our own dovecot

dmarc.pod.yaml

@@ -0,0 +1,39 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: dmarc
+spec:
+  containers:
+    - name: dmarc
+      image: cr.chaos/dmarc-report
+      ports:
+        - containerPort: 8080
+          hostPort: 8083
+      env:
+        - name: REPORT_DB_TYPE
+          value: pgsql
+        - name: REPORT_DB_HOST
+          value: host.containers.internal
+        - name: REPORT_DB_PORT
+          value: "5432"
+        - name: REPORT_DB_NAME
+          value: dmarc
+        - name: REPORT_DB_USER
+          value: dmarc
+        - name: REPORT_DB_PASS
+          value: 4XSS4gKpheSBoMsIs
+        - name: PARSER_IMAP_PORT
+          value: "143"
+        - name: PARSER_IMAP_SERVER
+          value: imap.maketank.net #116.202.109.243
+        - name: PARSER_IMAP_USER
+          value: dmarc-inbox@maketank.net
+        - name: PARSER_IMAP_PASS
+          value: j2Kwd6mVPZw2yMLw2gIKwn
+        - name: PARSER_IMAP_READ_FOLDER
+          value: Inbox
+        - name: PARSER_IMAP_MOVE_FOLDER
+          value: Processed
+        - name: PARSER_IMAP_MOVE_FOLDER_ERR
+          value: Error
+  restartPolicy: Always

docker-registry.pod.yaml

@@ -0,0 +1,43 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: registry
+spec:
+  containers:
+    - name: registry
+      image: docker.io/library/registry:2
+      ports:
+        - containerPort: 5000
+          hostPort: 5000
+      volumeMounts:
+        - mountPath: /var/lib/registry
+          name: registry-data-pvc
+      securityContext:
+        privileged: true
+    - name: registry-ui
+      image: docker.io/joxit/docker-registry-ui:main
+      ports:
+        - containerPort: 80
+          hostPort: 8082
+      env:
+        - name: DELETE_IMAGE
+          value: "true"
+        - name: NGINX_PROXY_PASS_URL
+          value: http://registry.dns.podman:5000
+        - name: URL
+          value: http://cr-ui.chaos
+        - name: REGISTRY_TITLE
+          value: CHAOS
+        - name: SINGLE_REGISTRY
+          value: "true"
+        - name: SHOW_CONTENT_DIGEST
+          value: "true"
+        - name: SHOW_CATALOG_NB_TAGS
+          value: "true"
+        - name: REGISTRY_SECURED
+          value: "false"
+  volumes:
+    - name: registry-data-pvc
+      persistentVolumeClaim:
+        claimName: registry-data
+  restartPolicy: Always

drone.pod.yaml

@@ -0,0 +1,102 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: drone
+spec:
+  containers:
+  - name: drone
+    image: docker.io/drone/drone:latest
+    network: podman
+    ports:
+      - containerPort: 80
+        hostPort: 8089
+    volumeMounts:
+      - name: drone-data-pvc
+        mountPath: /data
+    env:
+      - name: TZ
+        value: "Europe/Berlin"
+      - name: DRONE_GIT_ALWAYS_AUTH
+        value: "true"
+      - name: DRONE_GITEA_SERVER
+        value: "https://git.maketank.net"
+      - name: DRONE_GITEA_CLIENT_ID
+        value: "c2f9e916-3dc0-4276-9e09-a5922a9ce5a1"
+      - name: DRONE_GITEA_CLIENT_SECRET
+        value: "gto_b6rbd2xhjfkp5pmz4teaqaj5licxupjllt2yll3mphufleijcvva"
+      - name: DRONE_RPC_SECRET
+        value: "7eb685ed81d0c34bafc5efa7783c20b2"
+      - name: DRONE_SERVER_HOST
+        value: "drone.chaos"
+      - name: DRONE_SERVER_PROTO
+        value: "http"
+      - name: DRONE_JSONNET_ENABLED
+        value: "true"
+      - name: DRONE_STARLARK_ENABLED
+        value: "true"
+      - name: DRONE_LOGS_DEBUG
+        value: "false"
+      - name: DRONE_LOGS_TRACE
+        value: "false"
+      - name: DRONE_USER_CREATE
+        value: "username:do,admin:true"
+  - name: drone-runner
+    image: docker.io/drone/drone-runner-docker:latest
+    ports:
+      - containerPort: 3000
+        hostPort: 8090
+    volumeMounts:
+      - name: drone-runner-data-pvc
+        mountPath: /drone
+      - name: etc_containers
+        mountPath: /etc/containers
+      - name: podman.sock
+        mountPath: /var/run/docker.sock
+    env:
+      - name: TZ
+        value: "Europe/Berlin"
+      - name: DRONE_RUNNER_NAME
+        value: "drone-runner01"
+      - name: DRONE_RPC_SECRET
+        value: "7eb685ed81d0c34bafc5efa7783c20b2"
+      - name: DRONE_RPC_HOST
+        value: "drone.dns.podman"
+      - name: DRONE_RPC_PROTO
+        value: "http"
+      - name: DRONE_RUNNER_CAPACITY
+        value: "1"
+      - name: DRONE_LOGS_DEBUG
+        value: "false"
+      - name: DRONE_LOGS_TRACE
+        value: "false"
+      - name: DRONE_TRACE
+        value: "false"
+      - name: DOCKER_BUILDKIT
+        value: "1"
+      - name: DRONE_GIT_ALWAYS_AUTH
+        value: "true"
+      - name: DRONE_UI_DISABLE
+        value: "false"
+      - name: DRONE_UI_USERNAME
+        value: "root"
+      - name: DRONE_UI_PASSWORD
+        value: "root"
+      - name: DRONE_RUNNER_CLONE_IMAGE
+        value: "drone/git"
+      #- name: DRONE_RUNNER_VOLUMES
+      #  value: "/etc/resolv.conf:/etc/resolv.conf"
+  volumes:
+    - name: drone-data-pvc
+      persistentVolumeClaim:
+        claimName: drone-data
+    - name: drone-runner-data-pvc
+      persistentVolumeClaim:
+        claimName: drone-runner-data
+    - name: etc_containers
+      hostPath:
+        path: /etc/containers
+        type: Directory
+    - name: podman.sock
+      hostPath:
+        path: /run/user/1005/podman/podman.sock 
+        type: File

homeassistant.pod.yaml

@@ -0,0 +1,52 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: auto
+  annotations:
+    run.oci.keep_original_groups: "1"
+
+spec:
+  containers:
+    - name: homeassistant
+      image: docker.io/homeassistant/home-assistant:stable
+      env:
+        - name: TZ
+          value: Europe/Berlin
+      ports:
+        - containerPort: 8123
+          hostIP: 127.0.0.1
+          hostPort: 8123
+        - containerPort: 8300
+          hostIP: 192.168.10.3
+          hostPort: 8300
+      volumeMounts:
+        - name: homeassistant-config-pvc
+          mountPath: /config
+    - name: zwave-js
+      image: docker.io/zwavejs/zwave-js-ui:latest
+      ports:
+        - containerPort: 8091
+          hostPort: 8091
+        - containerPort: 3000
+          hostPort: 3000
+      volumeMounts:
+        - name: zwavejs-store
+          mountPath: /usr/src/app/store
+        - name: dev-ttyS2
+          mountPath: /dev/zwave
+      securityContext:
+        capabilities:
+          add: ["SYS_RAWIO"]
+  volumes:
+    - name: homeassistant-config-pvc
+      persistentVolumeClaim:
+          claimName: homeassistant-config
+    - name: zwavejs-store
+      persistentVolumeClaim:
+        claimName: zwavejs-store  # Assuming you have a PVC named `zwavejs-store` for persistent storage
+    - name: dev-ttyS2
+      hostPath:
+        path: /dev/ttyS2
+        type: CharDevice
+
+  restartPolicy: Always

lmstudio.yaml

@@ -15,6 +15,9 @@ spec:
     image: localhost/lm-studio-debian:latest
     hostname: lmstudio
     network: podman
+    env:
+      - name: TZ
+        value: "Europe/Berlin"
     ports:
       - containerPort: 1234
         hostPort: 1234
@@ -39,6 +42,9 @@ spec:
     image: ghcr.io/open-webui/open-webui:main
     hostname: webui
     network: podman
+    env:
+      - name: TZ
+        value: "Europe/Berlin"
     ports:
       - containerPort: 8080
         hostPort: 8888

mail.pod.yaml

@@ -118,7 +118,7 @@ spec:
 apiVersion: v1
 kind: Pod
 metadata:
-  name: mail-pod
+  name: mail
 spec:
   containers:
   - name: postfix
@@ -136,7 +136,7 @@ spec:
     args: ["/usr/sbin/postfix start-fg >>/dev/stdout 2>>/dev/stderr & tail -f /dev/null"]
 
   - name: dovecot
-    image: docker.io/dovecot/dovecot
+    image: cr.chaos/dovecot:latest
     ports:
     - containerPort: 143
       hostPort: 14343

rompr.pod.yaml

@@ -0,0 +1,23 @@
+#podman run -d --pull=always --replace -p 127.0.0.1:8081:80 
+#                 --mount=type=bind,source=/var/lib/rompr,destination=/rompr 
+#                   --tz=Europe/Berlin --name=rompr cr.wks/rompr:latest
+apiVersion: v1
+kind: Pod
+metadata:
+  name: rompr
+spec:
+  containers:
+    - name: rompr
+      image: cr.chaos/rompr:latest
+      ports:
+        - containerPort: 80
+          hostIP: 127.0.0.1
+          hostPort: 8081
+      volumeMounts:
+        - name: rompr-data-pvc
+          mountPath: /rompr
+  volumes:
+    - name: rompr-data-pvc
+      persistentVolumeClaim:
+        claimName: rompr-data
+  restartPolicy: Always