaml
+++ b/mas/kustomization.yaml
@@ -2,8 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: mas
 resources:
- deployment.yaml
- service.yaml
- ingress.yaml
- external-secret.yaml
- rbac.yaml
+- manifests/rbac.yaml
+- manifests/external-secret.yaml
--- a/mas/manifests/external-secret.yaml
+++ b/mas/manifests/external-secret.yaml
--- a/mas/manifests/rbac.yaml
+++ b/mas/manifests/rbac.yaml
--- a/mas/service.yaml
+++ b/mas/service.yaml
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: mas
-  labels:
-    app: mas
-spec:
-  type: ClusterIP
-  ports:
-  - port: 8000
-    targetPort: 8000
-    protocol: TCP
-    name: http
-  selector:
-    app: mas