eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions

Add Hajimari service dashboard at go.ops.eblu.me

Browse source 
- Add Hajimari ArgoCD application and Helm values
- Configure auto-discovery from k8s ingresses
- Add custom apps for non-k8s services: Forge, Registry, Sifaka NAS
- Add hajimari.io annotations to all ingresses with ops.eblu.me URLs
- Add Caddy proxy entries for go.ops.eblu.me and nas.ops.eblu.me

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Erich Blume 2026-01-29 15:40:22 -08:00
commit e3451cd04d
14 changed files with 174 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
ansible/roles/caddy/defaults/main.yml
View file

@ -61,6 +61,12 @@ caddy_services:
- name: immich
host: "photos.{{ caddy_domain }}"
backend: "https://photos.tail8d86e.ts.net"
- name: hajimari
host: "go.{{ caddy_domain }}"
backend: "https://go.tail8d86e.ts.net"
- name: sifaka
host: "nas.{{ caddy_domain }}"
backend: "http://sifaka:5000"
# Layer 4 (TCP) services
# Format: { port: external_port, backend: "host:port" }

32
argocd/apps/hajimari.yaml Normal file
View file

@ -0,0 +1,32 @@
# Hajimari - Service Dashboard / Start Page
#
# Chart mirrored from https://github.com/toboshii/hajimari to forge
#
# Auto-discovers k8s services via ingress annotations and displays
# custom apps for non-k8s services (Forge, Registry, NAS).
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: hajimari
namespace: argocd
spec:
project: default
sources:
# Helm chart from forge mirror (SSH via egress)
- repoURL: ssh://forgejo@forge.ops.eblu.me:2222/eblume/hajimari.git
targetRevision: main
path: charts/hajimari
helm:
releaseName: hajimari
valueFiles:
- $values/argocd/manifests/hajimari/values.yaml
# Values from our git repo
- repoURL: ssh://forgejo@forge.ops.eblu.me:2222/eblume/blumeops.git
targetRevision: main
ref: values
destination:
server: https://kubernetes.default.svc
namespace: hajimari
syncPolicy:
syncOptions:
- CreateNamespace=true

6
argocd/manifests/argocd/service-tailscale.yaml
View file

@ -11,6 +11,12 @@ metadata:
namespace: argocd
annotations:
tailscale.com/proxy-class: "default"
hajimari.io/enable: "true"
hajimari.io/url: "https://argocd.ops.eblu.me"
hajimari.io/icon: "simple-icons:argo"
hajimari.io/appName: "ArgoCD"
hajimari.io/group: "Infrastructure"
hajimari.io/info: "GitOps continuous delivery"
spec:
ingressClassName: tailscale
defaultBackend:

6
argocd/manifests/devpi/ingress-tailscale.yaml
View file

@ -5,6 +5,12 @@ metadata:
namespace: devpi
annotations:
tailscale.com/proxy-class: "default"
hajimari.io/enable: "true"
hajimari.io/url: "https://pypi.ops.eblu.me"
hajimari.io/icon: "simple-icons:pypi"
hajimari.io/appName: "PyPI"
hajimari.io/group: "Infrastructure"
hajimari.io/info: "Python package cache (devpi)"
spec:
ingressClassName: tailscale
defaultBackend:

6
argocd/manifests/grafana-config/ingress-tailscale.yaml
View file

@ -9,6 +9,12 @@ metadata:
namespace: monitoring
annotations:
tailscale.com/proxy-class: "default"
hajimari.io/enable: "true"
hajimari.io/url: "https://grafana.ops.eblu.me"
hajimari.io/icon: "simple-icons:grafana"
hajimari.io/appName: "Grafana"
hajimari.io/group: "Observability"
hajimari.io/info: "Dashboards & metrics visualization"
spec:
ingressClassName: tailscale
defaultBackend:

22
argocd/manifests/hajimari/ingress-tailscale.yaml Normal file
View file

@ -0,0 +1,22 @@
# Tailscale Ingress for Hajimari
# Exposes Hajimari at https://go.tail8d86e.ts.net with Let's Encrypt TLS
# Caddy proxies go.ops.eblu.me -> this endpoint
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: hajimari-tailscale
namespace: hajimari
annotations:
tailscale.com/proxy-class: "default"
# Don't show Hajimari in its own dashboard
hajimari.io/enable: "false"
spec:
ingressClassName: tailscale
defaultBackend:
service:
name: hajimari
port:
number: 3000
tls:
- hosts:
- go

54
argocd/manifests/hajimari/values.yaml Normal file
View file

@ -0,0 +1,54 @@
# Hajimari values for blumeops
# Service dashboard at go.ops.eblu.me
# Page settings
hajimari:
title: BlumeOps
name: Erich
defaultEnable: true
# Discover ingresses from all namespaces
namespaceSelector:
any: true
# Non-k8s services (hosted on indri or LAN)
customApps:
- group: Infrastructure
apps:
- name: Forgejo
url: https://forge.ops.eblu.me
icon: simple-icons:forgejo
info: Git forge & CI/CD
- name: Registry
url: https://registry.ops.eblu.me
icon: mdi:docker
info: Container registry (Zot)
- name: Sifaka NAS
url: https://nas.ops.eblu.me
icon: simple-icons:synology
info: Synology NAS dashboard
# Useful external bookmarks
globalBookmarks:
- group: Docs
bookmarks:
- name: Tailscale Admin
url: https://login.tailscale.com/admin
- name: 1Password
url: https://my.1password.com
- name: Pulumi
url: https://app.pulumi.com/eblume/blumeops-tailnet
# Service account for reading ingresses across namespaces
serviceAccount:
create: true
# Ingress is handled separately via ingress-tailscale.yaml
ingress:
main:
enabled: false
# No persistence needed - config is in values.yaml
persistence:
data:
enabled: false

6
argocd/manifests/immich/ingress-tailscale.yaml
View file

@ -8,6 +8,12 @@ metadata:
namespace: immich
annotations:
tailscale.com/funnel: "false"
hajimari.io/enable: "true"
hajimari.io/url: "https://photos.ops.eblu.me"
hajimari.io/icon: "mdi:image-multiple"
hajimari.io/appName: "Immich"
hajimari.io/group: "Apps"
hajimari.io/info: "Photo management"
spec:
ingressClassName: tailscale
rules:

6
argocd/manifests/kiwix/ingress-tailscale.yaml
View file

@ -6,6 +6,12 @@ metadata:
namespace: kiwix
annotations:
tailscale.com/proxy-class: "default"
hajimari.io/enable: "true"
hajimari.io/url: "https://kiwix.ops.eblu.me"
hajimari.io/icon: "mdi:wikipedia"
hajimari.io/appName: "Kiwix"
hajimari.io/group: "Apps"
hajimari.io/info: "Offline Wikipedia & ZIM archives"
spec:
ingressClassName: tailscale
defaultBackend:

6
argocd/manifests/loki/ingress-tailscale.yaml
View file

@ -7,6 +7,12 @@ metadata:
namespace: monitoring
annotations:
tailscale.com/funnel: "false"
hajimari.io/enable: "true"
hajimari.io/url: "https://loki.ops.eblu.me"
hajimari.io/icon: "mdi:text-box-search"
hajimari.io/appName: "Loki"
hajimari.io/group: "Observability"
hajimari.io/info: "Log aggregation"
spec:
ingressClassName: tailscale
rules:

6
argocd/manifests/miniflux/ingress-tailscale.yaml
View file

@ -5,6 +5,12 @@ metadata:
namespace: miniflux
annotations:
tailscale.com/proxy-class: "default"
hajimari.io/enable: "true"
hajimari.io/url: "https://feed.ops.eblu.me"
hajimari.io/icon: "mdi:rss"
hajimari.io/appName: "Miniflux"
hajimari.io/group: "Apps"
hajimari.io/info: "RSS feed reader"
spec:
ingressClassName: tailscale
defaultBackend:

6
argocd/manifests/prometheus/ingress-tailscale.yaml
View file

@ -7,6 +7,12 @@ metadata:
namespace: monitoring
annotations:
tailscale.com/funnel: "false"
hajimari.io/enable: "true"
hajimari.io/url: "https://prometheus.ops.eblu.me"
hajimari.io/icon: "simple-icons:prometheus"
hajimari.io/appName: "Prometheus"
hajimari.io/group: "Observability"
hajimari.io/info: "Metrics collection & storage"
spec:
ingressClassName: tailscale
rules:

6
argocd/manifests/teslamate/ingress-tailscale.yaml
View file

@ -5,6 +5,12 @@ metadata:
namespace: teslamate
annotations:
tailscale.com/proxy-class: "default"
hajimari.io/enable: "true"
hajimari.io/url: "https://tesla.ops.eblu.me"
hajimari.io/icon: "simple-icons:tesla"
hajimari.io/appName: "TeslaMate"
hajimari.io/group: "Apps"
hajimari.io/info: "Tesla data logger"
spec:
ingressClassName: tailscale
defaultBackend:

6
argocd/manifests/torrent/ingress-tailscale.yaml
View file

@ -6,6 +6,12 @@ metadata:
namespace: torrent
annotations:
tailscale.com/proxy-class: "default"
hajimari.io/enable: "true"
hajimari.io/url: "https://torrent.ops.eblu.me"
hajimari.io/icon: "mdi:download"
hajimari.io/appName: "Transmission"
hajimari.io/group: "Apps"
hajimari.io/info: "BitTorrent daemon"
spec:
ingressClassName: tailscale
defaultBackend: