AverageMarcus/cluster.fun
1
0
Fork 0
Code Issues 1 Pull Requests 2 Releases Activity

Compare commits

base: AverageMarcus:ea22b42e83dc5b82ef05b9018af6368a322fe243
Branches Tags
AverageMarcus:master AverageMarcus:renovate/rancher-mirrored-library-traefik-3.x AverageMarcus:renovate/grafana-promtail-3.x AverageMarcus:increase_cluster_max
..
compare: AverageMarcus:master
Branches Tags
AverageMarcus:renovate/rancher-mirrored-library-traefik-3.x AverageMarcus:renovate/grafana-promtail-3.x AverageMarcus:master AverageMarcus:increase_cluster_max

37 Commits
ea22b42e83 ... master

Author SHA1 Message Date
Marcus Noble
68a06195e9 Bump mealie memory 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-22 06:17:30 +01:00
Marcus Noble
b8e08002dd Added ephemeral-storage-exporter 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-20 10:57:39 +01:00
Marcus Noble
3fa3703b27 Mark monitoring apps as critical 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-20 10:42:09 +01:00
Marcus Noble
84fbd628db Bump mealie memory 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-20 09:51:03 +01:00
Marcus Noble
32158e4cef Clean up some metric labels 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-20 08:56:24 +01:00
Marcus Noble
7c52a9dc34 Added cadvisor 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-20 08:43:59 +01:00
Marcus Noble
8d2ab9205a Merge pull request 'Update ghcr.io/miniflux/miniflux Docker tag to v2.2.13' (#561) from renovate/ghcr.io-miniflux-miniflux-2.x into master 
Reviewed-on: #561
 2025-09-19 07:15:26 +00:00
Renovate Bot
e2fafc6a7e Update ghcr.io/miniflux/miniflux Docker tag to v2.2.13 2025-09-19 03:07:13 +00:00
Marcus Noble
375343d100 Merge pull request 'Update outlinewiki/outline Docker tag to v0.87.4' (#560) from renovate/outlinewiki-outline-0.x into master 
Reviewed-on: #560
 2025-09-18 06:44:06 +00:00
Renovate Bot
0eb69ef4f5 Update outlinewiki/outline Docker tag to v0.87.4 2025-09-18 03:11:54 +00:00
Marcus Noble
de9197d740 Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.126.0' (#559) from renovate/victoriametrics into master 
Reviewed-on: #559
 2025-09-16 06:57:17 +00:00
Marcus Noble
abbc4fc453 Merge pull request 'Update nextcloud Docker tag to v31.0.9' (#558) from renovate/nextcloud-31.x into master 
Reviewed-on: #558
 2025-09-16 06:57:14 +00:00
Marcus Noble
77d24ae009 Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3.2.1' (#557) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master 
Reviewed-on: #557
 2025-09-16 06:57:10 +00:00
Renovate Bot
193406e7df Update victoriametrics/vmagent Docker tag to v1.126.0 2025-09-16 03:21:54 +00:00
Renovate Bot
c15da69d83 Update nextcloud Docker tag to v31.0.9 2025-09-16 03:21:39 +00:00
Renovate Bot
23a6d889f1 Update ghcr.io/mealie-recipes/mealie Docker tag to v3.2.1 2025-09-16 03:21:36 +00:00
Marcus Noble
57ac458504 Fix svg-to-dxf 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-14 16:14:01 +01:00
Marcus Noble
e53a02014a Cleaned up old civo cluster resources 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-14 16:02:19 +01:00
Marcus Noble
eefb79771f Added priority classes 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-14 15:56:31 +01:00
Marcus Noble
a3f8762679 Increase mealie cpu limit 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-14 15:42:08 +01:00
Marcus Noble
6e064edb7c Bump mealie cpu 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-14 15:39:32 +01:00
Marcus Noble
0243dc08e7 Increased memory requests 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-14 15:38:00 +01:00
Marcus Noble
a6ce82e001 Bump mealie CPU to 80m 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-14 15:34:30 +01:00
Marcus Noble
68d172423c Increased melie CPU 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-14 15:31:46 +01:00
Marcus Noble
390986ffaa Increased mioniflux archive days 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-14 08:25:08 +01:00
Marcus Noble
44b8088899 Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3.2.0' (#556) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master 
Reviewed-on: #556
 2025-09-14 07:15:40 +00:00
Renovate Bot
6de863bba5 Update ghcr.io/mealie-recipes/mealie Docker tag to v3.2.0 2025-09-14 03:12:27 +00:00
Marcus Noble
4ea8bf9acd Set nextcloud resources 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-13 20:35:42 +01:00
Marcus Noble
c3053250a3 Set resources for Mealie 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-13 20:18:44 +01:00
Marcus Noble
91a3cc22b0 Add flags to dashboard too 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-13 20:10:13 +01:00
Marcus Noble
d97cdc1bdc Reduce dashboard replica count 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-13 20:08:51 +01:00
Marcus Noble
435cee3116 Enable for all namespaces 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-13 20:06:31 +01:00
Marcus Noble
5950568286 Ensure namespace created 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-13 20:04:10 +01:00
Marcus Noble
2d6faab122 Merge branch 'master' of https://git.cluster.fun/averagemarcus/cluster.fun 2025-09-13 20:02:13 +01:00
Marcus Noble
2eca62bf5d Added Goldilocks 
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
 2025-09-13 20:02:05 +01:00
Marcus Noble
aa3c98d453 Merge pull request 'Update gitea/gitea Docker tag to v1.24.6' (#555) from renovate/gitea-gitea-1.x into master 
Reviewed-on: #555
 2025-09-13 17:41:11 +00:00
Renovate Bot
b334e52544 Update gitea/gitea Docker tag to v1.24.6 2025-09-12 03:06:04 +00:00
38 changed files with 398 additions and 1063 deletions
Expand all files Collapse all files

24
manifests/_apps/certmanager_chart.yaml
View File

@@ -1,27 +1,3 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cert-manager-civo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: cert-manager
name: civo
source:
path: manifests/certmanager-civo
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:

35
manifests/_apps/goldilocks.yaml Normal file
View File

@@ -0,0 +1,35 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-fun-goldilocks
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: goldilocks
name: cluster-fun (v2)
source:
repoURL: 'https://charts.fairwinds.com/stable'
targetRevision: 10.1.0
chart: goldilocks
helm:
version: v3
values: |-
vpa:
enabled: true
controller:
flags:
on-by-default: true
dashboard:
flags:
on-by-default: true
replicaCount: 1
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
---

24
manifests/_apps/monitoring-civo.yaml
View File

@@ -1,24 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: monitoring-civo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: monitoring
name: civo
source:
path: manifests/monitoring-civo
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data

7
manifests/_apps/traefik.yaml → manifests/_apps/priority-classes.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: traefik-civo
name: cluster-fun-priority-classes
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
@@ -9,9 +9,9 @@ spec:
project: cluster.fun
destination:
namespace: kube-system
name: civo
name: cluster-fun (v2)
source:
path: manifests/traefik
path: manifests/priority-classes
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
@@ -22,3 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
---

24
manifests/_apps/proxy-civo.yaml
View File

@@ -1,24 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: proxy-civo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: proxy-civo
name: civo
source:
path: manifests/proxy-civo
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data

23
manifests/_apps/reloader.yaml
View File

@@ -21,26 +21,3 @@ spec:
jsonPointers:
- /data
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-fun-reloader-civo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: kube-system
name: civo
source:
repoURL: 'https://stakater.github.io/stakater-charts'
targetRevision: v0.0.89
chart: reloader
syncPolicy:
automated: {}
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
---

4
manifests/_apps/svg-to-dxf.yaml
View File

@@ -9,9 +9,9 @@ spec:
project: cluster.fun
destination:
namespace: svg-to-dxf
name: civo
source:
name: cluster-fun (v2)
source:
path: manifests/svg-to-dxf
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:

4
manifests/_apps/text-to-dxf.yaml
View File

@@ -9,9 +9,9 @@ spec:
project: cluster.fun
destination:
namespace: text-to-dxf
name: civo
source:
name: cluster-fun (v2)
source:
path: manifests/text-to-dxf
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:

5
manifests/auth-proxy/proxy.yaml
View File

@@ -38,6 +38,7 @@ spec:
labels:
app: internal-proxy
spec:
priorityClassName: critical
serviceAccountName: default
dnsPolicy: ClusterFirst
dnsConfig:
@@ -101,9 +102,9 @@ spec:
protocol: TCP
resources:
limits:
memory: 50Mi
memory: 80Mi
requests:
memory: 50Mi
memory: 80Mi
volumes:
- name: host-mappings
configMap:

1
manifests/base64/base64.yaml
View File

@@ -29,6 +29,7 @@ spec:
spec:
imagePullSecrets:
- name: docker-config
priorityClassName: low
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/base64:latest

23
manifests/certmanager-civo/certmanager_chart.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: cert-manager
labels:
certmanager.k8s.io/disable-validation: "true"
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: letsencrypt@marcusnoble.co.uk
privateKeySecretRef:
name: letsencrypt
solvers:
- http01:
ingress:
class: traefik

1
manifests/civo-versions/civo-versions.yaml
View File

@@ -38,6 +38,7 @@ spec:
labels:
app: civo-versions
spec:
priorityClassName: low
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/civo-versions:latest

3
manifests/gitea/gitea.yaml
View File

@@ -40,9 +40,10 @@ spec:
labels:
app: git
spec:
priorityClassName: critical
containers:
- name: git
image: gitea/gitea:1.24.5
image: gitea/gitea:1.24.6
env:
- name: APP_NAME
value: "Git"

1
manifests/grist/grist.yaml
View File

@@ -70,6 +70,7 @@ spec:
app.kubernetes.io/name: grist
spec:
serviceAccountName: grist
priorityClassName: critical
containers:
- name: grist
image: gristlabs/grist-oss:1.7.3

1
manifests/link/link.yaml
View File

@@ -69,6 +69,7 @@ spec:
labels:
app: link
spec:
priorityClassName: critical
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/link:latest

1
manifests/mastodon-digest/mastodon_digest.yaml
View File

@@ -123,6 +123,7 @@ spec:
spec:
imagePullSecrets:
- name: docker-config
priorityClassName: low
containers:
- args:
- --cookie-secure=false

12
manifests/mealie/mealie.yaml
View File

@@ -28,9 +28,10 @@ spec:
labels:
app: mealie
spec:
priorityClassName: critical
containers:
- name: frontend
image: ghcr.io/mealie-recipes/mealie:v3.1.2
image: ghcr.io/mealie-recipes/mealie:v3.2.1
imagePullPolicy: Always
envFrom:
- secretRef:
@@ -68,12 +69,18 @@ spec:
volumeMounts:
- mountPath: /app/data
name: data
resources:
requests:
cpu: 200m
memory: 650M
limits:
cpu: 1000m
memory: 650M
volumes:
- name: data
persistentVolumeClaim:
claimName: mealie
---
apiVersion: v1
@@ -91,7 +98,6 @@ spec:
app: mealie
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:

255
manifests/monitoring-civo/kube-state-metrics.yaml
View File

@@ -1,255 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-state-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: kube-state-metrics
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
name: kube-state-metrics
rules:
- apiGroups: ["certificates.k8s.io"]
resources:
- certificatesigningrequests
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- configmaps
verbs: ["list", "watch"]
- apiGroups: ["batch"]
resources:
- cronjobs
verbs: ["list", "watch"]
- apiGroups: ["extensions", "apps"]
resources:
- daemonsets
verbs: ["list", "watch"]
- apiGroups: ["extensions", "apps"]
resources:
- deployments
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- endpoints
verbs: ["list", "watch"]
- apiGroups: ["autoscaling"]
resources:
- horizontalpodautoscalers
verbs: ["list", "watch"]
- apiGroups: ["extensions", "networking.k8s.io"]
resources:
- ingresses
verbs: ["list", "watch"]
- apiGroups: ["batch"]
resources:
- jobs
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- limitranges
verbs: ["list", "watch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources:
- mutatingwebhookconfigurations
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- namespaces
verbs: ["list", "watch"]
- apiGroups: ["networking.k8s.io"]
resources:
- networkpolicies
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- nodes
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- persistentvolumeclaims
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- persistentvolumes
verbs: ["list", "watch"]
- apiGroups: ["policy"]
resources:
- poddisruptionbudgets
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- pods
verbs: ["list", "watch"]
- apiGroups: ["extensions", "apps"]
resources:
- replicasets
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- replicationcontrollers
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- resourcequotas
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- secrets
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- services
verbs: ["list", "watch"]
- apiGroups: ["apps"]
resources:
- statefulsets
verbs: ["list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources:
- storageclasses
verbs: ["list", "watch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources:
- validatingwebhookconfigurations
verbs: ["list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources:
- volumeattachments
verbs: ["list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
name: kube-state-metrics
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kube-state-metrics
subjects:
- kind: ServiceAccount
name: kube-state-metrics
namespace: monitoring
---
apiVersion: v1
kind: Service
metadata:
name: kube-state-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: kube-state-metrics
annotations:
prometheus.io/scrape: 'true'
spec:
type: "ClusterIP"
ports:
- name: "http"
protocol: TCP
port: 8080
targetPort: 8080
selector:
app.kubernetes.io/name: kube-state-metrics
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kube-state-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: kube-state-metrics
spec:
selector:
matchLabels:
app.kubernetes.io/name: kube-state-metrics
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
spec:
serviceAccountName: kube-state-metrics
securityContext:
fsGroup: 65534
runAsGroup: 65534
runAsUser: 65534
containers:
- name: kube-state-metrics
args:
#- --resources=certificatesigningrequests
- --resources=configmaps
- --resources=cronjobs
- --resources=daemonsets
- --resources=deployments
#- --resources=endpoints
#- --resources=horizontalpodautoscalers
- --resources=ingresses
- --resources=jobs
#- --resources=limitranges
- --resources=mutatingwebhookconfigurations
- --resources=namespaces
#- --resources=networkpolicies
- --resources=nodes
- --resources=persistentvolumeclaims
- --resources=persistentvolumes
- --resources=poddisruptionbudgets
- --resources=pods
- --resources=replicasets
#- --resources=replicationcontrollers
#- --resources=resourcequotas
- --resources=secrets
- --resources=services
- --resources=statefulsets
- --resources=storageclasses
- --resources=validatingwebhookconfigurations
#- --resources=volumeattachments
imagePullPolicy: IfNotPresent
image: "registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.17.0"
ports:
- containerPort: 8080
livenessProbe:
httpGet:
path: /healthz
port: 8080
initialDelaySeconds: 5
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /
port: 8080
initialDelaySeconds: 5
timeoutSeconds: 5
---

64
manifests/monitoring-civo/prometheus-server.yaml
View File

@@ -1,64 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: prometheus-server
namespace: monitoring
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
name: prometheus-server
rules:
- apiGroups:
- ""
resources:
- nodes
- nodes/proxy
- nodes/metrics
- services
- endpoints
- pods
- ingresses
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses/status
- ingresses
verbs:
- get
- list
- watch
- nonResourceURLs:
- "/metrics"
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
name: prometheus-server
subjects:
- kind: ServiceAccount
name: prometheus-server
namespace: monitoring
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus-server
---

292
manifests/monitoring-civo/promtail.yaml
View File

@@ -1,292 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: promtail
namespace: monitoring
labels:
app.kubernetes.io/name: promtail
---
apiVersion: v1
kind: ConfigMap
metadata:
name: promtail
namespace: monitoring
labels:
app.kubernetes.io/name: promtail
data:
promtail.yaml: |
client:
backoff_config:
max_period: 5m
max_retries: 10
min_period: 500ms
batchsize: 1048576
batchwait: 1s
external_labels: {}
timeout: 10s
positions:
filename: /run/promtail/positions.yaml
server:
http_listen_port: 3101
clients:
- url: http://loki-distributed.proxy-civo.svc:80/loki/api/v1/push
external_labels:
kubernetes_cluster: civo
target_config:
sync_period: 10s
scrape_configs:
- job_name: kubernetes-pods
pipeline_stages:
- docker: {}
- cri: {}
- match:
selector: '{app="weave-net"}'
action: drop
- match:
selector: '{filename=~".*konnectivity.*"}'
action: drop
- match:
selector: '{name=~".*"} |~ ".*/healthz.*"'
action: drop
- match:
selector: '{name=~".*"} |~ ".*/api/health.*"'
action: drop
- match:
selector: '{name=~".*"} |~ ".*kube-probe/.*"'
action: drop
- match:
selector: '{app="internal-proxy"}'
action: drop
- match:
selector: '{app="non-auth-proxy"}'
action: drop
- match:
selector: '{app="vpa"}'
action: drop
- match:
selector: '{app="promtail"}'
action: drop
- match:
selector: '{app="csi-node"}'
action: drop
- match:
selector: '{app="victoria-metrics"}'
action: drop
- match:
selector: '{app="git-sync"}'
action: drop
- match:
selector: '{app="ingress-nginx"}'
stages:
- json:
expressions:
request_host: host
request_path: path
request_method: method
response_status: status
- drop:
source: "request_path"
value: "/healthz"
- drop:
source: "request_path"
value: "/health"
- labels:
request_host:
request_method:
response_status:
- match:
selector: '{app="traefik"}'
stages:
- json:
expressions:
request_host: RequestHost
request_path: RequestPath
request_method: RequestMethod
response_status: OriginStatus
- drop:
source: "request_path"
value: "/healthz"
- drop:
source: "request_path"
value: "/health"
- drop:
source: "request_path"
value: "/ping"
- labels:
request_host:
request_method:
response_status:
kubernetes_sd_configs:
- role: pod
relabel_configs:
- source_labels:
- __meta_kubernetes_pod_controller_name
regex: ([0-9a-z-.]+?)(-[0-9a-f]{8,10})?
action: replace
target_label: __tmp_controller_name
- source_labels:
- __meta_kubernetes_pod_label_app_kubernetes_io_name
- __meta_kubernetes_pod_label_app
- __tmp_controller_name
- __meta_kubernetes_pod_name
regex: ^;*([^;]+)(;.*)?$
action: replace
target_label: app
- source_labels:
- __meta_kubernetes_pod_label_app_kubernetes_io_component
- __meta_kubernetes_pod_label_component
regex: ^;*([^;]+)(;.*)?$
action: replace
target_label: component
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: node_name
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: namespace
- action: replace
replacement: $1
separator: /
source_labels:
- namespace
- app
target_label: job
- action: replace
source_labels:
- __meta_kubernetes_pod_name
target_label: pod
- action: replace
source_labels:
- __meta_kubernetes_pod_container_name
target_label: container
- action: replace
replacement: /var/log/pods/*$1/*.log
separator: /
source_labels:
- __meta_kubernetes_pod_uid
- __meta_kubernetes_pod_container_name
target_label: __path__
- action: replace
replacement: /var/log/pods/*$1/*.log
regex: true/(.*)
separator: /
source_labels:
- __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash
- __meta_kubernetes_pod_annotation_kubernetes_io_config_hash
- __meta_kubernetes_pod_container_name
target_label: __path__
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: promtail-clusterrole
labels:
app.kubernetes.io/name: promtail
rules:
- apiGroups: [""] # "" indicates the core API group
resources:
- nodes
- nodes/proxy
- services
- endpoints
- pods
verbs: ["get", "watch", "list"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: promtail-clusterrolebinding
labels:
app.kubernetes.io/name: promtail
subjects:
- kind: ServiceAccount
name: promtail
namespace: monitoring
roleRef:
kind: ClusterRole
name: promtail-clusterrole
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: promtail
namespace: monitoring
labels:
app.kubernetes.io/name: promtail
annotations:
configmap.reloader.stakater.com/reload: "promtail"
spec:
selector:
matchLabels:
app.kubernetes.io/name: promtail
template:
metadata:
labels:
app.kubernetes.io/name: promtail
annotations:
prometheus.io/port: http-metrics
prometheus.io/scrape: "true"
spec:
serviceAccountName: promtail
containers:
- name: promtail
image: "grafana/promtail:3.5.4"
imagePullPolicy: IfNotPresent
args:
- "-config.file=/etc/promtail/promtail.yaml"
volumeMounts:
- name: config
mountPath: /etc/promtail
- name: run
mountPath: /run/promtail
- mountPath: /var/lib/docker/containers
name: docker
readOnly: true
- mountPath: /var/log/pods
name: pods
readOnly: true
env:
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
ports:
- containerPort: 3101
name: http-metrics
securityContext:
readOnlyRootFilesystem: true
runAsGroup: 0
runAsUser: 0
readinessProbe:
failureThreshold: 5
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
volumes:
- name: config
configMap:
name: promtail
- name: run
hostPath:
path: /run/promtail
- hostPath:
path: /var/lib/docker/containers
name: docker
- hostPath:
path: /var/log/pods
name: pods
---

163
manifests/monitoring-civo/vmagent.yaml
View File

@@ -1,163 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: vmagent
namespace: monitoring
labels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
data:
prometheus.yml: |
global:
scrape_interval: 1m
external_labels:
source: civo
agent: vmagent
scrape_configs:
- job_name: 'vmagent'
static_configs:
- targets: ['localhost:8429']
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
job_name: kubernetes-nodes
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- replacement: kubernetes.default.svc:443
target_label: __address__
- regex: (.+)
replacement: /api/v1/nodes/$1/proxy/metrics
source_labels:
- __meta_kubernetes_node_name
target_label: __metrics_path__
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
- job_name: kubernetes-service-endpoints
kubernetes_sd_configs:
- role: endpoints
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scrape
- action: replace
regex: (https?)
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scheme
target_label: __scheme__
- action: replace
regex: (.+)
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_path
target_label: __metrics_path__
- action: replace
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
source_labels:
- __address__
- __meta_kubernetes_service_annotation_prometheus_io_port
target_label: __address__
- action: labelmap
regex: __meta_kubernetes_service_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: kubernetes_namespace
- action: replace
source_labels:
- __meta_kubernetes_service_name
target_label: kubernetes_name
- action: replace
source_labels:
- __meta_kubernetes_endpoint_port_name
target_label: kubernetes_endpoint_port_name
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: kubernetes_node
- job_name: kubernetes-pods
kubernetes_sd_configs:
- role: pod
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_scrape
- action: replace
regex: (.+)
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_path
target_label: __metrics_path__
- action: replace
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
source_labels:
- __address__
- __meta_kubernetes_pod_annotation_prometheus_io_port
target_label: __address__
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: kubernetes_namespace
- action: replace
source_labels:
- __meta_kubernetes_pod_name
target_label: kubernetes_pod_name
- action: replace
source_labels:
- __meta_kubernetes_pod_container_port_name
target_label: kubernetes_port_name
- action: drop
regex: Pending|Succeeded|Failed
source_labels:
- __meta_kubernetes_pod_phase
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: vmagent
namespace: monitoring
labels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
annotations:
configmap.reloader.stakater.com/reload: "vmagent"
spec:
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
spec:
serviceAccountName: prometheus-server
containers:
- name: vmagent
image: "victoriametrics/vmagent:v1.125.1"
imagePullPolicy: "IfNotPresent"
args:
- -remoteWrite.url=http://vmcluster.proxy-civo.svc/insert/0/prometheus/
- -remoteWrite.showURL
- -promscrape.config=/config/prometheus.yml
volumeMounts:
- name: config-volume
mountPath: /config
volumes:
- name: config-volume
configMap:
name: vmagent
---

87
manifests/monitoring/cadvisor.yaml Normal file
View File

@@ -0,0 +1,87 @@
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
namespace: monitoring
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
annotations:
seccomp.security.alpha.kubernetes.io/pod: docker/default
labels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
namespace: monitoring
spec:
selector:
matchLabels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
template:
metadata:
labels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
priorityClassName: system-node-critical
tolerations:
- key: "CriticalAddonsOnly"
operator: "Exists"
automountServiceAccountToken: false
containers:
- image: ghcr.io/google/cadvisor:v0.53.0
name: cadvisor
ports:
- containerPort: 8080
name: http
protocol: TCP
resources:
limits:
cpu: 800m
memory: 2000Mi
requests:
cpu: 400m
memory: 400Mi
volumeMounts:
- mountPath: /rootfs
name: rootfs
readOnly: true
- mountPath: /var/run
name: var-run
readOnly: true
- mountPath: /sys
name: sys
readOnly: true
- mountPath: /var/lib/docker
name: docker
readOnly: true
- mountPath: /dev/disk
name: disk
readOnly: true
serviceAccountName: cadvisor
terminationGracePeriodSeconds: 30
volumes:
- hostPath:
path: /
name: rootfs
- hostPath:
path: /var/run
name: var-run
- hostPath:
path: /sys
name: sys
- hostPath:
path: /var/lib/docker
name: docker
- hostPath:
path: /dev/disk
name: disk

142
manifests/monitoring/ephemeral-storage-exporter.yaml Normal file
View File

@@ -0,0 +1,142 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
name: k8s-ephemeral-storage-metrics
namespace: monitoring
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: k8s-ephemeral-storage-metrics
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
rules:
- apiGroups: [""]
resources: ["nodes","nodes/proxy", "nodes/stats", "pods"]
verbs: ["get","list", "watch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: k8s-ephemeral-storage-metrics
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
subjects:
- kind: ServiceAccount
name: k8s-ephemeral-storage-metrics
namespace: monitoring
roleRef:
kind: ClusterRole
name: k8s-ephemeral-storage-metrics
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Service
metadata:
name: k8s-ephemeral-storage-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9100"
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
ports:
- name: metrics
port: 9100
protocol: TCP
targetPort: metrics
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: k8s-ephemeral-storage-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
spec:
replicas: 1
revisionHistoryLimit: 3
selector:
matchLabels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
template:
metadata:
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
spec:
serviceAccountName: k8s-ephemeral-storage-metrics
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
containers:
- name: metrics
image: ghcr.io/jmcgrath207/k8s-ephemeral-storage-metrics:1.18.2
imagePullPolicy: IfNotPresent
ports:
- name: metrics
containerPort: 9100
protocol: TCP
livenessProbe:
failureThreshold: 10
httpGet:
path: /metrics
port: 9100
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 30
readinessProbe:
failureThreshold: 10
httpGet:
path: /metrics
port: 9100
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: false
runAsNonRoot: true
env:
- name: DEPLOY_TYPE
value: "Deployment"
- name: SCRAPE_INTERVAL
value: "15"
- name: MAX_NODE_CONCURRENCY
value: "10"
- name: CLIENT_GO_QPS
value: "5"
- name: CLIENT_GO_BURST
value: "10"
- name: LOG_LEVEL
value: "info"
- name: EPHEMERAL_STORAGE_POD_USAGE
value: "true"
- name: EPHEMERAL_STORAGE_NODE_AVAILABLE
value: "true"
- name: EPHEMERAL_STORAGE_NODE_CAPACITY
value: "true"
- name: EPHEMERAL_STORAGE_NODE_PERCENTAGE
value: "true"
- name: EPHEMERAL_STORAGE_CONTAINER_LIMIT_PERCENTAGE
value: "true"
- name: EPHEMERAL_STORAGE_CONTAINER_VOLUME_USAGE
value: "true"
- name: EPHEMERAL_STORAGE_CONTAINER_VOLUME_LIMITS_PERCENTAGE
value: "true"
- name: EPHEMERAL_STORAGE_INODES
value: "true"

1
manifests/monitoring/kube-state-metrics.yaml
View File

@@ -201,6 +201,7 @@ spec:
labels:
app.kubernetes.io/name: kube-state-metrics
spec:
priorityClassName: system-cluster-critical
serviceAccountName: kube-state-metrics
securityContext:
fsGroup: 65534

1
manifests/monitoring/node-exporter.yaml
View File

@@ -51,6 +51,7 @@ spec:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: node-exporter
spec:
priorityClassName: system-node-critical
serviceAccountName: prometheus-node-exporter
containers:
- name: prometheus-node-exporter

3
manifests/monitoring/promtail.yaml
View File

@@ -212,10 +212,11 @@ spec:
prometheus.io/port: http-metrics
prometheus.io/scrape: "true"
spec:
priorityClassName: system-node-critical
serviceAccountName: promtail
containers:
- name: promtail
image: "grafana/promtail:3.5.4"
image: "grafana/promtail:2.9.15"
imagePullPolicy: IfNotPresent
args:
- "-config.file=/etc/promtail/promtail.yaml"

66
manifests/monitoring/vmagent.yaml
View File

@@ -17,6 +17,11 @@ data:
- job_name: 'vmagent'
static_configs:
- targets: ['localhost:8429']
relabel_configs:
- action: drop
source_labels: [__name__]
regex: "flag"
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
job_name: kubernetes-nodes
kubernetes_sd_configs:
@@ -36,6 +41,38 @@ data:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
- job_name: cadvisor
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- replacement: kubernetes.default.svc:443
target_label: __address__
- source_labels: [__meta_kubernetes_node_name]
regex: (.+)
target_label: __metrics_path__
replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor
# Drop high cardinality labels
- action: labeldrop
regex: id
# Drop unneeded labels
- action: labeldrop
regex: beta_kubernetes_io_os
- action: labeldrop
regex: beta_kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_os
- action: labeldrop
regex: topology_jiva_openebs_io_nodeName
- job_name: kubernetes-service-endpoints
kubernetes_sd_configs:
- role: endpoints
@@ -78,6 +115,21 @@ data:
source_labels:
- __meta_kubernetes_pod_node_name
target_label: kubernetes_node
# We don't care about the flag metrics from VM
- action: drop
source_labels: [__name__]
regex: "flag"
# Drop unneeded labels
- action: labeldrop
regex: beta_kubernetes_io_os
- action: labeldrop
regex: beta_kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_os
- action: labeldrop
regex: topology_jiva_openebs_io_nodeName
- job_name: kubernetes-pods
kubernetes_sd_configs:
@@ -116,6 +168,17 @@ data:
regex: Pending|Succeeded|Failed
source_labels:
- __meta_kubernetes_pod_phase
# Drop unneeded labels
- action: labeldrop
regex: beta_kubernetes_io_os
- action: labeldrop
regex: beta_kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_os
- action: labeldrop
regex: topology_jiva_openebs_io_nodeName
- job_name: 'node-exporter'
kubernetes_sd_configs:
@@ -150,10 +213,11 @@ spec:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
spec:
priorityClassName: system-cluster-critical
serviceAccountName: prometheus-server
containers:
- name: vmagent
image: "victoriametrics/vmagent:v1.125.1"
image: "victoriametrics/vmagent:v1.126.0"
imagePullPolicy: "IfNotPresent"
args:
- -remoteWrite.url=http://vmcluster.auth-proxy.svc/insert/0/prometheus/

10
manifests/nextcloud_chart/manifest.yaml
View File

@@ -201,9 +201,10 @@ spec:
app.kubernetes.io/component: app
nextcloud-nextcloud-redis-client: "true"
spec:
priorityClassName: critical
containers:
- name: nextcloud
image: "nextcloud:31.0.8-apache"
image: "nextcloud:31.0.9-apache"
imagePullPolicy: IfNotPresent
env:
- name: SQLITE_DATABASE
@@ -282,7 +283,10 @@ spec:
periodSeconds: 10
resources:
requests:
memory: 450Mi
cpu: 1038m
memory: 512M
limits:
cpu: 1200m
volumeMounts:
- name: nextcloud-data
mountPath: /var/www/
@@ -374,7 +378,7 @@ spec:
restartPolicy: Never
containers:
- name: nextcloud
image: "nextcloud:31.0.8-apache"
image: "nextcloud:31.0.9-apache"
imagePullPolicy: IfNotPresent
command: [ "curl" ]
args:

2
manifests/nginx-lb/nginx-lb.yaml
View File

@@ -533,7 +533,7 @@ spec:
resources:
requests:
cpu: 100m
memory: 90Mi
memory: 150Mi
securityContext:
allowPrivilegeEscalation: true
capabilities:

5
manifests/outline/outline.yaml
View File

@@ -43,9 +43,10 @@ spec:
labels:
app.kubernetes.io/name: outline
spec:
priorityClassName: critical
containers:
- name: outline
image: outlinewiki/outline:0.87.3
image: outlinewiki/outline:0.87.4
imagePullPolicy: IfNotPresent
env:
- name: ALLOWED_DOMAINS
@@ -72,7 +73,7 @@ spec:
resources:
requests:
cpu: 8m
memory: 800Mi
memory: 1024Mi
volumeMounts:
- mountPath: /opt/outline/.env
subPath: .env

7
manifests/priority-classes/critical.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: scheduling.k8s.io/v1
kind: PriorityClass
metadata:
name: critical
value: 1000
globalDefault: false
preemptionPolicy: PreemptLowerPriority

7
manifests/priority-classes/low.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: scheduling.k8s.io/v1
kind: PriorityClass
metadata:
name: low
value: 10
globalDefault: false
preemptionPolicy: Never

7
manifests/priority-classes/normal.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: scheduling.k8s.io/v1
kind: PriorityClass
metadata:
name: normal
value: 100
globalDefault: true
preemptionPolicy: PreemptLowerPriority

149
manifests/proxy-civo/non-auth-proxy.yaml
View File

@@ -1,149 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: tailscale-auth
namespace: proxy-civo
annotations:
kube-1password: 2cqycmsgv5r7vcyvjpblcl2l4y
kube-1password/vault: Kubernetes
type: Opaque
---
apiVersion: v1
kind: ConfigMap
metadata:
name: host-mappings
namespace: proxy-civo
labels:
app: proxy
data:
mapping.json: |
{
"vmcluster.proxy-civo.svc": "vmcluster.cluster.local",
"loki.proxy-civo.svc": "loki-write.cluster.local",
"loki.proxy-civo.svc:80": "loki-write.cluster.local",
"loki-distributed.proxy-civo.svc": "loki-loki.cluster.local",
"loki-distributed.proxy-civo.svc:80": "loki-loki.cluster.local"
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: internal-proxy
namespace: proxy-civo
labels:
app: internal-proxy
annotations:
configmap.reloader.stakater.com/reload: "host-mappings"
secret.reloader.stakater.com/reload: "tailscale-auth"
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: internal-proxy
template:
metadata:
labels:
app: internal-proxy
spec:
serviceAccountName: default
dnsPolicy: ClusterFirst
dnsConfig:
nameservers:
- 100.100.100.100
containers:
- name: proxy
image: rg.fr-par.scw.cloud/averagemarcus/proxy:latest
imagePullPolicy: Always
env:
- name: PROXY_DESTINATION
value: talos.tail4dfb.ts.net
- name: PORT
value: "8080"
- name: TS_AUTH_KEY
valueFrom:
secretKeyRef:
name: tailscale-auth
key: password
- name: TS_HOSTNAME
value: proxy-civo-internal-proxy
ports:
- containerPort: 8080
protocol: TCP
volumeMounts:
- name: host-mappings
mountPath: /config/
volumes:
- name: host-mappings
configMap:
name: host-mappings
---
apiVersion: v1
kind: Service
metadata:
name: loki
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
name: loki-distributed
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
name: prometheus
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
name: vmcluster
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---

1
manifests/redis/redis.yaml
View File

@@ -327,6 +327,7 @@ spec:
weight: 1
nodeAffinity:
terminationGracePeriodSeconds: 30
priorityClassName: critical
containers:
- name: redis
image: docker.io/bitnamilegacy/redis:7.2.4-debian-11-r11

4
manifests/rss/miniflux.yaml
View File

@@ -25,6 +25,8 @@ data:
POLLING_FREQUENCY: "15"
BASE_URL: "https://miniflux.cluster.fun/"
METRICS_COLLECTOR: "1"
CLEANUP_ARCHIVE_READ_DAYS: "365"
CLEANUP_ARCHIVE_UNREAD_DAYS: "365"
---
apiVersion: v1
kind: Service
@@ -66,7 +68,7 @@ spec:
spec:
containers:
- name: web
image: ghcr.io/miniflux/miniflux:2.2.12
image: ghcr.io/miniflux/miniflux:2.2.13
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:

1
manifests/svg-to-dxf/svg-to-dxf.yaml
View File

@@ -27,6 +27,7 @@ spec:
labels:
app: svg-to-dxf
spec:
priorityClassName: low
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/svg-to-dxf:latest

1
manifests/text-to-dxf/text-to-dxf.yaml
View File

@@ -27,6 +27,7 @@ spec:
labels:
app: text-to-dxf
spec:
priorityClassName: low
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/text-to-dxf:latest