From 0340b67c668eee9484063c535db17fe26b75fdf7 Mon Sep 17 00:00:00 2001
From: nold <nold@gnu.one>
Date: Wed, 10 May 2023 11:37:29 +0200
Subject: [PATCH] change(mqtt): use app-template

---
 projects/mqtt/project.yml           |   6 +-
 projects/mqtt/values/moquitto.yaml  | 123 ----------------------------
 projects/mqtt/values/mosquitto.yaml |  71 ++++++++++++++++
 3 files changed, 74 insertions(+), 126 deletions(-)
 delete mode 100644 projects/mqtt/values/moquitto.yaml
 create mode 100644 projects/mqtt/values/mosquitto.yaml

diff --git a/projects/mqtt/project.yml b/projects/mqtt/project.yml
index 5936b649..da0dacaf 100644
--- a/projects/mqtt/project.yml
+++ b/projects/mqtt/project.yml
@@ -3,6 +3,6 @@ config:
 
 apps:
 - name: mosquitto
-  repoURL: https://charts.billias.cc
-  chart: mosquitto
-  targetRevision: 2.5.0
+  repo: bjw-s 
+  chart: app-template
+  targetRevision: 1.5.0
diff --git a/projects/mqtt/values/moquitto.yaml b/projects/mqtt/values/moquitto.yaml
deleted file mode 100644
index 2a26a705..00000000
--- a/projects/mqtt/values/moquitto.yaml
+++ /dev/null
@@ -1,123 +0,0 @@
-replicaCount: 1
-strategyType: Recreate
-
-image:
-  repository: eclipse-mosquitto
-  tag: 2.0.15
-  pullPolicy: IfNotPresent
-
-service:
-  type: LoadBalancer
-  #externalTrafficPolicy: Cluster
-  annotations:
-    metallb.universe.tf/address-pool: iot
-    #metallb.universe.tf/allow-shared-ip: adguard
-
-ports:
-  mqtt:
-    port: 1883
-    # sets consistent nodePort, required to set service.type=NodePort
-    # nodePort: 31883
-    protocol: TCP
-  websocket:
-    port: 9090
-    protocol: TCP
-
-persistence:
-  enabled: true
-  accessMode: ReadWriteOnce
-  existingClaim: ""
-  mountPath: /mosquitto/data
-  subPath: ""
-  # storageClass: "-"
-  size: 1Gi
-
-resources:
-  limits:
-    cpu: 300m
-    memory: 128Mi
-  requests:
-    cpu: 100m
-    memory: 64Mi
-
-podSecurityContext:
-  runAsUser: 1001
-  runAsGroup: 10000
-  fsGroup: 10000
-
-securityContext:
-  runAsUser: 1001
-  fsGroup: 10000
-  runAsNonRoot: true
-  privileged: false
-  readOnlyRootFilesystem: true
-  allowPrivilegeEscalation: false
-  capabilities:
-    drop:
-    - ALL
-
-authentication:
-  passwordEntries: ""
-  # To use authentication with mosquitto, you can set a list of password entries to be used.
-  # reference https://mosquitto.org/man/mosquitto_passwd-1.html to generate these entries.
-  # For example:
-  # passwordEntries: |-
-  #   user1:$6$BKzw0RKerxV4Esbj$Uz5slWGB1TiOtYIEokEl0eR1YSEQAdKpcdRYMsLYbwjktlVzdLyGk41YCPGyMLnBePtdwPhkcm8kjGI0R9s57w==
-  #   user2:$6$b5vYuHrSLj48Ii32$NjlbnatIaUQSsNvxxTpawpav6NPyZ8QhGrdEVGtyU1rgEGjNzVGKlstRg29FV6MFTPs/ugPA8D5I5+qRcIMXSg==
-  passwordFilePath: "/etc/mosquitto/passwordfile"
-
-authorization:
-  acls: ""
-  # To use authorizations with mosquitto, you can set a list of per user or pattern-based rules.
-  # reference https://mosquitto.org/man/mosquitto-conf-5.html for further information.
-  # For example:
-  # acls: |-
-      # zigbee2mqtt ACLs
-      # user zigbee2mqtt
-      # topic readwrite zigbee2mqtt/#
-      # topic readwrite homeassistant/#
-      # Tasmota-compatible ACLs
-      # pattern read cmnd/%u/#
-      # pattern write stat/%u/#
-      # pattern write tele/%u/#
-  aclfilePath: "/etc/mosquitto/aclfile"
-
-existingConfigMap: ""
-config: |
-  persistence true
-  persistence_location /mosquitto/data/
-  log_dest stdout
-  listener 1883
-  listener 9090
-  protocol websockets
-
-## Additional volumes.
-extraVolumes: []
-  # - name: tls
-  #   secret:
-  #     secretName: mosquitto-certs
-
-## Additional volumeMounts to the main container.
-extraVolumeMounts: []
-  # - name: tls
-  #   mountPath: /certs
-  #   subPath: cafile
-
-monitoring:
-  podMonitor:
-    enabled: false
-  sidecar:
-    enabled: false
-    port: 9234
-    # nodePort: 32234
-    image:
-      repository: nolte/mosquitto-exporter
-      tag: v0.6.3
-      pullPolicy: IfNotPresent
-    resources:
-      limits:
-        cpu: 300m
-        memory: 128Mi
-      requests:
-        cpu: 100m
-        memory: 64Mi
diff --git a/projects/mqtt/values/mosquitto.yaml b/projects/mqtt/values/mosquitto.yaml
new file mode 100644
index 00000000..79a75bd5
--- /dev/null
+++ b/projects/mqtt/values/mosquitto.yaml
@@ -0,0 +1,71 @@
+image:
+  repository: eclipse-mosquitto
+  tag: 2.0.15
+
+service:
+  main:
+    type: LoadBalancer
+    externalTrafficPolicy: Local
+    annotations:
+      #metallb.universe.tf/allow-shared-ip: adguard
+      metallb.universe.tf/address-pool: iot
+    ports:
+      http:
+        enabled: false
+        port: 9090
+      mqtt:
+        enabled: true
+        port: 1883
+
+configMaps:
+  config:
+    enabled: true
+    data:
+      mosquitto.conf: |
+        allow_anonymous true
+        connection_messages false
+        persistence true
+        persistence_location /mosquitto/data/
+        log_dest stdout
+        listener 1883
+        listener 9090
+        protocol websockets
+
+persistence:
+  data:
+    enabled: true
+    type: pvc
+    mountPath: /mosquitto/data
+    accessMode: ReadWriteOnce
+    size: 10Gi
+
+  config:
+    enabled: true
+    type: configMap
+    name: mosquitto-config
+    mountPath: /mosquitto/config/mosquitto.conf
+    subPath: mosquitto.conf
+
+resources:
+  limits:
+    cpu: 100m
+    memory: 64Mi
+  requests:
+    cpu: 10m
+    memory: 32Mi
+
+podSecurityContext:
+  runAsUser: 1001
+  runAsGroup: 10000
+  fsGroup: 10000
+
+securityContext:
+  runAsUser: 1001
+  runAsGroup: 10000
+  runAsNonRoot: true
+  privileged: false
+  readOnlyRootFilesystem: true
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop:
+    - ALL