AverageMarcus/cluster.fun
1
0
Fork 0
Code Issues 1 Pull Requests 1 Releases Activity

Compare commits

base: AverageMarcus:abd13adebbe050635a4552f15b02c510598ab5c9
Branches Tags
AverageMarcus:master
AverageMarcus:renovate/grafana-promtail-3.x
AverageMarcus:increase_cluster_max
..
compare: AverageMarcus:244dea83ec0cbdedae0f25d90fe1dd2e25447026
Branches Tags
AverageMarcus:renovate/grafana-promtail-3.x
AverageMarcus:master
AverageMarcus:increase_cluster_max

No commits in common. "abd13adebbe050635a4552f15b02c510598ab5c9" and "244dea83ec0cbdedae0f25d90fe1dd2e25447026" have entirely different histories.
abd13adebb ... 244dea83ec

8 changed files with 612 additions and 155 deletions
Show Stats Expand all files Collapse all files

8
manifests/_apps/mastodon-to-airtable.yaml → manifests/_apps/mastodon.yaml
View File

@ -1,17 +1,17 @@
apiVersion: argoproj.io/v1alpha1 apiVersion: argoproj.io/v1alpha1
kind: Application kind: Application
metadata: metadata:
name: mastodon-to-airtable name: mastodon
namespace: argocd namespace: argocd
finalizers: finalizers:
- resources-finalizer.argocd.argoproj.io - resources-finalizer.argocd.argoproj.io
spec: spec:
project: cluster.fun project: cluster.fun
destination: destination:
namespace: mastodon-to-airtable namespace: mastodon
name: civo name: cluster-fun (scaleway)
source: source:
path: manifests/mastodon-to-airtable path: manifests/mastodon
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git" repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD targetRevision: HEAD
syncPolicy: syncPolicy:

151
manifests/mastodon-to-airtable/twitter-to-airtable.yaml
View File

@ -1,151 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: docker-config
namespace: mastodon-to-airtable
annotations:
kube-1password: i6ngbk5zf4k52xgwdwnfup5bby
kube-1password/vault: Kubernetes
kube-1password/secret-text-key: .dockerconfigjson
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: e30=
---
apiVersion: v1
kind: Secret
metadata:
name: mastodon-to-airtable-auth
namespace: mastodon-to-airtable
annotations:
kube-1password: mr6spkkx7n3memkbute6ojaarm
kube-1password/vault: Kubernetes
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
name: mastodon-to-airtable
namespace: mastodon-to-airtable
annotations:
kube-1password: kizmkmbndgu3ryrox3csev4mim
kube-1password/vault: Kubernetes
kube-1password/secret-text-parse: "true"
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
name: mastodon-to-airtable
namespace: mastodon-to-airtable
spec:
type: ClusterIP
ports:
- port: 80
targetPort: auth
name: web
selector:
app: mastodon-to-airtable
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mastodon-to-airtable
namespace: mastodon-to-airtable
spec:
replicas: 1
selector:
matchLabels:
app: mastodon-to-airtable
template:
metadata:
labels:
app: mastodon-to-airtable
spec:
imagePullSecrets:
- name: docker-config
containers:
- args:
- --cookie-secure=false
- --provider=oidc
- --provider-display-name=Auth0
- --upstream=http://localhost:8080
- --http-address=$(HOST_IP):8000
- --redirect-url=https://mastodon-to-airtable.cluster.fun/oauth2/callback
- --email-domain=marcusnoble.co.uk
- --pass-basic-auth=false
- --pass-access-token=false
- --oidc-issuer-url=https://marcusnoble.eu.auth0.com/
- --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQNFT
env:
- name: HOST_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: OAUTH2_PROXY_CLIENT_ID
valueFrom:
secretKeyRef:
key: username
name: mastodon-to-airtable-auth
- name: OAUTH2_PROXY_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: password
name: mastodon-to-airtable-auth
image: quay.io/oauth2-proxy/oauth2-proxy:v7.2.1
name: oauth-proxy
ports:
- containerPort: 8000
protocol: TCP
name: auth
resources:
limits:
memory: 50Mi
requests:
memory: 50Mi
- name: web
image: rg.fr-par.scw.cloud/averagemarcus-private/mastodon-to-airtable:latest
imagePullPolicy: Always
env:
- name: PORT
value: "8080"
envFrom:
- secretRef:
name: "mastodon-to-airtable"
ports:
- containerPort: 8080
name: web
resources:
limits:
memory: 50Mi
requests:
memory: 50Mi
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: mastodon-to-airtable
namespace: mastodon-to-airtable
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
spec:
tls:
- hosts:
- mastodon-to-airtable.cluster.fun
secretName: mastodon-to-airtable-ingress
rules:
- host: mastodon-to-airtable.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: mastodon-to-airtable
port:
number: 80

33
manifests/mastodon/config.yaml Normal file
View File

@ -0,0 +1,33 @@
apiVersion: v1
kind: Secret
metadata:
name: mastodon
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: mastodon
annotations:
kube-1password: wjhd3mxtyqslcu7sc4tfihm2dy
kube-1password/vault: Kubernetes
kube-1password/secret-text-parse: "true"
type: Opaque
---
apiVersion: v1
kind: ConfigMap
metadata:
name: mastodon-env
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: mastodon
data:
DEFAULT_LOCALE: en
LOCAL_DOMAIN: k8s.social
MALLOC_ARENA_MAX: "2"
NODE_ENV: "production"
RAILS_ENV: "production"
STREAMING_CLUSTER_NUM: "2"
WEB_CONCURRENCY: "2"
---

73
manifests/mastodon/hpa.yaml Normal file
View File

@ -0,0 +1,73 @@
# apiVersion: autoscaling/v2beta2
# kind: HorizontalPodAutoscaler
# metadata:
# name: mastodon-web
# namespace: mastodon
# labels:
# app.kubernetes.io/name: mastodon
# app.kubernetes.io/instance: "k8s.social"
# app.kubernetes.io/component: web
# spec:
# scaleTargetRef:
# apiVersion: apps/v1
# kind: Deployment
# name: mastodon-web
# minReplicas: 2
# maxReplicas: 6
# metrics:
# - type: Resource
# resource:
# name: cpu
# target:
# averageUtilization: 80
# type: Utilization
# ---
# apiVersion: autoscaling/v2beta2
# kind: HorizontalPodAutoscaler
# metadata:
# name: mastodon-sidekiq
# namespace: mastodon
# labels:
# app.kubernetes.io/name: mastodon
# app.kubernetes.io/instance: "k8s.social"
# app.kubernetes.io/component: sidekiq
# spec:
# scaleTargetRef:
# apiVersion: apps/v1
# kind: Deployment
# name: mastodon-sidekiq
# minReplicas: 2
# maxReplicas: 6
# metrics:
# - type: Resource
# resource:
# name: cpu
# target:
# averageUtilization: 80
# type: Utilization
# ---
# apiVersion: autoscaling/v2beta2
# kind: HorizontalPodAutoscaler
# metadata:
# name: mastodon-streaming
# namespace: mastodon
# labels:
# app.kubernetes.io/name: mastodon
# app.kubernetes.io/instance: "k8s.social"
# app.kubernetes.io/component: streaming
# spec:
# scaleTargetRef:
# apiVersion: apps/v1
# kind: Deployment
# name: mastodon-streaming
# minReplicas: 2
# maxReplicas: 6
# metrics:
# - type: Resource
# resource:
# name: cpu
# target:
# averageUtilization: 80
# type: Utilization
# ---

38
manifests/mastodon/ingess.yaml Normal file
View File

@ -0,0 +1,38 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: mastodon
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: 40m
spec:
tls:
- hosts:
- "k8s.social"
- "streaming.k8s.social"
secretName: mastodon-tls
rules:
- host: "k8s.social"
http:
paths:
- path: /
backend:
service:
name: mastodon-web
port:
number: 3000
pathType: ImplementationSpecific
- path: /api/v1/streaming
backend:
service:
name: mastodon-streaming
port:
number: 4000
pathType: ImplementationSpecific
---

294
manifests/mastodon/mastodon.yaml Normal file
View File

@ -0,0 +1,294 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: mastodon
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
---
apiVersion: v1
kind: Service
metadata:
name: mastodon-streaming
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: streaming
spec:
type: ClusterIP
ports:
- port: 4000
targetPort: streaming
protocol: TCP
name: streaming
selector:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: streaming
---
apiVersion: v1
kind: Service
metadata:
name: mastodon-web
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: web
spec:
type: ClusterIP
ports:
- port: 3000
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: web
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mastodon-sidekiq
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: sidekiq
annotations:
configmap.reloader.stakater.com/reload: "mastodon-env"
secret.reloader.stakater.com/reload: "mastodon"
spec:
replicas: 0
selector:
matchLabels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: sidekiq
template:
metadata:
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: sidekiq
spec:
serviceAccountName: mastodon
securityContext:
fsGroup: 991
runAsGroup: 991
runAsUser: 991
containers:
- name: mastodon
image: "tootsuite/mastodon:v3.5.3"
imagePullPolicy: IfNotPresent
command:
- bundle
- exec
- sidekiq
- -c
- "25"
envFrom:
- configMapRef:
name: mastodon-env
- secretRef:
name: mastodon
resources:
requests:
memory: 400Mi
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: "app.kubernetes.io/name"
operator: In
values:
- mastodon
- key: "app.kubernetes.io/instance"
operator: In
values:
- "k8s.social"
- key: "app.kubernetes.io/component"
operator: In
values:
- sidekiq
topologyKey: kubernetes.io/hostname
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mastodon-streaming
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: streaming
annotations:
configmap.reloader.stakater.com/reload: "mastodon-env"
secret.reloader.stakater.com/reload: "mastodon"
spec:
replicas: 0
selector:
matchLabels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: streaming
template:
metadata:
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: streaming
spec:
serviceAccountName: mastodon
securityContext:
fsGroup: 991
runAsGroup: 991
runAsUser: 991
containers:
- name: mastodon
image: "tootsuite/mastodon:v3.5.3"
imagePullPolicy: IfNotPresent
command:
- node
- ./streaming
envFrom:
- configMapRef:
name: mastodon-env
- secretRef:
name: mastodon
env:
- name: "PORT"
value: "4000"
ports:
- name: streaming
containerPort: 4000
protocol: TCP
livenessProbe:
httpGet:
path: /api/v1/streaming/health
port: streaming
readinessProbe:
httpGet:
path: /api/v1/streaming/health
port: streaming
resources:
requests:
memory: 200Mi
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: "app.kubernetes.io/name"
operator: In
values:
- mastodon
- key: "app.kubernetes.io/instance"
operator: In
values:
- "k8s.social"
- key: "app.kubernetes.io/component"
operator: In
values:
- streaming
topologyKey: kubernetes.io/hostname
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mastodon-web
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: web
annotations:
configmap.reloader.stakater.com/reload: "mastodon-env"
secret.reloader.stakater.com/reload: "mastodon"
spec:
replicas: 0
selector:
matchLabels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: web
template:
metadata:
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: web
spec:
serviceAccountName: mastodon
securityContext:
fsGroup: 991
runAsGroup: 991
runAsUser: 991
containers:
- name: mastodon
image: "tootsuite/mastodon:v3.5.3"
imagePullPolicy: IfNotPresent
command:
- bundle
- exec
- puma
- -C
- config/puma.rb
envFrom:
- configMapRef:
name: mastodon-env
- secretRef:
name: mastodon
env:
- name: "PORT"
value: "3000"
ports:
- name: http
containerPort: 3000
protocol: TCP
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 30
periodSeconds: 10
resources:
requests:
memory: 700Mi
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: "app.kubernetes.io/name"
operator: In
values:
- mastodon
- key: "app.kubernetes.io/instance"
operator: In
values:
- "k8s.social"
- key: "app.kubernetes.io/component"
operator: In
values:
- web
topologyKey: kubernetes.io/hostname
---

41
manifests/mastodon/pdb.yaml Normal file
View File

@ -0,0 +1,41 @@
# apiVersion: policy/v1
# kind: PodDisruptionBudget
# metadata:
# name: mastodon-web
# spec:
# minAvailable: 1
# selector:
# matchLabels:
# app.kubernetes.io/name: mastodon
# app.kubernetes.io/instance: "k8s.social"
# app.kubernetes.io/component: web
# ---
# apiVersion: policy/v1
# kind: PodDisruptionBudget
# metadata:
# name: mastodon-streaming
# spec:
# minAvailable: 1
# selector:
# matchLabels:
# app.kubernetes.io/name: mastodon
# app.kubernetes.io/instance: "k8s.social"
# app.kubernetes.io/component: streaming
# ---
# apiVersion: policy/v1
# kind: PodDisruptionBudget
# metadata:
# name: mastodon-sidekiq
# spec:
# minAvailable: 1
# selector:
# matchLabels:
# app.kubernetes.io/name: mastodon
# app.kubernetes.io/instance: "k8s.social"
# app.kubernetes.io/component: sidekiq
# ---

129
manifests/mastodon/utils.yaml Normal file
View File

@ -0,0 +1,129 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: mastodon-media-remove
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: utils
annotations:
description: |
Runs weekly to remove old media
spec:
schedule: 0 0 * * 0
jobTemplate:
spec:
backoffLimit: 3
ttlSecondsAfterFinished: 86400
template:
metadata:
name: mastodon-media-remove
spec:
restartPolicy: OnFailure
containers:
- name: mastodon-media-remove
image: "tootsuite/mastodon:v3.5.3"
imagePullPolicy: IfNotPresent
command:
- bash
- -c
- |
bin/tootctl media remove
bin/tootctl preview_cards remove
envFrom:
- configMapRef:
name: mastodon-env
- secretRef:
name: mastodon
env:
- name: "PORT"
value: "3000"
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: mastodon-assets-precompile
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: utils
annotations:
description: |
Manually trigger post-install to pre-compile the assets
spec:
schedule: 0 0 * * 0
suspend: true
jobTemplate:
spec:
backoffLimit: 3
ttlSecondsAfterFinished: 86400
template:
metadata:
name: mastodon-assets-precompile
spec:
restartPolicy: OnFailure
containers:
- name: mastodon-assets-precompile
image: "tootsuite/mastodon:v3.5.3"
imagePullPolicy: IfNotPresent
command:
- bash
- -c
- |
bundle exec rake assets:precompile && yarn cache clean
envFrom:
- configMapRef:
name: mastodon-env
- secretRef:
name: mastodon
env:
- name: "PORT"
value: "3000"
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: mastodon-db-migrate
namespace: mastodon
labels:
app.kubernetes.io/name: mastodon
app.kubernetes.io/instance: "k8s.social"
app.kubernetes.io/component: utils
annotations:
description: |
Manually trigger post-install/upgrade to migrate the database schema
spec:
schedule: 0 0 * * 0
suspend: true
jobTemplate:
spec:
backoffLimit: 3
ttlSecondsAfterFinished: 86400
template:
metadata:
name: mastodon-db-migrate
spec:
restartPolicy: OnFailure
containers:
- name: mastodon-db-migrate
image: "tootsuite/mastodon:v3.5.3"
imagePullPolicy: IfNotPresent
command:
- bundle
- exec
- rake
- db:migrate
envFrom:
- configMapRef:
name: mastodon-env
- secretRef:
name: mastodon
env:
- name: "PORT"
value: "3000"
---