341 Commits

Author SHA1 Message Date
5d317815a6 Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.128.0' (#570) from renovate/victoriametrics into master
Reviewed-on: #570
2025-10-22 05:54:10 +00:00
3060651f33 Update victoriametrics/vmagent Docker tag to v1.128.0 2025-10-22 03:27:29 +00:00
1267aee558 Merge pull request 'Update nodered/node-red Docker tag to v4.1.1' (#569) from renovate/nodered-node-red-4.x into master
Reviewed-on: #569
2025-10-14 06:19:07 +00:00
c4deb4530c Update nodered/node-red Docker tag to v4.1.1 2025-10-14 03:07:33 +00:00
8071aaf13c Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3.3.2' (#568) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master
Reviewed-on: #568
2025-10-11 14:59:59 +00:00
b3507ddbb4 Update ghcr.io/mealie-recipes/mealie Docker tag to v3.3.2 2025-10-11 03:15:14 +00:00
bfcddd7a76 Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.127.0' (#567) from renovate/victoriametrics into master
Reviewed-on: #567
2025-10-08 07:09:33 +00:00
b3aa166e16 Update victoriametrics/vmagent Docker tag to v1.127.0 2025-10-08 03:19:04 +00:00
2bc0b9f4df Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3.3.1' (#566) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master
Reviewed-on: #566
2025-10-03 06:32:37 +00:00
b6b5027601 Update ghcr.io/mealie-recipes/mealie Docker tag to v3.3.1 2025-10-03 03:07:29 +00:00
c22d5d3428 Set grist to recreate strategy
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-10-01 08:13:44 +01:00
6c34c4ca9e Merge pull request 'Update gristlabs/grist-oss Docker tag to v1.7.4' (#565) from renovate/gristlabs-grist-oss-1.x into master
Reviewed-on: #565
2025-10-01 06:47:46 +00:00
d32d64d78e Update gristlabs/grist-oss Docker tag to v1.7.4 2025-10-01 03:12:53 +00:00
cf3a9b9aba Merge pull request 'Update nextcloud Docker tag to v32' (#564) from renovate/nextcloud-32.x into master
Reviewed-on: #564
2025-09-30 06:10:33 +00:00
643ba071e0 Merge pull request 'Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.13.3' (#563) from renovate/registry.k8s.io-ingress-nginx-controller-1.x into master
Reviewed-on: #563
2025-09-30 06:09:27 +00:00
42c7163710 Update nextcloud Docker tag to v32 2025-09-30 03:13:03 +00:00
ca76486945 Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.13.3 2025-09-30 03:12:58 +00:00
a8142056c6 Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3.3.0' (#562) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master
Reviewed-on: #562
2025-09-28 06:18:26 +00:00
8f8bd1d7f1 Update ghcr.io/mealie-recipes/mealie Docker tag to v3.3.0 2025-09-28 03:14:20 +00:00
28ce27280d Comment out Goldilocks
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-27 19:43:28 +01:00
8442208f02 Fix typo
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-27 19:38:42 +01:00
6d9ebaf533 Bump blog memory
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-27 19:35:34 +01:00
b83ddcce89 Removed tank
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-27 19:28:20 +01:00
6a5360a803 Tweak memory requests
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-27 19:27:46 +01:00
d6ad2f1c79 Remove mastodon digest
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-27 19:10:06 +01:00
68a06195e9 Bump mealie memory
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-22 06:17:30 +01:00
b8e08002dd Added ephemeral-storage-exporter
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-20 10:57:39 +01:00
3fa3703b27 Mark monitoring apps as critical
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-20 10:42:09 +01:00
84fbd628db Bump mealie memory
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-20 09:51:03 +01:00
32158e4cef Clean up some metric labels
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-20 08:56:24 +01:00
7c52a9dc34 Added cadvisor
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-20 08:43:59 +01:00
8d2ab9205a Merge pull request 'Update ghcr.io/miniflux/miniflux Docker tag to v2.2.13' (#561) from renovate/ghcr.io-miniflux-miniflux-2.x into master
Reviewed-on: #561
2025-09-19 07:15:26 +00:00
e2fafc6a7e Update ghcr.io/miniflux/miniflux Docker tag to v2.2.13 2025-09-19 03:07:13 +00:00
375343d100 Merge pull request 'Update outlinewiki/outline Docker tag to v0.87.4' (#560) from renovate/outlinewiki-outline-0.x into master
Reviewed-on: #560
2025-09-18 06:44:06 +00:00
0eb69ef4f5 Update outlinewiki/outline Docker tag to v0.87.4 2025-09-18 03:11:54 +00:00
de9197d740 Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.126.0' (#559) from renovate/victoriametrics into master
Reviewed-on: #559
2025-09-16 06:57:17 +00:00
abbc4fc453 Merge pull request 'Update nextcloud Docker tag to v31.0.9' (#558) from renovate/nextcloud-31.x into master
Reviewed-on: #558
2025-09-16 06:57:14 +00:00
77d24ae009 Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3.2.1' (#557) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master
Reviewed-on: #557
2025-09-16 06:57:10 +00:00
193406e7df Update victoriametrics/vmagent Docker tag to v1.126.0 2025-09-16 03:21:54 +00:00
c15da69d83 Update nextcloud Docker tag to v31.0.9 2025-09-16 03:21:39 +00:00
23a6d889f1 Update ghcr.io/mealie-recipes/mealie Docker tag to v3.2.1 2025-09-16 03:21:36 +00:00
57ac458504 Fix svg-to-dxf
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-14 16:14:01 +01:00
e53a02014a Cleaned up old civo cluster resources
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-14 16:02:19 +01:00
eefb79771f Added priority classes
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-14 15:56:31 +01:00
a3f8762679 Increase mealie cpu limit
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-14 15:42:08 +01:00
6e064edb7c Bump mealie cpu
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-14 15:39:32 +01:00
0243dc08e7 Increased memory requests
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-14 15:38:00 +01:00
a6ce82e001 Bump mealie CPU to 80m
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-14 15:34:30 +01:00
68d172423c Increased melie CPU
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-14 15:31:46 +01:00
390986ffaa Increased mioniflux archive days
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-14 08:25:08 +01:00
44b8088899 Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3.2.0' (#556) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master
Reviewed-on: #556
2025-09-14 07:15:40 +00:00
6de863bba5 Update ghcr.io/mealie-recipes/mealie Docker tag to v3.2.0 2025-09-14 03:12:27 +00:00
4ea8bf9acd Set nextcloud resources
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-13 20:35:42 +01:00
c3053250a3 Set resources for Mealie
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-13 20:18:44 +01:00
91a3cc22b0 Add flags to dashboard too
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-13 20:10:13 +01:00
d97cdc1bdc Reduce dashboard replica count
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-13 20:08:51 +01:00
435cee3116 Enable for all namespaces
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-13 20:06:31 +01:00
5950568286 Ensure namespace created
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-13 20:04:10 +01:00
2d6faab122 Merge branch 'master' of https://git.cluster.fun/averagemarcus/cluster.fun 2025-09-13 20:02:13 +01:00
2eca62bf5d Added Goldilocks
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-13 20:02:05 +01:00
aa3c98d453 Merge pull request 'Update gitea/gitea Docker tag to v1.24.6' (#555) from renovate/gitea-gitea-1.x into master
Reviewed-on: #555
2025-09-13 17:41:11 +00:00
b334e52544 Update gitea/gitea Docker tag to v1.24.6 2025-09-12 03:06:04 +00:00
78af20ec62 Move apps to scaleway
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 21:24:23 +01:00
cfb3de7e76 Removed social-toi-grist
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 21:24:11 +01:00
627b997241 Remove annotations
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 21:23:56 +01:00
aa1163aab9 Removed traefik annotations
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 21:17:35 +01:00
3c5c5e9016 Remove annotation
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 21:15:08 +01:00
42328cb5f0 Fix indentation
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 21:12:04 +01:00
f4aac5f5e6 Move talks to scaleaway
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 21:10:29 +01:00
87286c91d0 Enable nginx snippets
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 21:05:33 +01:00
9aa1b0f522 Added ingress class name
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 20:56:52 +01:00
2cf08255cc Move til to scaleway
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 20:54:34 +01:00
5e8e1ff294 Remove til deployment
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 20:51:29 +01:00
556ba744f9 Add ingress class
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 20:38:05 +01:00
9565bee15f Add ingress class
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 20:36:04 +01:00
487aea3af4 Remomve wallabag
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 20:30:48 +01:00
c6380f0350 Removed old twitter-related apps
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 20:29:39 +01:00
6ce44f3132 Removed matrix
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 20:20:36 +01:00
63510aa4bb Moved apps to scaleway
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 20:17:09 +01:00
f25ef5e5bb Increase mealie token time
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-09-04 16:35:55 +01:00
5ac34d3890 Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.125.1' (#554) from renovate/victoriametrics into master
Reviewed-on: #554
2025-09-04 06:36:28 +00:00
8a7ad6fa2d Update victoriametrics/vmagent Docker tag to v1.125.1 2025-09-04 03:32:00 +00:00
3914740922 Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.125.0' (#553) from renovate/victoriametrics into master
Reviewed-on: #553
2025-09-02 06:45:15 +00:00
56f61deeb3 Merge pull request 'Update registry.k8s.io/kube-state-metrics/kube-state-metrics Docker tag to v2.17.0' (#552) from renovate/registry.k8s.io-kube-state-metrics-kube-state-metrics-2.x into master
Reviewed-on: #552
2025-09-02 06:45:11 +00:00
4c406eed40 Merge pull request 'Update outlinewiki/outline Docker tag to v0.87.3' (#551) from renovate/outlinewiki-outline-0.x into master
Reviewed-on: #551
2025-09-02 06:45:07 +00:00
1ee1ba0659 Update victoriametrics/vmagent Docker tag to v1.125.0 2025-09-02 03:14:36 +00:00
ae06bd0ab6 Update registry.k8s.io/kube-state-metrics/kube-state-metrics Docker tag to v2.17.0 2025-09-02 03:14:34 +00:00
56100ba077 Update outlinewiki/outline Docker tag to v0.87.3 2025-09-02 03:14:29 +00:00
bb057547a8 Merge pull request 'Update outlinewiki/outline Docker tag to v0.87.1' (#550) from renovate/outlinewiki-outline-0.x into master
Reviewed-on: #550
2025-09-01 05:20:32 +00:00
00c78fddd5 Update outlinewiki/outline Docker tag to v0.87.1 2025-09-01 03:16:59 +00:00
d7be1186c7 Merge pull request 'Update rancher/mirrored-library-traefik Docker tag to v2.11.29' (#548) from renovate/rancher-mirrored-library-traefik-2.x into master
Reviewed-on: #548
2025-08-30 06:11:30 +00:00
d4a3d5f4a7 Merge pull request 'Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.13.2' (#549) from renovate/registry.k8s.io-ingress-nginx-controller-1.x into master
Reviewed-on: #549
2025-08-30 06:11:21 +00:00
e59f5f6e65 Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.13.2 2025-08-30 04:17:34 +00:00
a8c0df9ee4 Update rancher/mirrored-library-traefik Docker tag to v2.11.29 2025-08-30 04:17:30 +00:00
33f9840d59 Merge pull request 'Update gristlabs/grist-oss Docker tag to v1.7.3' (#547) from renovate/gristlabs-grist-oss-1.x into master
Reviewed-on: #547
2025-08-29 05:31:16 +00:00
1546086d4f Update gristlabs/grist-oss Docker tag to v1.7.3 2025-08-29 03:05:13 +00:00
2457da2a2a Merge pull request 'Update vectorim/element-web Docker tag to v1.11.110' (#546) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #546
2025-08-28 07:00:04 +00:00
b3ec9a50ea Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.137.0' (#545) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #545
2025-08-28 07:00:00 +00:00
ef70214fd5 Update vectorim/element-web Docker tag to v1.11.110 2025-08-28 03:04:04 +00:00
2b635174c3 Update ghcr.io/element-hq/synapse Docker tag to v1.137.0 2025-08-27 03:05:24 +00:00
cc6aaa1ada Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3.1.2' (#544) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master
Reviewed-on: #544
2025-08-26 05:55:06 +00:00
7c14d00db2 Update ghcr.io/mealie-recipes/mealie Docker tag to v3.1.2 2025-08-26 03:12:30 +00:00
39b0214072 Scale up cors-proxy
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-08-23 08:30:57 +01:00
5d6de0a908 Added cors-proxy
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-08-23 08:29:05 +01:00
8984be1a62 Added bsky-screenshot
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-08-22 18:03:10 +01:00
f6676c48cc Merge pull request 'Update ghcr.io/miniflux/miniflux Docker tag to v2.2.12' (#543) from renovate/ghcr.io-miniflux-miniflux-2.x into master
Reviewed-on: #543
2025-08-21 05:35:26 +00:00
e53e6a0c9a Update ghcr.io/miniflux/miniflux Docker tag to v2.2.12 2025-08-21 03:04:35 +00:00
b395df357f Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3.1.1' (#541) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master
Reviewed-on: #541
2025-08-20 03:54:36 +00:00
852ae844df Merge pull request 'Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.12.0' (#542) from renovate/quay.io-oauth2-proxy-oauth2-proxy-7.x into master
Reviewed-on: #542
2025-08-20 03:52:52 +00:00
5c6bd05521 Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.12.0 2025-08-20 03:11:59 +00:00
9a25a5263d Update ghcr.io/mealie-recipes/mealie Docker tag to v3.1.1 2025-08-20 03:11:55 +00:00
d600d44640 Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.124.0' (#540) from renovate/victoriametrics into master
Reviewed-on: #540
2025-08-19 05:27:06 +00:00
d953074087 Update victoriametrics/vmagent Docker tag to v1.124.0 2025-08-19 03:22:41 +00:00
74e86f87c8 Merge pull request 'Update nextcloud Docker tag to v31.0.8' (#539) from renovate/nextcloud-31.x into master
Reviewed-on: #539
2025-08-16 07:04:11 +00:00
feb0de1c9d Update nextcloud Docker tag to v31.0.8 2025-08-16 03:19:57 +00:00
83a641b34e Merge pull request 'Update gitea/gitea Docker tag to v1.24.5' (#537) from renovate/gitea-gitea-1.x into master
Reviewed-on: #537
2025-08-15 06:21:36 +00:00
5e86b0ffda Merge pull request 'Update gristlabs/grist-oss Docker tag to v1.7.2' (#538) from renovate/gristlabs-grist-oss-1.x into master
Reviewed-on: #538
2025-08-15 06:21:30 +00:00
b143308932 Update gristlabs/grist-oss Docker tag to v1.7.2 2025-08-15 03:07:34 +00:00
810eb8ed6d Update gitea/gitea Docker tag to v1.24.5 2025-08-14 03:17:19 +00:00
a9524e45df Merge pull request 'Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.13.1' (#535) from renovate/registry.k8s.io-ingress-nginx-controller-1.x into master
Reviewed-on: #535
2025-08-13 05:54:47 +00:00
2ea10159d8 Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.136.0' (#536) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #536
2025-08-13 05:54:43 +00:00
33085f1a54 Update ghcr.io/element-hq/synapse Docker tag to v1.136.0 2025-08-13 03:09:03 +00:00
a7884d764b Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.13.1 2025-08-13 03:09:00 +00:00
6903747c00 Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.135.2' (#533) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #533
2025-08-12 05:51:39 +00:00
2217f7f101 Merge pull request 'Update vectorim/element-web Docker tag to v1.11.109' (#534) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #534
2025-08-12 05:51:36 +00:00
40443c4be1 Update vectorim/element-web Docker tag to v1.11.109 2025-08-12 03:03:35 +00:00
89aebf5895 Update ghcr.io/element-hq/synapse Docker tag to v1.135.2 2025-08-12 03:03:24 +00:00
10741683b2 Merge pull request 'Update outlinewiki/outline Docker tag to v0.86.1' (#532) from renovate/outlinewiki-outline-0.x into master
Reviewed-on: #532
2025-08-10 05:29:18 +00:00
ba4ee220c1 Update outlinewiki/outline Docker tag to v0.86.1 2025-08-10 03:03:27 +00:00
f55acd82a4 Updated yay-or-nay
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-08-09 09:47:03 +01:00
314681c10f Merge pull request 'Update outlinewiki/outline Docker tag to v0.86.0' (#531) from renovate/outlinewiki-outline-0.x into master
Reviewed-on: #531
2025-08-07 05:29:40 +00:00
9fc81a0452 Update outlinewiki/outline Docker tag to v0.86.0 2025-08-07 03:07:57 +00:00
13063eb3f8 Merge pull request 'Update gitea/gitea Docker tag to v1.24.4' (#529) from renovate/gitea-gitea-1.x into master
Reviewed-on: #529
2025-08-06 15:59:51 +00:00
96e98d7dde Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.123.0' (#530) from renovate/victoriametrics into master
Reviewed-on: #530
2025-08-06 15:59:49 +00:00
463e37635e Update victoriametrics/vmagent Docker tag to v1.123.0 2025-08-05 03:03:56 +00:00
bc2a922951 Update gitea/gitea Docker tag to v1.24.4 2025-08-05 03:03:49 +00:00
05eb14776c Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.135.0' (#528) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #528
2025-08-04 04:31:59 +00:00
9ee1014824 Update ghcr.io/element-hq/synapse Docker tag to v1.135.0 2025-08-02 03:07:33 +00:00
ad6ec78c6a Merge pull request 'Update gristlabs/grist-oss Docker tag to v1.7.1' (#527) from renovate/gristlabs-grist-oss-1.x into master
Reviewed-on: #527
2025-08-01 05:32:15 +00:00
2947579d33 Update gristlabs/grist-oss Docker tag to v1.7.1 2025-08-01 03:11:54 +00:00
02f8a39dc5 Merge pull request 'Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.11.0' (#526) from renovate/quay.io-oauth2-proxy-oauth2-proxy-7.x into master
Reviewed-on: #526
2025-07-31 05:50:24 +00:00
2190a241b6 Merge pull request 'Update vectorim/element-web Docker tag to v1.11.108' (#525) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #525
2025-07-31 05:50:22 +00:00
7093f0f211 Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.11.0 2025-07-31 03:04:09 +00:00
ac8acd2165 Update vectorim/element-web Docker tag to v1.11.108 2025-07-31 03:03:58 +00:00
b1e6442059 Merge pull request 'Update vectorim/element-web Docker tag to v1.11.107' (#523) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #523
2025-07-30 06:13:18 +00:00
9ad5da2fe5 Merge pull request 'Update nodered/node-red Docker tag to v4.1.0' (#524) from renovate/nodered-node-red-4.x into master
Reviewed-on: #524
2025-07-30 06:13:12 +00:00
03f8bcfd35 Update nodered/node-red Docker tag to v4.1.0 2025-07-30 03:03:45 +00:00
e426a6228b Update vectorim/element-web Docker tag to v1.11.107 2025-07-30 03:03:34 +00:00
f57d351e49 Switch to bitnamilegacy for redis
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-07-30 02:09:03 +01:00
dc69e26a94 Update manifests/yay-or-nay/yay-or-nay.yaml 2025-07-28 17:21:20 +00:00
0d7878cce8 Remove all image ignores
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-07-27 11:51:36 +01:00
7f85fe082d Remove image ignored from upstream apps
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-07-27 11:43:40 +01:00
130d26e0ed Merge pull request 'Update ghcr.io/miniflux/miniflux Docker tag to v2.2.11' (#522) from renovate/ghcr.io-miniflux-miniflux-2.x into master
Reviewed-on: #522
2025-07-27 10:39:59 +00:00
39e0aa7525 Update ghcr.io/miniflux/miniflux Docker tag to v2.2.11 2025-07-27 03:06:18 +00:00
4978dbcd80 Added containerdays links
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-07-25 15:30:06 +01:00
6b4ffa50d2 Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.122.0' (#521) from renovate/victoriametrics into master
Reviewed-on: #521
2025-07-22 05:42:53 +00:00
0217bf4735 Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3.0.2' (#520) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master
Reviewed-on: #520
2025-07-22 05:42:48 +00:00
b690be812c Added probes to yay-or-nay
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-07-22 06:25:57 +01:00
6ddef721ba Update victoriametrics/vmagent Docker tag to v1.122.0 2025-07-22 03:07:49 +00:00
c17dfa5da9 Update ghcr.io/mealie-recipes/mealie Docker tag to v3.0.2 2025-07-22 03:07:44 +00:00
f588f2a44b Merge pull request 'Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.10.0' (#519) from renovate/quay.io-oauth2-proxy-oauth2-proxy-7.x into master
Reviewed-on: #519
2025-07-19 15:39:01 +00:00
b8705dfdc9 Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.10.0 2025-07-19 03:30:54 +00:00
dcc50b0d69 Remove old ingress
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-07-18 14:29:57 +01:00
f7c15e56d5 Switch to social-to-rolodex
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-07-18 14:21:44 +01:00
1402eca48b Merge pull request 'Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.10.0' (#518) from renovate/quay.io-oauth2-proxy-oauth2-proxy-7.x into master
Reviewed-on: #518
2025-07-18 05:26:54 +00:00
ebd4fbec1e Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.10.0 2025-07-18 03:07:21 +00:00
382b517a6d Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.134.0' (#517) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #517
2025-07-16 05:14:02 +00:00
bfb8c513e3 Merge pull request 'Update vectorim/element-web Docker tag to v1.11.106' (#516) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #516
2025-07-16 05:13:57 +00:00
38b3fe7fd7 Merge pull request 'Update gitea/gitea Docker tag to v1.24.3' (#515) from renovate/gitea-gitea-1.x into master
Reviewed-on: #515
2025-07-16 05:13:55 +00:00
c107d27b29 Update ghcr.io/element-hq/synapse Docker tag to v1.134.0 2025-07-16 03:14:48 +00:00
ea974fb72c Update vectorim/element-web Docker tag to v1.11.106 2025-07-16 03:14:36 +00:00
bf2d7d07e1 Update gitea/gitea Docker tag to v1.24.3 2025-07-16 03:14:29 +00:00
e551a03ee1 Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3.0.1' (#514) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master
Reviewed-on: #514
2025-07-14 05:59:42 +00:00
9ab127c188 Update ghcr.io/mealie-recipes/mealie Docker tag to v3.0.1 2025-07-14 03:06:27 +00:00
741e6076ca Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v3' (#513) from renovate/ghcr.io-mealie-recipes-mealie-3.x into master
Reviewed-on: #513
2025-07-12 03:06:55 +00:00
c052f58667 Merge pull request 'Update outlinewiki/outline Docker tag to v0.85.1' (#512) from renovate/outlinewiki-outline-0.x into master
Reviewed-on: #512
2025-07-12 03:05:29 +00:00
2ff6f0c76d Merge pull request 'Update nextcloud Docker tag to v31.0.7' (#511) from renovate/nextcloud-31.x into master
Reviewed-on: #511
2025-07-12 03:05:22 +00:00
52dfa38d0c Update ghcr.io/mealie-recipes/mealie Docker tag to v3 2025-07-12 03:04:56 +00:00
230f923c48 Update outlinewiki/outline Docker tag to v0.85.1 2025-07-12 03:04:50 +00:00
a41173dc72 Update nextcloud Docker tag to v31.0.7 2025-07-12 03:04:35 +00:00
a43ebd1b6c Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.121.0' (#510) from renovate/victoriametrics into master
Reviewed-on: #510
2025-07-08 05:48:13 +00:00
3aa82fa296 Update victoriametrics/vmagent Docker tag to v1.121.0 2025-07-08 03:10:01 +00:00
2fe02d459d Merge pull request 'Update outlinewiki/outline Docker tag to v0.85.0' (#509) from renovate/outlinewiki-outline-0.x into master
Reviewed-on: #509
2025-07-04 05:46:55 +00:00
c9f96350cc Update outlinewiki/outline Docker tag to v0.85.0 2025-07-04 03:22:56 +00:00
2dfe00fd40 Merge pull request 'Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.13.0' (#508) from renovate/registry.k8s.io-ingress-nginx-controller-1.x into master
Reviewed-on: #508
2025-07-03 06:09:51 +00:00
1b450acfe2 Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.13.0 2025-07-03 03:03:02 +00:00
df895b6bed Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.133.0' (#507) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #507
2025-07-02 07:05:35 +00:00
238251b657 Merge pull request 'Update vectorim/element-web Docker tag to v1.11.105' (#506) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #506
2025-07-02 07:05:30 +00:00
74e9162d72 Update ghcr.io/element-hq/synapse Docker tag to v1.133.0 2025-07-02 03:43:22 +00:00
d8e7a2ce28 Update vectorim/element-web Docker tag to v1.11.105 2025-07-02 03:43:12 +00:00
1b32d110c7 Remove starling
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-06-27 06:42:39 +01:00
40bb305ff9 Merge pull request 'Update registry.k8s.io/kube-state-metrics/kube-state-metrics Docker tag to v2.16.0' (#505) from renovate/registry.k8s.io-kube-state-metrics-kube-state-metrics-2.x into master
Reviewed-on: #505
2025-06-27 04:53:39 +00:00
884621fd47 Update registry.k8s.io/kube-state-metrics/kube-state-metrics Docker tag to v2.16.0 2025-06-27 03:12:30 +00:00
fdd6416b8c Merge pull request 'Update gristlabs/grist-oss Docker tag to v1.6.1' (#504) from renovate/gristlabs-grist-oss-1.x into master
Reviewed-on: #504
2025-06-26 05:53:14 +00:00
e3e0be048a Update gristlabs/grist-oss Docker tag to v1.6.1 2025-06-26 03:15:29 +00:00
507446aac2 Added cnsmunich-feedback link
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-06-25 15:30:10 +01:00
869e8436df Fix ingress
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-06-25 15:09:08 +01:00
3f78cd2d2e Added yay-or-nay
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-06-25 15:04:14 +01:00
a2e8a14dac Added yay-or-nay
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-06-25 14:06:59 +01:00
1c76f00adc Added body size annotations to openwebui
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-06-25 13:47:47 +01:00
1cd38b1ff2 Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.120.0' (#503) from renovate/victoriametrics into master
Reviewed-on: #503
2025-06-24 05:42:28 +00:00
774cae1887 Merge pull request 'Update ghcr.io/miniflux/miniflux Docker tag to v2.2.10' (#502) from renovate/ghcr.io-miniflux-miniflux-2.x into master
Reviewed-on: #502
2025-06-24 05:42:25 +00:00
642b90d7b5 Update victoriametrics/vmagent Docker tag to v1.120.0 2025-06-24 03:19:37 +00:00
ae8056ff98 Update ghcr.io/miniflux/miniflux Docker tag to v2.2.10 2025-06-24 03:19:27 +00:00
67548d0f79 Merge pull request 'Update gitea/gitea Docker tag to v1.24.2' (#501) from renovate/gitea-gitea-1.x into master
Reviewed-on: #501
2025-06-21 04:13:30 +00:00
adc9441f35 Update gitea/gitea Docker tag to v1.24.2 2025-06-21 03:04:03 +00:00
3e765e4b0c Merge pull request 'Update gitea/gitea Docker tag to v1.24.1' (#500) from renovate/gitea-gitea-1.x into master
Reviewed-on: #500
2025-06-20 06:04:21 +00:00
1086b5334d Update gitea/gitea Docker tag to v1.24.1 2025-06-20 03:07:52 +00:00
a4041fb853 Added stablediffusion
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-06-18 11:19:20 +01:00
9830b9d947 Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.132.0' (#499) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #499
2025-06-18 06:16:25 +00:00
4261efc3ff Merge pull request 'Update vectorim/element-web Docker tag to v1.11.104' (#498) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #498
2025-06-18 06:16:23 +00:00
9aae8abd53 Update ghcr.io/element-hq/synapse Docker tag to v1.132.0 2025-06-18 03:04:45 +00:00
bb387b8bc4 Update vectorim/element-web Docker tag to v1.11.104 2025-06-18 03:04:36 +00:00
3aadc6846b Merge pull request 'Update nextcloud Docker tag to v31.0.6' (#497) from renovate/nextcloud-31.x into master
Reviewed-on: #497
2025-06-14 07:43:44 +00:00
fd5061a748 Update nextcloud Docker tag to v31.0.6 2025-06-14 03:08:42 +00:00
23e2cf7d08 Remove config snippet
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-06-13 13:38:28 +01:00
e9a5ad781c Update webhook annotation
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-06-13 13:36:25 +01:00
4894baaee3 revert 7052631867
revert revert 3fd3ae4a0d

revert Add websocket annotations to non-auth ingress
2025-06-13 11:23:05 +00:00
7052631867 revert 3fd3ae4a0d
revert Add websocket annotations to non-auth ingress
2025-06-12 20:01:01 +00:00
3fd3ae4a0d Add websocket annotations to non-auth ingress 2025-06-12 19:44:35 +00:00
17fd27b383 Make openwebui available externally
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-06-12 15:49:06 +01:00
85749ee068 Merge pull request 'Update grafana/promtail Docker tag to v2.9.15' (#495) from renovate/grafana-promtail-2.x into master
Reviewed-on: #495
2025-06-11 05:52:40 +00:00
eb09dc0341 Merge pull request 'Update vectorim/element-web Docker tag to v1.11.103' (#496) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #496
2025-06-11 05:52:37 +00:00
e2546b9af3 Update vectorim/element-web Docker tag to v1.11.103 2025-06-11 03:16:30 +00:00
c94323fe1e Update grafana/promtail Docker tag to v2.9.15 2025-06-11 03:16:25 +00:00
64e9bdab0e Merge pull request 'Update gitea/gitea Docker tag to v1.24.0' (#494) from renovate/gitea-gitea-1.x into master
Reviewed-on: #494
2025-06-10 12:19:48 +00:00
c57c405fc2 Update gitea/gitea Docker tag to v1.24.0 2025-06-10 05:01:18 +00:00
cfd0236b43 Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.119.0' (#493) from renovate/victoriametrics into master
Reviewed-on: #493
2025-06-07 16:17:34 +00:00
6c63c7d3dd Update victoriametrics/vmagent Docker tag to v1.119.0 2025-06-07 03:32:27 +00:00
47aeb1fcc2 Merge pull request 'Update wallabag/wallabag Docker tag to v2.6.13' (#492) from renovate/wallabag-wallabag-2.x into master
Reviewed-on: #492
2025-06-05 05:13:15 +00:00
abc90c925e Merge pull request 'Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.12.3' (#491) from renovate/registry.k8s.io-ingress-nginx-controller-1.x into master
Reviewed-on: #491
2025-06-05 05:13:07 +00:00
bc215f8efe Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.131.0' (#490) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #490
2025-06-05 05:11:49 +00:00
00d1bf12ea Merge pull request 'Update vectorim/element-web Docker tag to v1.11.102' (#489) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #489
2025-06-05 05:11:45 +00:00
aca0ccaf31 Update wallabag/wallabag Docker tag to v2.6.13 2025-06-05 03:03:27 +00:00
3c76bd90e7 Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.12.3 2025-06-05 03:03:16 +00:00
463e3b41f8 Update ghcr.io/element-hq/synapse Docker tag to v1.131.0 2025-06-04 03:20:03 +00:00
e30d58c3a9 Update vectorim/element-web Docker tag to v1.11.102 2025-06-04 03:19:45 +00:00
b2e51da87a Merge pull request 'Update gristlabs/grist-oss Docker tag to v1.6.0' (#488) from renovate/gristlabs-grist-oss-1.x into master
Reviewed-on: #488
2025-05-30 04:57:37 +00:00
932a2acf31 Update gristlabs/grist-oss Docker tag to v1.6.0 2025-05-30 03:09:33 +00:00
412c381ffe Merge pull request 'Update ghcr.io/miniflux/miniflux Docker tag to v2.2.9' (#487) from renovate/ghcr.io-miniflux-miniflux-2.x into master
Reviewed-on: #487
2025-05-27 05:37:57 +00:00
aff0b56fa1 Update ghcr.io/miniflux/miniflux Docker tag to v2.2.9 2025-05-27 03:24:34 +00:00
dd0e5712cd Re-add labekl to batch job
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-05-26 09:04:04 +01:00
d85e60b6e8 Re-add labekl to batch job
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-05-26 09:02:04 +01:00
ca12ae98db Add PDB to ingress-nginx
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-05-26 08:52:27 +01:00
d17c666e1c Merge pull request 'Update x1unix/go-playground Docker tag to v2.5.7' (#485) from renovate/x1unix-go-playground-2.x into master
Reviewed-on: #485
2025-05-25 07:53:07 +00:00
c325e7f1ed Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.118.0' (#486) from renovate/victoriametrics into master
Reviewed-on: #486
2025-05-25 07:52:48 +00:00
bcd6edbabb Update victoriametrics/vmagent Docker tag to v1.118.0 2025-05-24 03:16:21 +00:00
d38f4d27ff Update x1unix/go-playground Docker tag to v2.5.7 2025-05-24 03:16:16 +00:00
98a28d7708 Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.130.0' (#484) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #484
2025-05-21 04:55:35 +00:00
05af720e37 Merge pull request 'Update vectorim/element-web Docker tag to v1.11.101' (#483) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #483
2025-05-21 04:55:19 +00:00
3214e5e5cb Update ghcr.io/element-hq/synapse Docker tag to v1.130.0 2025-05-21 03:26:00 +00:00
b3187e9888 Update vectorim/element-web Docker tag to v1.11.101 2025-05-21 03:25:50 +00:00
cc9acb272e Merge pull request 'Update nextcloud Docker tag to v31.0.5' (#482) from renovate/nextcloud-31.x into master
Reviewed-on: #482
2025-05-17 07:50:11 +00:00
cb56295334 Update nextcloud Docker tag to v31.0.5 2025-05-17 03:02:22 +00:00
0a7bad5eca Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.117.1' (#481) from renovate/victoriametrics into master
Reviewed-on: #481
2025-05-16 05:35:35 +00:00
7cc637784d Update victoriametrics/vmagent Docker tag to v1.117.1 2025-05-16 03:13:09 +00:00
ea4ce92a75 Merge pull request 'Update gitea/gitea Docker tag to v1.23.8' (#480) from renovate/gitea-gitea-1.x into master
Reviewed-on: #480
2025-05-13 04:50:51 +00:00
bfd5c1060d Update gitea/gitea Docker tag to v1.23.8 2025-05-13 03:02:50 +00:00
f92d04f2e5 Merge pull request 'Update outlinewiki/outline Docker tag to v0.84.0' (#479) from renovate/outlinewiki-outline-0.x into master
Reviewed-on: #479
2025-05-12 05:41:36 +00:00
d65a7b2425 Update outlinewiki/outline Docker tag to v0.84.0 2025-05-12 03:14:31 +00:00
1b3c6754c0 Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.117.0' (#478) from renovate/victoriametrics into master
Reviewed-on: #478
2025-05-10 10:17:51 +00:00
858ab70918 Update victoriametrics/vmagent Docker tag to v1.117.0 2025-05-10 03:09:32 +00:00
ce4d7689c9 Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.129.0' (#477) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #477
2025-05-07 05:32:28 +00:00
4f5c4f4cbe Merge pull request 'Update vectorim/element-web Docker tag to v1.11.100' (#476) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #476
2025-05-07 05:32:23 +00:00
7d3b5903e6 Update ghcr.io/element-hq/synapse Docker tag to v1.129.0 2025-05-07 03:04:03 +00:00
9a87f7fd08 Update vectorim/element-web Docker tag to v1.11.100 2025-05-07 03:03:52 +00:00
b4257f8e5e Added mylarr ingress
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-05-01 07:05:48 +01:00
12870a676b Merge pull request 'Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.12.2' (#475) from renovate/registry.k8s.io-ingress-nginx-controller-1.x into master
Reviewed-on: #475
2025-05-01 05:48:27 +00:00
afd5dd2852 Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.12.2 2025-05-01 03:12:39 +00:00
aaea56c02a Merge pull request 'Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.9.0' (#474) from renovate/quay.io-oauth2-proxy-oauth2-proxy-7.x into master
Reviewed-on: #474
2025-04-30 05:35:08 +00:00
a0354f73e8 Merge pull request 'Update gristlabs/grist-oss Docker tag to v1.5.2' (#473) from renovate/gristlabs-grist-oss-1.x into master
Reviewed-on: #473
2025-04-30 05:35:05 +00:00
8260992f26 Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.9.0 2025-04-30 03:11:43 +00:00
b35963d0e2 Update gristlabs/grist-oss Docker tag to v1.5.2 2025-04-30 03:11:41 +00:00
f38e67a27f added cnsmunich link
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-04-28 14:05:02 +01:00
a78314870b Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.116.0' (#472) from renovate/victoriametrics into master
Reviewed-on: #472
2025-04-27 07:43:47 +00:00
bdd63dd931 Update victoriametrics/vmagent Docker tag to v1.116.0 2025-04-26 03:19:35 +00:00
cfb7df2284 Merge branch 'master' of https://git.cluster.fun/averagemarcus/cluster.fun 2025-04-25 07:53:35 +02:00
99d6735566 Added podgrab external URL
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-04-25 07:53:19 +02:00
1279c8021a Merge pull request 'Update vectorim/element-web Docker tag to v1.11.99' (#471) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #471
2025-04-24 04:30:46 +00:00
2063a41276 Merge pull request 'Update ghcr.io/miniflux/miniflux Docker tag to v2.2.8' (#470) from renovate/ghcr.io-miniflux-miniflux-2.x into master
Reviewed-on: #470
2025-04-24 04:30:40 +00:00
46492eb102 Update vectorim/element-web Docker tag to v1.11.99 2025-04-24 03:18:29 +00:00
4f439b2945 Update ghcr.io/miniflux/miniflux Docker tag to v2.2.8 2025-04-24 03:18:26 +00:00
41307f592d Merge pull request 'Update vectorim/element-web Docker tag to v1.11.98' (#469) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #469
2025-04-23 04:10:43 +00:00
840e82d2b6 Update vectorim/element-web Docker tag to v1.11.98 2025-04-23 03:26:05 +00:00
cf237c5511 Merge pull request 'Update nextcloud Docker tag to v31.0.4' (#468) from renovate/nextcloud-31.x into master
Reviewed-on: #468
2025-04-22 05:34:43 +00:00
88034e2ace Update nextcloud Docker tag to v31.0.4 2025-04-22 03:18:58 +00:00
f91b4ed999 Merge pull request 'Update rancher/mirrored-library-traefik Docker tag to v2.11.24' (#467) from renovate/rancher-mirrored-library-traefik-2.x into master
Reviewed-on: #467
2025-04-19 05:43:04 +00:00
7a7721dcb0 Update rancher/mirrored-library-traefik Docker tag to v2.11.24 2025-04-19 03:05:31 +00:00
d88a3cc3a3 Merge pull request 'Update grafana/promtail Docker tag to v2.9.14' (#466) from renovate/grafana-promtail-2.x into master
Reviewed-on: #466
2025-04-16 05:35:33 +00:00
265266aeaf Update grafana/promtail Docker tag to v2.9.14 2025-04-16 03:02:39 +00:00
9db266845b Added kcdczechslovak link
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
2025-04-13 11:12:52 +01:00
071bdc5430 Merge pull request 'Update wallabag/wallabag Docker tag to v2.6.12' (#465) from renovate/wallabag-wallabag-2.x into master
Reviewed-on: #465
2025-04-12 04:21:38 +00:00
5361b55235 Update wallabag/wallabag Docker tag to v2.6.12 2025-04-12 03:14:41 +00:00
eaf3ad07fb Merge pull request 'Update outlinewiki/outline Docker tag to v0.83.0' (#464) from renovate/outlinewiki-outline-0.x into master
Reviewed-on: #464
2025-04-11 05:28:55 +00:00
92860e6722 Merge pull request 'Update rancher/mirrored-library-traefik Docker tag to v2.11.22' (#463) from renovate/rancher-mirrored-library-traefik-2.x into master
Reviewed-on: #463
2025-04-11 05:28:46 +00:00
d77f8c336a Merge pull request 'Update gristlabs/grist-oss Docker tag to v1.5.1' (#462) from renovate/gristlabs-grist-oss-1.x into master
Reviewed-on: #462
2025-04-11 05:28:40 +00:00
2a3eb40a7b Update outlinewiki/outline Docker tag to v0.83.0 2025-04-11 03:07:23 +00:00
4feceaa825 Update rancher/mirrored-library-traefik Docker tag to v2.11.22 2025-04-11 03:07:20 +00:00
1158fefb62 Update gristlabs/grist-oss Docker tag to v1.5.1 2025-04-11 03:07:17 +00:00
be39341776 Merge pull request 'Update x1unix/go-playground Docker tag to v2.5.5' (#461) from renovate/x1unix-go-playground-2.x into master
Reviewed-on: #461
2025-04-10 06:29:46 +00:00
ebd19ac221 Update x1unix/go-playground Docker tag to v2.5.5 2025-04-10 03:06:55 +00:00
a2418505e1 Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.128.0' (#460) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #460
2025-04-09 05:51:21 +00:00
e8c9322a1d Merge pull request 'Update wallabag/wallabag Docker tag to v2.6.11' (#459) from renovate/wallabag-wallabag-2.x into master
Reviewed-on: #459
2025-04-09 05:51:15 +00:00
e9c5def271 Merge pull request 'Update vectorim/element-web Docker tag to v1.11.97' (#458) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #458
2025-04-09 05:51:10 +00:00
859b3b0bfa Update ghcr.io/element-hq/synapse Docker tag to v1.128.0 2025-04-09 03:02:43 +00:00
e4178332e0 Update wallabag/wallabag Docker tag to v2.6.11 2025-04-09 03:02:40 +00:00
b2b292cc72 Update vectorim/element-web Docker tag to v1.11.97 2025-04-09 03:02:30 +00:00
a78cd55bed Merge pull request 'Update gitea/gitea Docker tag to v1.23.7' (#457) from renovate/gitea-gitea-1.x into master
Reviewed-on: #457
2025-04-08 05:40:29 +00:00
2c237322d9 Update gitea/gitea Docker tag to v1.23.7 2025-04-08 03:02:18 +00:00
1cf7308b3a Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.115.0' (#456) from renovate/victoriametrics into master
Reviewed-on: #456
2025-04-05 03:39:06 +00:00
ad7d0d3da5 Update victoriametrics/vmagent Docker tag to v1.115.0 2025-04-05 03:14:47 +00:00
409331495b Merge pull request 'Update ghcr.io/miniflux/miniflux Docker tag to v2.2.7' (#454) from renovate/ghcr.io-miniflux-miniflux-2.x into master
Reviewed-on: #454
2025-04-02 05:31:50 +00:00
25233e5a94 Merge pull request 'Update prom/node-exporter Docker tag to v1.9.1' (#455) from renovate/prom-node-exporter-1.x into master
Reviewed-on: #455
2025-04-02 05:31:46 +00:00
ea74e0ea8a Update prom/node-exporter Docker tag to v1.9.1 2025-04-02 03:02:39 +00:00
fc4ecd125e Update ghcr.io/miniflux/miniflux Docker tag to v2.2.7 2025-04-02 03:02:35 +00:00
9c77295110 Merge pull request 'Update gristlabs/grist-oss Docker tag to v1.5.0' (#453) from renovate/gristlabs-grist-oss-1.x into master
Reviewed-on: #453
2025-03-29 06:27:29 +00:00
bc8b0b33c8 Update gristlabs/grist-oss Docker tag to v1.5.0 2025-03-29 03:05:33 +00:00
b2f3411f3e Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.127.1' (#452) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #452
2025-03-27 05:26:05 +00:00
c1054c5f56 Update ghcr.io/element-hq/synapse Docker tag to v1.127.1 2025-03-27 03:02:22 +00:00
08b7b65060 Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.127.0' (#451) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #451
2025-03-26 06:32:20 +00:00
be4eface3b Merge pull request 'Update vectorim/element-web Docker tag to v1.11.96' (#450) from renovate/vectorim-element-web-1.x into master
Reviewed-on: #450
2025-03-26 06:32:12 +00:00
0f9a96f92d Merge pull request 'Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.8.2' (#449) from renovate/quay.io-oauth2-proxy-oauth2-proxy-7.x into master
Reviewed-on: #449
2025-03-26 06:32:08 +00:00
b9fb30c69a Update ghcr.io/element-hq/synapse Docker tag to v1.127.0 2025-03-26 03:04:49 +00:00
aa244425a5 Update vectorim/element-web Docker tag to v1.11.96 2025-03-26 03:04:40 +00:00
7dc1627e7c Update quay.io/oauth2-proxy/oauth2-proxy Docker tag to v7.8.2 2025-03-26 03:04:37 +00:00
96017eb7bd Merge pull request 'Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.12.1' (#448) from renovate/registry.k8s.io-ingress-nginx-controller-1.x into master
Reviewed-on: #448
2025-03-25 05:38:17 +00:00
5ecc742ed3 Merge pull request 'Update gitea/gitea Docker tag to v1.23.6' (#447) from renovate/gitea-gitea-1.x into master
Reviewed-on: #447
2025-03-25 05:38:14 +00:00
f384617395 Update registry.k8s.io/ingress-nginx/controller Docker tag to v1.12.1 2025-03-25 03:03:03 +00:00
3a8e8743d3 Update gitea/gitea Docker tag to v1.23.6 2025-03-25 03:02:57 +00:00
5d6a0a72aa Merge pull request 'Update victoriametrics/vmagent Docker tag to v1.114.0' (#446) from renovate/victoriametrics into master
Reviewed-on: #446
2025-03-22 06:50:04 +00:00
3b44d94de6 Update victoriametrics/vmagent Docker tag to v1.114.0 2025-03-22 03:02:30 +00:00
32158cd644 Merge pull request 'Update nextcloud Docker tag to v31.0.2' (#445) from renovate/nextcloud-31.x into master
Reviewed-on: #445
2025-03-20 06:24:10 +00:00
de161c7fa7 Update nextcloud Docker tag to v31.0.2 2025-03-20 03:03:52 +00:00
d2104909e0 Merge pull request 'Update ghcr.io/mealie-recipes/mealie Docker tag to v2.8.0' (#444) from renovate/ghcr.io-mealie-recipes-mealie-2.x into master
Reviewed-on: #444
2025-03-19 06:34:04 +00:00
9741310c8f Update ghcr.io/mealie-recipes/mealie Docker tag to v2.8.0 2025-03-19 03:03:00 +00:00
41437d29a4 Merge pull request 'Update nextcloud Docker tag to v31.0.1' (#443) from renovate/nextcloud-31.x into master
Reviewed-on: #443
2025-03-15 09:59:49 +00:00
19d224e464 Update nextcloud Docker tag to v31.0.1 2025-03-15 03:04:34 +00:00
8703948897 Merge pull request 'Update grafana/promtail Docker tag to v2.9.13' (#442) from renovate/grafana-promtail-2.x into master
Reviewed-on: #442
2025-03-13 10:21:52 +00:00
ae72f8eed2 Update grafana/promtail Docker tag to v2.9.13 2025-03-13 03:06:49 +00:00
34c8d19f5e Merge pull request 'Update ghcr.io/element-hq/synapse Docker tag to v1.126.0' (#441) from renovate/ghcr.io-element-hq-synapse-1.x into master
Reviewed-on: #441
2025-03-12 17:03:27 +00:00
a211ca5dab Update ghcr.io/element-hq/synapse Docker tag to v1.126.0 2025-03-12 03:08:34 +00:00
89 changed files with 850 additions and 2942 deletions

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: base64
name: civo
name: cluster-fun (v2)
source:
path: manifests/base64
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
@@ -22,7 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -22,8 +22,5 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image
---

View File

@@ -1,25 +1,24 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-fun-wallabag
name: bsky-screenshot
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: wallabag
namespace: bsky-screenshot
name: cluster-fun (v2)
source:
path: manifests/wallabag
path: manifests/bsky-screenshot
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
automated: {}
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
---

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: cel-tester
name: civo
name: cluster-fun (v2)
source:
path: manifests/cel-tester
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"

View File

@@ -1,27 +1,3 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cert-manager-civo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: cert-manager
name: civo
source:
path: manifests/certmanager-civo
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: civo-versions
name: civo
name: cluster-fun (v2)
source:
path: manifests/civo-versions
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
@@ -22,7 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -1,17 +1,17 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-fun-tank
name: cors-proxy
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: tank
namespace: cors-proxy
name: cluster-fun (v2)
source:
path: manifests/tank
path: manifests/cors-proxy
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: cv
name: civo
name: cluster-fun (v2)
source:
path: manifests/cv
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
@@ -22,7 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -22,8 +22,5 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image
---

View File

@@ -22,8 +22,5 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image
---

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: feed-fetcher
name: civo
name: cluster-fun (v2)
source:
path: manifests/feed-fetcher
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
@@ -22,7 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -0,0 +1,35 @@
# apiVersion: argoproj.io/v1alpha1
# kind: Application
# metadata:
# name: cluster-fun-goldilocks
# namespace: argocd
# finalizers:
# - resources-finalizer.argocd.argoproj.io
# spec:
# project: cluster.fun
# destination:
# namespace: goldilocks
# name: cluster-fun (v2)
# source:
# repoURL: 'https://charts.fairwinds.com/stable'
# targetRevision: 10.1.0
# chart: goldilocks
# helm:
# version: v3
# values: |-
# vpa:
# enabled: true
# controller:
# flags:
# on-by-default: true
# dashboard:
# flags:
# on-by-default: true
# replicaCount: 1
# syncPolicy:
# automated: {}
# syncOptions:
# - CreateNamespace=true
# ---

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: goplayground
name: civo
name: cluster-fun (v2)
source:
path: manifests/goplayground
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"

View File

@@ -22,8 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image
---

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: link
name: civo
name: cluster-fun (v2)
source:
path: manifests/link
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"

View File

@@ -22,8 +22,5 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image
---

View File

@@ -1,29 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-fun-mastodon-digest
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: mastodon-digest
name: cluster-fun (v2)
source:
path: manifests/mastodon-digest
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image
---

View File

@@ -22,8 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image
---

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: opengraph
name: civo
name: cluster-fun (v2)
source:
path: manifests/opengraph
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
@@ -22,7 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -1,7 +1,7 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: traefik-civo
name: cluster-fun-priority-classes
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
@@ -9,9 +9,9 @@ spec:
project: cluster.fun
destination:
namespace: kube-system
name: civo
name: cluster-fun (v2)
source:
path: manifests/traefik
path: manifests/priority-classes
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
@@ -22,3 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
---

View File

@@ -1,24 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: proxy-civo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: proxy-civo
name: civo
source:
path: manifests/proxy-civo
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: qr
name: civo
name: cluster-fun (v2)
source:
path: manifests/qr
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
@@ -22,7 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -21,26 +21,3 @@ spec:
jsonPointers:
- /data
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-fun-reloader-civo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: kube-system
name: civo
source:
repoURL: 'https://stakater.github.io/stakater-charts'
targetRevision: v0.0.89
chart: reloader
syncPolicy:
automated: {}
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
---

View File

@@ -22,8 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image
---

View File

@@ -1,28 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: social-to-grist
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: social-to-grist
name: civo
source:
path: manifests/social-to-grist
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -1,17 +1,17 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: monitoring-civo
name: social-to-rolodex
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: monitoring
name: civo
namespace: social-to-rolodex
name: cluster-fun (v2)
source:
path: manifests/monitoring-civo
path: manifests/social-to-rolodex
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
@@ -22,3 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data

View File

@@ -1,29 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-fun-starling
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: starling
name: cluster-fun (v2)
source:
path: manifests/starling
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image
---

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: svg-to-dxf
name: civo
name: cluster-fun (v2)
source:
path: manifests/svg-to-dxf
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
@@ -22,7 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: talks
name: civo
name: cluster-fun (v2)
source:
path: manifests/talks
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
@@ -22,7 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: text-to-dxf
name: civo
name: cluster-fun (v2)
source:
path: manifests/text-to-dxf
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
@@ -22,7 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -9,7 +9,7 @@ spec:
project: cluster.fun
destination:
namespace: til
name: civo
name: cluster-fun (v2)
source:
path: manifests/til
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
@@ -22,7 +22,4 @@ spec:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -1,28 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: tweetsvg
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: tweetsvg
name: civo
source:
path: manifests/tweetsvg
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image

View File

@@ -1,29 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-fun-twitter-profile-pic
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: twitter-profile-pic
name: cluster-fun (v2)
source:
path: manifests/twitter-profile-pic
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
- group: apps
kind: Deployment
jqPathExpressions:
- .spec.template.spec.containers[]?.image
---

View File

@@ -1,17 +1,17 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-fun-matrix
name: yay-or-nay
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: chat
namespace: yay-or-nay
name: cluster-fun (v2)
source:
path: manifests/matrix_chart
path: manifests/yay-or-nay
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:

View File

@@ -23,10 +23,13 @@ spec:
- sonarr.cluster.fun
- lidarr.cluster.fun
- prowlarr.cluster.fun
- mylarr.cluster.fun
- transmission.cluster.fun
- tekton.cluster.fun
- changedetection.cluster.fun
- grafana.cluster.fun
- podgrab.cluster.fun
- stablediffusion.cluster.fun
secretName: auth-proxy-ingress
rules:
- host: downloads.cluster.fun
@@ -199,3 +202,33 @@ spec:
name: tailscale-proxy
port:
name: auth
- host: podgrab.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: tailscale-proxy
port:
name: auth
- host: mylarr.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: tailscale-proxy
port:
name: auth
- host: stablediffusion.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: tailscale-proxy
port:
name: auth

View File

@@ -6,6 +6,10 @@ metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-body-size: 25m
nginx.ingress.kubernetes.io/client-body-buffer-size: 25m
spec:
ingressClassName: nginx
tls:
@@ -13,6 +17,7 @@ spec:
- hello-world.cluster.fun
- ombi.cluster.fun
- bsky-feeds.cluster.fun
- ai.cluster.fun
secretName: non-auth-proxy-ingress
rules:
- host: hello-world.cluster.fun
@@ -45,3 +50,13 @@ spec:
name: tailscale-proxy
port:
name: non-auth
- host: ai.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: tailscale-proxy
port:
name: non-auth

View File

@@ -38,6 +38,7 @@ spec:
labels:
app: internal-proxy
spec:
priorityClassName: critical
serviceAccountName: default
dnsPolicy: ClusterFirst
dnsConfig:
@@ -67,7 +68,7 @@ spec:
mountPath: /config/
- name: oauth-proxy
image: quay.io/oauth2-proxy/oauth2-proxy:v7.8.1
image: quay.io/oauth2-proxy/oauth2-proxy:v7.12.0
args:
- --cookie-secure=false
- --provider=oidc
@@ -101,9 +102,9 @@ spec:
protocol: TCP
resources:
limits:
memory: 50Mi
memory: 80Mi
requests:
memory: 50Mi
memory: 80Mi
volumes:
- name: host-mappings
configMap:

View File

@@ -29,6 +29,7 @@ spec:
spec:
imagePullSecrets:
- name: docker-config
priorityClassName: low
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/base64:latest
@@ -49,11 +50,10 @@ metadata:
namespace: base64
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- base64.cluster.fun

View File

@@ -0,0 +1,69 @@
apiVersion: v1
kind: Service
metadata:
name: bsky-screenshot
namespace: bsky-screenshot
spec:
type: ClusterIP
ports:
- port: 80
targetPort: web
name: web
selector:
app: bsky-screenshot
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: bsky-screenshot
namespace: bsky-screenshot
spec:
replicas: 1
selector:
matchLabels:
app: bsky-screenshot
template:
metadata:
labels:
app: bsky-screenshot
spec:
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/bsky-screenshot:latest
imagePullPolicy: Always
ports:
- containerPort: 80
name: web
resources:
limits:
memory: 105Mi
requests:
memory: 105Mi
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: bsky-screenshot
namespace: bsky-screenshot
annotations:
cert-manager.io/cluster-issuer: letsencrypt
ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- bsky-screenshot.cluster.fun
secretName: bsky-screenshot-ingress
rules:
- host: bsky-screenshot.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: bsky-screenshot
port:
number: 80

View File

@@ -47,11 +47,10 @@ metadata:
namespace: cel-tester
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- cel-tester.cluster.fun

View File

@@ -1,23 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: cert-manager
labels:
certmanager.k8s.io/disable-validation: "true"
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: letsencrypt@marcusnoble.co.uk
privateKeySecretRef:
name: letsencrypt
solvers:
- http01:
ingress:
class: traefik

View File

@@ -38,6 +38,7 @@ spec:
labels:
app: civo-versions
spec:
priorityClassName: low
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/civo-versions:latest
@@ -66,11 +67,10 @@ metadata:
namespace: civo-versions
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- civo-versions.cluster.fun

View File

@@ -0,0 +1,81 @@
apiVersion: v1
kind: Service
metadata:
name: cors-proxy
namespace: cors-proxy
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 8000
name: web
selector:
app: cors-proxy
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cors-proxy
namespace: cors-proxy
spec:
replicas: 2
selector:
matchLabels:
app: cors-proxy
template:
metadata:
labels:
app: cors-proxy
spec:
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/cors-proxy:latest
imagePullPolicy: Always
ports:
- containerPort: 8000
name: web
env:
- name: ALLOWLIST
value: cdn.bsky.app
resources:
requests:
memory: 184M
limits:
memory: 184M
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: cors-proxy
namespace: cors-proxy
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- cors-proxy.cluster.fun
- cors-proxy.marcusnoble.co.uk
secretName: cors-proxy-ingress
rules:
- host: cors-proxy.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cors-proxy
port:
number: 80
- host: cors-proxy.marcusnoble.co.uk
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cors-proxy
port:
number: 80

View File

@@ -62,11 +62,10 @@ metadata:
namespace: cv
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- cv.marcusnoble.co.uk

View File

@@ -81,7 +81,7 @@ spec:
secretKeyRef:
key: password
name: dashboard-auth
image: quay.io/oauth2-proxy/oauth2-proxy:v7.8.1
image: quay.io/oauth2-proxy/oauth2-proxy:v7.12.0
name: oauth-proxy
ports:
- containerPort: 8000

View File

@@ -34,6 +34,11 @@ spec:
ports:
- containerPort: 8080
name: web
resources:
requests:
memory: 80M
limits:
memory: 80M
---
apiVersion: networking.k8s.io/v1
kind: Ingress
@@ -42,11 +47,10 @@ metadata:
namespace: feed-fetcher
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- feed-fetcher.cluster.fun

View File

@@ -40,9 +40,10 @@ spec:
labels:
app: git
spec:
priorityClassName: critical
containers:
- name: git
image: gitea/gitea:1.23.5
image: gitea/gitea:1.24.6
env:
- name: APP_NAME
value: "Git"
@@ -76,7 +77,7 @@ spec:
name: web
resources:
requests:
memory: 400Mi
memory: 800Mi
volumeMounts:
- mountPath: /data
name: git-data

View File

@@ -29,7 +29,7 @@ spec:
spec:
containers:
- name: web
image: x1unix/go-playground:2.5.4
image: x1unix/go-playground:2.5.7
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8000
@@ -47,11 +47,10 @@ metadata:
namespace: goplayground
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- go.cluster.fun

View File

@@ -64,15 +64,18 @@ spec:
selector:
matchLabels:
app.kubernetes.io/name: grist
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/name: grist
spec:
serviceAccountName: grist
priorityClassName: critical
containers:
- name: grist
image: gristlabs/grist-oss:1.4.2
image: gristlabs/grist-oss:1.7.4
imagePullPolicy: IfNotPresent
ports:
- name: http
@@ -97,14 +100,17 @@ spec:
value: default
- name: GRIST_TELEMETRY_LEVEL
value: "off"
- name: ALLOWED_WEBHOOK_DOMAINS
value: "tank.tank.svc,matrix.cluster.fun"
- name: GRIST_ANON_PLAYGROUND
value: "false"
- name: GRIST_FORCE_LOGIN
value: "true"
- name: GRIST_SANDBOX_FLAVOR
value: gvisor
resources:
requests:
memory: 300M
limits:
memory: 300M
securityContext:
capabilities:
add:

View File

@@ -30,6 +30,11 @@ data:
cndoslo: https://speaking.marcusnoble.co.uk/j5M53P/from-fragile-to-resilient-validatingadmissionpolicies-strengthen-kubernetes
rejekts25: https://speaking.marcusnoble.co.uk/AXARFf/pod-deep-dive-everything-you-didnt-know-you-needed-to-know
kcdbudapest: https://speaking.marcusnoble.co.uk/43QLpx/the-future-of-kubernetes-admission-logic
kcdczechslovak: https://speaking.marcusnoble.co.uk/Np2xUv/pod-deep-dive-the-interesting-bits
cnsmunich: https://speaking.marcusnoble.co.uk/HqYcp2/pod-deep-dive-the-interesting-bits
cnsmunich-feedback: https://yay-or-nay.cluster.fun/feedback/20UETBI0
containerdays25: https://speaking.marcusnoble.co.uk/HARSlE/the-future-of-kubernetes-admission-logic
containerdays25-feedback: https://yay-or-nay.cluster.fun/feedback/F8P351QK
---
apiVersion: v1
kind: Service
@@ -64,6 +69,7 @@ spec:
labels:
app: link
spec:
priorityClassName: critical
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/link:latest
@@ -86,11 +92,10 @@ metadata:
namespace: link
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- go-get.link

View File

@@ -1,229 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: docker-config
namespace: mastodon-digest
annotations:
kube-1password: i6ngbk5zf4k52xgwdwnfup5bby
kube-1password/vault: Kubernetes
kube-1password/secret-text-key: .dockerconfigjson
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: e30=
---
apiVersion: v1
kind: Secret
metadata:
name: mastodon-digest-auth
namespace: mastodon-digest
annotations:
kube-1password: mr6spkkx7n3memkbute6ojaarm
kube-1password/vault: Kubernetes
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
name: mastodon-digest
namespace: mastodon-digest
annotations:
kube-1password: bfklz3yi3dn4e7xtsbttcvhata
kube-1password/vault: Kubernetes
kube-1password/secret-text-parse: "true"
type: Opaque
---
apiVersion: v1
kind: ConfigMap
metadata:
name: config
namespace: mastodon-digest
labels:
app: mastodon-digest
data:
config.json: |
[
{
"timeline": "home",
"hours": 12,
"scorer": "ExtendedSimpleWeighted",
"threshold": "lax",
"output": "/usr/share/nginx/html/home/"
},
{
"timeline": "federated",
"hours": 12,
"scorer": "ExtendedSimpleWeighted",
"threshold": "lax",
"output": "/usr/share/nginx/html/federated/"
}
]
---
apiVersion: v1
kind: ConfigMap
metadata:
name: index
namespace: mastodon-digest
labels:
app: mastodon-digest
data:
index.html: |
<!DOCTYPE html>
<html lang="en">
<head>
<meta chartset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Mastodon Digest</title>
<style>
body { background-color: #292c36; font-family: "Arial", sans-serif; }
div#container { margin: auto; max-width: 640px; padding: 10px; text-align: center; margin: 0 auto; }
.links { align: center; }
h1 { color: white; }
a.button { background: #595aff; color: #fff; line-height: 1.2; min-height: 38px; min-width: 88px; padding: 0 30px; border: 0; border-radius: 6px;; display: inline-flex; justify-content: center; align-items: center; }
</style>
</head>
<body>
<div id="container">
<h1>Mastodon Digest</h1>
<section class="links">
<a href="home/" class="button">Home</a>
<a href="federated/" class="button">Federated</a>
</section>
</div>
</body>
</html>
---
apiVersion: v1
kind: Service
metadata:
name: mastodon-digest
namespace: mastodon-digest
spec:
type: ClusterIP
ports:
- port: 80
targetPort: auth
name: web
selector:
app: mastodon-digest
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mastodon-digest
namespace: mastodon-digest
spec:
replicas: 1
selector:
matchLabels:
app: mastodon-digest
template:
metadata:
labels:
app: mastodon-digest
spec:
imagePullSecrets:
- name: docker-config
containers:
- args:
- --cookie-secure=false
- --provider=oidc
- --provider-display-name=Auth0
- --upstream=http://localhost:80
- --http-address=$(HOST_IP):8000
- --redirect-url=https://mastodon-digest.cluster.fun/oauth2/callback
- --email-domain=marcusnoble.co.uk
- --pass-basic-auth=false
- --pass-access-token=false
- --oidc-issuer-url=https://marcusnoble.eu.auth0.com/
- --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQNFT
env:
- name: HOST_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: OAUTH2_PROXY_CLIENT_ID
valueFrom:
secretKeyRef:
key: username
name: mastodon-digest-auth
- name: OAUTH2_PROXY_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: password
name: mastodon-digest-auth
image: quay.io/oauth2-proxy/oauth2-proxy:v7.8.1
name: oauth-proxy
ports:
- containerPort: 8000
protocol: TCP
name: auth
resources:
limits:
memory: 50Mi
requests:
memory: 50Mi
- name: web
image: nginx:stable
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
name: web
volumeMounts:
- name: html
mountPath: /usr/share/nginx/html
- name: index
mountPath: /usr/share/nginx/html/index.html
subPath: index.html
- name: digest
image: rg.fr-par.scw.cloud/averagemarcus-private/mastodon-digest:latest
imagePullPolicy: Always
env:
- name: CONFIG_FILE
value: /config.json
envFrom:
- secretRef:
name: mastodon-digest
volumeMounts:
- name: config
mountPath: /config.json
subPath: config.json
- name: html
mountPath: /usr/share/nginx/html
volumes:
- name: html
emptyDir: {}
- name: config
configMap:
name: config
- name: index
configMap:
name: index
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: mastodon-digest
namespace: mastodon-digest
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- mastodon-digest.cluster.fun
secretName: mastodon-digest-ingress
rules:
- host: mastodon-digest.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: mastodon-digest
port:
number: 80

View File

@@ -1,540 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: matrix
namespace: chat
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
spec:
ingressClassName: nginx
tls:
- hosts:
- matrix.cluster.fun
secretName: matrix-ingress
rules:
- host: matrix.cluster.fun
http:
paths:
- path: /.well-known/matrix
pathType: ImplementationSpecific
backend:
service:
name: well-known
port:
number: 80
- path: /
pathType: ImplementationSpecific
backend:
service:
name: matrix-synapse
port:
number: 80
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: riot
namespace: chat
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
spec:
ingressClassName: nginx
tls:
- hosts:
- chat.cluster.fun
secretName: riot-ingress
rules:
- host: chat.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: matrix-riot
port:
number: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: well-known
namespace: chat
annotations:
configmap.reloader.stakater.com/reload: "well-known"
spec:
replicas: 1
selector:
matchLabels:
app: well-known
template:
metadata:
labels:
app: well-known
spec:
containers:
- name: web
image: nginx
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
name: web
volumeMounts:
- name: well-known
mountPath: /usr/share/nginx/html/.well-known/matrix
resources:
limits:
memory: 15Mi
requests:
memory: 15Mi
volumes:
- name: well-known
configMap:
name: well-known
---
apiVersion: v1
kind: Service
metadata:
name: well-known
namespace: chat
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 80
name: web
selector:
app: well-known
---
apiVersion: v1
kind: ConfigMap
metadata:
name: well-known
namespace: chat
data:
server: |-
{
"m.server": "matrix.cluster.fun:443"
}
client: |-
{
"m.homeserver": {
"base_url": "https://matrix.cluster.fun"
},
"org.matrix.msc3575.proxy": {
"url": "https://syncv3.matrix.cluster.fun"
}
}
---
# Source: matrix/templates/riot/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: matrix-riot-config
namespace: chat
labels:
app.kubernetes.io/name: "matrix"
component: element
data:
config.json: |
{
"default_server_config": {
"m.homeserver": {
"base_url": "https://matrix.cluster.fun"
}
},
"brand": "Element",
"branding": {},
"integrations_ui_url": "https://scalar.vector.im/",
"integrations_rest_url": "https://scalar.vector.im/api",
"integrations_widgets_urls": [
"https://scalar.vector.im/_matrix/integrations/v1",
"https://scalar.vector.im/api",
"https://scalar-staging.vector.im/_matrix/integrations/v1",
"https://scalar-staging.vector.im/api",
"https://scalar-staging.riot.im/scalar/api"
],
"showLabsSettings": true,
"features": {
"feature_pinning": true,
"feature_custom_status": "labs",
"feature_state_counters": "labs",
"feature_many_integration_managers": "labs",
"feature_mjolnir": "labs",
"feature_dm_verification": "labs",
"feature_bridge_state": "labs",
"feature_presence_in_room_list": true,
"feature_custom_themes": "labs",
"feature_new_spinner": "labs",
"feature_jump_to_date": "labs",
"feature_location_share_pin_drop": "labs",
"feature_location_share_live": "labs",
"feature_thread": true,
"feature_video_rooms": true,
"feature_favourite_messages": "labs"
},
"roomDirectory": {
"servers": []
},
"permalinkPrefix": "https://chat.cluster.fun",
"enable_presence_by_hs_url": {
"https://matrix.org": false,
"https://matrix-client.matrix.org": false
},
"map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=2IerXP2a5g1e7hxxBbzs"
}
nginx.conf: |
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/pid/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
include /etc/nginx/conf.d/*.conf;
}
default.conf: |
server {
listen 8080;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
---
apiVersion: v1
kind: Secret
metadata:
name: matrix-synapse-config
namespace: chat
annotations:
kube-1password: wbj4oozwyx6m2zz5m42pgcmymy
kube-1password/vault: Kubernetes
kube-1password/secret-text-key: homeserver.yaml
labels:
app.kubernetes.io/name: "matrix"
component: synapse
type: Opaque
---
apiVersion: v1
kind: ConfigMap
metadata:
name: matrix-synapse-config
namespace: chat
labels:
app.kubernetes.io/name: "matrix"
component: element
data:
matrix.cluster.fun.log.config: |
version: 1
formatters:
precise:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
filters:
context:
(): synapse.util.logcontext.LoggingContextFilter
request: ""
handlers:
console:
class: logging.StreamHandler
formatter: precise
filters: [context]
loggers:
synapse:
level: WARNING
synapse.storage.SQL:
# beware: increasing this to DEBUG will make synapse log sensitive
# information such as access tokens.
level: WARNING
root:
level: WARNING
handlers: [console]
---
# Source: matrix/templates/riot/service.yaml
apiVersion: v1
kind: Service
metadata:
name: matrix-riot
namespace: chat
labels:
app.kubernetes.io/name: "matrix"
component: element
spec:
type: ClusterIP
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: matrix-riot
---
# Source: matrix/templates/synapse/service.yaml
apiVersion: v1
kind: Service
metadata:
name: matrix-synapse
namespace: chat
labels:
app.kubernetes.io/name: "matrix"
component: synapse
annotations:
prometheus.io/scrape: "true"
prometheus.io/path: "/_synapse/metrics"
prometheus.io/port: "9000"
spec:
type: ClusterIP
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
- port: 9000
targetPort: metrics
protocol: TCP
name: metrics
selector:
app.kubernetes.io/name: matrix-synapse
---
# Source: matrix/templates/riot/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: matrix-riot
namespace: chat
labels:
app.kubernetes.io/name: "matrix"
component: element
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: matrix-riot
template:
metadata:
labels:
app.kubernetes.io/name: matrix-riot
spec:
securityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
containers:
- name: "riot"
image: "vectorim/element-web:v1.11.95"
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 8080
protocol: TCP
volumeMounts:
- mountPath: /app/config.json
name: riot-config
subPath: config.json
readOnly: true
- mountPath: /etc/nginx/nginx.conf
name: riot-config
subPath: nginx.conf
readOnly: true
- mountPath: /etc/nginx/conf.d/default.conf
name: riot-config
subPath: default.conf
readOnly: true
- mountPath: /var/cache/nginx
name: ephemeral
subPath: cache
- mountPath: /var/run/pid
name: ephemeral
subPath: pid
- mountPath: /tmp
name: tmp
readinessProbe:
httpGet:
path: /
port: http
startupProbe:
httpGet:
path: /
port: http
livenessProbe:
httpGet:
path: /
port: http
securityContext:
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
volumes:
- name: riot-config
configMap:
name: matrix-riot-config
- name: ephemeral
emptyDir: {}
- name: tmp
emptyDir: {}
---
# Source: matrix/templates/synapse/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: matrix-synapse
namespace: chat
labels:
app.kubernetes.io/name: "matrix"
component: synapse
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: matrix-synapse
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/name: matrix-synapse
spec:
securityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
initContainers:
- name: generate-signing-key
image: "ghcr.io/element-hq/synapse:v1.125.0"
imagePullPolicy: IfNotPresent
env:
- name: SYNAPSE_SERVER_NAME
value: matrix.cluster.fun
- name: SYNAPSE_REPORT_STATS
value: "no"
command: ["python"]
args:
- "-m"
- "synapse.app.homeserver"
- "--config-path"
- "/data/homeserver.yaml"
- "--keys-directory"
- "/data/keys"
- "--generate-keys"
volumeMounts:
- name: synapse-config-homeserver
mountPath: /data/homeserver.yaml
subPath: homeserver.yaml
- name: synapse-config-logging
mountPath: /data/matrix.cluster.fun.log.config
subPath: matrix.cluster.fun.log.config
- name: signing-key
mountPath: /data/keys
containers:
- name: "synapse"
image: "ghcr.io/element-hq/synapse:v1.125.0"
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 8008
protocol: TCP
- name: metrics
containerPort: 9000
protocol: TCP
volumeMounts:
- name: synapse-config-homeserver
mountPath: /data/homeserver.yaml
subPath: homeserver.yaml
- name: synapse-config-logging
mountPath: /data/matrix.cluster.fun.log.config
subPath: matrix.cluster.fun.log.config
- name: signing-key
mountPath: /data/keys
- name: user-media
mountPath: /data/media_store
- name: uploads
mountPath: /data/uploads
- name: tmp
mountPath: /tmp
readinessProbe:
httpGet:
path: /_matrix/static/
port: http
periodSeconds: 10
timeoutSeconds: 5
startupProbe:
httpGet:
path: /_matrix/static/
port: http
failureThreshold: 6
periodSeconds: 5
timeoutSeconds: 5
livenessProbe:
httpGet:
path: /_matrix/static/
port: http
periodSeconds: 10
timeoutSeconds: 5
securityContext:
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
volumes:
- name: synapse-config-logging
configMap:
name: matrix-synapse-config
- name: synapse-config-homeserver
secret:
secretName: matrix-synapse-config
- name: signing-key
persistentVolumeClaim:
claimName: chat-matrix-signing-key
- name: user-media
persistentVolumeClaim:
claimName: chat-matrix-user-media
- name: uploads
emptyDir: {}
- name: tmp
emptyDir: {}
---

View File

@@ -1,32 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: chat-matrix-user-media
namespace: chat
labels:
app.kubernetes.io/name: "matrix"
component: synapse
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 12Gi
storageClassName: sbs-default-retain
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: chat-matrix-signing-key
namespace: chat
labels:
app.kubernetes.io/name: "matrix"
component: synapse
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: sbs-default-retain
---

View File

@@ -1,119 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: matrix-sliding-sync
namespace: chat
annotations:
kube-1password: 7kvyfcszfaavj2d7uvl4troagm
kube-1password/vault: Kubernetes
kube-1password/secret-text-parse: "true"
labels:
app.kubernetes.io/name: "matrix"
component: sliding-sync
type: Opaque
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: sliding-sync
namespace: chat
labels:
app.kubernetes.io/name: "matrix"
component: sliding-sync
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: sliding-sync
template:
metadata:
labels:
app.kubernetes.io/name: sliding-sync
spec:
securityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
containers:
- name: "sliding-sync"
image: "ghcr.io/matrix-org/sliding-sync:v0.99.19"
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 8008
protocol: TCP
- name: metrics
containerPort: 9090
protocol: TCP
env:
- name: SYNCV3_SERVER
value: https://matrix.cluster.fun
- name: SYNCV3_BINDADDR
value: ":8008"
- name: SYNCV3_PROM
value: ":9090"
- name: SYNCV3_SECRET
valueFrom:
secretKeyRef:
name: matrix-sliding-sync
key: SYNCV3_SECRET
- name: SYNCV3_DB
valueFrom:
secretKeyRef:
name: matrix-sliding-sync
key: SYNCV3_DB
---
apiVersion: v1
kind: Service
metadata:
name: sliding-sync
namespace: chat
labels:
app.kubernetes.io/name: "matrix"
component: sliding-sync
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9090"
spec:
type: ClusterIP
ports:
- port: 80
targetPort: http
name: web
- port: 9090
targetPort: metrics
protocol: TCP
name: metrics
selector:
app.kubernetes.io/name: sliding-sync
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: sliding-sync
namespace: chat
labels:
app.kubernetes.io/name: "matrix"
component: sliding-sync
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
spec:
ingressClassName: nginx
tls:
- hosts:
- syncv3.matrix.cluster.fun
secretName: sliding-sync-ingress
rules:
- host: syncv3.matrix.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: sliding-sync
port:
number: 80
---

View File

@@ -28,9 +28,10 @@ spec:
labels:
app: mealie
spec:
priorityClassName: critical
containers:
- name: frontend
image: ghcr.io/mealie-recipes/mealie:v2.7.1
image: ghcr.io/mealie-recipes/mealie:v3.3.2
imagePullPolicy: Always
envFrom:
- secretRef:
@@ -41,7 +42,7 @@ spec:
- name: PGID
value: "1000"
- name: TOKEN_TIME
value: "168"
value: "720"
- name: DB_ENGINE
value: postgres
- name: POSTGRES_DB
@@ -68,12 +69,18 @@ spec:
volumeMounts:
- mountPath: /app/data
name: data
resources:
requests:
cpu: 200m
memory: 550M
limits:
cpu: 1000m
memory: 550M
volumes:
- name: data
persistentVolumeClaim:
claimName: mealie
---
apiVersion: v1
@@ -91,7 +98,6 @@ spec:
app: mealie
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:

View File

@@ -1,255 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-state-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: kube-state-metrics
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
name: kube-state-metrics
rules:
- apiGroups: ["certificates.k8s.io"]
resources:
- certificatesigningrequests
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- configmaps
verbs: ["list", "watch"]
- apiGroups: ["batch"]
resources:
- cronjobs
verbs: ["list", "watch"]
- apiGroups: ["extensions", "apps"]
resources:
- daemonsets
verbs: ["list", "watch"]
- apiGroups: ["extensions", "apps"]
resources:
- deployments
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- endpoints
verbs: ["list", "watch"]
- apiGroups: ["autoscaling"]
resources:
- horizontalpodautoscalers
verbs: ["list", "watch"]
- apiGroups: ["extensions", "networking.k8s.io"]
resources:
- ingresses
verbs: ["list", "watch"]
- apiGroups: ["batch"]
resources:
- jobs
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- limitranges
verbs: ["list", "watch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources:
- mutatingwebhookconfigurations
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- namespaces
verbs: ["list", "watch"]
- apiGroups: ["networking.k8s.io"]
resources:
- networkpolicies
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- nodes
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- persistentvolumeclaims
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- persistentvolumes
verbs: ["list", "watch"]
- apiGroups: ["policy"]
resources:
- poddisruptionbudgets
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- pods
verbs: ["list", "watch"]
- apiGroups: ["extensions", "apps"]
resources:
- replicasets
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- replicationcontrollers
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- resourcequotas
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- secrets
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- services
verbs: ["list", "watch"]
- apiGroups: ["apps"]
resources:
- statefulsets
verbs: ["list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources:
- storageclasses
verbs: ["list", "watch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources:
- validatingwebhookconfigurations
verbs: ["list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources:
- volumeattachments
verbs: ["list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
name: kube-state-metrics
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kube-state-metrics
subjects:
- kind: ServiceAccount
name: kube-state-metrics
namespace: monitoring
---
apiVersion: v1
kind: Service
metadata:
name: kube-state-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: kube-state-metrics
annotations:
prometheus.io/scrape: 'true'
spec:
type: "ClusterIP"
ports:
- name: "http"
protocol: TCP
port: 8080
targetPort: 8080
selector:
app.kubernetes.io/name: kube-state-metrics
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kube-state-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: kube-state-metrics
spec:
selector:
matchLabels:
app.kubernetes.io/name: kube-state-metrics
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
spec:
serviceAccountName: kube-state-metrics
securityContext:
fsGroup: 65534
runAsGroup: 65534
runAsUser: 65534
containers:
- name: kube-state-metrics
args:
#- --resources=certificatesigningrequests
- --resources=configmaps
- --resources=cronjobs
- --resources=daemonsets
- --resources=deployments
#- --resources=endpoints
#- --resources=horizontalpodautoscalers
- --resources=ingresses
- --resources=jobs
#- --resources=limitranges
- --resources=mutatingwebhookconfigurations
- --resources=namespaces
#- --resources=networkpolicies
- --resources=nodes
- --resources=persistentvolumeclaims
- --resources=persistentvolumes
- --resources=poddisruptionbudgets
- --resources=pods
- --resources=replicasets
#- --resources=replicationcontrollers
#- --resources=resourcequotas
- --resources=secrets
- --resources=services
- --resources=statefulsets
- --resources=storageclasses
- --resources=validatingwebhookconfigurations
#- --resources=volumeattachments
imagePullPolicy: IfNotPresent
image: "registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0"
ports:
- containerPort: 8080
livenessProbe:
httpGet:
path: /healthz
port: 8080
initialDelaySeconds: 5
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /
port: 8080
initialDelaySeconds: 5
timeoutSeconds: 5
---

View File

@@ -1,64 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: prometheus-server
namespace: monitoring
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
name: prometheus-server
rules:
- apiGroups:
- ""
resources:
- nodes
- nodes/proxy
- nodes/metrics
- services
- endpoints
- pods
- ingresses
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses/status
- ingresses
verbs:
- get
- list
- watch
- nonResourceURLs:
- "/metrics"
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
name: prometheus-server
subjects:
- kind: ServiceAccount
name: prometheus-server
namespace: monitoring
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus-server
---

View File

@@ -1,292 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: promtail
namespace: monitoring
labels:
app.kubernetes.io/name: promtail
---
apiVersion: v1
kind: ConfigMap
metadata:
name: promtail
namespace: monitoring
labels:
app.kubernetes.io/name: promtail
data:
promtail.yaml: |
client:
backoff_config:
max_period: 5m
max_retries: 10
min_period: 500ms
batchsize: 1048576
batchwait: 1s
external_labels: {}
timeout: 10s
positions:
filename: /run/promtail/positions.yaml
server:
http_listen_port: 3101
clients:
- url: http://loki-distributed.proxy-civo.svc:80/loki/api/v1/push
external_labels:
kubernetes_cluster: civo
target_config:
sync_period: 10s
scrape_configs:
- job_name: kubernetes-pods
pipeline_stages:
- docker: {}
- cri: {}
- match:
selector: '{app="weave-net"}'
action: drop
- match:
selector: '{filename=~".*konnectivity.*"}'
action: drop
- match:
selector: '{name=~".*"} |~ ".*/healthz.*"'
action: drop
- match:
selector: '{name=~".*"} |~ ".*/api/health.*"'
action: drop
- match:
selector: '{name=~".*"} |~ ".*kube-probe/.*"'
action: drop
- match:
selector: '{app="internal-proxy"}'
action: drop
- match:
selector: '{app="non-auth-proxy"}'
action: drop
- match:
selector: '{app="vpa"}'
action: drop
- match:
selector: '{app="promtail"}'
action: drop
- match:
selector: '{app="csi-node"}'
action: drop
- match:
selector: '{app="victoria-metrics"}'
action: drop
- match:
selector: '{app="git-sync"}'
action: drop
- match:
selector: '{app="ingress-nginx"}'
stages:
- json:
expressions:
request_host: host
request_path: path
request_method: method
response_status: status
- drop:
source: "request_path"
value: "/healthz"
- drop:
source: "request_path"
value: "/health"
- labels:
request_host:
request_method:
response_status:
- match:
selector: '{app="traefik"}'
stages:
- json:
expressions:
request_host: RequestHost
request_path: RequestPath
request_method: RequestMethod
response_status: OriginStatus
- drop:
source: "request_path"
value: "/healthz"
- drop:
source: "request_path"
value: "/health"
- drop:
source: "request_path"
value: "/ping"
- labels:
request_host:
request_method:
response_status:
kubernetes_sd_configs:
- role: pod
relabel_configs:
- source_labels:
- __meta_kubernetes_pod_controller_name
regex: ([0-9a-z-.]+?)(-[0-9a-f]{8,10})?
action: replace
target_label: __tmp_controller_name
- source_labels:
- __meta_kubernetes_pod_label_app_kubernetes_io_name
- __meta_kubernetes_pod_label_app
- __tmp_controller_name
- __meta_kubernetes_pod_name
regex: ^;*([^;]+)(;.*)?$
action: replace
target_label: app
- source_labels:
- __meta_kubernetes_pod_label_app_kubernetes_io_component
- __meta_kubernetes_pod_label_component
regex: ^;*([^;]+)(;.*)?$
action: replace
target_label: component
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: node_name
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: namespace
- action: replace
replacement: $1
separator: /
source_labels:
- namespace
- app
target_label: job
- action: replace
source_labels:
- __meta_kubernetes_pod_name
target_label: pod
- action: replace
source_labels:
- __meta_kubernetes_pod_container_name
target_label: container
- action: replace
replacement: /var/log/pods/*$1/*.log
separator: /
source_labels:
- __meta_kubernetes_pod_uid
- __meta_kubernetes_pod_container_name
target_label: __path__
- action: replace
replacement: /var/log/pods/*$1/*.log
regex: true/(.*)
separator: /
source_labels:
- __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash
- __meta_kubernetes_pod_annotation_kubernetes_io_config_hash
- __meta_kubernetes_pod_container_name
target_label: __path__
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: promtail-clusterrole
labels:
app.kubernetes.io/name: promtail
rules:
- apiGroups: [""] # "" indicates the core API group
resources:
- nodes
- nodes/proxy
- services
- endpoints
- pods
verbs: ["get", "watch", "list"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: promtail-clusterrolebinding
labels:
app.kubernetes.io/name: promtail
subjects:
- kind: ServiceAccount
name: promtail
namespace: monitoring
roleRef:
kind: ClusterRole
name: promtail-clusterrole
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: promtail
namespace: monitoring
labels:
app.kubernetes.io/name: promtail
annotations:
configmap.reloader.stakater.com/reload: "promtail"
spec:
selector:
matchLabels:
app.kubernetes.io/name: promtail
template:
metadata:
labels:
app.kubernetes.io/name: promtail
annotations:
prometheus.io/port: http-metrics
prometheus.io/scrape: "true"
spec:
serviceAccountName: promtail
containers:
- name: promtail
image: "grafana/promtail:2.9.12"
imagePullPolicy: IfNotPresent
args:
- "-config.file=/etc/promtail/promtail.yaml"
volumeMounts:
- name: config
mountPath: /etc/promtail
- name: run
mountPath: /run/promtail
- mountPath: /var/lib/docker/containers
name: docker
readOnly: true
- mountPath: /var/log/pods
name: pods
readOnly: true
env:
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
ports:
- containerPort: 3101
name: http-metrics
securityContext:
readOnlyRootFilesystem: true
runAsGroup: 0
runAsUser: 0
readinessProbe:
failureThreshold: 5
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
volumes:
- name: config
configMap:
name: promtail
- name: run
hostPath:
path: /run/promtail
- hostPath:
path: /var/lib/docker/containers
name: docker
- hostPath:
path: /var/log/pods
name: pods
---

View File

@@ -1,163 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: vmagent
namespace: monitoring
labels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
data:
prometheus.yml: |
global:
scrape_interval: 1m
external_labels:
source: civo
agent: vmagent
scrape_configs:
- job_name: 'vmagent'
static_configs:
- targets: ['localhost:8429']
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
job_name: kubernetes-nodes
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- replacement: kubernetes.default.svc:443
target_label: __address__
- regex: (.+)
replacement: /api/v1/nodes/$1/proxy/metrics
source_labels:
- __meta_kubernetes_node_name
target_label: __metrics_path__
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
- job_name: kubernetes-service-endpoints
kubernetes_sd_configs:
- role: endpoints
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scrape
- action: replace
regex: (https?)
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scheme
target_label: __scheme__
- action: replace
regex: (.+)
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_path
target_label: __metrics_path__
- action: replace
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
source_labels:
- __address__
- __meta_kubernetes_service_annotation_prometheus_io_port
target_label: __address__
- action: labelmap
regex: __meta_kubernetes_service_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: kubernetes_namespace
- action: replace
source_labels:
- __meta_kubernetes_service_name
target_label: kubernetes_name
- action: replace
source_labels:
- __meta_kubernetes_endpoint_port_name
target_label: kubernetes_endpoint_port_name
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: kubernetes_node
- job_name: kubernetes-pods
kubernetes_sd_configs:
- role: pod
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_scrape
- action: replace
regex: (.+)
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_path
target_label: __metrics_path__
- action: replace
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
source_labels:
- __address__
- __meta_kubernetes_pod_annotation_prometheus_io_port
target_label: __address__
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: kubernetes_namespace
- action: replace
source_labels:
- __meta_kubernetes_pod_name
target_label: kubernetes_pod_name
- action: replace
source_labels:
- __meta_kubernetes_pod_container_port_name
target_label: kubernetes_port_name
- action: drop
regex: Pending|Succeeded|Failed
source_labels:
- __meta_kubernetes_pod_phase
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: vmagent
namespace: monitoring
labels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
annotations:
configmap.reloader.stakater.com/reload: "vmagent"
spec:
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
spec:
serviceAccountName: prometheus-server
containers:
- name: vmagent
image: "victoriametrics/vmagent:v1.113.0"
imagePullPolicy: "IfNotPresent"
args:
- -remoteWrite.url=http://vmcluster.proxy-civo.svc/insert/0/prometheus/
- -remoteWrite.showURL
- -promscrape.config=/config/prometheus.yml
volumeMounts:
- name: config-volume
mountPath: /config
volumes:
- name: config-volume
configMap:
name: vmagent
---

View File

@@ -0,0 +1,87 @@
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
namespace: monitoring
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
annotations:
seccomp.security.alpha.kubernetes.io/pod: docker/default
labels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
namespace: monitoring
spec:
selector:
matchLabels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
template:
metadata:
labels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
priorityClassName: system-node-critical
tolerations:
- key: "CriticalAddonsOnly"
operator: "Exists"
automountServiceAccountToken: false
containers:
- image: ghcr.io/google/cadvisor:v0.53.0
name: cadvisor
ports:
- containerPort: 8080
name: http
protocol: TCP
resources:
limits:
cpu: 800m
memory: 2000Mi
requests:
cpu: 400m
memory: 400Mi
volumeMounts:
- mountPath: /rootfs
name: rootfs
readOnly: true
- mountPath: /var/run
name: var-run
readOnly: true
- mountPath: /sys
name: sys
readOnly: true
- mountPath: /var/lib/docker
name: docker
readOnly: true
- mountPath: /dev/disk
name: disk
readOnly: true
serviceAccountName: cadvisor
terminationGracePeriodSeconds: 30
volumes:
- hostPath:
path: /
name: rootfs
- hostPath:
path: /var/run
name: var-run
- hostPath:
path: /sys
name: sys
- hostPath:
path: /var/lib/docker
name: docker
- hostPath:
path: /dev/disk
name: disk

View File

@@ -0,0 +1,142 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
name: k8s-ephemeral-storage-metrics
namespace: monitoring
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: k8s-ephemeral-storage-metrics
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
rules:
- apiGroups: [""]
resources: ["nodes","nodes/proxy", "nodes/stats", "pods"]
verbs: ["get","list", "watch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: k8s-ephemeral-storage-metrics
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
subjects:
- kind: ServiceAccount
name: k8s-ephemeral-storage-metrics
namespace: monitoring
roleRef:
kind: ClusterRole
name: k8s-ephemeral-storage-metrics
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Service
metadata:
name: k8s-ephemeral-storage-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9100"
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
ports:
- name: metrics
port: 9100
protocol: TCP
targetPort: metrics
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: k8s-ephemeral-storage-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
spec:
replicas: 1
revisionHistoryLimit: 3
selector:
matchLabels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
template:
metadata:
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
spec:
serviceAccountName: k8s-ephemeral-storage-metrics
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
containers:
- name: metrics
image: ghcr.io/jmcgrath207/k8s-ephemeral-storage-metrics:1.18.2
imagePullPolicy: IfNotPresent
ports:
- name: metrics
containerPort: 9100
protocol: TCP
livenessProbe:
failureThreshold: 10
httpGet:
path: /metrics
port: 9100
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 30
readinessProbe:
failureThreshold: 10
httpGet:
path: /metrics
port: 9100
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: false
runAsNonRoot: true
env:
- name: DEPLOY_TYPE
value: "Deployment"
- name: SCRAPE_INTERVAL
value: "15"
- name: MAX_NODE_CONCURRENCY
value: "10"
- name: CLIENT_GO_QPS
value: "5"
- name: CLIENT_GO_BURST
value: "10"
- name: LOG_LEVEL
value: "info"
- name: EPHEMERAL_STORAGE_POD_USAGE
value: "true"
- name: EPHEMERAL_STORAGE_NODE_AVAILABLE
value: "true"
- name: EPHEMERAL_STORAGE_NODE_CAPACITY
value: "true"
- name: EPHEMERAL_STORAGE_NODE_PERCENTAGE
value: "true"
- name: EPHEMERAL_STORAGE_CONTAINER_LIMIT_PERCENTAGE
value: "true"
- name: EPHEMERAL_STORAGE_CONTAINER_VOLUME_USAGE
value: "true"
- name: EPHEMERAL_STORAGE_CONTAINER_VOLUME_LIMITS_PERCENTAGE
value: "true"
- name: EPHEMERAL_STORAGE_INODES
value: "true"

View File

@@ -201,6 +201,7 @@ spec:
labels:
app.kubernetes.io/name: kube-state-metrics
spec:
priorityClassName: system-cluster-critical
serviceAccountName: kube-state-metrics
securityContext:
fsGroup: 65534
@@ -237,7 +238,7 @@ spec:
- --resources=validatingwebhookconfigurations
#- --resources=volumeattachments
imagePullPolicy: IfNotPresent
image: "registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0"
image: "registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.17.0"
ports:
- containerPort: 8080
livenessProbe:

View File

@@ -51,10 +51,11 @@ spec:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: node-exporter
spec:
priorityClassName: system-node-critical
serviceAccountName: prometheus-node-exporter
containers:
- name: prometheus-node-exporter
image: "prom/node-exporter:v1.9.0"
image: "prom/node-exporter:v1.9.1"
imagePullPolicy: "IfNotPresent"
args:
- --path.procfs=/host/proc

View File

@@ -212,10 +212,11 @@ spec:
prometheus.io/port: http-metrics
prometheus.io/scrape: "true"
spec:
priorityClassName: system-node-critical
serviceAccountName: promtail
containers:
- name: promtail
image: "grafana/promtail:2.9.12"
image: "grafana/promtail:2.9.15"
imagePullPolicy: IfNotPresent
args:
- "-config.file=/etc/promtail/promtail.yaml"

View File

@@ -17,6 +17,11 @@ data:
- job_name: 'vmagent'
static_configs:
- targets: ['localhost:8429']
relabel_configs:
- action: drop
source_labels: [__name__]
regex: "flag"
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
job_name: kubernetes-nodes
kubernetes_sd_configs:
@@ -36,6 +41,38 @@ data:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
- job_name: cadvisor
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- replacement: kubernetes.default.svc:443
target_label: __address__
- source_labels: [__meta_kubernetes_node_name]
regex: (.+)
target_label: __metrics_path__
replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor
# Drop high cardinality labels
- action: labeldrop
regex: id
# Drop unneeded labels
- action: labeldrop
regex: beta_kubernetes_io_os
- action: labeldrop
regex: beta_kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_os
- action: labeldrop
regex: topology_jiva_openebs_io_nodeName
- job_name: kubernetes-service-endpoints
kubernetes_sd_configs:
- role: endpoints
@@ -78,6 +115,21 @@ data:
source_labels:
- __meta_kubernetes_pod_node_name
target_label: kubernetes_node
# We don't care about the flag metrics from VM
- action: drop
source_labels: [__name__]
regex: "flag"
# Drop unneeded labels
- action: labeldrop
regex: beta_kubernetes_io_os
- action: labeldrop
regex: beta_kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_os
- action: labeldrop
regex: topology_jiva_openebs_io_nodeName
- job_name: kubernetes-pods
kubernetes_sd_configs:
@@ -116,6 +168,17 @@ data:
regex: Pending|Succeeded|Failed
source_labels:
- __meta_kubernetes_pod_phase
# Drop unneeded labels
- action: labeldrop
regex: beta_kubernetes_io_os
- action: labeldrop
regex: beta_kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_os
- action: labeldrop
regex: topology_jiva_openebs_io_nodeName
- job_name: 'node-exporter'
kubernetes_sd_configs:
@@ -150,10 +213,11 @@ spec:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
spec:
priorityClassName: system-cluster-critical
serviceAccountName: prometheus-server
containers:
- name: vmagent
image: "victoriametrics/vmagent:v1.113.0"
image: "victoriametrics/vmagent:v1.128.0"
imagePullPolicy: "IfNotPresent"
args:
- -remoteWrite.url=http://vmcluster.auth-proxy.svc/insert/0/prometheus/

View File

@@ -201,9 +201,10 @@ spec:
app.kubernetes.io/component: app
nextcloud-nextcloud-redis-client: "true"
spec:
priorityClassName: critical
containers:
- name: nextcloud
image: "nextcloud:31.0.0-apache"
image: "nextcloud:32.0.0-apache"
imagePullPolicy: IfNotPresent
env:
- name: SQLITE_DATABASE
@@ -282,7 +283,11 @@ spec:
periodSeconds: 10
resources:
requests:
memory: 450Mi
cpu: 1038m
memory: 765M
limits:
cpu: 1200m
memory: 765M
volumeMounts:
- name: nextcloud-data
mountPath: /var/www/
@@ -374,7 +379,7 @@ spec:
restartPolicy: Never
containers:
- name: nextcloud
image: "nextcloud:31.0.0-apache"
image: "nextcloud:32.0.0-apache"
imagePullPolicy: IfNotPresent
command: [ "curl" ]
args:

View File

@@ -15,7 +15,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx
namespace: ingress-nginx
---
@@ -27,7 +26,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx-admission
namespace: ingress-nginx
---
@@ -39,7 +37,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx
namespace: ingress-nginx
rules:
@@ -144,7 +141,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx-admission
namespace: ingress-nginx
rules:
@@ -163,7 +159,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx
rules:
- apiGroups:
@@ -245,7 +240,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx-admission
rules:
- apiGroups:
@@ -264,7 +258,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx
namespace: ingress-nginx
roleRef:
@@ -284,7 +277,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx-admission
namespace: ingress-nginx
roleRef:
@@ -303,7 +295,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -322,7 +313,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx-admission
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -335,6 +325,7 @@ subjects:
---
apiVersion: v1
data:
annotations-risk-level: Critical
allow-snippet-annotations: "true"
use-proxy-protocol: "true"
log-format-upstream: '{"time": "$time_iso8601", "request_id": "$req_id", "remote_user": "$remote_user", "remote_addr_masked": "$remote_addr_masked", "bytes_sent": $bytes_sent, "request_time": $request_time, "status": $status, "host": "$host", "request_proto": "$server_protocol", "path": "$uri", "request_query": "$args", "request_length": $request_length, "duration": $request_time,"method": "$request_method", "http_referrer": "$http_referer", "http_user_agent": "$http_user_agent", "redirect_location": "$redirect_location" }'
@@ -369,7 +360,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx-controller
namespace: ingress-nginx
---
@@ -405,7 +395,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx-controller
namespace: ingress-nginx
spec:
@@ -438,7 +427,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx-controller-admission
namespace: ingress-nginx
spec:
@@ -461,7 +449,6 @@ metadata:
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.5.1
name: ingress-nginx-controller
namespace: ingress-nginx
spec:
@@ -505,7 +492,7 @@ spec:
fieldPath: metadata.namespace
- name: LD_PRELOAD
value: /usr/local/lib/libmimalloc.so
image: registry.k8s.io/ingress-nginx/controller:v1.12.0@sha256:e6b8de175acda6ca913891f0f727bca4527e797d52688cbe9fec9040d6f6b6fa
image: registry.k8s.io/ingress-nginx/controller:v1.13.3@sha256:1b044f6dcac3afbb59e05d98463f1dec6f3d3fb99940bc12ca5d80270358e3bd
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
@@ -546,7 +533,7 @@ spec:
resources:
requests:
cpu: 100m
memory: 90Mi
memory: 150Mi
securityContext:
allowPrivilegeEscalation: true
capabilities:
@@ -715,3 +702,20 @@ webhooks:
resources:
- ingresses
sideEffects: None
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
name: ingress-nginx
spec:
selector:
matchLabels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
minAvailable: 1

View File

@@ -57,7 +57,7 @@ spec:
- name: data
mountPath: /data
- name: update-native-modules
image: nodered/node-red:4.0.9-18
image: nodered/node-red:4.1.1-18
imagePullPolicy: IfNotPresent
command:
- bash
@@ -73,11 +73,16 @@ spec:
mountPath: /data
containers:
- name: web
image: nodered/node-red:4.0.9-18
image: nodered/node-red:4.1.1-18
imagePullPolicy: Always
ports:
- containerPort: 1880
name: web
resources:
requests:
memory: 200M
limits:
memory: 200M
volumeMounts:
- name: data
mountPath: /data

View File

@@ -47,11 +47,10 @@ metadata:
namespace: opengraph
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- opengraph.cluster.fun

View File

@@ -43,9 +43,10 @@ spec:
labels:
app.kubernetes.io/name: outline
spec:
priorityClassName: critical
containers:
- name: outline
image: outlinewiki/outline:0.82.0
image: outlinewiki/outline:0.87.4
imagePullPolicy: IfNotPresent
env:
- name: ALLOWED_DOMAINS
@@ -72,7 +73,9 @@ spec:
resources:
requests:
cpu: 8m
memory: 800Mi
memory: 1389M
limits:
memory: 1489M
volumeMounts:
- mountPath: /opt/outline/.env
subPath: .env

View File

@@ -0,0 +1,7 @@
apiVersion: scheduling.k8s.io/v1
kind: PriorityClass
metadata:
name: critical
value: 1000
globalDefault: false
preemptionPolicy: PreemptLowerPriority

View File

@@ -0,0 +1,7 @@
apiVersion: scheduling.k8s.io/v1
kind: PriorityClass
metadata:
name: low
value: 10
globalDefault: false
preemptionPolicy: Never

View File

@@ -0,0 +1,7 @@
apiVersion: scheduling.k8s.io/v1
kind: PriorityClass
metadata:
name: normal
value: 100
globalDefault: true
preemptionPolicy: PreemptLowerPriority

View File

@@ -1,149 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: tailscale-auth
namespace: proxy-civo
annotations:
kube-1password: 2cqycmsgv5r7vcyvjpblcl2l4y
kube-1password/vault: Kubernetes
type: Opaque
---
apiVersion: v1
kind: ConfigMap
metadata:
name: host-mappings
namespace: proxy-civo
labels:
app: proxy
data:
mapping.json: |
{
"vmcluster.proxy-civo.svc": "vmcluster.cluster.local",
"loki.proxy-civo.svc": "loki-write.cluster.local",
"loki.proxy-civo.svc:80": "loki-write.cluster.local",
"loki-distributed.proxy-civo.svc": "loki-loki.cluster.local",
"loki-distributed.proxy-civo.svc:80": "loki-loki.cluster.local"
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: internal-proxy
namespace: proxy-civo
labels:
app: internal-proxy
annotations:
configmap.reloader.stakater.com/reload: "host-mappings"
secret.reloader.stakater.com/reload: "tailscale-auth"
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: internal-proxy
template:
metadata:
labels:
app: internal-proxy
spec:
serviceAccountName: default
dnsPolicy: ClusterFirst
dnsConfig:
nameservers:
- 100.100.100.100
containers:
- name: proxy
image: rg.fr-par.scw.cloud/averagemarcus/proxy:latest
imagePullPolicy: Always
env:
- name: PROXY_DESTINATION
value: talos.tail4dfb.ts.net
- name: PORT
value: "8080"
- name: TS_AUTH_KEY
valueFrom:
secretKeyRef:
name: tailscale-auth
key: password
- name: TS_HOSTNAME
value: proxy-civo-internal-proxy
ports:
- containerPort: 8080
protocol: TCP
volumeMounts:
- name: host-mappings
mountPath: /config/
volumes:
- name: host-mappings
configMap:
name: host-mappings
---
apiVersion: v1
kind: Service
metadata:
name: loki
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
name: loki-distributed
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
name: prometheus
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
name: vmcluster
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---

View File

@@ -47,11 +47,10 @@ metadata:
namespace: qr
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- qr.cluster.fun

View File

@@ -327,9 +327,10 @@ spec:
weight: 1
nodeAffinity:
terminationGracePeriodSeconds: 30
priorityClassName: critical
containers:
- name: redis
image: docker.io/bitnami/redis:7.2.4-debian-11-r11
image: docker.io/bitnamilegacy/redis:7.2.4-debian-11-r11
imagePullPolicy: "IfNotPresent"
securityContext:
runAsUser: 1001
@@ -471,7 +472,7 @@ spec:
terminationGracePeriodSeconds: 30
containers:
- name: redis
image: docker.io/bitnami/redis:7.2.4-debian-11-r11
image: docker.io/bitnamilegacy/redis:7.2.4-debian-11-r11
imagePullPolicy: "IfNotPresent"
securityContext:
runAsUser: 1001

View File

@@ -25,6 +25,8 @@ data:
POLLING_FREQUENCY: "15"
BASE_URL: "https://miniflux.cluster.fun/"
METRICS_COLLECTOR: "1"
CLEANUP_ARCHIVE_READ_DAYS: "365"
CLEANUP_ARCHIVE_UNREAD_DAYS: "365"
---
apiVersion: v1
kind: Service
@@ -66,7 +68,7 @@ spec:
spec:
containers:
- name: web
image: ghcr.io/miniflux/miniflux:2.2.6
image: ghcr.io/miniflux/miniflux:2.2.13
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:

View File

@@ -2,7 +2,7 @@ apiVersion: v1
kind: Secret
metadata:
name: docker-config
namespace: social-to-grist
namespace: social-to-rolodex
annotations:
kube-1password: i6ngbk5zf4k52xgwdwnfup5bby
kube-1password/vault: Kubernetes
@@ -14,8 +14,8 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: social-to-grist-auth
namespace: social-to-grist
name: social-to-rolodex-auth
namespace: social-to-rolodex
annotations:
kube-1password: mr6spkkx7n3memkbute6ojaarm
kube-1password/vault: Kubernetes
@@ -24,8 +24,8 @@ type: Opaque
apiVersion: v1
kind: Secret
metadata:
name: social-to-grist
namespace: social-to-grist
name: social-to-rolodex
namespace: social-to-rolodex
annotations:
kube-1password: oa3ycnui3ji4lc665bifaao63q
kube-1password/vault: Kubernetes
@@ -35,8 +35,8 @@ type: Opaque
apiVersion: v1
kind: Service
metadata:
name: social-to-grist
namespace: social-to-grist
name: social-to-rolodex
namespace: social-to-rolodex
spec:
type: ClusterIP
ports:
@@ -44,22 +44,22 @@ spec:
targetPort: auth
name: web
selector:
app: social-to-grist
app: social-to-rolodex
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: social-to-grist
namespace: social-to-grist
name: social-to-rolodex
namespace: social-to-rolodex
spec:
replicas: 1
selector:
matchLabels:
app: social-to-grist
app: social-to-rolodex
template:
metadata:
labels:
app: social-to-grist
app: social-to-rolodex
spec:
imagePullSecrets:
- name: docker-config
@@ -70,7 +70,7 @@ spec:
- --provider-display-name=Auth0
- --upstream=http://localhost:8080
- --http-address=$(HOST_IP):8000
- --redirect-url=https://social-to-grist.cluster.fun/oauth2/callback
- --redirect-url=https://social-to-rolodex.cluster.fun/oauth2/callback
- --email-domain=marcusnoble.co.uk
- --pass-basic-auth=false
- --pass-access-token=false
@@ -86,13 +86,13 @@ spec:
valueFrom:
secretKeyRef:
key: username
name: social-to-grist-auth
name: social-to-rolodex-auth
- name: OAUTH2_PROXY_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: password
name: social-to-grist-auth
image: quay.io/oauth2-proxy/oauth2-proxy:v7.8.1
name: social-to-rolodex-auth
image: quay.io/oauth2-proxy/oauth2-proxy:v7.12.0
name: oauth-proxy
ports:
- containerPort: 8000
@@ -104,14 +104,14 @@ spec:
requests:
memory: 50Mi
- name: web
image: rg.fr-par.scw.cloud/averagemarcus-private/social-to-grist:latest
image: rg.fr-par.scw.cloud/averagemarcus-private/social-to-rolodex:latest
imagePullPolicy: Always
env:
- name: PORT
value: "8080"
envFrom:
- secretRef:
name: "social-to-grist"
name: "social-to-rolodex"
ports:
- containerPort: 8080
name: web
@@ -125,27 +125,26 @@ spec:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: social-to-grist
namespace: social-to-grist
name: social-to-rolodex
namespace: social-to-rolodex
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- social-to-grist.cluster.fun
secretName: social-to-grist-ingress
- social-to-rolodex.cluster.fun
secretName: social-to-rolodex-ingress
rules:
- host: social-to-grist.cluster.fun
- host: social-to-rolodex.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: social-to-grist
name: social-to-rolodex
port:
number: 80

View File

@@ -1,106 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: docker-config
namespace: starling
annotations:
kube-1password: i6ngbk5zf4k52xgwdwnfup5bby
kube-1password/vault: Kubernetes
kube-1password/secret-text-key: .dockerconfigjson
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: e30=
---
apiVersion: v1
kind: Secret
metadata:
name: starling
namespace: starling
annotations:
kube-1password: ufxpki65ffgprn2upksirweeie
kube-1password/vault: Kubernetes
kube-1password/secret-text-parse: "true"
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
name: starling
namespace: starling
spec:
type: ClusterIP
ports:
- port: 80
targetPort: web
name: web
selector:
app: starling
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: starling
namespace: starling
spec:
replicas: 1
selector:
matchLabels:
app: starling
template:
metadata:
labels:
app: starling
spec:
imagePullSecrets:
- name: docker-config
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus-private/starling:latest
imagePullPolicy: Always
env:
- name: PORT
value: "3000"
- name: SHARED_SECRET
valueFrom:
secretKeyRef:
name: starling
key: SHARED_SECRET
- name: ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: starling
key: ACCESS_TOKEN
ports:
- containerPort: 3000
name: web
resources:
limits:
memory: 50Mi
requests:
memory: 50Mi
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: starling
namespace: starling
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- starling.marcusnoble.co.uk
secretName: starling-ingress
rules:
- host: starling.marcusnoble.co.uk
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: starling
port:
number: 80

View File

@@ -27,6 +27,7 @@ spec:
labels:
app: svg-to-dxf
spec:
priorityClassName: low
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/svg-to-dxf:latest
@@ -45,14 +46,11 @@ metadata:
namespace: svg-to-dxf
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/buffering: |
maxrequestbodybytes: 31457280
memrequestbodybytes: 62914560
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
spec:
ingressClassName: nginx
tls:
- hosts:
- svg-to-dxf.cluster.fun

View File

@@ -1,45 +1,3 @@
apiVersion: v1
kind: Service
metadata:
name: talks
namespace: talks
spec:
type: ClusterIP
ports:
- port: 80
targetPort: web
name: web
selector:
app: talks
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: talks
namespace: talks
spec:
replicas: 1
selector:
matchLabels:
app: talks
template:
metadata:
labels:
app: talks
spec:
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/talks:latest
imagePullPolicy: Always
ports:
- containerPort: 80
name: web
resources:
limits:
memory: 20Mi
requests:
memory: 20Mi
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
@@ -47,24 +5,13 @@ metadata:
namespace: talks
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/permanent-redirect: https://speaking.marcusnoble.co.uk
spec:
ingressClassName: nginx
tls:
- hosts:
- talks.marcusnoble.co.uk
secretName: talks-ingress
rules:
- host: talks.marcusnoble.co.uk
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: talks
port:
number: 80

View File

@@ -1,57 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: tank
namespace: tank
annotations:
kube-1password: g6xle67quzowvvekf6zukjbbm4
kube-1password/vault: Kubernetes
kube-1password/secret-text-parse: "true"
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
name: tank
namespace: tank
spec:
type: ClusterIP
ports:
- port: 80
targetPort: web
selector:
app: tank
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: tank
namespace: tank
labels:
app: tank
spec:
replicas: 1
selector:
matchLabels:
app: tank
template:
metadata:
labels:
app: tank
spec:
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/tank:latest
imagePullPolicy: Always
envFrom:
- secretRef:
name: tank
ports:
- containerPort: 3000
name: web
resources:
limits:
memory: 10Mi
requests:
memory: 10Mi

View File

@@ -27,6 +27,7 @@ spec:
labels:
app: text-to-dxf
spec:
priorityClassName: low
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/text-to-dxf:latest
@@ -45,11 +46,10 @@ metadata:
namespace: text-to-dxf
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- text-to-dxf.cluster.fun

View File

@@ -1,45 +1,3 @@
apiVersion: v1
kind: Service
metadata:
name: til
namespace: til
spec:
type: ClusterIP
ports:
- port: 80
targetPort: web
name: web
selector:
app: til
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: til
namespace: til
spec:
replicas: 1
selector:
matchLabels:
app: til
template:
metadata:
labels:
app: til
spec:
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/til:latest
imagePullPolicy: Always
ports:
- containerPort: 80
name: web
resources:
limits:
memory: 20Mi
requests:
memory: 20Mi
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
@@ -47,24 +5,25 @@ metadata:
namespace: til
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
nginx.ingress.kubernetes.io/server-snippet: |
rewrite ^/dont-reuse-keys/?$ https://marcusnoble.co.uk/2020-10-03-t-i-l-don-t-reuse-api-keys/ permanent;
rewrite ^/favicons/?$ https://marcusnoble.co.uk/2020-11-10-t-i-l-how-to-get-the-favicon-of-any-site/ permanent;
rewrite ^/getopts/?$ https://marcusnoble.co.uk/2021-08-04-t-i-l-cli-flag-handling-in-bash-using-getopts/ permanent;
rewrite ^/go-named-return-values/?$ https://marcusnoble.co.uk/2020-10-05-t-i-l-named-returns-in-go-functions/ permanent;
rewrite ^/golang-append/?$ https://marcusnoble.co.uk/2020-10-30-t-i-l-golang-s-append-mutates-the-provided-array/ permanent;
rewrite ^/golang-split-by-space/?$ https://marcusnoble.co.uk/2020-09-18-t-i-l-split-on-spaces-in-go/ permanent;
rewrite ^/kubectl-replace/?$ https://marcusnoble.co.uk/2020-09-25-t-i-l-kubectl-replace/ permanent;
rewrite ^/kubernetes-label-length/?$ https://marcusnoble.co.uk/2021-04-20-t-i-l-kubernetes-label-length/ permanent;
rewrite ^/tekton-multi-arch-builds/?$ https://marcusnoble.co.uk/2020-09-13-t-i-l-tekton-multi-arch-image-builds/ permanent;
rewrite ^/yaml-key-spaces/?$ https://marcusnoble.co.uk/2021-05-11-t-i-l-yaml-keys-allow-for-spaces-in-them/ permanent;
rewrite ^/yaml-multiline/?$ https://marcusnoble.co.uk/2020-09-17-t-i-l-yaml-multiline-values/ permanent;
rewrite ^/?$ https://marcusnoble.co.uk/ permanent;
spec:
ingressClassName: nginx
tls:
- hosts:
- til.marcusnoble.co.uk
secretName: til-ingress
rules:
- host: til.marcusnoble.co.uk
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: til
port:
number: 80

View File

@@ -45,7 +45,7 @@ spec:
- --entrypoints.websecure.http.tls=true
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
image: rancher/mirrored-library-traefik:2.11.20
image: rancher/mirrored-library-traefik:2.11.29
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3

View File

@@ -1,92 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: tweetsvg
namespace: tweetsvg
annotations:
kube-1password: dmjtjxrcpqtmeddq5x7zikj37i
kube-1password/vault: Kubernetes
kube-1password/secret-text-key: .env
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
name: tweetsvg
namespace: tweetsvg
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 8080
name: web
selector:
app: tweetsvg
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: tweetsvg
namespace: tweetsvg
spec:
replicas: 2
selector:
matchLabels:
app: tweetsvg
template:
metadata:
labels:
app: tweetsvg
spec:
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/tweetsvg:latest
imagePullPolicy: Always
# env:
# - name: DOTENV_DIR
# value: /config/
ports:
- containerPort: 8080
name: web
resources:
limits:
memory: 100Mi
requests:
memory: 100Mi
volumeMounts:
- name: dotenv
mountPath: /app/.env
subPath: .env
volumes:
- name: dotenv
secret:
secretName: tweetsvg
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: tweetsvg
namespace: tweetsvg
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.tls: "true"
ingress.kubernetes.io/ssl-redirect: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
spec:
tls:
- hosts:
- tweet.cluster.fun
secretName: tweetsvg-ingress
rules:
- host: tweet.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: tweetsvg
port:
number: 80

View File

@@ -1,86 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: twitter-profile-pic
namespace: twitter-profile-pic
annotations:
kube-1password: d2rt56v47q2wij47qgj27umrky
kube-1password/vault: Kubernetes
kube-1password/secret-text-key: .env
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
name: twitter-profile-pic
namespace: twitter-profile-pic
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 9090
name: web
selector:
app: twitter-profile-pic
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: twitter-profile-pic
namespace: twitter-profile-pic
spec:
replicas: 1
selector:
matchLabels:
app: twitter-profile-pic
template:
metadata:
labels:
app: twitter-profile-pic
spec:
containers:
- name: web
image: rg.fr-par.scw.cloud/averagemarcus/twitter-profile-pic:latest
imagePullPolicy: Always
ports:
- containerPort: 9090
name: web
resources:
limits:
memory: 100Mi
requests:
memory: 100Mi
volumeMounts:
- name: dotenv
mountPath: /app/.env
subPath: .env
volumes:
- name: dotenv
secret:
secretName: twitter-profile-pic
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: twitter-profile-pic-cluster-fun
namespace: twitter-profile-pic
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- twitter-profile-pic.cluster.fun
secretName: twitter-profile-pic-cluster-fun-ingress
rules:
- host: twitter-profile-pic.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: twitter-profile-pic
port:
number: 80

View File

@@ -1,204 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: wallabag
namespace: wallabag
annotations:
kube-1password: 4yogl6yx6t4trrkq7o35tiyj6i
kube-1password/vault: Kubernetes
kube-1password/secret-text-parse: "true"
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
name: wallabag
namespace: wallabag
labels:
app.kubernetes.io/name: wallabag
annotations:
spec:
type: ClusterIP
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: wallabag
---
apiVersion: batch/v1
kind: Job
metadata:
name: wallabag
namespace: wallabag
labels:
app.kubernetes.io/name: wallabag-init
spec:
suspend: true
template:
metadata:
labels:
app.kubernetes.io/name: wallabag-init
spec:
restartPolicy: OnFailure
containers:
- name: db-init
image: "wallabag/wallabag:latest"
imagePullPolicy: IfNotPresent
envFrom:
- secretRef:
name: wallabag
env:
- name: "SYMFONY__ENV__DATABASE_CHARSET"
value: "utf8"
- name: "SYMFONY__ENV__DATABASE_DRIVER"
value: "pdo_pgsql"
- name: "SYMFONY__ENV__DATABASE_NAME"
value: "wallabag"
- name: "SYMFONY__ENV__DATABASE_TABLE_PREFIX"
value: "wallabag_"
- name: "SYMFONY__ENV__DOMAIN_NAME"
value: "https://wallabag.cluster.fun"
- name: "SYMFONY__ENV__FOSUSER_REGISTRATION"
value: "false"
- name: "SYMFONY__ENV__LOCALE"
value: "en"
- name: "TZ"
value: "UTC"
command:
- /var/www/wallabag/bin/console
- wallabag:install
- --env=prod
- --no-interaction
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: wallabag
namespace: wallabag
labels:
app.kubernetes.io/name: wallabag
spec:
revisionHistoryLimit: 3
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: wallabag
template:
metadata:
labels:
app.kubernetes.io/name: wallabag
spec:
initContainers:
- name: db-migrate
image: "wallabag/wallabag:2.6.10"
imagePullPolicy: IfNotPresent
command:
- /var/www/wallabag/bin/console
- doctrine:migrations:migrate
- --env=prod
- --no-interaction
envFrom:
- secretRef:
name: wallabag
env:
- name: "SYMFONY__ENV__DATABASE_CHARSET"
value: "utf8"
- name: "SYMFONY__ENV__DATABASE_DRIVER"
value: "pdo_pgsql"
- name: "SYMFONY__ENV__DATABASE_NAME"
value: "wallabag"
- name: "SYMFONY__ENV__DATABASE_TABLE_PREFIX"
value: "wallabag_"
- name: "SYMFONY__ENV__DOMAIN_NAME"
value: "https://wallabag.cluster.fun"
- name: "SYMFONY__ENV__FOSUSER_REGISTRATION"
value: "false"
- name: "SYMFONY__ENV__LOCALE"
value: "en"
- name: "TZ"
value: "UTC"
- name: "POPULATE_DATABASE"
value: "false"
containers:
- name: wallabag
image: "wallabag/wallabag:2.6.10"
imagePullPolicy: IfNotPresent
envFrom:
- secretRef:
name: wallabag
env:
- name: "SYMFONY__ENV__DATABASE_CHARSET"
value: "utf8"
- name: "SYMFONY__ENV__DATABASE_DRIVER"
value: "pdo_pgsql"
- name: "SYMFONY__ENV__DATABASE_NAME"
value: "wallabag"
- name: "SYMFONY__ENV__DATABASE_TABLE_PREFIX"
value: "wallabag_"
- name: "SYMFONY__ENV__DOMAIN_NAME"
value: "https://wallabag.cluster.fun"
- name: "SYMFONY__ENV__FOSUSER_REGISTRATION"
value: "false"
- name: "SYMFONY__ENV__LOCALE"
value: "en"
- name: "TZ"
value: "UTC"
- name: "POPULATE_DATABASE"
value: "false"
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 0
failureThreshold: 3
timeoutSeconds: 1
periodSeconds: 10
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 0
failureThreshold: 3
timeoutSeconds: 1
periodSeconds: 10
startupProbe:
tcpSocket:
port: 80
initialDelaySeconds: 0
failureThreshold: 30
timeoutSeconds: 1
periodSeconds: 5
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: wallabag
namespace: wallabag
labels:
app.kubernetes.io/name: wallabag
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
tls:
- hosts:
- "wallabag.cluster.fun"
secretName: "wallabag-ingress"
rules:
- host: "wallabag.cluster.fun"
http:
paths:
- path: "/"
pathType: ImplementationSpecific
backend:
service:
name: wallabag
port:
number: 80

View File

@@ -0,0 +1,95 @@
apiVersion: v1
kind: Secret
metadata:
name: yay-or-nay
namespace: yay-or-nay
annotations:
kube-1password: vtnx2swze7r6qepxnlepufvcbi
kube-1password/vault: Kubernetes
kube-1password/secret-text-parse: "true"
type: Opaque
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: yay-or-nay
labels:
app: yay-or-nay
app.kubernetes.io/name: yay-or-nay
annotations:
reloader.stakater.com/search: "true"
spec:
replicas: 1
selector:
matchLabels:
app: yay-or-nay
template:
metadata:
labels:
app: yay-or-nay
app.kubernetes.io/name: yay-or-nay
spec:
containers:
- name: yay-or-nay
image: ghcr.io/mocdaniel/yay-or-nay:1.1.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3000
name: web
envFrom:
- secretRef:
name: yay-or-nay
livenessProbe:
httpGet:
path: /
port: web
initialDelaySeconds: 10
readinessProbe:
httpGet:
path: /
port: web
initialDelaySeconds: 10
---
apiVersion: v1
kind: Service
metadata:
name: yay-or-nay
labels:
app.kubernetes.io/name: yay-or-nay
spec:
type: ClusterIP
ports:
- port: 80
targetPort: web
name: web
selector:
app: yay-or-nay
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: yay-or-nay
namespace: yay-or-nay
labels:
app.kubernetes.io/name: yay-or-nay
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- "yay-or-nay.cluster.fun"
secretName: "yay-or-nay-ingress"
rules:
- host: "yay-or-nay.cluster.fun"
http:
paths:
- path: "/"
pathType: ImplementationSpecific
backend:
service:
name: yay-or-nay
port:
name: web