Compare commits
1085 Commits
increase_c
...
master
Author | SHA1 | Date |
---|---|---|
Marcus Noble | a5d862a67c | |
Renovate Bot | 7125cedbac | |
Marcus Noble | 9ae73720b4 | |
Marcus Noble | 4d482009a8 | |
Marcus Noble | 4809c00fb5 | |
Renovate Bot | c8855e232c | |
Renovate Bot | 30c02e9c47 | |
Marcus Noble | 949a0fb175 | |
Marcus Noble | c8fd002523 | |
Renovate Bot | cd7b186298 | |
Renovate Bot | ab4ae40f60 | |
Marcus Noble | 8338ac2ef7 | |
Renovate Bot | eeead87bca | |
Marcus Noble | 1d1cc49559 | |
Renovate Bot | f3e8b2c403 | |
Marcus Noble | 3d008944b0 | |
Renovate Bot | f23965bf6f | |
Marcus Noble | 926324cb79 | |
Marcus Noble | 6e9af80341 | |
Marcus Noble | 3701bd3b7a | |
Renovate Bot | b32cc2fef3 | |
Renovate Bot | 755459c8fe | |
Renovate Bot | b81ac4b2e8 | |
Marcus Noble | d11941b348 | |
Marcus Noble | 026a567827 | |
Renovate Bot | e34cda994e | |
Renovate Bot | c09309313a | |
Marcus Noble | 732d08036b | |
Marcus Noble | 8225d1f585 | |
Marcus Noble | b85b0133a4 | |
Marcus Noble | f901aa2757 | |
Marcus Noble | f16a9222bf | |
Marcus Noble | b992f1e5cd | |
Marcus Noble | 2c030d052c | |
Marcus Noble | 507ba97dd3 | |
Marcus Noble | d58ff64e0d | |
Marcus Noble | f379e384b5 | |
Renovate Bot | 69360cd777 | |
Renovate Bot | 2ae0931453 | |
Renovate Bot | 54d873e8df | |
Renovate Bot | 65ea3b37bd | |
Renovate Bot | 6f9bd6056c | |
Renovate Bot | 21f400d517 | |
Renovate Bot | dbdf8473ce | |
Renovate Bot | 65786e3f04 | |
Renovate Bot | 86b78861aa | |
Renovate Bot | 31b827b422 | |
Marcus Noble | 3fd2eb137c | |
Marcus Noble | e59cb4aea8 | |
Marcus Noble | ebfc61d889 | |
Marcus Noble | 19fa16f426 | |
Marcus Noble | ba38793deb | |
Marcus Noble | c2ad0c89fc | |
Marcus Noble | f86b626f25 | |
Marcus Noble | 0c646191f6 | |
Marcus Noble | 05dffbd825 | |
Marcus Noble | 6fb995919e | |
Marcus Noble | d7e7b2d5d0 | |
Marcus Noble | b5d6d801fb | |
Marcus Noble | d1bb4aba68 | |
Marcus Noble | 3dc3a78a1e | |
Marcus Noble | 954c7e22d7 | |
Marcus Noble | 14221c8d08 | |
Marcus Noble | 807054af80 | |
Marcus Noble | ed2b205151 | |
Marcus Noble | 54a40d7a8f | |
Marcus Noble | c21b70cb91 | |
Marcus Noble | ab0e152c4c | |
Marcus Noble | 782128860a | |
Marcus Noble | 850005f41c | |
Marcus Noble | 01a3259bb0 | |
Marcus Noble | 7d8953861d | |
Marcus Noble | 965089aa3c | |
Marcus Noble | e71050714b | |
Marcus Noble | 936943c24a | |
Marcus Noble | 66734265eb | |
Marcus Noble | 61e3be939e | |
Marcus Noble | e65858bcd4 | |
Marcus Noble | 2addee0322 | |
Marcus Noble | bdf95f0bf5 | |
Marcus Noble | 27a86fd831 | |
Marcus Noble | 7acfcd52ce | |
Marcus Noble | a1d692786a | |
Marcus Noble | a1cde6e991 | |
Marcus Noble | ed725001a1 | |
Marcus Noble | 250f36f34c | |
Marcus Noble | 7fc9e3bd46 | |
Marcus Noble | 5fcc85e764 | |
Marcus Noble | 6c8fce49f3 | |
Marcus Noble | 797525f108 | |
Marcus Noble | 49b76f20b0 | |
Marcus Noble | f378cb63c0 | |
Marcus Noble | c9a772af43 | |
Renovate Bot | 7797cac68e | |
Renovate Bot | b224a7bf6e | |
Renovate Bot | ae1e7f99ab | |
Renovate Bot | ca00356f3e | |
Marcus Noble | f8ede83f25 | |
Renovate Bot | 3c8378c27c | |
Marcus Noble | e753d51af3 | |
Renovate Bot | 7665d9df58 | |
Marcus Noble | 0349d2d303 | |
Marcus Noble | 629cb72a88 | |
Marcus Noble | 0e692eaf30 | |
Marcus Noble | 6b9e8d42b7 | |
Marcus Noble | b06982957a | |
Marcus Noble | 8b887f3f86 | |
Marcus Noble | f7405c92a9 | |
Marcus Noble | 866886975b | |
Marcus Noble | 07fa76c9b0 | |
Marcus Noble | ca6d26ae7d | |
Marcus Noble | c9a032c6ec | |
Marcus Noble | e825fe3283 | |
Marcus Noble | c6ffad092b | |
Marcus Noble | 11973aa7ed | |
Renovate Bot | 9cb0cb44b2 | |
Marcus Noble | ab75dbe6d1 | |
Marcus Noble | 3bc89b9671 | |
Renovate Bot | cf1968db69 | |
Marcus Noble | c96e8d5fdb | |
Marcus Noble | fd12332971 | |
Renovate Bot | 10c02f4091 | |
Renovate Bot | 2e076a4a6c | |
Marcus Noble | 93a712cb3d | |
Renovate Bot | 2cb4f99ea0 | |
Marcus Noble | e2ab609918 | |
Marcus Noble | 017e7cbe39 | |
Renovate Bot | cc3722f757 | |
Marcus Noble | 5e03e9c171 | |
Marcus Noble | e89cfb5423 | |
Marcus Noble | 69ebd54e92 | |
Marcus Noble | c5abec2a3f | |
Renovate Bot | fd11f04a1e | |
Renovate Bot | 3a64a3da4d | |
Renovate Bot | 9a3e3a6d54 | |
Renovate Bot | 6f3f18c78b | |
Marcus Noble | ca9a2801db | |
Renovate Bot | d32af71cd4 | |
Marcus Noble | a0c0d77614 | |
Renovate Bot | 2458c2e2eb | |
Marcus Noble | b659a624b7 | |
Renovate Bot | 14002a1f4e | |
Marcus Noble | 5779121e54 | |
Marcus Noble | 8aa63aa094 | |
Marcus Noble | 146ee4011f | |
Renovate Bot | 42c88127d3 | |
Renovate Bot | 05b1b45f00 | |
Renovate Bot | ff63612f5e | |
Marcus Noble | 5eb3bf3284 | |
Marcus Noble | 0480399671 | |
Renovate Bot | ee31dc1f3d | |
Renovate Bot | b3af4279c5 | |
Marcus Noble | 4b4a517871 | |
Renovate Bot | d6e3524eff | |
Marcus Noble | 354c5f74a0 | |
Marcus Noble | 74321a8507 | |
Renovate Bot | 0c7af2f339 | |
Renovate Bot | 29498edbd8 | |
Marcus Noble | 9dbae083e9 | |
Renovate Bot | 45607188c9 | |
Marcus Noble | 9f4319d5c4 | |
Marcus Noble | 5a3880d9eb | |
Marcus Noble | 000bfcc5f3 | |
Marcus Noble | 2076410442 | |
Renovate Bot | babea1d5db | |
Marcus Noble | f371943047 | |
Renovate Bot | 40a0267b0d | |
Marcus Noble | 51e539beda | |
Marcus Noble | 69e7b9778a | |
Renovate Bot | 854d36b8ba | |
Renovate Bot | 1348c006a2 | |
Marcus Noble | 4ade56fd21 | |
Renovate Bot | 6521c924d7 | |
Marcus Noble | f52f5ad0f2 | |
Renovate Bot | 41810d824d | |
Marcus Noble | c33672dfcc | |
Marcus Noble | 68d41e2bd3 | |
Marcus Noble | 259dfb10b7 | |
Renovate Bot | 2040f4da14 | |
Marcus Noble | f562c0e3b9 | |
Renovate Bot | 107135c39c | |
Marcus Noble | 66859a9ec9 | |
Renovate Bot | 0db769dab1 | |
Marcus Noble | 65d8ade8bc | |
Renovate Bot | 7434f6a47d | |
Marcus Noble | 9d59c7f8f5 | |
Renovate Bot | 4457b1963c | |
Marcus Noble | 471a5f8eb7 | |
Renovate Bot | a7648d5474 | |
Marcus Noble | e1a8c5a19a | |
Marcus Noble | c897678826 | |
Renovate Bot | 76c9b91de7 | |
Marcus Noble | 3706172447 | |
Marcus Noble | 38a060d48f | |
Renovate Bot | bb8e740408 | |
Renovate Bot | ee8556594d | |
Marcus Noble | 58526df9aa | |
Renovate Bot | da58f452dc | |
Marcus Noble | d775ec2ad9 | |
Marcus Noble | 356ec53f21 | |
Renovate Bot | 7ff426bead | |
Renovate Bot | 5d0ee92149 | |
Marcus Noble | bdeeba249b | |
Marcus Noble | 8e24fc7631 | |
Renovate Bot | 3041ef4e14 | |
Marcus Noble | 3adb2d4fe0 | |
Renovate Bot | 4df2f5f67d | |
Marcus Noble | a1a99ca7be | |
Renovate Bot | 82bdf1889c | |
Marcus Noble | f96c280679 | |
Renovate Bot | 3171059c82 | |
Marcus Noble | bbd7152f81 | |
Marcus Noble | a9406155a9 | |
Renovate Bot | eb582398cd | |
Renovate Bot | 4add915432 | |
Marcus Noble | 711cf72ba3 | |
Renovate Bot | 7db52ff40e | |
Marcus Noble | 93fdb2fb59 | |
Renovate Bot | 6c545f3add | |
Marcus Noble | b5be26cafb | |
Marcus Noble | 4380a517f0 | |
Marcus Noble | fe3b58432f | |
Marcus Noble | e7a207cf65 | |
Renovate Bot | 65bffc17d2 | |
Marcus Noble | 5d31f867d2 | |
Marcus Noble | 9cd6c92728 | |
Marcus Noble | 5a91aa8bfb | |
Marcus Noble | b00ff7fb8a | |
Renovate Bot | 3413ea6d72 | |
Marcus Noble | 790e45c752 | |
Renovate Bot | dccbff710e | |
Marcus Noble | fbe19b2c7b | |
Renovate Bot | d5f4453859 | |
Marcus Noble | 8295c79897 | |
Marcus Noble | d6bf0075f1 | |
Marcus Noble | dab444bb4e | |
Renovate Bot | b123ba197f | |
Renovate Bot | 216f78d4ae | |
Renovate Bot | 6a96162982 | |
Marcus Noble | 0edc643254 | |
Renovate Bot | e353989764 | |
Marcus Noble | 2cc19c9fb0 | |
Renovate Bot | 7736927d0b | |
Marcus Noble | c31e965aa4 | |
Renovate Bot | f488b44ed6 | |
Marcus Noble | da74962f7f | |
Renovate Bot | 325b6c1475 | |
Marcus Noble | 3cd37f747e | |
Marcus Noble | 5c5ae1d13c | |
Marcus Noble | f3e21d0edb | |
Renovate Bot | e24ce989a5 | |
Renovate Bot | dcd1ea905a | |
Renovate Bot | b774e2d661 | |
Marcus Noble | ee8cb57126 | |
Renovate Bot | e3dd9542df | |
Marcus Noble | df43cdcdf7 | |
Renovate Bot | 026565dcf5 | |
Marcus Noble | 524377b0ee | |
Marcus Noble | a109a3dbb0 | |
Marcus Noble | d60b4722be | |
Renovate Bot | 4516184e57 | |
Marcus Noble | ec48552dd1 | |
Marcus Noble | 31efb5d8e0 | |
Marcus Noble | d248e5f28e | |
Marcus Noble | b0c4beb211 | |
Marcus Noble | 494bd6d91f | |
Marcus Noble | 2648b65df1 | |
Marcus Noble | 8578342aaa | |
Marcus Noble | e5be0e4f4b | |
Marcus Noble | a3b2defb4c | |
Marcus Noble | 9057958444 | |
Marcus Noble | deb829c832 | |
Marcus Noble | 144f5f14d1 | |
Marcus Noble | c9968b3ac7 | |
Marcus Noble | 671e60fb18 | |
Marcus Noble | 34862e4250 | |
Marcus Noble | 50977c6d7f | |
Marcus Noble | 376a11ec2f | |
Marcus Noble | ee0c2b2f53 | |
Marcus Noble | c63c49e5de | |
Marcus Noble | cd8ac71d51 | |
Marcus Noble | 6ed901bf94 | |
Marcus Noble | 2cb765d7e1 | |
Marcus Noble | d35203de49 | |
Marcus Noble | 2735a8a2b1 | |
Marcus Noble | a738134135 | |
Marcus Noble | 55dd830848 | |
Marcus Noble | 2edea7c99f | |
Marcus Noble | 7c46b77d2f | |
Marcus Noble | 3fea0685cb | |
Marcus Noble | 0dfac7ad6f | |
Marcus Noble | a2dbaaa5d0 | |
Renovate Bot | 0809d35c87 | |
Renovate Bot | b9a981b9f1 | |
Renovate Bot | 60e20a3033 | |
Marcus Noble | 4bfe5f6e7c | |
Renovate Bot | 31f4627157 | |
Marcus Noble | 1fbbf253a3 | |
Marcus Noble | e6b1e197b9 | |
Renovate Bot | d1d38e29e6 | |
Renovate Bot | a9410bb024 | |
Marcus Noble | affd78061e | |
Renovate Bot | d44ecda0eb | |
Marcus Noble | af5ece0d51 | |
Renovate Bot | 3319f832e2 | |
Marcus Noble | d53985abb2 | |
Renovate Bot | 40fc4df5a9 | |
Marcus Noble | f84944cbc3 | |
Renovate Bot | 99d87bcab2 | |
Marcus Noble | 139318754c | |
Renovate Bot | fee0773df2 | |
Marcus Noble | 41f2bbc20d | |
Renovate Bot | e98e29cf61 | |
Marcus Noble | 8177432345 | |
Renovate Bot | 152af1446e | |
Marcus Noble | 6f7a91388a | |
Renovate Bot | 8b26ba278e | |
Marcus Noble | aea1284f06 | |
Renovate Bot | a0fa1f9188 | |
Marcus Noble | 9e63b2baa8 | |
Renovate Bot | e09dde470a | |
Marcus Noble | 61196429e5 | |
Marcus Noble | f7e2b540f6 | |
Marcus Noble | a075d33e6e | |
Marcus Noble | de2284eea2 | |
Renovate Bot | 501922b752 | |
Marcus Noble | 4da53c1b3b | |
Marcus Noble | bb52be5104 | |
Marcus Noble | b6241cf063 | |
Renovate Bot | 8a054ae72d | |
Renovate Bot | d59c520f08 | |
Renovate Bot | 285fa8acf1 | |
Marcus Noble | 43364bcccd | |
Renovate Bot | a65aa4ecb8 | |
Marcus Noble | d28fc952ad | |
Renovate Bot | 969e93b84a | |
Marcus Noble | a36ca06efc | |
Marcus Noble | cc7de595d6 | |
Renovate Bot | 2bd795b7ab | |
Renovate Bot | ed62566286 | |
Marcus Noble | cdb91bd2c8 | |
Renovate Bot | d1dfd448dc | |
Marcus Noble | 1e4443228e | |
Marcus Noble | 0833bfd6c2 | |
Renovate Bot | f6e21b3384 | |
Renovate Bot | 8e6d7fb872 | |
Marcus Noble | 757a345305 | |
Renovate Bot | 9cd9af4843 | |
Marcus Noble | e8e49270fd | |
Renovate Bot | f23080fcea | |
Marcus Noble | 09c73669f0 | |
Marcus Noble | beea77e10f | |
Renovate Bot | eb49f8a8e7 | |
Renovate Bot | 3063272114 | |
Marcus Noble | 8e1ccd5226 | |
Marcus Noble | 951c96e10f | |
Renovate Bot | a42f6166a8 | |
Marcus Noble | ea88d428ce | |
Marcus Noble | 047e364896 | |
Renovate Bot | b17ff81e93 | |
Renovate Bot | 8650881d00 | |
Marcus Noble | 6718572645 | |
Marcus Noble | bc933c872f | |
Renovate Bot | 88c85e932e | |
Marcus Noble | 35b0c8dc83 | |
Marcus Noble | 2ed47e80bb | |
Marcus Noble | cfeb0d539a | |
Marcus Noble | 72c157a3c2 | |
Marcus Noble | 3e8eef8bd5 | |
Marcus Noble | b3adebc811 | |
Renovate Bot | 897f5c0134 | |
Marcus Noble | e844020f6d | |
Renovate Bot | 122a1e931e | |
Marcus Noble | 1051422be0 | |
Renovate Bot | 1e4a219e1d | |
Marcus Noble | 472f01eafc | |
Renovate Bot | 356f894e1e | |
Marcus Noble | d584862b48 | |
Marcus Noble | 92e86564d8 | |
Marcus Noble | 82c73f7edf | |
Renovate Bot | 2e0afddacd | |
Renovate Bot | adb78f4c05 | |
Renovate Bot | 134ca701a5 | |
Marcus Noble | 03037cf138 | |
Renovate Bot | 9901c79b19 | |
Marcus Noble | e85c3f7bf8 | |
Renovate Bot | 25d88aba96 | |
Marcus Noble | 6b208d8f37 | |
Renovate Bot | 1378786505 | |
Marcus Noble | 358b1a84f8 | |
Renovate Bot | 5cf2ff7b9c | |
Marcus Noble | 53557db2c7 | |
Marcus Noble | 0ec5e3c03d | |
Marcus Noble | 590bd5d189 | |
Marcus Noble | c15a94a0e5 | |
Renovate Bot | b3696b83e4 | |
Renovate Bot | 73dd4ce53b | |
Marcus Noble | d2a66f01ae | |
Renovate Bot | f7904919b0 | |
Marcus Noble | 84fef23369 | |
Renovate Bot | 8816a16a05 | |
Marcus Noble | 61af5722b9 | |
Renovate Bot | 66525755e1 | |
Marcus Noble | 2f95f861e5 | |
Marcus Noble | 529fa227de | |
Renovate Bot | 1f23859360 | |
Renovate Bot | c75e192acc | |
Marcus Noble | 60699bab2f | |
Renovate Bot | 9825855748 | |
Marcus Noble | 3340682eb6 | |
Renovate Bot | 0f3af49dc7 | |
Marcus Noble | 8d42388c42 | |
Renovate Bot | 7aaaaa4fcc | |
Marcus Noble | 8be3441335 | |
Renovate Bot | a622263981 | |
Marcus Noble | beb3186f4e | |
Renovate Bot | 51bcecc11f | |
Marcus Noble | 2199561756 | |
Renovate Bot | 6394ea6425 | |
Marcus Noble | 0946eeca97 | |
Renovate Bot | d8b65d6922 | |
Marcus Noble | 5c4192a3e7 | |
Renovate Bot | ce1f3caac2 | |
Marcus Noble | 390b43c564 | |
Renovate Bot | 6362db7473 | |
Marcus Noble | 55ae6f1e65 | |
Renovate Bot | bbbfa63a26 | |
Marcus Noble | bca4033897 | |
Renovate Bot | 47920db489 | |
Marcus Noble | 488dd86a36 | |
Renovate Bot | 9607063beb | |
Marcus Noble | 2473ce268c | |
Renovate Bot | 97d9685630 | |
Marcus Noble | e2f06fc4bb | |
Renovate Bot | 9c3c990f68 | |
Marcus Noble | 93c2166c68 | |
Renovate Bot | 6c8d05e7af | |
Marcus Noble | 1ff864d4f2 | |
Renovate Bot | 841fa14c92 | |
Marcus Noble | 14495bae4f | |
Renovate Bot | 9188a96386 | |
Marcus Noble | 5405041ca1 | |
Marcus Noble | 5ac10ca34d | |
Renovate Bot | 9503a11289 | |
Renovate Bot | 98e04eeee4 | |
Marcus Noble | 16e2ca67a4 | |
Renovate Bot | db9d3e4dce | |
Marcus Noble | 7959b7cd8f | |
Renovate Bot | 992d0f4074 | |
Marcus Noble | d3456bf5f4 | |
Marcus Noble | 320bc5c580 | |
Marcus Noble | 42d3fbf52d | |
Renovate Bot | b228f836a0 | |
Renovate Bot | 6106d0153c | |
Renovate Bot | c70aefab29 | |
Marcus Noble | 93a103979b | |
Renovate Bot | 503ae3b474 | |
Marcus Noble | b25c90c33c | |
Marcus Noble | 0889690626 | |
Marcus Noble | 2d7a7bd07f | |
Marcus Noble | dd6a517bdb | |
Marcus Noble | 774880a236 | |
Marcus Noble | 7a4e0ed1fd | |
Marcus Noble | f1f12a80ef | |
Renovate Bot | ad6c462d77 | |
Marcus Noble | 55b1a5c616 | |
Renovate Bot | 4dd60012e9 | |
Marcus Noble | 5c7eb1f5cc | |
Renovate Bot | f4d454f8b3 | |
Marcus Noble | 417535a7c5 | |
Renovate Bot | ccc22df0e5 | |
Marcus Noble | 99ad2f2528 | |
Renovate Bot | 7374305710 | |
Marcus Noble | 9f85eee146 | |
Renovate Bot | 35b4298577 | |
Marcus Noble | 42193d9446 | |
Renovate Bot | d82fa05738 | |
Marcus Noble | 2b91f499bf | |
Renovate Bot | b5217b9014 | |
Marcus Noble | 9ee22ce4b6 | |
Renovate Bot | cdda12487f | |
Marcus Noble | 5a1704649f | |
Renovate Bot | 0c1661eda9 | |
Marcus Noble | b908ff296f | |
Renovate Bot | e5fe78a589 | |
Marcus Noble | 2dac47c855 | |
Renovate Bot | 563b18276e | |
Marcus Noble | 0895a985d4 | |
Marcus Noble | 37ed713705 | |
Renovate Bot | 7c635bed4c | |
Renovate Bot | 9f834fd04a | |
Marcus Noble | 3f045eed41 | |
Marcus Noble | ccb8bafaac | |
Renovate Bot | c02a2eeef9 | |
Marcus Noble | 842aada3b5 | |
Renovate Bot | d125c6883a | |
Marcus Noble | e1766fa88f | |
Renovate Bot | 75f3c49ed7 | |
Marcus Noble | b42e0a4ab8 | |
Marcus Noble | 836f39c4b6 | |
Marcus Noble | 0eb9fbc16c | |
Renovate Bot | a61ba2f590 | |
Renovate Bot | 962c823232 | |
Renovate Bot | 9059026abd | |
Marcus Noble | 7fb48aae74 | |
Renovate Bot | 3f3dfd78d1 | |
Marcus Noble | 1615f833df | |
Renovate Bot | ba01f241d8 | |
Marcus Noble | 66fe678272 | |
Marcus Noble | 25dabe7538 | |
Renovate Bot | c695862948 | |
Renovate Bot | 7b74d330fd | |
Marcus Noble | d9d6d0d268 | |
Marcus Noble | ca743e5705 | |
Renovate Bot | ae61af9749 | |
Marcus Noble | 0c20a69d80 | |
Renovate Bot | df7d27cd70 | |
Marcus Noble | dd76417ad0 | |
Renovate Bot | 083d14a848 | |
Marcus Noble | ab9ba48343 | |
Renovate Bot | 4f1e385019 | |
Marcus Noble | 488afca2c7 | |
Renovate Bot | b4cde10dc3 | |
Marcus Noble | 1a1a75dc3f | |
Renovate Bot | 1410143fcf | |
Marcus Noble | 6af531c830 | |
Marcus Noble | a7d8a87867 | |
Renovate Bot | 0da601a2ac | |
Renovate Bot | 3ca78eef81 | |
Marcus Noble | 359ccc38d5 | |
Renovate Bot | c1e0a62566 | |
Marcus Noble | 8e4c2b46f6 | |
Marcus Noble | b9a30103da | |
Renovate Bot | b974334672 | |
Renovate Bot | 71e50e33c0 | |
Marcus Noble | 4eb8db8e4e | |
Renovate Bot | e199dd8c1f | |
Marcus Noble | 55e244992a | |
Renovate Bot | 9cb3d076e3 | |
Marcus Noble | 596c9930c4 | |
Renovate Bot | 1e4645b038 | |
Marcus Noble | 33204a6811 | |
Renovate Bot | c54c63c542 | |
Marcus Noble | bf1f823493 | |
Renovate Bot | f75e626769 | |
Marcus Noble | 3145fe0349 | |
Renovate Bot | 3c3272a7cc | |
Marcus Noble | e9c79d4c34 | |
Renovate Bot | e91991cf8d | |
Marcus Noble | 441d736cad | |
Renovate Bot | 8b8c58db12 | |
Marcus Noble | c7724ab860 | |
Renovate Bot | a74b5bcb36 | |
Marcus Noble | 93332460c4 | |
Renovate Bot | 03d3a9c738 | |
Marcus Noble | 01b53c5c92 | |
Renovate Bot | 36db51cfee | |
Marcus Noble | 126ce23a6c | |
Marcus Noble | 629281f270 | |
Marcus Noble | 361801e89b | |
Renovate Bot | 2d3cda9ca2 | |
Marcus Noble | ca5c9d09de | |
Renovate Bot | 19d8aaf89c | |
Marcus Noble | ecd22c542b | |
Renovate Bot | f8084f52bc | |
Marcus Noble | 6f7fd5441a | |
Marcus Noble | f385261545 | |
Renovate Bot | a35a4a3fe3 | |
Marcus Noble | 2fb001a55e | |
Renovate Bot | ff7494f6dd | |
Marcus Noble | d4f9186b6c | |
Renovate Bot | 9224fb70d8 | |
Marcus Noble | 36b38058bb | |
Marcus Noble | e8d233f936 | |
Marcus Noble | cb80c9da41 | |
Renovate Bot | 55394810cc | |
Renovate Bot | 0e4d9fa6fc | |
Marcus Noble | 96ec882b39 | |
Renovate Bot | 673c27eed9 | |
Marcus Noble | f8fb4792df | |
Renovate Bot | 2d1b44bd0c | |
Marcus Noble | d2e59b2be1 | |
Marcus Noble | 953def22ac | |
Marcus Noble | 4c66c22ee8 | |
Marcus Noble | 45de30bf47 | |
Marcus Noble | 600ab21084 | |
Marcus Noble | 9e8e37a337 | |
Marcus Noble | add266c1df | |
Marcus Noble | 1fd915619b | |
Marcus Noble | 6c2eade54d | |
Marcus Noble | a7667604c7 | |
Marcus Noble | 88ca71479d | |
Marcus Noble | 9753ac1d2d | |
Marcus Noble | 0e3a5de0a0 | |
Marcus Noble | 9c4f7a0896 | |
Marcus Noble | aca6f0dac2 | |
Marcus Noble | 1f51fd337f | |
Marcus Noble | 68539cdce8 | |
Marcus Noble | de7730c37c | |
Renovate Bot | f15db99568 | |
Marcus Noble | b280134653 | |
Renovate Bot | 0605b4481a | |
Renovate Bot | 3e6124c69a | |
Marcus Noble | f22da7be93 | |
Renovate Bot | 56bf6055c1 | |
Renovate Bot | 50658e81e5 | |
Marcus Noble | 60815590d0 | |
Renovate Bot | e3f2920c1c | |
Renovate Bot | e191e83c86 | |
Marcus Noble | af48088841 | |
Renovate Bot | c9ef32db05 | |
Renovate Bot | 78e1152a8f | |
Renovate Bot | ca4d5ff0d5 | |
Renovate Bot | cf2fa93350 | |
Renovate Bot | c8a59e1052 | |
Renovate Bot | e99541aa53 | |
Renovate Bot | 32a472a7a6 | |
Renovate Bot | f6f106a064 | |
Marcus Noble | 8635996517 | |
Marcus Noble | a950778692 | |
Marcus Noble | d19bd05ec1 | |
Marcus Noble | 7ef157234f | |
Marcus Noble | 1a085ea083 | |
Marcus Noble | 9aaa3fbe1d | |
Marcus Noble | 964b1b9cfb | |
Marcus Noble | d8f0aedf50 | |
Marcus Noble | 46206ea637 | |
Marcus Noble | 4ab1267d95 | |
Marcus Noble | 5e234c8d32 | |
Marcus Noble | 2d5902ac7f | |
Marcus Noble | 2e13637388 | |
Marcus Noble | ccc49c6855 | |
Marcus Noble | b0ca3f980e | |
Marcus Noble | 7c43e6b7ce | |
Marcus Noble | faff262fe8 | |
Marcus Noble | 02a5c7a6bd | |
Marcus Noble | a3c5c64b04 | |
Marcus Noble | 7ec8b7ba70 | |
Marcus Noble | 9737323128 | |
Marcus Noble | aa3dec45d5 | |
Marcus Noble | a820162102 | |
Marcus Noble | 60f93063a5 | |
Marcus Noble | 0492bad785 | |
Marcus Noble | 2d7050d280 | |
Marcus Noble | ee484531d7 | |
Marcus Noble | 64802df507 | |
Marcus Noble | 127cecd562 | |
Marcus Noble | c7fb03ae4b | |
Marcus Noble | d520b683bb | |
Marcus Noble | dbf4b7ba09 | |
Marcus Noble | 68aaa12e5c | |
Marcus Noble | 337577f5a0 | |
Marcus Noble | 665836a4a3 | |
Marcus Noble | 089ec74af7 | |
Marcus Noble | 41125f8ebd | |
Marcus Noble | d9ace27ac8 | |
Marcus Noble | abd13adebb | |
Marcus Noble | e4027ec94f | |
Marcus Noble | 244dea83ec | |
Marcus Noble | 2e4bebc6a6 | |
Marcus Noble | f031b7b221 | |
Marcus Noble | 197a4d5480 | |
Marcus Noble | 2c9387421b | |
Marcus Noble | f020bef2ca | |
Marcus Noble | f9e7e7eaf8 | |
Marcus Noble | b51a92f72e | |
Marcus Noble | 73808d4039 | |
Marcus Noble | c005791531 | |
Marcus Noble | 408e642c75 | |
Marcus Noble | 80a269bf99 | |
Marcus Noble | c875b54549 | |
Marcus Noble | 798339009e | |
Marcus Noble | 035814c916 | |
Marcus Noble | d909109abd | |
Marcus Noble | 8cd0f96418 | |
Marcus Noble | c9715630aa | |
Marcus Noble | 0b548e271e | |
Marcus Noble | 8d276735ed | |
Marcus Noble | c236e72c30 | |
Marcus Noble | 1e67288540 | |
Marcus Noble | 4c145f47c3 | |
Marcus Noble | 15ad48ff3e | |
Marcus Noble | 41cef7eee0 | |
Marcus Noble | 33f722bd06 | |
Marcus Noble | d108f2b00c | |
Marcus Noble | c26ef37c0c | |
Marcus Noble | 72b11fb227 | |
Marcus Noble | 956b149c08 | |
Marcus Noble | c9ff27e9fe | |
Marcus Noble | c0cef495a0 | |
Marcus Noble | ddd157a125 | |
Marcus Noble | 14bc7d1cd7 | |
Marcus Noble | 05e64fda85 | |
Marcus Noble | 6d0483e47c | |
Marcus Noble | f809edbfbd | |
Marcus Noble | ebb3046443 | |
Marcus Noble | 398eea67ca | |
Marcus Noble | 456f4b1356 | |
Marcus Noble | 56d194f61f | |
Marcus Noble | d289898c02 | |
Marcus Noble | 7e9067f221 | |
Marcus Noble | 58daad489d | |
Marcus Noble | c93a73d2cb | |
Marcus Noble | 5df68dd190 | |
Marcus Noble | 52c88621d4 | |
Marcus Noble | 0dd5cb143f | |
Marcus Noble | f5e185a77e | |
Marcus Noble | 9086e69705 | |
Marcus Noble | c4bcef3cd4 | |
Marcus Noble | ca2ae20d17 | |
Marcus Noble | 2133bee35b | |
Marcus Noble | 575feb5841 | |
Marcus Noble | fa23a31d76 | |
Marcus Noble | 304857a4a3 | |
Marcus Noble | caca8733e2 | |
Marcus Noble | 13a05fe75f | |
Marcus Noble | 790c7304ab | |
Marcus Noble | a9c8e36931 | |
Marcus Noble | f942f9e358 | |
Marcus Noble | b1d821922f | |
Marcus Noble | 99d63230cd | |
Marcus Noble | d55b03a6bd | |
Marcus Noble | 3e54c17ad3 | |
Marcus Noble | 8a0952f514 | |
Marcus Noble | 57fedd0d85 | |
Marcus Noble | d2eaea5e1c | |
Marcus Noble | 99d57bda3f | |
Marcus Noble | 90c3faae54 | |
Marcus Noble | d8e2e4673f | |
Marcus Noble | b0a846fa94 | |
Marcus Noble | 5be3454e15 | |
Marcus Noble | 89e8a2768f | |
Marcus Noble | f3cb290d7b | |
Marcus Noble | 8635399bf9 | |
Marcus Noble | 60305ed6bb | |
Marcus Noble | f758757c42 | |
Marcus Noble | 546e1fe69f | |
Marcus Noble | 1e6cdf20ef | |
Marcus Noble | 1eaec16813 | |
Marcus Noble | 7931adc8ac | |
Marcus Noble | c306dbc01c | |
Marcus Noble | 1b60ac4ce9 | |
Marcus Noble | 536e5b4ba4 | |
Marcus Noble | c29aff6d4e | |
Marcus Noble | c288ee81a5 | |
Marcus Noble | c3a8ca03da | |
Marcus Noble | 471df787ca | |
Marcus Noble | df403ca8a6 | |
Marcus Noble | 5403e21421 | |
Marcus Noble | 63fd434a2d | |
Marcus Noble | 6b3db10837 | |
Marcus Noble | 5b9714dbfe | |
Marcus Noble | 0f6ea7c66d | |
Marcus Noble | 0a2ac14e71 | |
Marcus Noble | 1722256eba | |
Marcus Noble | 0d2d2b4a94 | |
Marcus Noble | 5ee727cd54 | |
Marcus Noble | 9692e3c73d | |
Marcus Noble | 0f802f29a0 | |
Marcus Noble | 70e1e2d959 | |
Marcus Noble | 6f74f95997 | |
Marcus Noble | 39542c7912 | |
Marcus Noble | 40f851e0b5 | |
Marcus Noble | 94e59d83e3 | |
Marcus Noble | b260e6a249 | |
Marcus Noble | 549a8cec6e | |
Marcus Noble | 0ddef03ab8 | |
Marcus Noble | 0f4502310e | |
Marcus Noble | 747debfbf7 | |
Marcus Noble | d86545f27e | |
Marcus Noble | e7080e876b | |
Marcus Noble | d772023986 | |
Marcus Noble | 7adc699d4b | |
Marcus Noble | 0e858ec1e0 | |
Marcus Noble | 22d07c1526 | |
Marcus Noble | 8501a7d13d | |
Marcus Noble | cd5895965b | |
Marcus Noble | 14e0c43d90 | |
Marcus Noble | 0616ed2438 | |
Marcus Noble | 95db5c0ab3 | |
Marcus Noble | c245c816c5 | |
Marcus Noble | e2b3d416eb | |
Marcus Noble | 31c6704d84 | |
Marcus Noble | cec2725dee | |
Marcus Noble | 605ee82c1c | |
Marcus Noble | 9f2b6b7493 | |
Marcus Noble | 79d8a831d8 | |
Marcus Noble | c3ae274afd | |
Marcus Noble | 8693c53147 | |
Marcus Noble | b465c1a16c | |
Marcus Noble | 6b5f44574e | |
Marcus Noble | 6af90f1825 | |
Marcus Noble | 92de303130 | |
Marcus Noble | 380713229c | |
Marcus Noble | 3dd4f018ea | |
Marcus Noble | 5c4dabf60f | |
Marcus Noble | f5d8c1f37a | |
Marcus Noble | 8c44e48f27 | |
Marcus Noble | 31d17a812b | |
Marcus Noble | 62c9d3cc22 | |
Marcus Noble | 52c95c516d | |
Marcus Noble | 32ffc7b933 | |
Marcus Noble | c6e4e436d7 | |
Marcus Noble | 977290f0c0 | |
Marcus Noble | 0b2a6579c0 | |
Marcus Noble | 082093319d | |
Marcus Noble | 630055af40 | |
Marcus Noble | cd38ae3b8f | |
Marcus Noble | 9d1b714e94 | |
Marcus Noble | a86dc5d7cd | |
Marcus Noble | 64cd24e0e5 | |
Marcus Noble | ce44688bcd | |
Marcus Noble | 4c552b288b | |
Marcus Noble | a9f9421924 | |
Marcus Noble | 79385ffdef | |
Marcus Noble | 88e347ec04 | |
Marcus Noble | 3f1b780e13 | |
Marcus Noble | d9be926e1c | |
Marcus Noble | 52896a6202 | |
Marcus Noble | 88cec0f08a | |
Marcus Noble | a722f25847 | |
Marcus Noble | 66c3fc0441 | |
Marcus Noble | 3a0ace71a6 | |
Marcus Noble | 2d6756aca9 | |
Marcus Noble | a69b0ab4b4 | |
Marcus Noble | c13a01d287 | |
Marcus Noble | 6d0c3b02af | |
Marcus Noble | b7ffb96beb | |
Marcus Noble | a34ae89b33 | |
Marcus Noble | 0bd512c11c | |
Marcus Noble | da29fe7929 | |
Marcus Noble | f2232d9105 | |
Marcus Noble | 2ab1892b6e | |
Marcus Noble | 593317fd13 | |
Marcus Noble | 4dfd89d78e | |
Marcus Noble | e92853b736 | |
Marcus Noble | 635246317f | |
Marcus Noble | 2ea466ed83 | |
Marcus Noble | 18f748f010 | |
Marcus Noble | 7379a43178 | |
Marcus Noble | 9d1f2528c5 | |
Marcus Noble | 3ae4e1142f | |
Marcus Noble | e18f77caaa | |
Marcus Noble | 5572056c9b | |
Marcus Noble | 987eb5096c | |
Marcus Noble | 211f7b7251 | |
Marcus Noble | 513625074a | |
Marcus Noble | 88f3132326 | |
Marcus Noble | 00b51cd6a8 | |
Marcus Noble | 786f724823 | |
Marcus Noble | 659771d4b9 | |
Marcus Noble | 3baa5597fa | |
Marcus Noble | 04af487324 | |
Marcus Noble | b9ed0a571e | |
Marcus Noble | 53f5a5c062 | |
Marcus Noble | 45d8fc0328 | |
Marcus Noble | 207376a89c | |
Marcus Noble | fd148bdd75 | |
Marcus Noble | c676fad20a | |
Marcus Noble | 769fdff851 | |
Marcus Noble | 8bfcfbe770 | |
Marcus Noble | a49bb8e58e | |
Marcus Noble | b489562c57 | |
Marcus Noble | 513af4f9c5 | |
Marcus Noble | 8ce2c08c34 | |
Marcus Noble | 796f891f17 | |
Marcus Noble | ad33387c26 | |
Marcus Noble | d6ad4bca2e | |
Marcus Noble | 2515940ee4 | |
Marcus Noble | 0dc864eb63 | |
Marcus Noble | f027c5075b | |
Marcus Noble | 089aef13d3 | |
Marcus Noble | c749096aa0 | |
Marcus Noble | fb542ff995 | |
Marcus Noble | a14d7bf5bf | |
Marcus Noble | 02ec582bd9 | |
Marcus Noble | 9277f202e9 | |
Marcus Noble | bdc418e0d8 | |
Marcus Noble | 10d80e3452 | |
Marcus Noble | fa07f27433 | |
Marcus Noble | 97c545d3e8 | |
Marcus Noble | e26dec2f7a | |
Marcus Noble | 22717250e5 | |
Marcus Noble | f4f6745c27 | |
Marcus Noble | f9caf0a0d1 | |
Marcus Noble | c5359f2adc | |
Marcus Noble | 6450a24334 | |
Marcus Noble | 1b8318df3e | |
Marcus Noble | 4a9589aaeb | |
Marcus Noble | f516ee38ae | |
Marcus Noble | 36d87d3c12 | |
Marcus Noble | 86b9327767 | |
Marcus Noble | 0accc05333 | |
Marcus Noble | c540580782 | |
Marcus Noble | 524cd8837b | |
Marcus Noble | 0b7b010a01 | |
Marcus Noble | 38ed896839 | |
Marcus Noble | c761d83549 | |
Marcus Noble | f6a1a5cb2a | |
Marcus Noble | 993e515eb2 | |
Marcus Noble | 0db4e321ea | |
Marcus Noble | 4bc3a9add5 | |
Marcus Noble | 912dac6479 | |
Marcus Noble | 3a946fabe1 | |
Marcus Noble | 444546095f | |
Marcus Noble | b80cde1825 | |
Marcus Noble | 87e9074a0b | |
Marcus Noble | 79fa75c080 | |
Marcus Noble | b2192bb6ce | |
Marcus Noble | f515ffd081 | |
Marcus Noble | e9a9250165 | |
Marcus Noble | 8cabb103f8 | |
Marcus Noble | 025e542a58 | |
Marcus Noble | 91c2018722 | |
Marcus Noble | ee2faf4401 | |
Marcus Noble | aa0d9786e2 | |
Marcus Noble | 722fd18e64 | |
Marcus Noble | 9d7f02dc0d | |
Marcus Noble | da01b67104 | |
Marcus Noble | 9cdc5f2450 | |
Marcus Noble | 2b5e2eeff0 | |
Marcus Noble | 7fa91de04f | |
Marcus Noble | fd5572cec8 | |
Marcus Noble | bfaa7c30e5 | |
Marcus Noble | 83781ae047 | |
Marcus Noble | c7be02c83d | |
Marcus Noble | 7a1df207a7 | |
Marcus Noble | ea53700e02 | |
Marcus Noble | 6ce1fa075a | |
Marcus Noble | 88f91e20b6 | |
Marcus Noble | 4623e16600 | |
Marcus Noble | b858dfcdfc | |
Marcus Noble | 9e7d07297b | |
Marcus Noble | cf8b042c98 | |
Marcus Noble | bc30ffa753 | |
Marcus Noble | 85569644f2 | |
Marcus Noble | d96095535e | |
Marcus Noble | a6823b4871 | |
Marcus Noble | ba4858e88e | |
Marcus Noble | 5df02c1f87 | |
Marcus Noble | 680d50120d | |
Marcus Noble | 8ba1bb72de | |
Marcus Noble | 6a2e61911d | |
Marcus Noble | 9baf2ead15 | |
Marcus Noble | 59477f604a | |
Marcus Noble | 1850295742 | |
Marcus Noble | 4e0680eb57 | |
Marcus Noble | 34fa21e5a9 | |
Marcus Noble | 5ad34267ae | |
Marcus Noble | 9a00be7aff | |
Marcus Noble | a5c92eacef | |
Marcus Noble | 015a0669be | |
Marcus Noble | 8aa2c7e83e | |
Marcus Noble | f6a6bfe2cf | |
Marcus Noble | 1323ff91e6 | |
Marcus Noble | b85da32ab5 | |
Marcus Noble | e95357bf42 | |
Marcus Noble | fc7d09a293 | |
Marcus Noble | f154b89b54 | |
Marcus Noble | 25fb87ef60 | |
Marcus Noble | 45cc1d73a7 | |
Marcus Noble | 8710723ce0 | |
Marcus Noble | d3ccc88c20 | |
Marcus Noble | 7d9b9c1b1f | |
Marcus Noble | 2427fe07ba | |
Marcus Noble | 1f044b5ae3 | |
Marcus Noble | 8b5982af70 | |
Marcus Noble | f389e0b715 | |
Marcus Noble | e8c380dd94 | |
Marcus Noble | 74b19f2746 | |
Marcus Noble | 225b7d8cff | |
Marcus Noble | bff4242b57 | |
Marcus Noble | 4b1d859778 | |
Marcus Noble | b59327939e | |
Marcus Noble | d760a69e29 | |
Marcus Noble | 071a73118c | |
Marcus Noble | 7dcdabd564 | |
Marcus Noble | 3cdebb541b | |
Marcus Noble | bbb9aba394 | |
Marcus Noble | d5e07e29d8 | |
Marcus Noble | a9c9813870 | |
Marcus Noble | ffa751ad7f | |
Marcus Noble | b739031468 | |
Marcus Noble | 3bef89a27d | |
Marcus Noble | 964a653710 | |
Marcus Noble | 3a2661106b | |
Marcus Noble | eb7a82f74e | |
Marcus Noble | b9ffeaf626 | |
Marcus Noble | acdc684e62 | |
Marcus Noble | eddfbf4fb7 | |
Marcus Noble | f67d067cf5 | |
Marcus Noble | 39ac57b5cb | |
Marcus Noble | caa7a68e6f | |
Marcus Noble | 04608e0cec | |
Marcus Noble | 2aa1628ebc | |
Marcus Noble | a1c447ff73 | |
Marcus Noble | a81423ab42 | |
Marcus Noble | ee1a18f169 | |
Marcus Noble | 6693266ba5 | |
Marcus Noble | 91f2fb943c | |
Marcus Noble | 6dea278487 | |
Marcus Noble | 785e22050d | |
Marcus Noble | 99eb03aa5f | |
Marcus Noble | 1ecc6bf920 | |
Marcus Noble | 0295ca8349 | |
Marcus Noble | 41fab7f1d4 | |
Marcus Noble | 5b3d1a0fee | |
Marcus Noble | 404cdb0349 | |
Marcus Noble | a757e95b3d | |
Marcus Noble | 28d06d68d3 | |
Marcus Noble | 7f23b96ebc | |
Marcus Noble | cfef345f93 | |
Marcus Noble | b360920537 | |
Marcus Noble | 4ac30f8242 | |
Marcus Noble | f036a70542 | |
Marcus Noble | d39cb1320b | |
Marcus Noble | da143dce0f | |
Marcus Noble | 1f54d2706a | |
Marcus Noble | 9f91c5ef35 | |
Marcus Noble | 468fd9f6a6 | |
Marcus Noble | 5b69611fed | |
Marcus Noble | cc38ef42e0 | |
Marcus Noble | 1665ef1e67 | |
Marcus Noble | bbc369afb4 | |
Marcus Noble | 422ee13940 | |
Marcus Noble | a7e0b2a913 | |
Marcus Noble | 4ebe0bde06 | |
Marcus Noble | 030386cc6a | |
Marcus Noble | d1e34ddba0 | |
Marcus Noble | 1161564118 | |
Marcus Noble | 6acdf29d1a | |
Marcus Noble | 77d23f395a | |
Marcus Noble | 9de410bb6e | |
Marcus Noble | b7c90557df | |
Marcus Noble | 2cf5ce0ace | |
Marcus Noble | 21c16256c7 | |
Marcus Noble | d6fb80ded4 | |
Marcus Noble | 0c334e0827 | |
Marcus Noble | 94b62b4c75 | |
Marcus Noble | 06b4f07c21 | |
Marcus Noble | cef5f2ddc1 | |
Marcus Noble | 825447b712 | |
Marcus Noble | 5c06e4c8d7 | |
Marcus Noble | 34a00954db | |
Marcus Noble | 54af3af2c1 | |
Marcus Noble | 7405481b72 | |
Marcus Noble | fa51de4fb6 | |
Marcus Noble | d29c9ec82c | |
Marcus Noble | 5f8800f311 | |
Marcus Noble | eef0a6c22d | |
Marcus Noble | d9d71a5dc7 | |
Marcus Noble | ff99e577cd | |
Marcus Noble | f26d02ca7f | |
Marcus Noble | 94e18c12ea | |
Marcus Noble | 84a9c19d93 | |
Marcus Noble | 8f85a65cbe | |
Marcus Noble | 22ae249a1f | |
Marcus Noble | 50f86cc39f | |
Marcus Noble | 295bb89828 | |
Marcus Noble | 3ab7377253 | |
Marcus Noble | 7d2c192b95 | |
Marcus Noble | a7a29c0201 | |
Marcus Noble | c40c5b5a33 | |
Marcus Noble | 588348ac31 | |
Marcus Noble | 05e04afeff | |
Marcus Noble | cf2a889e4d | |
Marcus Noble | b838af199d | |
Marcus Noble | 9f65bf256a | |
Marcus Noble | f5a7bb5abb | |
Marcus Noble | 5567ba142a | |
Marcus Noble | 43aa708e09 | |
Marcus Noble | 52339ccbed | |
Marcus Noble | b08f0892be | |
Marcus Noble | b60c244b8b | |
Marcus Noble | fd26f7b3de | |
Marcus Noble | e00db9e633 | |
Marcus Noble | b35b34bb7a | |
Marcus Noble | 85bd64e87e | |
Marcus Noble | a80346f8e7 | |
Marcus Noble | 53d8bd48bf | |
Marcus Noble | 9c8f29e346 | |
Marcus Noble | ad3fab4cfd | |
Marcus Noble | cf0015d1e2 | |
Marcus Noble | 6ce5744672 | |
Marcus Noble | 3d47bc34da |
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-auth-proxy
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: auth-proxy
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/auth-proxy
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: base64
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: base64
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/base64
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-blackhole
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: kube-system
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/blackhole
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,29 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-blog
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: blog
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/blog
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
||||
---
|
|
@ -0,0 +1,24 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cel-tester
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: cel-tester
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/cel-tester
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
|
@ -0,0 +1,76 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cert-manager-civo
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: cert-manager
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/certmanager-civo
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
||||
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-cert-manager-issuer
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: cert-manager
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/certmanager_chart
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-cert-manager-chart
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: cert-manager
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
repoURL: 'https://charts.jetstack.io'
|
||||
targetRevision: 1.11.0
|
||||
chart: cert-manager
|
||||
helm:
|
||||
version: v3
|
||||
values: |-
|
||||
installCRDs: "true"
|
||||
resources:
|
||||
requests:
|
||||
memory: 32Mi
|
||||
limits:
|
||||
memory: 64Mi
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
|
||||
---
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: civo-versions
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: civo-versions
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/civo-versions
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cv
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: cv
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/cv
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,29 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-dashboard
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: dashboard
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/dashboard
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
||||
---
|
|
@ -0,0 +1,29 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-devstats-viewer
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: devstats-viewer
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/devstats-viewer
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
automated: {}
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
||||
---
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: feed-fetcher
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: feed-fetcher
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/feed-fetcher
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-git-sync
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: git-sync
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/git-sync
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-gitea
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: gitea
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/gitea
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,24 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: goplayground
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: goplayground
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/goplayground
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
|
@ -0,0 +1,20 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: link
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: link
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/link
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
|
@ -0,0 +1,29 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-marcusnoble
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: marcusnoble
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/marcusnoble
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
||||
---
|
|
@ -0,0 +1,29 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-mastodon-digest
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: mastodon-digest
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/mastodon-digest
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
||||
---
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: mastodon-to-airtable
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: mastodon-to-airtable
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/mastodon-to-airtable
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-matrix
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: chat
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/matrix_chart
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
automated: {}
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,29 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-mealie
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: mealie
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/mealie
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
||||
---
|
|
@ -0,0 +1,24 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: monitoring-civo
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: monitoring
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/monitoring-civo
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-monitoring
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: monitoring
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/monitoring
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-nextcloud
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: nextcloud
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/nextcloud_chart
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
automated: {}
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-nginx-lb
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: kube-system
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/nginx-lb
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-nodered
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: node-red
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/nodered
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: opengraph
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: opengraph
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/opengraph
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-outline
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: outline
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/outline
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,24 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: proxy-civo
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: proxy-civo
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/proxy-civo
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: qr
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: qr
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/qr
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-redis
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: redis
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/redis
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,23 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-reloader
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: kube-system
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
repoURL: 'https://stakater.github.io/stakater-charts'
|
||||
targetRevision: v0.0.89
|
||||
chart: reloader
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,29 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-rss
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: rss
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/rss
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
||||
---
|
|
@ -0,0 +1,29 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-starling
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: starling
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/starling
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
||||
---
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: svg-to-dxf
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: svg-to-dxf
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/svg-to-dxf
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: talks
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: talks
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/talks
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,29 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-tank
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: tank
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/tank
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
||||
---
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: text-to-dxf
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: text-to-dxf
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/text-to-dxf
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: til
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: til
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/til
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,24 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: traefik-civo
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: kube-system
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/traefik
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: tweetsvg
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: tweetsvg
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/tweetsvg
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,29 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-twitter-profile-pic
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: twitter-profile-pic
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/twitter-profile-pic
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
||||
---
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: twitter-to-airtable
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: twitter-to-airtable
|
||||
name: civo
|
||||
source:
|
||||
path: manifests/twitter-to-airtable
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
automated: {}
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
- group: apps
|
||||
kind: Deployment
|
||||
jqPathExpressions:
|
||||
- .spec.template.spec.containers[]?.image
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cluster-fun-wallabag
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: cluster.fun
|
||||
destination:
|
||||
namespace: wallabag
|
||||
name: cluster-fun (v2)
|
||||
source:
|
||||
path: manifests/wallabag
|
||||
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
|
||||
targetRevision: HEAD
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
automated: {}
|
||||
ignoreDifferences:
|
||||
- kind: Secret
|
||||
jsonPointers:
|
||||
- /data
|
||||
---
|
|
@ -0,0 +1,201 @@
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: auth-proxy
|
||||
namespace: auth-proxy
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- downloads.cluster.fun
|
||||
- argo.cluster.fun
|
||||
- code.cluster.fun
|
||||
- jackett.cluster.fun
|
||||
- printer.cluster.fun
|
||||
- ender3pro.printer.cluster.fun
|
||||
- flsunq5.printer.cluster.fun
|
||||
- elegoomars2.printer.cluster.fun
|
||||
- radarr.cluster.fun
|
||||
- readarr.cluster.fun
|
||||
- sonarr.cluster.fun
|
||||
- lidarr.cluster.fun
|
||||
- prowlarr.cluster.fun
|
||||
- transmission.cluster.fun
|
||||
- tekton.cluster.fun
|
||||
- changedetection.cluster.fun
|
||||
- grafana.cluster.fun
|
||||
secretName: auth-proxy-ingress
|
||||
rules:
|
||||
- host: downloads.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: argo.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: code.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: jackett.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: printer.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: ender3pro.printer.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: flsunq5.printer.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: elegoomars2.printer.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: radarr.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: readarr.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: sonarr.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: lidarr.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: prowlarr.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: transmission.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: tekton.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: changedetection.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
||||
- host: grafana.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: auth
|
|
@ -0,0 +1,85 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: tekton-el
|
||||
namespace: auth-proxy
|
||||
labels:
|
||||
app: internal-proxy
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app: internal-proxy
|
||||
type: ClusterIP
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: loki
|
||||
namespace: auth-proxy
|
||||
labels:
|
||||
app: internal-proxy
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app: internal-proxy
|
||||
type: ClusterIP
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: loki-distributed
|
||||
namespace: auth-proxy
|
||||
labels:
|
||||
app: internal-proxy
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app: internal-proxy
|
||||
type: ClusterIP
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: prometheus
|
||||
namespace: auth-proxy
|
||||
labels:
|
||||
app: internal-proxy
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app: internal-proxy
|
||||
type: ClusterIP
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: vmcluster
|
||||
namespace: auth-proxy
|
||||
labels:
|
||||
app: internal-proxy
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app: internal-proxy
|
||||
type: ClusterIP
|
||||
---
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: auth-proxy
|
||||
---
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: non-auth-proxy
|
||||
namespace: auth-proxy
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- hello-world.cluster.fun
|
||||
secretName: non-auth-proxy-ingress
|
||||
rules:
|
||||
- host: hello-world.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: tailscale-proxy
|
||||
port:
|
||||
name: non-auth
|
|
@ -0,0 +1,132 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: host-mappings
|
||||
namespace: auth-proxy
|
||||
labels:
|
||||
app: proxy
|
||||
data:
|
||||
mapping.json: |
|
||||
{
|
||||
"tekton-el.auth-proxy.svc": "tekton-el.cluster.local",
|
||||
"vmcluster.auth-proxy.svc": "vmcluster.cluster.local",
|
||||
"loki.auth-proxy.svc": "loki-write.cluster.local",
|
||||
"loki.auth-proxy.svc:80": "loki-write.cluster.local",
|
||||
"loki-distributed.auth-proxy.svc": "loki-loki.cluster.local",
|
||||
"loki-distributed.auth-proxy.svc:80": "loki-loki.cluster.local"
|
||||
}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: internal-proxy
|
||||
namespace: auth-proxy
|
||||
labels:
|
||||
app: internal-proxy
|
||||
annotations:
|
||||
configmap.reloader.stakater.com/reload: "host-mappings"
|
||||
secret.reloader.stakater.com/reload: "tailscale-auth"
|
||||
spec:
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: internal-proxy
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: internal-proxy
|
||||
spec:
|
||||
serviceAccountName: default
|
||||
dnsPolicy: ClusterFirst
|
||||
dnsConfig:
|
||||
nameservers:
|
||||
- 100.100.100.100
|
||||
containers:
|
||||
- name: proxy
|
||||
image: rg.fr-par.scw.cloud/averagemarcus/proxy:latest
|
||||
imagePullPolicy: Always
|
||||
env:
|
||||
- name: PROXY_DESTINATION
|
||||
value: talos.averagemarcus.github.beta.tailscale.net
|
||||
- name: PORT
|
||||
value: "8080"
|
||||
- name: TS_AUTH_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: tailscale-auth
|
||||
key: password
|
||||
- name: TS_HOSTNAME
|
||||
value: auth-proxy-internal-proxy
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
protocol: TCP
|
||||
volumeMounts:
|
||||
- name: host-mappings
|
||||
mountPath: /config/
|
||||
|
||||
- name: oauth-proxy
|
||||
image: quay.io/oauth2-proxy/oauth2-proxy:v7.6.0
|
||||
args:
|
||||
- --cookie-secure=false
|
||||
- --provider=oidc
|
||||
- --provider-display-name=Auth0
|
||||
- --upstream=http://localhost:8080
|
||||
- --http-address=0.0.0.0:8181
|
||||
- --email-domain=*
|
||||
- --pass-basic-auth=false
|
||||
- --pass-access-token=false
|
||||
- --oidc-issuer-url=https://marcusnoble.eu.auth0.com/
|
||||
- --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQNFT
|
||||
- --cookie-expire=336h0m0s
|
||||
env:
|
||||
- name: HOST_IP
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: status.podIP
|
||||
- name: OAUTH2_PROXY_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: username
|
||||
name: auth-proxy
|
||||
- name: OAUTH2_PROXY_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: password
|
||||
name: auth-proxy
|
||||
ports:
|
||||
- containerPort: 8181
|
||||
protocol: TCP
|
||||
resources:
|
||||
limits:
|
||||
memory: 50Mi
|
||||
requests:
|
||||
memory: 50Mi
|
||||
volumes:
|
||||
- name: host-mappings
|
||||
configMap:
|
||||
name: host-mappings
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: tailscale-proxy
|
||||
namespace: auth-proxy
|
||||
labels:
|
||||
app: internal-proxy
|
||||
spec:
|
||||
ports:
|
||||
- name: non-auth
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8080
|
||||
- name: auth
|
||||
port: 81
|
||||
protocol: TCP
|
||||
targetPort: 8181
|
||||
selector:
|
||||
app: internal-proxy
|
||||
type: ClusterIP
|
||||
---
|
|
@ -0,0 +1,20 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: auth-proxy
|
||||
namespace: auth-proxy
|
||||
annotations:
|
||||
kube-1password: mr6spkkx7n3memkbute6ojaarm
|
||||
kube-1password/vault: Kubernetes
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: tailscale-auth
|
||||
namespace: auth-proxy
|
||||
annotations:
|
||||
kube-1password: 2cqycmsgv5r7vcyvjpblcl2l4y
|
||||
kube-1password/vault: Kubernetes
|
||||
type: Opaque
|
||||
---
|
|
@ -0,0 +1,71 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: base64
|
||||
namespace: base64
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: web
|
||||
name: web
|
||||
selector:
|
||||
app: base64
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: base64
|
||||
namespace: base64
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: base64
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: base64
|
||||
spec:
|
||||
imagePullSecrets:
|
||||
- name: docker-config
|
||||
containers:
|
||||
- name: web
|
||||
image: rg.fr-par.scw.cloud/averagemarcus/base64:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 80
|
||||
name: web
|
||||
resources:
|
||||
limits:
|
||||
memory: 5Mi
|
||||
requests:
|
||||
memory: 5Mi
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: base64
|
||||
namespace: base64
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
kubernetes.io/ingress.class: traefik
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- base64.cluster.fun
|
||||
secretName: base64-ingress
|
||||
rules:
|
||||
- host: base64.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: base64
|
||||
port:
|
||||
number: 80
|
|
@ -37,12 +37,11 @@ spec:
|
|||
resources:
|
||||
limits:
|
||||
memory: 10Mi
|
||||
|
||||
requests:
|
||||
memory: 10Mi
|
||||
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: black-hole
|
||||
|
@ -52,6 +51,9 @@ spec:
|
|||
- http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
serviceName: black-hole
|
||||
servicePort: 80
|
||||
service:
|
||||
name: black-hole
|
||||
port:
|
||||
number: 80
|
|
@ -1,9 +1,4 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: blog
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: blog
|
||||
|
@ -34,7 +29,7 @@ spec:
|
|||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: docker.cluster.fun/averagemarcus/blog:latest
|
||||
image: rg.fr-par.scw.cloud/averagemarcus/blog:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 8000
|
||||
|
@ -44,18 +39,27 @@ spec:
|
|||
memory: 200Mi
|
||||
requests:
|
||||
memory: 200Mi
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: web
|
||||
initialDelaySeconds: 10
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: web
|
||||
initialDelaySeconds: 10
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: blog
|
||||
namespace: blog
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- marcusnoble.co.uk
|
||||
|
@ -65,22 +69,24 @@ spec:
|
|||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
serviceName: blog
|
||||
servicePort: 80
|
||||
service:
|
||||
name: blog
|
||||
port:
|
||||
number: 80
|
||||
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: blog-www
|
||||
namespace: blog
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- www.marcusnoble.co.uk
|
||||
|
@ -90,22 +96,24 @@ spec:
|
|||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
serviceName: blog
|
||||
servicePort: 80
|
||||
service:
|
||||
name: blog
|
||||
port:
|
||||
number: 80
|
||||
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: blog-blog
|
||||
namespace: blog
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- blog.marcusnoble.co.uk
|
||||
|
@ -115,7 +123,10 @@ spec:
|
|||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
serviceName: blog
|
||||
servicePort: 80
|
||||
service:
|
||||
name: blog
|
||||
port:
|
||||
number: 80
|
||||
|
|
@ -1,70 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: buzzers
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: buzzers
|
||||
namespace: buzzers
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: web
|
||||
name: web
|
||||
selector:
|
||||
app: buzzers
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: buzzers
|
||||
namespace: buzzers
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: buzzers
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: buzzers
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: docker.cluster.fun/averagemarcus/buzzers:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 80
|
||||
name: web
|
||||
resources:
|
||||
limits:
|
||||
memory: 283Mi
|
||||
requests:
|
||||
memory: 283Mi
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: buzzers
|
||||
namespace: buzzers
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- buzzers.cluster.fun
|
||||
secretName: buzzers-ingress
|
||||
rules:
|
||||
- host: buzzers.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: buzzers
|
||||
servicePort: 80
|
|
@ -1,114 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: cctv
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: cctv-auth
|
||||
namespace: cctv
|
||||
annotations:
|
||||
kube-1password: mr6spkkx7n3memkbute6ojaarm
|
||||
kube-1password/vault: Kubernetes
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: cctv-auth
|
||||
namespace: cctv
|
||||
labels:
|
||||
app: cctv-auth
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: cctv-auth
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: cctv-auth
|
||||
spec:
|
||||
containers:
|
||||
- args:
|
||||
- --cookie-secure=false
|
||||
- --provider=oidc
|
||||
- --provider-display-name=Auth0
|
||||
- --upstream=http://inlets.inlets.svc.cluster.local
|
||||
- --http-address=$(HOST_IP):8080
|
||||
- --redirect-url=https://cctv.cluster.fun/oauth2/callback
|
||||
- --email-domain=*
|
||||
- --pass-basic-auth=false
|
||||
- --pass-access-token=false
|
||||
- --oidc-issuer-url=https://marcusnoble.eu.auth0.com/
|
||||
- --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQN
|
||||
env:
|
||||
- name: HOST_IP
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: status.podIP
|
||||
- name: OAUTH2_PROXY_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: username
|
||||
name: cctv-auth
|
||||
- name: OAUTH2_PROXY_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: password
|
||||
name: cctv-auth
|
||||
image: quay.io/oauth2-proxy/oauth2-proxy:v5.1.1
|
||||
name: oauth-proxy
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
protocol: TCP
|
||||
resources:
|
||||
limits:
|
||||
memory: 50Mi
|
||||
requests:
|
||||
memory: 50Mi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: cctv-auth
|
||||
namespace: cctv
|
||||
labels:
|
||||
app: cctv-auth
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app: cctv-auth
|
||||
type: ClusterIP
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: cctv-auth
|
||||
namespace: cctv
|
||||
labels:
|
||||
app: cctv-auth
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- cctv.cluster.fun
|
||||
secretName: cctv-ingress
|
||||
rules:
|
||||
- host: cctv.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: cctv-auth
|
||||
servicePort: 80
|
|
@ -0,0 +1,70 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: cel-tester
|
||||
namespace: cel-tester
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: web
|
||||
name: web
|
||||
selector:
|
||||
app: cel-tester
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: cel-tester
|
||||
namespace: cel-tester
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: cel-tester
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: cel-tester
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: rg.fr-par.scw.cloud/averagemarcus/cel-tester:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 80
|
||||
name: web
|
||||
resources:
|
||||
limits:
|
||||
memory: 20Mi
|
||||
requests:
|
||||
memory: 20Mi
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: cel-tester
|
||||
namespace: cel-tester
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
kubernetes.io/ingress.class: traefik
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- cel-tester.cluster.fun
|
||||
secretName: cel-tester-ingress
|
||||
rules:
|
||||
- host: cel-tester.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: cel-tester
|
||||
port:
|
||||
number: 80
|
||||
|
|
@ -0,0 +1,23 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: cert-manager
|
||||
labels:
|
||||
certmanager.k8s.io/disable-validation: "true"
|
||||
|
||||
---
|
||||
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: letsencrypt
|
||||
spec:
|
||||
acme:
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
email: letsencrypt@marcusnoble.co.uk
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt
|
||||
solvers:
|
||||
- http01:
|
||||
ingress:
|
||||
class: traefik
|
|
@ -1,47 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: cert-manager
|
||||
labels:
|
||||
certmanager.k8s.io/disable-validation: "true"
|
||||
|
||||
---
|
||||
|
||||
apiVersion: helm.fluxcd.io/v1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: cert-manager
|
||||
namespace: cert-manager
|
||||
spec:
|
||||
chart:
|
||||
repository: https://charts.jetstack.io
|
||||
name: cert-manager
|
||||
version: v0.15.0
|
||||
maxHistory: 5
|
||||
values:
|
||||
installCRDs: "true"
|
||||
resources:
|
||||
requests:
|
||||
|
||||
memory: 32Mi
|
||||
limits:
|
||||
|
||||
memory: 64Mi
|
||||
|
||||
---
|
||||
|
||||
apiVersion: cert-manager.io/v1alpha2
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: letsencrypt
|
||||
spec:
|
||||
acme:
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
email: letsencrypt@marcusnoble.co.uk
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt
|
||||
solvers:
|
||||
- selector: {}
|
||||
http01:
|
||||
ingress:
|
||||
class: traefik
|
|
@ -0,0 +1,23 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: cert-manager
|
||||
labels:
|
||||
certmanager.k8s.io/disable-validation: "true"
|
||||
|
||||
---
|
||||
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: letsencrypt
|
||||
spec:
|
||||
acme:
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
email: letsencrypt@marcusnoble.co.uk
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt
|
||||
solvers:
|
||||
- http01:
|
||||
ingress:
|
||||
class: nginx
|
|
@ -0,0 +1,88 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: civo-versions
|
||||
namespace: civo-versions
|
||||
annotations:
|
||||
kube-1password: ybo7axn7wpks4z3u3gjhibnu5i
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-parse: "true"
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: civo-versions
|
||||
namespace: civo-versions
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: web
|
||||
name: web
|
||||
selector:
|
||||
app: civo-versions
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: civo-versions
|
||||
namespace: civo-versions
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: civo-versions
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: civo-versions
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: rg.fr-par.scw.cloud/averagemarcus/civo-versions:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 8000
|
||||
name: web
|
||||
env:
|
||||
- name: PORT
|
||||
value: "8000"
|
||||
- name: API_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: civo-versions
|
||||
key: API_KEY
|
||||
resources:
|
||||
limits:
|
||||
memory: 30Mi
|
||||
requests:
|
||||
memory: 30Mi
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: civo-versions
|
||||
namespace: civo-versions
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
kubernetes.io/ingress.class: traefik
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- civo-versions.cluster.fun
|
||||
secretName: civo-versions-ingress
|
||||
rules:
|
||||
- host: civo-versions.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: civo-versions
|
||||
port:
|
||||
number: 80
|
|
@ -1,90 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: cors-proxy
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: cors-proxy
|
||||
namespace: cors-proxy
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: 8000
|
||||
name: web
|
||||
selector:
|
||||
app: cors-proxy
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: cors-proxy
|
||||
namespace: cors-proxy
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: cors-proxy
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: cors-proxy
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: docker.cluster.fun/averagemarcus/cors-proxy:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 8000
|
||||
name: web
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: cors-proxy
|
||||
namespace: cors-proxy
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- cors-proxy.cluster.fun
|
||||
secretName: cors-proxy-ingress
|
||||
rules:
|
||||
- host: cors-proxy.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: cors-proxy
|
||||
servicePort: 80
|
||||
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: cors-proxy-mn
|
||||
namespace: cors-proxy
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- cors-proxy.marcusnoble.co.uk
|
||||
secretName: cors-proxy-mn-ingress
|
||||
rules:
|
||||
- host: cors-proxy.marcusnoble.co.uk
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: cors-proxy
|
||||
servicePort: 80
|
|
@ -1,13 +1,8 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: dashboard
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: docker-config
|
||||
namespace: dashboard
|
||||
namespace: cv
|
||||
annotations:
|
||||
kube-1password: i6ngbk5zf4k52xgwdwnfup5bby
|
||||
kube-1password/vault: Kubernetes
|
||||
|
@ -19,8 +14,8 @@ data:
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: dashboard
|
||||
namespace: dashboard
|
||||
name: cv
|
||||
namespace: cv
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
|
@ -28,58 +23,62 @@ spec:
|
|||
targetPort: web
|
||||
name: web
|
||||
selector:
|
||||
app: dashboard
|
||||
app: cv
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: dashboard
|
||||
namespace: dashboard
|
||||
name: cv
|
||||
namespace: cv
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: dashboard
|
||||
app: cv
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: dashboard
|
||||
app: cv
|
||||
spec:
|
||||
imagePullSecrets:
|
||||
- name: docker-config
|
||||
containers:
|
||||
- name: web
|
||||
image: docker.cluster.fun/private/dashboard:latest
|
||||
image: rg.fr-par.scw.cloud/averagemarcus-private/cv:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 80
|
||||
name: web
|
||||
resources:
|
||||
limits:
|
||||
memory: 50Mi
|
||||
memory: 10Mi
|
||||
requests:
|
||||
memory: 50Mi
|
||||
memory: 10Mi
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: dashboard
|
||||
namespace: dashboard
|
||||
name: cv
|
||||
namespace: cv
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
kubernetes.io/ingress.class: traefik
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- dash.cluster.fun
|
||||
secretName: dashboard-ingress
|
||||
- cv.marcusnoble.co.uk
|
||||
secretName: cv-ingress
|
||||
rules:
|
||||
- host: dash.cluster.fun
|
||||
- host: cv.marcusnoble.co.uk
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
serviceName: dashboard
|
||||
servicePort: 80
|
||||
service:
|
||||
name: cv
|
||||
port:
|
||||
number: 80
|
|
@ -0,0 +1,131 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: docker-config
|
||||
namespace: dashboard
|
||||
annotations:
|
||||
kube-1password: i6ngbk5zf4k52xgwdwnfup5bby
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-key: .dockerconfigjson
|
||||
type: kubernetes.io/dockerconfigjson
|
||||
data:
|
||||
.dockerconfigjson: e30=
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: dashboard-auth
|
||||
namespace: dashboard
|
||||
annotations:
|
||||
kube-1password: mr6spkkx7n3memkbute6ojaarm
|
||||
kube-1password/vault: Kubernetes
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: dashboard
|
||||
namespace: dashboard
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: auth
|
||||
name: web
|
||||
selector:
|
||||
app: dashboard
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: dashboard
|
||||
namespace: dashboard
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: dashboard
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: dashboard
|
||||
spec:
|
||||
imagePullSecrets:
|
||||
- name: docker-config
|
||||
containers:
|
||||
- args:
|
||||
- --cookie-secure=false
|
||||
- --provider=oidc
|
||||
- --provider-display-name=Auth0
|
||||
- --upstream=http://localhost:80
|
||||
- --http-address=$(HOST_IP):8000
|
||||
- --redirect-url=https://dash.cluster.fun/oauth2/callback
|
||||
- --email-domain=marcusnoble.co.uk
|
||||
- --pass-basic-auth=false
|
||||
- --pass-access-token=false
|
||||
- --oidc-issuer-url=https://marcusnoble.eu.auth0.com/
|
||||
- --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQNFT
|
||||
env:
|
||||
- name: HOST_IP
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: status.podIP
|
||||
- name: OAUTH2_PROXY_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: username
|
||||
name: dashboard-auth
|
||||
- name: OAUTH2_PROXY_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: password
|
||||
name: dashboard-auth
|
||||
image: quay.io/oauth2-proxy/oauth2-proxy:v7.6.0
|
||||
name: oauth-proxy
|
||||
ports:
|
||||
- containerPort: 8000
|
||||
protocol: TCP
|
||||
name: auth
|
||||
resources:
|
||||
limits:
|
||||
memory: 50Mi
|
||||
requests:
|
||||
memory: 50Mi
|
||||
- name: web
|
||||
image: rg.fr-par.scw.cloud/averagemarcus-private/dashboard:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 80
|
||||
name: web
|
||||
resources:
|
||||
limits:
|
||||
memory: 50Mi
|
||||
requests:
|
||||
memory: 50Mi
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: dashboard
|
||||
namespace: dashboard
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- dash.cluster.fun
|
||||
secretName: dashboard-ingress
|
||||
rules:
|
||||
- host: dash.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: dashboard
|
||||
port:
|
||||
number: 80
|
|
@ -0,0 +1,69 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: devstats-viewer
|
||||
namespace: devstats-viewer
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: web
|
||||
name: web
|
||||
selector:
|
||||
app: devstats-viewer
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: devstats-viewer
|
||||
namespace: devstats-viewer
|
||||
spec:
|
||||
replicas: 2
|
||||
selector:
|
||||
matchLabels:
|
||||
app: devstats-viewer
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: devstats-viewer
|
||||
spec:
|
||||
imagePullSecrets:
|
||||
- name: docker-config
|
||||
containers:
|
||||
- name: web
|
||||
image: rg.fr-par.scw.cloud/averagemarcus/devstats-viewer:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 80
|
||||
name: web
|
||||
resources:
|
||||
limits:
|
||||
memory: 10Mi
|
||||
requests:
|
||||
memory: 10Mi
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: devstats-viewer
|
||||
namespace: devstats-viewer
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- devstats.cluster.fun
|
||||
secretName: devstats-viewer-ingress
|
||||
rules:
|
||||
- host: devstats.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: devstats-viewer
|
||||
port:
|
||||
number: 80
|
|
@ -1,115 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: downloads
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: downloads-auth
|
||||
namespace: downloads
|
||||
annotations:
|
||||
kube-1password: mr6spkkx7n3memkbute6ojaarm
|
||||
kube-1password/vault: Kubernetes
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: downloads-auth
|
||||
namespace: downloads
|
||||
labels:
|
||||
app: downloads-auth
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: downloads-auth
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: downloads-auth
|
||||
spec:
|
||||
containers:
|
||||
- args:
|
||||
- --cookie-secure=false
|
||||
- --provider=oidc
|
||||
- --provider-display-name=Auth0
|
||||
- --upstream=http://inlets.inlets.svc.cluster.local
|
||||
- --http-address=$(HOST_IP):8080
|
||||
- --redirect-url=https://downloads.cluster.fun/oauth2/callback
|
||||
- --email-domain=*
|
||||
- --pass-basic-auth=false
|
||||
- --pass-access-token=false
|
||||
- --oidc-issuer-url=https://marcusnoble.eu.auth0.com/
|
||||
- --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQN
|
||||
env:
|
||||
- name: HOST_IP
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: status.podIP
|
||||
- name: OAUTH2_PROXY_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: username
|
||||
name: downloads-auth
|
||||
- name: OAUTH2_PROXY_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: password
|
||||
name: downloads-auth
|
||||
image: quay.io/oauth2-proxy/oauth2-proxy:v5.1.1
|
||||
name: oauth-proxy
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
protocol: TCP
|
||||
resources:
|
||||
limits:
|
||||
memory: 250Mi
|
||||
requests:
|
||||
memory: 250Mi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: downloads-auth
|
||||
namespace: downloads
|
||||
labels:
|
||||
app: downloads-auth
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app: downloads-auth
|
||||
type: ClusterIP
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: downloads-auth
|
||||
namespace: downloads
|
||||
labels:
|
||||
app: downloads-auth
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- downloads.cluster.fun
|
||||
secretName: downloads-ingress
|
||||
rules:
|
||||
- host: downloads.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: downloads-auth
|
||||
servicePort: 80
|
||||
|
|
@ -0,0 +1,65 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: feed-fetcher
|
||||
namespace: feed-fetcher
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: web
|
||||
name: web
|
||||
selector:
|
||||
app: feed-fetcher
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: feed-fetcher
|
||||
namespace: feed-fetcher
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: feed-fetcher
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: feed-fetcher
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: rg.fr-par.scw.cloud/averagemarcus/feed-fetcher:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: web
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: feed-fetcher
|
||||
namespace: feed-fetcher
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
kubernetes.io/ingress.class: traefik
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- feed-fetcher.cluster.fun
|
||||
secretName: feed-fetcher-ingress
|
||||
rules:
|
||||
- host: feed-fetcher.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: feed-fetcher
|
||||
port:
|
||||
number: 80
|
||||
|
|
@ -0,0 +1,109 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: git-sync-github
|
||||
namespace: git-sync
|
||||
annotations:
|
||||
kube-1password: cfo2ufhgem57clbscxetxgevue
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/password-key: token
|
||||
type: Opaque
|
||||
data:
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: git-sync-gitea
|
||||
namespace: git-sync
|
||||
annotations:
|
||||
kube-1password: b7kpdlcvt7y63bozu3i4j4lojm
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/password-key: token
|
||||
type: Opaque
|
||||
data:
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: git-sync-gitlab
|
||||
namespace: git-sync
|
||||
annotations:
|
||||
kube-1password: t47v3xdgadiifgoi4wmqibrlty
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/password-key: token
|
||||
type: Opaque
|
||||
data:
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: git-sync-bitbucket
|
||||
namespace: git-sync
|
||||
annotations:
|
||||
kube-1password: adrki45krr2tq34sug7dhdk5iy
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/password-key: token
|
||||
type: Opaque
|
||||
data:
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: git-sync-codeberg
|
||||
namespace: git-sync
|
||||
annotations:
|
||||
kube-1password: 5ynzgk6qcgshztkjbddwalixfq
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/password-key: token
|
||||
type: Opaque
|
||||
data:
|
||||
---
|
||||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: git-sync
|
||||
namespace: git-sync
|
||||
spec:
|
||||
schedule: "0 */1 * * *"
|
||||
concurrencyPolicy: Forbid
|
||||
failedJobsHistoryLimit: 1
|
||||
successfulJobsHistoryLimit: 1
|
||||
jobTemplate:
|
||||
metadata:
|
||||
labels:
|
||||
cronjob: git-sync
|
||||
spec:
|
||||
backoffLimit: 1
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: sync
|
||||
image: rg.fr-par.scw.cloud/averagemarcus/git-sync:latest
|
||||
imagePullPolicy: Always
|
||||
env:
|
||||
- name: GITHUB_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: git-sync-github
|
||||
key: token
|
||||
- name: GITEA_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: git-sync-gitea
|
||||
key: token
|
||||
- name: GITLAB_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: git-sync-gitlab
|
||||
key: token
|
||||
- name: BITBUCKET_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: git-sync-bitbucket
|
||||
key: token
|
||||
- name: CODEBERG_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: git-sync-codeberg
|
||||
key: token
|
||||
restartPolicy: Never
|
|
@ -1,9 +1,4 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: gitea
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: gitea-secret-key
|
||||
|
@ -47,7 +42,7 @@ spec:
|
|||
spec:
|
||||
containers:
|
||||
- name: git
|
||||
image: gitea/gitea:1.11
|
||||
image: gitea/gitea:1.21.11
|
||||
env:
|
||||
- name: APP_NAME
|
||||
value: "Git"
|
||||
|
@ -69,6 +64,8 @@ spec:
|
|||
value: "20"
|
||||
- name: DEFAULT_THEME
|
||||
value: arc-green
|
||||
- name: ALLOWED_HOST_LIST
|
||||
value: "*"
|
||||
- name: SECRET_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
|
@ -80,7 +77,6 @@ spec:
|
|||
resources:
|
||||
requests:
|
||||
memory: 400Mi
|
||||
|
||||
volumeMounts:
|
||||
- mountPath: /data
|
||||
name: git-data
|
||||
|
@ -94,17 +90,17 @@ spec:
|
|||
requests:
|
||||
storage: 20Gi
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: git
|
||||
namespace: gitea
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- git.cluster.fun
|
||||
|
@ -114,6 +110,9 @@ spec:
|
|||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
serviceName: git
|
||||
servicePort: 80
|
||||
service:
|
||||
name: git
|
||||
port:
|
||||
number: 80
|
|
@ -0,0 +1,14 @@
|
|||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
labels:
|
||||
app: git
|
||||
name: git-data-git-0
|
||||
namespace: gitea
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 20Gi
|
||||
storageClassName: sbs-default-retain
|
|
@ -0,0 +1,70 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: goplayground
|
||||
namespace: goplayground
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: web
|
||||
name: web
|
||||
selector:
|
||||
app: goplayground
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: goplayground
|
||||
namespace: goplayground
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: goplayground
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: goplayground
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: x1unix/go-playground:1.15.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 8000
|
||||
name: web
|
||||
resources:
|
||||
limits:
|
||||
memory: 20Mi
|
||||
requests:
|
||||
memory: 20Mi
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: goplayground
|
||||
namespace: goplayground
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
kubernetes.io/ingress.class: traefik
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- go.cluster.fun
|
||||
secretName: goplayground-ingress
|
||||
rules:
|
||||
- host: go.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: goplayground
|
||||
port:
|
||||
number: 80
|
||||
|
|
@ -1,57 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: harbor
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: harbor-values
|
||||
namespace: harbor
|
||||
annotations:
|
||||
kube-1password: igey7vjjiqmj25v64eck7cyj34
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-key: values.yaml
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: helm.fluxcd.io/v1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: harbor
|
||||
namespace: harbor
|
||||
spec:
|
||||
chart:
|
||||
repository: https://helm.goharbor.io
|
||||
name: harbor
|
||||
version: 1.3.2
|
||||
maxHistory: 4
|
||||
skipCRDs: false
|
||||
valuesFrom:
|
||||
- secretKeyRef:
|
||||
name: harbor-values
|
||||
namespace: harbor
|
||||
key: values.yaml
|
||||
optional: false
|
||||
values:
|
||||
portal:
|
||||
resources:
|
||||
requests:
|
||||
memory: 64Mi
|
||||
core:
|
||||
resources:
|
||||
requests:
|
||||
memory: 64Mi
|
||||
jobservice:
|
||||
resources:
|
||||
requests:
|
||||
memory: 64Mi
|
||||
registry:
|
||||
registry:
|
||||
resources:
|
||||
requests:
|
||||
memory: 64Mi
|
||||
controller:
|
||||
resources:
|
||||
requests:
|
||||
memory: 64Mi
|
||||
|
|
@ -1,103 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: inlets
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: inlets
|
||||
namespace: inlets
|
||||
annotations:
|
||||
kube-1password: podju6t2s2osc3vbkimyce25ti
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/password-key: token
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: inlets
|
||||
namespace: inlets
|
||||
labels:
|
||||
app: inlets
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8000
|
||||
selector:
|
||||
app: inlets
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: inlets
|
||||
namespace: inlets
|
||||
labels:
|
||||
app: inlets
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: inlets
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: inlets
|
||||
spec:
|
||||
containers:
|
||||
- name: inlets
|
||||
image: inlets/inlets:2.7.0
|
||||
imagePullPolicy: Always
|
||||
command: ["inlets"]
|
||||
args:
|
||||
- "server"
|
||||
- "--token-from=/var/inlets/token"
|
||||
volumeMounts:
|
||||
- name: inlets-token-volume
|
||||
mountPath: /var/inlets/
|
||||
volumes:
|
||||
- name: inlets-token-volume
|
||||
secret:
|
||||
secretName: inlets
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: inlets
|
||||
namespace: inlets
|
||||
spec:
|
||||
rules:
|
||||
- host: inlets.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: inlets
|
||||
servicePort: 80
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: pyload
|
||||
namespace: inlets
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- pyload.cluster.fun
|
||||
secretName: pyload-ingress
|
||||
rules:
|
||||
- host: pyload.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: inlets
|
||||
servicePort: 80
|
|
@ -1,107 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: kube-janitor
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: kube-janitor
|
||||
namespace: kube-janitor
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: kube-janitor
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- events
|
||||
verbs:
|
||||
- create
|
||||
- apiGroups:
|
||||
- "*"
|
||||
resources:
|
||||
- "*"
|
||||
verbs:
|
||||
- get
|
||||
- watch
|
||||
- list
|
||||
- delete
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: kube-janitor
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: kube-janitor
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: kube-janitor
|
||||
namespace: kube-janitor
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: kube-janitor
|
||||
namespace: kube-janitor
|
||||
data:
|
||||
rules.yaml: |-
|
||||
rules:
|
||||
- id: tekton-tasks
|
||||
resources:
|
||||
- pods
|
||||
- pipelineruns
|
||||
jmespath: "(metadata.labels.\"tekton.dev/pipeline\")"
|
||||
ttl: 3h
|
||||
|
||||
---
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
application: kube-janitor
|
||||
version: v20.4.1
|
||||
name: kube-janitor
|
||||
namespace: kube-janitor
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
application: kube-janitor
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
application: kube-janitor
|
||||
version: v20.4.1
|
||||
spec:
|
||||
serviceAccountName: kube-janitor
|
||||
containers:
|
||||
- name: janitor
|
||||
image: hjacobs/kube-janitor:20.4.1
|
||||
args:
|
||||
- --interval=15
|
||||
- --rules-file=/config/rules.yaml
|
||||
- --include-namespaces=tekton-pipelines
|
||||
- --include-resources=pods
|
||||
resources:
|
||||
limits:
|
||||
memory: 100Mi
|
||||
requests:
|
||||
memory: 100Mi
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
runAsUser: 1000
|
||||
volumeMounts:
|
||||
- name: config-volume
|
||||
mountPath: /config
|
||||
volumes:
|
||||
- name: config-volume
|
||||
configMap:
|
||||
name: kube-janitor
|
|
@ -0,0 +1,102 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: urls-map
|
||||
namespace: link
|
||||
labels:
|
||||
app: link
|
||||
data:
|
||||
urls.yaml: |
|
||||
mn: https://marcusnoble.co.uk
|
||||
whites: https://twitter.com/whites11/status/1484053621448785920
|
||||
devopsnotts22: https://noti.st/averagemarcus/E8Ldoh/managing-kubernetes-without-losing-your-cool
|
||||
kubernetes-cool: https://noti.st/averagemarcus/E8Ldoh/managing-kubernetes-without-losing-your-cool
|
||||
klustered: https://gist.githubusercontent.com/AverageMarcus/e58301ecf3455caa1638c3ffe70ed138/raw/klustered.sh
|
||||
wonders-and-woes: https://noti.st/averagemarcus/sWywEJ/the-wonders-and-woes-of-webhooks
|
||||
kubehuddle: https://noti.st/averagemarcus/TqCEd4/the-wonders-and-woes-of-webhooks
|
||||
kcduk: https://noti.st/averagemarcus/fxN4gl/managing-kubernetes-without-losing-your-cool
|
||||
wonders-and-woes-webinar: https://noti.st/averagemarcus/Hw2IXG/the-wonders-and-woes-of-webhooks
|
||||
kcdukraine: https://noti.st/averagemarcus/quuysq/managing-kubernetes-without-losing-your-cool
|
||||
devopsox23: https://noti.st/averagemarcus/quuysq/managing-kubernetes-without-losing-your-cool
|
||||
dddem23: https://noti.st/averagemarcus/Rt4hFh/managing-kubernetes-without-losing-your-cool
|
||||
kube-london: https://noti.st/averagemarcus/SFD1bY/the-wonders-and-woes-of-webhooks
|
||||
kcduk23: https://noti.st/averagemarcus/4YvpTx/webhooks-whats-the-worst-that-could-happen
|
||||
rejekts23: https://noti.st/averagemarcus/Bi7qLP/webhooks-whats-the-worst-that-could-happen
|
||||
rejekts24: https://speaking.marcusnoble.co.uk/pg46DB/from-fragile-to-resilient-validatingadmissionpolicies-strengthen-kubernetes
|
||||
lopug24: https://speaking.marcusnoble.co.uk/I6dyx4/webhooks-whats-the-worst-that-could-happen
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: link
|
||||
namespace: link
|
||||
labels:
|
||||
app: link
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: web
|
||||
name: web
|
||||
selector:
|
||||
app: link
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: link
|
||||
namespace: link
|
||||
labels:
|
||||
app: link
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: link
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: link
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: rg.fr-par.scw.cloud/averagemarcus/link:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 5050
|
||||
name: web
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /config
|
||||
volumes:
|
||||
- name: config
|
||||
configMap:
|
||||
name: urls-map
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: link
|
||||
namespace: link
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
kubernetes.io/ingress.class: traefik
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- go-get.link
|
||||
secretName: link-ingress
|
||||
rules:
|
||||
- host: go-get.link
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: link
|
||||
port:
|
||||
number: 80
|
|
@ -1,114 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: linx-server
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: linx-server
|
||||
namespace: linx-server
|
||||
data:
|
||||
linx-server.conf: |-
|
||||
sitename = share
|
||||
maxsize = 524288000
|
||||
maxexpiry = 0
|
||||
selifpath = f
|
||||
nologs = false
|
||||
force-random-filename = false
|
||||
s3-endpoint = https://s3.fr-par.scw.cloud
|
||||
s3-region = fr-par
|
||||
s3-bucket = cluster.fun-linx
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: linx-server-s3
|
||||
namespace: linx-server
|
||||
annotations:
|
||||
kube-1password: d5dgclm3qrxd4fntivv26ec3ee
|
||||
kube-1password/vault: Kubernetes
|
||||
type: Opaque
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: linx-server
|
||||
namespace: linx-server
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: web
|
||||
name: web
|
||||
selector:
|
||||
app: linx-server
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: linx-server
|
||||
namespace: linx-server
|
||||
spec:
|
||||
replicas: 2
|
||||
selector:
|
||||
matchLabels:
|
||||
app: linx-server
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: linx-server
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: andreimarcu/linx-server:version-2.3.5
|
||||
imagePullPolicy: Always
|
||||
args:
|
||||
- -config
|
||||
- /config/linx-server.conf
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: web
|
||||
env:
|
||||
- name: AWS_ACCESS_KEY_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: linx-server-s3
|
||||
key: username
|
||||
- name: AWS_SECRET_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: linx-server-s3
|
||||
key: password
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /config
|
||||
volumes:
|
||||
- name: config
|
||||
configMap:
|
||||
name: linx-server
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: linx-server
|
||||
namespace: linx-server
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- share.cluster.fun
|
||||
secretName: linx-server-ingress
|
||||
rules:
|
||||
- host: share.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: linx-server
|
||||
servicePort: 80
|
|
@ -1,175 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: logging
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: grafana-credentials
|
||||
namespace: logging
|
||||
annotations:
|
||||
kube-1password: wpynfxkdipeeacyfxkvtdsuj54
|
||||
kube-1password/vault: Kubernetes
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: helm.fluxcd.io/v1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: loki
|
||||
namespace: logging
|
||||
spec:
|
||||
chart:
|
||||
repository: https://grafana.github.io/loki/charts
|
||||
name: loki-stack
|
||||
version: 0.36.2
|
||||
maxHistory: 4
|
||||
skipCRDs: false
|
||||
values:
|
||||
fluent-bit:
|
||||
enabled: "true"
|
||||
promtail:
|
||||
enabled: "true"
|
||||
loki:
|
||||
persistence:
|
||||
enabled: "true"
|
||||
size: 10Gi
|
||||
|
||||
---
|
||||
apiVersion: helm.fluxcd.io/v1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: grafana
|
||||
namespace: logging
|
||||
spec:
|
||||
chart:
|
||||
repository: https://kubernetes-charts.storage.googleapis.com
|
||||
name: grafana
|
||||
version: 5.0.22
|
||||
maxHistory: 4
|
||||
skipCRDs: false
|
||||
values:
|
||||
image:
|
||||
tag: 7.0.0
|
||||
admin:
|
||||
existingSecret: "grafana-credentials"
|
||||
userKey: username
|
||||
passwordKey: password
|
||||
persistence:
|
||||
enabled: "false"
|
||||
datasources:
|
||||
datasources.yaml:
|
||||
apiVersion: 1
|
||||
datasources:
|
||||
- name: Loki
|
||||
type: loki
|
||||
url: http://logging-loki.logging:3100
|
||||
access: proxy
|
||||
jsonData:
|
||||
maxLines: 1000
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: grafana-auth
|
||||
namespace: logging
|
||||
annotations:
|
||||
kube-1password: mr6spkkx7n3memkbute6ojaarm
|
||||
kube-1password/vault: Kubernetes
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: grafana-auth
|
||||
namespace: logging
|
||||
labels:
|
||||
app: grafana-auth
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: grafana-auth
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: grafana-auth
|
||||
spec:
|
||||
containers:
|
||||
- args:
|
||||
- --cookie-secure=false
|
||||
- --provider=oidc
|
||||
- --provider-display-name=Auth0
|
||||
- --upstream=http://logging-grafana.logging.svc.cluster.local
|
||||
- --http-address=$(HOST_IP):8080
|
||||
- --redirect-url=https://grafana.cluster.fun/oauth2/callback
|
||||
- --email-domain=marcusnoble.co.uk
|
||||
- --pass-basic-auth=false
|
||||
- --pass-access-token=false
|
||||
- --oidc-issuer-url=https://marcusnoble.eu.auth0.com/
|
||||
- --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQN
|
||||
env:
|
||||
- name: HOST_IP
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: status.podIP
|
||||
- name: OAUTH2_PROXY_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: username
|
||||
name: grafana-auth
|
||||
- name: OAUTH2_PROXY_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: password
|
||||
name: grafana-auth
|
||||
image: quay.io/oauth2-proxy/oauth2-proxy:v5.1.1
|
||||
name: oauth-proxy
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
protocol: TCP
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: grafana-auth
|
||||
namespace: logging
|
||||
labels:
|
||||
app: grafana-auth
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app: grafana-auth
|
||||
type: ClusterIP
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: grafana-auth
|
||||
namespace: logging
|
||||
labels:
|
||||
app: grafana-auth
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- grafana.cluster.fun
|
||||
secretName: grafana-ingress
|
||||
rules:
|
||||
- host: grafana.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: grafana-auth
|
||||
servicePort: 80
|
|
@ -0,0 +1,90 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: marcusnoble
|
||||
namespace: marcusnoble
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: 8080
|
||||
name: web
|
||||
selector:
|
||||
app: marcusnoble
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: marcusnoble
|
||||
namespace: marcusnoble
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: marcusnoble
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: marcusnoble
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: rg.fr-par.scw.cloud/averagemarcus/marcusnoble:latest
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: web
|
||||
resources:
|
||||
limits:
|
||||
memory: 50Mi
|
||||
requests:
|
||||
memory: 50Mi
|
||||
# livenessProbe:
|
||||
# httpGet:
|
||||
# path: /healthz
|
||||
# port: web
|
||||
# initialDelaySeconds: 10
|
||||
# readinessProbe:
|
||||
# httpGet:
|
||||
# path: /healthz
|
||||
# port: web
|
||||
# initialDelaySeconds: 10
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: marcusnoble
|
||||
namespace: marcusnoble
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- marcusnoble.com
|
||||
- www.marcusnoble.com
|
||||
secretName: marcusnoble-ingress
|
||||
rules:
|
||||
- host: marcusnoble.com
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: marcusnoble
|
||||
port:
|
||||
number: 80
|
||||
- host: www.marcusnoble.com
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: marcusnoble
|
||||
port:
|
||||
number: 80
|
||||
|
||||
---
|
|
@ -0,0 +1,229 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: docker-config
|
||||
namespace: mastodon-digest
|
||||
annotations:
|
||||
kube-1password: i6ngbk5zf4k52xgwdwnfup5bby
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-key: .dockerconfigjson
|
||||
type: kubernetes.io/dockerconfigjson
|
||||
data:
|
||||
.dockerconfigjson: e30=
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mastodon-digest-auth
|
||||
namespace: mastodon-digest
|
||||
annotations:
|
||||
kube-1password: mr6spkkx7n3memkbute6ojaarm
|
||||
kube-1password/vault: Kubernetes
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mastodon-digest
|
||||
namespace: mastodon-digest
|
||||
annotations:
|
||||
kube-1password: bfklz3yi3dn4e7xtsbttcvhata
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-parse: "true"
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: config
|
||||
namespace: mastodon-digest
|
||||
labels:
|
||||
app: mastodon-digest
|
||||
data:
|
||||
config.json: |
|
||||
[
|
||||
{
|
||||
"timeline": "home",
|
||||
"hours": 12,
|
||||
"scorer": "ExtendedSimpleWeighted",
|
||||
"threshold": "lax",
|
||||
"output": "/usr/share/nginx/html/home/"
|
||||
},
|
||||
{
|
||||
"timeline": "federated",
|
||||
"hours": 12,
|
||||
"scorer": "ExtendedSimpleWeighted",
|
||||
"threshold": "lax",
|
||||
"output": "/usr/share/nginx/html/federated/"
|
||||
}
|
||||
]
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: index
|
||||
namespace: mastodon-digest
|
||||
labels:
|
||||
app: mastodon-digest
|
||||
data:
|
||||
index.html: |
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta chartset="utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||
<title>Mastodon Digest</title>
|
||||
<style>
|
||||
body { background-color: #292c36; font-family: "Arial", sans-serif; }
|
||||
div#container { margin: auto; max-width: 640px; padding: 10px; text-align: center; margin: 0 auto; }
|
||||
.links { align: center; }
|
||||
h1 { color: white; }
|
||||
a.button { background: #595aff; color: #fff; line-height: 1.2; min-height: 38px; min-width: 88px; padding: 0 30px; border: 0; border-radius: 6px;; display: inline-flex; justify-content: center; align-items: center; }
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<div id="container">
|
||||
<h1>Mastodon Digest</h1>
|
||||
<section class="links">
|
||||
<a href="home/" class="button">Home</a>
|
||||
<a href="federated/" class="button">Federated</a>
|
||||
</section>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: mastodon-digest
|
||||
namespace: mastodon-digest
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: auth
|
||||
name: web
|
||||
selector:
|
||||
app: mastodon-digest
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: mastodon-digest
|
||||
namespace: mastodon-digest
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: mastodon-digest
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: mastodon-digest
|
||||
spec:
|
||||
imagePullSecrets:
|
||||
- name: docker-config
|
||||
containers:
|
||||
- args:
|
||||
- --cookie-secure=false
|
||||
- --provider=oidc
|
||||
- --provider-display-name=Auth0
|
||||
- --upstream=http://localhost:80
|
||||
- --http-address=$(HOST_IP):8000
|
||||
- --redirect-url=https://mastodon-digest.cluster.fun/oauth2/callback
|
||||
- --email-domain=marcusnoble.co.uk
|
||||
- --pass-basic-auth=false
|
||||
- --pass-access-token=false
|
||||
- --oidc-issuer-url=https://marcusnoble.eu.auth0.com/
|
||||
- --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQNFT
|
||||
env:
|
||||
- name: HOST_IP
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: status.podIP
|
||||
- name: OAUTH2_PROXY_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: username
|
||||
name: mastodon-digest-auth
|
||||
- name: OAUTH2_PROXY_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: password
|
||||
name: mastodon-digest-auth
|
||||
image: quay.io/oauth2-proxy/oauth2-proxy:v7.6.0
|
||||
name: oauth-proxy
|
||||
ports:
|
||||
- containerPort: 8000
|
||||
protocol: TCP
|
||||
name: auth
|
||||
resources:
|
||||
limits:
|
||||
memory: 50Mi
|
||||
requests:
|
||||
memory: 50Mi
|
||||
|
||||
- name: web
|
||||
image: nginx:stable
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
name: web
|
||||
volumeMounts:
|
||||
- name: html
|
||||
mountPath: /usr/share/nginx/html
|
||||
- name: index
|
||||
mountPath: /usr/share/nginx/html/index.html
|
||||
subPath: index.html
|
||||
|
||||
- name: digest
|
||||
image: rg.fr-par.scw.cloud/averagemarcus-private/mastodon-digest:latest
|
||||
imagePullPolicy: Always
|
||||
env:
|
||||
- name: CONFIG_FILE
|
||||
value: /config.json
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: mastodon-digest
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /config.json
|
||||
subPath: config.json
|
||||
- name: html
|
||||
mountPath: /usr/share/nginx/html
|
||||
volumes:
|
||||
- name: html
|
||||
emptyDir: {}
|
||||
- name: config
|
||||
configMap:
|
||||
name: config
|
||||
- name: index
|
||||
configMap:
|
||||
name: index
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: mastodon-digest
|
||||
namespace: mastodon-digest
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- mastodon-digest.cluster.fun
|
||||
secretName: mastodon-digest-ingress
|
||||
rules:
|
||||
- host: mastodon-digest.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: mastodon-digest
|
||||
port:
|
||||
number: 80
|
|
@ -0,0 +1,151 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: docker-config
|
||||
namespace: mastodon-to-airtable
|
||||
annotations:
|
||||
kube-1password: i6ngbk5zf4k52xgwdwnfup5bby
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-key: .dockerconfigjson
|
||||
type: kubernetes.io/dockerconfigjson
|
||||
data:
|
||||
.dockerconfigjson: e30=
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mastodon-to-airtable-auth
|
||||
namespace: mastodon-to-airtable
|
||||
annotations:
|
||||
kube-1password: mr6spkkx7n3memkbute6ojaarm
|
||||
kube-1password/vault: Kubernetes
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mastodon-to-airtable
|
||||
namespace: mastodon-to-airtable
|
||||
annotations:
|
||||
kube-1password: kizmkmbndgu3ryrox3csev4mim
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-parse: "true"
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: mastodon-to-airtable
|
||||
namespace: mastodon-to-airtable
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: auth
|
||||
name: web
|
||||
selector:
|
||||
app: mastodon-to-airtable
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: mastodon-to-airtable
|
||||
namespace: mastodon-to-airtable
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: mastodon-to-airtable
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: mastodon-to-airtable
|
||||
spec:
|
||||
imagePullSecrets:
|
||||
- name: docker-config
|
||||
containers:
|
||||
- args:
|
||||
- --cookie-secure=false
|
||||
- --provider=oidc
|
||||
- --provider-display-name=Auth0
|
||||
- --upstream=http://localhost:8080
|
||||
- --http-address=$(HOST_IP):8000
|
||||
- --redirect-url=https://mastodon-to-airtable.cluster.fun/oauth2/callback
|
||||
- --email-domain=marcusnoble.co.uk
|
||||
- --pass-basic-auth=false
|
||||
- --pass-access-token=false
|
||||
- --oidc-issuer-url=https://marcusnoble.eu.auth0.com/
|
||||
- --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQNFT
|
||||
env:
|
||||
- name: HOST_IP
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: status.podIP
|
||||
- name: OAUTH2_PROXY_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: username
|
||||
name: mastodon-to-airtable-auth
|
||||
- name: OAUTH2_PROXY_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: password
|
||||
name: mastodon-to-airtable-auth
|
||||
image: quay.io/oauth2-proxy/oauth2-proxy:v7.6.0
|
||||
name: oauth-proxy
|
||||
ports:
|
||||
- containerPort: 8000
|
||||
protocol: TCP
|
||||
name: auth
|
||||
resources:
|
||||
limits:
|
||||
memory: 50Mi
|
||||
requests:
|
||||
memory: 50Mi
|
||||
- name: web
|
||||
image: rg.fr-par.scw.cloud/averagemarcus-private/mastodon-to-airtable:latest
|
||||
imagePullPolicy: Always
|
||||
env:
|
||||
- name: PORT
|
||||
value: "8080"
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: "mastodon-to-airtable"
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: web
|
||||
resources:
|
||||
limits:
|
||||
memory: 50Mi
|
||||
requests:
|
||||
memory: 50Mi
|
||||
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: mastodon-to-airtable
|
||||
namespace: mastodon-to-airtable
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
kubernetes.io/ingress.class: traefik
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- mastodon-to-airtable.cluster.fun
|
||||
secretName: mastodon-to-airtable-ingress
|
||||
rules:
|
||||
- host: mastodon-to-airtable.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: mastodon-to-airtable
|
||||
port:
|
||||
number: 80
|
|
@ -1,255 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: chat
|
||||
|
||||
---
|
||||
|
||||
apiVersion: helm.fluxcd.io/v1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: matrix
|
||||
namespace: chat
|
||||
spec:
|
||||
chart:
|
||||
repository: https://dacruz21.github.io/helm-charts
|
||||
name: matrix
|
||||
version: 1.1.2
|
||||
maxHistory: 4
|
||||
values:
|
||||
matrix:
|
||||
serverName: "matrix.cluster.fun"
|
||||
telemetry: false
|
||||
hostname: "matrix.cluster.fun"
|
||||
presence: true
|
||||
blockNonAdminInvites: false
|
||||
search: true
|
||||
adminEmail: "matrix@marcusnoble.co.uk"
|
||||
uploads:
|
||||
maxSize: 100M
|
||||
maxPixels: 32M
|
||||
federation:
|
||||
enabled: false
|
||||
allowPublicRooms: false
|
||||
blacklist:
|
||||
- '127.0.0.0/8'
|
||||
- '10.0.0.0/8'
|
||||
- '172.16.0.0/12'
|
||||
- '192.168.0.0/16'
|
||||
- '100.64.0.0/10'
|
||||
- '169.254.0.0/16'
|
||||
- '::1/128'
|
||||
- 'fe80::/64'
|
||||
- 'fc00::/7'
|
||||
registration:
|
||||
enabled: false
|
||||
allowGuests: false
|
||||
urlPreviews:
|
||||
enabled: true
|
||||
rules:
|
||||
maxSize: 4M
|
||||
ip:
|
||||
blacklist:
|
||||
- '127.0.0.0/8'
|
||||
- '10.0.0.0/8'
|
||||
- '172.16.0.0/12'
|
||||
- '192.168.0.0/16'
|
||||
- '100.64.0.0/10'
|
||||
- '169.254.0.0/16'
|
||||
- '::1/128'
|
||||
- 'fe80::/64'
|
||||
- 'fc00::/7'
|
||||
|
||||
volumes:
|
||||
media:
|
||||
capacity: 4Gi
|
||||
signingKey:
|
||||
capacity: 1Gi
|
||||
|
||||
postgresql:
|
||||
enabled: true
|
||||
persistence:
|
||||
size: 4Gi
|
||||
|
||||
synapse:
|
||||
image:
|
||||
repository: "matrixdotorg/synapse"
|
||||
tag: v1.12.4
|
||||
pullPolicy: IfNotPresent
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 80
|
||||
replicaCount: 1
|
||||
resources: {}
|
||||
|
||||
riot:
|
||||
enabled: true
|
||||
integrations:
|
||||
enabled: true
|
||||
ui: "https://scalar.vector.im/"
|
||||
api: "https://scalar.vector.im/api"
|
||||
widgets:
|
||||
- "https://scalar.vector.im/_matrix/integrations/v1"
|
||||
- "https://scalar.vector.im/api"
|
||||
- "https://scalar-staging.vector.im/_matrix/integrations/v1"
|
||||
- "https://scalar-staging.vector.im/api"
|
||||
- "https://scalar-staging.riot.im/scalar/api"
|
||||
# Experimental features in riot-web, see https://github.com/vector-im/riot-web/blob/develop/docs/labs.md
|
||||
labs:
|
||||
- feature_pinning
|
||||
- feature_custom_status
|
||||
- feature_state_counters
|
||||
- feature_many_integration_managers
|
||||
- feature_mjolnir
|
||||
- feature_dm_verification
|
||||
- feature_bridge_state
|
||||
- feature_presence_in_room_list
|
||||
- feature_custom_themes
|
||||
# Servers to show in the Explore menu (the current server is always shown)
|
||||
roomDirectoryServers: []
|
||||
# Prefix before permalinks generated when users share links to rooms, users, or messages. If running an unfederated Synapse, set the below to the URL of your Riot instance.
|
||||
permalinkPrefix: "https://chat.cluster.fun"
|
||||
image:
|
||||
repository: "vectorim/riot-web"
|
||||
tag: v1.6.0
|
||||
pullPolicy: IfNotPresent
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 80
|
||||
replicaCount: 1
|
||||
resources: {}
|
||||
|
||||
# Settings for Coturn TURN relay, used for routing voice calls
|
||||
coturn:
|
||||
enabled: false
|
||||
|
||||
mail:
|
||||
enabled: false
|
||||
relay:
|
||||
enabled: false
|
||||
|
||||
bridges:
|
||||
irc:
|
||||
enabled: false
|
||||
whatsapp:
|
||||
enabled: false
|
||||
discord:
|
||||
enabled: false
|
||||
|
||||
networkPolicies:
|
||||
enabled: false
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
---
|
||||
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: matrix
|
||||
namespace: chat
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- matrix.cluster.fun
|
||||
secretName: matrix-ingress
|
||||
rules:
|
||||
- host: matrix.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /.well-known/matrix
|
||||
backend:
|
||||
serviceName: well-known
|
||||
servicePort: 80
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: chat-matrix-synapse
|
||||
servicePort: 80
|
||||
|
||||
---
|
||||
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: riot
|
||||
namespace: chat
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- chat.cluster.fun
|
||||
secretName: riot-ingress
|
||||
rules:
|
||||
- host: chat.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
backend:
|
||||
serviceName: chat-matrix-riot
|
||||
servicePort: 80
|
||||
|
||||
---
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: well-known
|
||||
namespace: chat
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: well-known
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: well-known
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: nginx
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
name: web
|
||||
volumeMounts:
|
||||
- name: well-known
|
||||
mountPath: /usr/share/nginx/html/.well-known/matrix
|
||||
volumes:
|
||||
- name: well-known
|
||||
configMap:
|
||||
name: well-known
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: well-known
|
||||
namespace: chat
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: 80
|
||||
name: web
|
||||
selector:
|
||||
app: well-known
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: well-known
|
||||
namespace: chat
|
||||
data:
|
||||
server: |-
|
||||
{
|
||||
"m.server": "matrix.cluster.fun:443"
|
||||
}
|
|
@ -0,0 +1,545 @@
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: matrix
|
||||
namespace: chat
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- matrix.cluster.fun
|
||||
secretName: matrix-ingress
|
||||
rules:
|
||||
- host: matrix.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /.well-known/matrix
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: well-known
|
||||
port:
|
||||
number: 80
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: matrix-synapse
|
||||
port:
|
||||
number: 80
|
||||
|
||||
---
|
||||
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: riot
|
||||
namespace: chat
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- chat.cluster.fun
|
||||
secretName: riot-ingress
|
||||
rules:
|
||||
- host: chat.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: matrix-riot
|
||||
port:
|
||||
number: 80
|
||||
|
||||
---
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: well-known
|
||||
namespace: chat
|
||||
annotations:
|
||||
configmap.reloader.stakater.com/reload: "well-known"
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: well-known
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: well-known
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: nginx
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
name: web
|
||||
volumeMounts:
|
||||
- name: well-known
|
||||
mountPath: /usr/share/nginx/html/.well-known/matrix
|
||||
resources:
|
||||
limits:
|
||||
memory: 15Mi
|
||||
requests:
|
||||
memory: 15Mi
|
||||
volumes:
|
||||
- name: well-known
|
||||
configMap:
|
||||
name: well-known
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: well-known
|
||||
namespace: chat
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: 80
|
||||
name: web
|
||||
selector:
|
||||
app: well-known
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: well-known
|
||||
namespace: chat
|
||||
data:
|
||||
server: |-
|
||||
{
|
||||
"m.server": "matrix.cluster.fun:443"
|
||||
}
|
||||
|
||||
|
||||
---
|
||||
|
||||
|
||||
# Source: matrix/templates/riot/configmap.yaml
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: matrix-riot-config
|
||||
namespace: chat
|
||||
labels:
|
||||
app.kubernetes.io/name: "matrix"
|
||||
component: element
|
||||
data:
|
||||
config.json: |
|
||||
{
|
||||
"default_server_config": {
|
||||
"m.homeserver": {
|
||||
"base_url": "https://matrix.cluster.fun"
|
||||
}
|
||||
},
|
||||
"brand": "Element",
|
||||
"branding": {},
|
||||
"integrations_ui_url": "https://scalar.vector.im/",
|
||||
"integrations_rest_url": "https://scalar.vector.im/api",
|
||||
"integrations_widgets_urls": [
|
||||
"https://scalar.vector.im/_matrix/integrations/v1",
|
||||
"https://scalar.vector.im/api",
|
||||
"https://scalar-staging.vector.im/_matrix/integrations/v1",
|
||||
"https://scalar-staging.vector.im/api",
|
||||
"https://scalar-staging.riot.im/scalar/api"
|
||||
],
|
||||
"showLabsSettings": true,
|
||||
"features": {
|
||||
"feature_pinning": true,
|
||||
"feature_custom_status": "labs",
|
||||
"feature_state_counters": "labs",
|
||||
"feature_many_integration_managers": "labs",
|
||||
"feature_mjolnir": "labs",
|
||||
"feature_dm_verification": "labs",
|
||||
"feature_bridge_state": "labs",
|
||||
"feature_presence_in_room_list": true,
|
||||
"feature_custom_themes": "labs",
|
||||
"feature_new_spinner": "labs",
|
||||
"feature_jump_to_date": "labs",
|
||||
"feature_location_share_pin_drop": "labs",
|
||||
"feature_location_share_live": "labs",
|
||||
"feature_thread": true,
|
||||
"feature_video_rooms": true,
|
||||
"feature_favourite_messages": "labs"
|
||||
},
|
||||
"roomDirectory": {
|
||||
"servers": []
|
||||
},
|
||||
"permalinkPrefix": "https://chat.cluster.fun",
|
||||
"enable_presence_by_hs_url": {
|
||||
"https://matrix.org": false,
|
||||
"https://matrix-client.matrix.org": false
|
||||
},
|
||||
"map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=2IerXP2a5g1e7hxxBbzs"
|
||||
}
|
||||
nginx.conf: |
|
||||
worker_processes auto;
|
||||
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
pid /var/run/pid/nginx.pid;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
|
||||
keepalive_timeout 65;
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
}
|
||||
default.conf: |
|
||||
server {
|
||||
listen 8080;
|
||||
server_name localhost;
|
||||
|
||||
location / {
|
||||
root /usr/share/nginx/html;
|
||||
index index.html index.htm;
|
||||
}
|
||||
|
||||
# redirect server error pages to the static page /50x.html
|
||||
#
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
location = /50x.html {
|
||||
root /usr/share/nginx/html;
|
||||
}
|
||||
}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: matrix-synapse-config
|
||||
namespace: chat
|
||||
annotations:
|
||||
kube-1password: wbj4oozwyx6m2zz5m42pgcmymy
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-key: homeserver.yaml
|
||||
labels:
|
||||
app.kubernetes.io/name: "matrix"
|
||||
component: synapse
|
||||
type: Opaque
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: matrix-synapse-config
|
||||
namespace: chat
|
||||
labels:
|
||||
app.kubernetes.io/name: "matrix"
|
||||
component: element
|
||||
data:
|
||||
matrix.cluster.fun.log.config: |
|
||||
version: 1
|
||||
|
||||
formatters:
|
||||
precise:
|
||||
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
|
||||
|
||||
filters:
|
||||
context:
|
||||
(): synapse.util.logcontext.LoggingContextFilter
|
||||
request: ""
|
||||
|
||||
handlers:
|
||||
console:
|
||||
class: logging.StreamHandler
|
||||
formatter: precise
|
||||
filters: [context]
|
||||
|
||||
loggers:
|
||||
synapse:
|
||||
level: WARNING
|
||||
synapse.storage.SQL:
|
||||
# beware: increasing this to DEBUG will make synapse log sensitive
|
||||
# information such as access tokens.
|
||||
level: WARNING
|
||||
|
||||
root:
|
||||
level: WARNING
|
||||
handlers: [console]
|
||||
---
|
||||
# Source: matrix/templates/riot/service.yaml
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: matrix-riot
|
||||
namespace: chat
|
||||
labels:
|
||||
app.kubernetes.io/name: "matrix"
|
||||
component: element
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
selector:
|
||||
app.kubernetes.io/name: matrix-riot
|
||||
---
|
||||
# Source: matrix/templates/synapse/service.yaml
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: matrix-synapse
|
||||
namespace: chat
|
||||
labels:
|
||||
app.kubernetes.io/name: "matrix"
|
||||
component: synapse
|
||||
annotations:
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/path: "/_synapse/metrics"
|
||||
prometheus.io/port: "9000"
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
- port: 9000
|
||||
targetPort: metrics
|
||||
protocol: TCP
|
||||
name: metrics
|
||||
selector:
|
||||
app.kubernetes.io/name: matrix-synapse
|
||||
---
|
||||
# Source: matrix/templates/riot/deployment.yaml
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: matrix-riot
|
||||
namespace: chat
|
||||
labels:
|
||||
app.kubernetes.io/name: "matrix"
|
||||
component: element
|
||||
spec:
|
||||
replicas: 2
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: matrix-riot
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-riot
|
||||
spec:
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
containers:
|
||||
- name: "riot"
|
||||
image: "vectorim/element-web:v1.11.66"
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 8080
|
||||
protocol: TCP
|
||||
volumeMounts:
|
||||
- mountPath: /app/config.json
|
||||
name: riot-config
|
||||
subPath: config.json
|
||||
readOnly: true
|
||||
- mountPath: /etc/nginx/nginx.conf
|
||||
name: riot-config
|
||||
subPath: nginx.conf
|
||||
readOnly: true
|
||||
- mountPath: /etc/nginx/conf.d/default.conf
|
||||
name: riot-config
|
||||
subPath: default.conf
|
||||
readOnly: true
|
||||
- mountPath: /var/cache/nginx
|
||||
name: ephemeral
|
||||
subPath: cache
|
||||
- mountPath: /var/run/pid
|
||||
name: ephemeral
|
||||
subPath: pid
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: http
|
||||
startupProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: http
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: http
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: true
|
||||
allowPrivilegeEscalation: false
|
||||
volumes:
|
||||
- name: riot-config
|
||||
configMap:
|
||||
name: matrix-riot-config
|
||||
- name: ephemeral
|
||||
emptyDir: {}
|
||||
---
|
||||
# Source: matrix/templates/synapse/deployment.yaml
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: matrix-synapse
|
||||
namespace: chat
|
||||
labels:
|
||||
app.kubernetes.io/name: "matrix"
|
||||
component: synapse
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: matrix-synapse
|
||||
strategy:
|
||||
type: Recreate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-synapse
|
||||
spec:
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
initContainers:
|
||||
- name: generate-signing-key
|
||||
image: "ghcr.io/element-hq/synapse:v1.107.0"
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: SYNAPSE_SERVER_NAME
|
||||
value: matrix.cluster.fun
|
||||
- name: SYNAPSE_REPORT_STATS
|
||||
value: "no"
|
||||
command: ["python"]
|
||||
args:
|
||||
- "-m"
|
||||
- "synapse.app.homeserver"
|
||||
- "--config-path"
|
||||
- "/data/homeserver.yaml"
|
||||
- "--keys-directory"
|
||||
- "/data/keys"
|
||||
- "--generate-keys"
|
||||
volumeMounts:
|
||||
- name: synapse-config-homeserver
|
||||
mountPath: /data/homeserver.yaml
|
||||
subPath: homeserver.yaml
|
||||
- name: synapse-config-logging
|
||||
mountPath: /data/matrix.cluster.fun.log.config
|
||||
subPath: matrix.cluster.fun.log.config
|
||||
- name: signing-key
|
||||
mountPath: /data/keys
|
||||
containers:
|
||||
- name: "synapse"
|
||||
image: "ghcr.io/element-hq/synapse:v1.107.0"
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 8008
|
||||
protocol: TCP
|
||||
- name: metrics
|
||||
containerPort: 9000
|
||||
protocol: TCP
|
||||
volumeMounts:
|
||||
- name: synapse-config-homeserver
|
||||
mountPath: /data/homeserver.yaml
|
||||
subPath: homeserver.yaml
|
||||
- name: mautrix-whatsapp-registration
|
||||
mountPath: /data/mautrix-whatsapp-registration.yaml
|
||||
subPath: registration.yaml
|
||||
# - name: mautrix-signal-registration
|
||||
# mountPath: /data/mautrix-signal-registration.yaml
|
||||
# subPath: registration.yaml
|
||||
# - name: mautrix-telegram-registration
|
||||
# mountPath: /data/mautrix-telegram-registration.yaml
|
||||
# subPath: registration.yaml
|
||||
- name: synapse-config-logging
|
||||
mountPath: /data/matrix.cluster.fun.log.config
|
||||
subPath: matrix.cluster.fun.log.config
|
||||
- name: signing-key
|
||||
mountPath: /data/keys
|
||||
- name: user-media
|
||||
mountPath: /data/media_store
|
||||
- name: uploads
|
||||
mountPath: /data/uploads
|
||||
- name: tmp
|
||||
mountPath: /tmp
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /_matrix/static/
|
||||
port: http
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 5
|
||||
startupProbe:
|
||||
httpGet:
|
||||
path: /_matrix/static/
|
||||
port: http
|
||||
failureThreshold: 6
|
||||
periodSeconds: 5
|
||||
timeoutSeconds: 5
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /_matrix/static/
|
||||
port: http
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 5
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: true
|
||||
allowPrivilegeEscalation: false
|
||||
volumes:
|
||||
- name: synapse-config-logging
|
||||
configMap:
|
||||
name: matrix-synapse-config
|
||||
- name: synapse-config-homeserver
|
||||
secret:
|
||||
secretName: matrix-synapse-config
|
||||
- name: mautrix-whatsapp-registration
|
||||
secret:
|
||||
secretName: mautrix-whatsapp-registration
|
||||
# - name: mautrix-signal-registration
|
||||
# secret:
|
||||
# secretName: mautrix-signal-registration
|
||||
# - name: mautrix-telegram-registration
|
||||
# secret:
|
||||
# secretName: mautrix-telegram-registration
|
||||
- name: signing-key
|
||||
persistentVolumeClaim:
|
||||
claimName: chat-matrix-signing-key
|
||||
- name: user-media
|
||||
persistentVolumeClaim:
|
||||
claimName: chat-matrix-user-media
|
||||
- name: uploads
|
||||
emptyDir: {}
|
||||
- name: tmp
|
||||
emptyDir: {}
|
||||
---
|
|
@ -0,0 +1,32 @@
|
|||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: chat-matrix-user-media
|
||||
namespace: chat
|
||||
labels:
|
||||
app.kubernetes.io/name: "matrix"
|
||||
component: synapse
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 12Gi
|
||||
storageClassName: sbs-default-retain
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: chat-matrix-signing-key
|
||||
namespace: chat
|
||||
labels:
|
||||
app.kubernetes.io/name: "matrix"
|
||||
component: synapse
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
storageClassName: sbs-default-retain
|
||||
---
|
|
@ -0,0 +1,153 @@
|
|||
# apiVersion: v1
|
||||
# kind: Secret
|
||||
# metadata:
|
||||
# name: mautrix-signal-registration
|
||||
# namespace: chat
|
||||
# annotations:
|
||||
# kube-1password: z6tylu2br724gttcpfyi5egaui
|
||||
# kube-1password/vault: Kubernetes
|
||||
# kube-1password/secret-text-key: registration.yaml
|
||||
# labels:
|
||||
# app.kubernetes.io/name: "mautrix-signal"
|
||||
# component: registration
|
||||
# type: Opaque
|
||||
|
||||
# ---
|
||||
|
||||
# apiVersion: v1
|
||||
# kind: Secret
|
||||
# metadata:
|
||||
# name: mautrix-signal-config
|
||||
# namespace: chat
|
||||
# annotations:
|
||||
# kube-1password: 5vfaorcudozlq4clkzgmzzszqe
|
||||
# kube-1password/vault: Kubernetes
|
||||
# kube-1password/secret-text-key: config.yaml
|
||||
# labels:
|
||||
# app.kubernetes.io/name: "mautrix-signal"
|
||||
# component: config
|
||||
# type: Opaque
|
||||
|
||||
# ---
|
||||
|
||||
# apiVersion: v1
|
||||
# kind: Service
|
||||
# metadata:
|
||||
# name: mautrix-signal
|
||||
# namespace: chat
|
||||
# labels:
|
||||
# app.kubernetes.io/name: mautrix-signal
|
||||
# annotations:
|
||||
# prometheus.io/scrape: "true"
|
||||
# prometheus.io/path: "/metrics"
|
||||
# prometheus.io/port: "9000"
|
||||
# spec:
|
||||
# type: ClusterIP
|
||||
# ports:
|
||||
# - port: 29328
|
||||
# targetPort: http
|
||||
# protocol: TCP
|
||||
# name: http
|
||||
# selector:
|
||||
# app.kubernetes.io/name: mautrix-signal
|
||||
|
||||
# ---
|
||||
|
||||
# apiVersion: apps/v1
|
||||
# kind: Deployment
|
||||
# metadata:
|
||||
# name: mautrix-signal
|
||||
# labels:
|
||||
# app.kubernetes.io/name: mautrix-signal
|
||||
# spec:
|
||||
# revisionHistoryLimit: 3
|
||||
# replicas: 1
|
||||
# strategy:
|
||||
# type: Recreate
|
||||
# selector:
|
||||
# matchLabels:
|
||||
# app.kubernetes.io/name: mautrix-signal
|
||||
# template:
|
||||
# metadata:
|
||||
# labels:
|
||||
# app.kubernetes.io/name: mautrix-signal
|
||||
# spec:
|
||||
# serviceAccountName: default
|
||||
# automountServiceAccountToken: true
|
||||
# dnsPolicy: ClusterFirst
|
||||
# enableServiceLinks: true
|
||||
# initContainers:
|
||||
# - name: config-copy
|
||||
# image: bash:latest
|
||||
# imagePullPolicy: IfNotPresent
|
||||
# args:
|
||||
# - -c
|
||||
# - |
|
||||
# cp /secrets/* /data/
|
||||
# volumeMounts:
|
||||
# - name: mautrix-signal-config
|
||||
# mountPath: /secrets/config.yaml
|
||||
# subPath: config.yaml
|
||||
# - name: mautrix-signal-registration
|
||||
# mountPath: /secrets/registration.yaml
|
||||
# subPath: registration.yaml
|
||||
# - name: data
|
||||
# mountPath: /data
|
||||
# containers:
|
||||
# - name: signald
|
||||
# image: docker.io/signald/signald:stable
|
||||
# imagePullPolicy: Always
|
||||
# volumeMounts:
|
||||
# - name: signald
|
||||
# mountPath: /signald
|
||||
# - name: mautrix-signal
|
||||
# image: "dock.mau.dev/mautrix/signal:v0.4.3"
|
||||
# imagePullPolicy: IfNotPresent
|
||||
# env:
|
||||
# - name: "TZ"
|
||||
# value: "UTC"
|
||||
# ports:
|
||||
# - name: http
|
||||
# containerPort: 29328
|
||||
# protocol: TCP
|
||||
# - name: metrics
|
||||
# containerPort: 9000
|
||||
# protocol: TCP
|
||||
# volumeMounts:
|
||||
# - name: signald
|
||||
# mountPath: /signald
|
||||
# - name: data
|
||||
# mountPath: /data
|
||||
# livenessProbe:
|
||||
# tcpSocket:
|
||||
# port: 29318
|
||||
# initialDelaySeconds: 0
|
||||
# failureThreshold: 3
|
||||
# timeoutSeconds: 1
|
||||
# periodSeconds: 10
|
||||
# readinessProbe:
|
||||
# tcpSocket:
|
||||
# port: 29318
|
||||
# initialDelaySeconds: 0
|
||||
# failureThreshold: 3
|
||||
# timeoutSeconds: 1
|
||||
# periodSeconds: 10
|
||||
# startupProbe:
|
||||
# tcpSocket:
|
||||
# port: 29318
|
||||
# initialDelaySeconds: 0
|
||||
# failureThreshold: 30
|
||||
# timeoutSeconds: 1
|
||||
# periodSeconds: 5
|
||||
# volumes:
|
||||
# - name: data
|
||||
# emptyDir: {}
|
||||
# - name: signald
|
||||
# emptyDir: {}
|
||||
# - name: mautrix-signal-config
|
||||
# secret:
|
||||
# secretName: mautrix-signal-config
|
||||
# - name: mautrix-signal-registration
|
||||
# secret:
|
||||
# secretName: mautrix-signal-registration
|
||||
# ---
|
|
@ -0,0 +1,143 @@
|
|||
# apiVersion: v1
|
||||
# kind: Secret
|
||||
# metadata:
|
||||
# name: mautrix-telegram-registration
|
||||
# namespace: chat
|
||||
# annotations:
|
||||
# kube-1password: dancy7ogc4gjlxhfntqejgudwi
|
||||
# kube-1password/vault: Kubernetes
|
||||
# kube-1password/secret-text-key: registration.yaml
|
||||
# labels:
|
||||
# app.kubernetes.io/name: "mautrix-telegram"
|
||||
# component: registration
|
||||
# type: Opaque
|
||||
|
||||
# ---
|
||||
|
||||
# apiVersion: v1
|
||||
# kind: Secret
|
||||
# metadata:
|
||||
# name: mautrix-telegram-config
|
||||
# namespace: chat
|
||||
# annotations:
|
||||
# kube-1password: nilzdpfum35hhwijnwvasbzmcq
|
||||
# kube-1password/vault: Kubernetes
|
||||
# kube-1password/secret-text-key: config.yaml
|
||||
# labels:
|
||||
# app.kubernetes.io/name: "mautrix-telegram"
|
||||
# component: config
|
||||
# type: Opaque
|
||||
|
||||
# ---
|
||||
|
||||
# apiVersion: v1
|
||||
# kind: Service
|
||||
# metadata:
|
||||
# name: mautrix-telegram
|
||||
# namespace: chat
|
||||
# labels:
|
||||
# app.kubernetes.io/name: mautrix-telegram
|
||||
# annotations:
|
||||
# prometheus.io/scrape: "true"
|
||||
# prometheus.io/path: "/metrics"
|
||||
# prometheus.io/port: "9000"
|
||||
# spec:
|
||||
# type: ClusterIP
|
||||
# ports:
|
||||
# - port: 29318
|
||||
# targetPort: http
|
||||
# protocol: TCP
|
||||
# name: http
|
||||
# selector:
|
||||
# app.kubernetes.io/name: mautrix-telegram
|
||||
|
||||
# ---
|
||||
|
||||
# apiVersion: apps/v1
|
||||
# kind: Deployment
|
||||
# metadata:
|
||||
# name: mautrix-telegram
|
||||
# labels:
|
||||
# app.kubernetes.io/name: mautrix-telegram
|
||||
# spec:
|
||||
# revisionHistoryLimit: 3
|
||||
# replicas: 1
|
||||
# strategy:
|
||||
# type: Recreate
|
||||
# selector:
|
||||
# matchLabels:
|
||||
# app.kubernetes.io/name: mautrix-telegram
|
||||
# template:
|
||||
# metadata:
|
||||
# labels:
|
||||
# app.kubernetes.io/name: mautrix-telegram
|
||||
# spec:
|
||||
# serviceAccountName: default
|
||||
# automountServiceAccountToken: true
|
||||
# dnsPolicy: ClusterFirst
|
||||
# enableServiceLinks: true
|
||||
# initContainers:
|
||||
# - name: config-copy
|
||||
# image: bash:latest
|
||||
# imagePullPolicy: IfNotPresent
|
||||
# args:
|
||||
# - -c
|
||||
# - |
|
||||
# cp /secrets/* /data/
|
||||
# volumeMounts:
|
||||
# - name: mautrix-telegram-config
|
||||
# mountPath: /secrets/config.yaml
|
||||
# subPath: config.yaml
|
||||
# - name: mautrix-telegram-registration
|
||||
# mountPath: /secrets/registration.yaml
|
||||
# subPath: registration.yaml
|
||||
# - name: data
|
||||
# mountPath: /data
|
||||
# containers:
|
||||
# - name: mautrix-telegram
|
||||
# image: "dock.mau.dev/mautrix/telegram:v0.12.1"
|
||||
# imagePullPolicy: IfNotPresent
|
||||
# env:
|
||||
# - name: "TZ"
|
||||
# value: "UTC"
|
||||
# ports:
|
||||
# - name: http
|
||||
# containerPort: 29318
|
||||
# protocol: TCP
|
||||
# - name: metrics
|
||||
# containerPort: 9000
|
||||
# protocol: TCP
|
||||
# volumeMounts:
|
||||
# - name: data
|
||||
# mountPath: /data
|
||||
# livenessProbe:
|
||||
# tcpSocket:
|
||||
# port: 29318
|
||||
# initialDelaySeconds: 0
|
||||
# failureThreshold: 3
|
||||
# timeoutSeconds: 1
|
||||
# periodSeconds: 10
|
||||
# readinessProbe:
|
||||
# tcpSocket:
|
||||
# port: 29318
|
||||
# initialDelaySeconds: 0
|
||||
# failureThreshold: 3
|
||||
# timeoutSeconds: 1
|
||||
# periodSeconds: 10
|
||||
# startupProbe:
|
||||
# tcpSocket:
|
||||
# port: 29318
|
||||
# initialDelaySeconds: 0
|
||||
# failureThreshold: 30
|
||||
# timeoutSeconds: 1
|
||||
# periodSeconds: 5
|
||||
# volumes:
|
||||
# - name: data
|
||||
# emptyDir: {}
|
||||
# - name: mautrix-telegram-config
|
||||
# secret:
|
||||
# secretName: mautrix-telegram-config
|
||||
# - name: mautrix-telegram-registration
|
||||
# secret:
|
||||
# secretName: mautrix-telegram-registration
|
||||
# ---
|
|
@ -0,0 +1,143 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mautrix-whatsapp-registration
|
||||
namespace: chat
|
||||
annotations:
|
||||
kube-1password: x6lzkpyov4dem5jtk2kimyrnvy
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-key: registration.yaml
|
||||
labels:
|
||||
app.kubernetes.io/name: "mautrix-whatsapp"
|
||||
component: registration
|
||||
type: Opaque
|
||||
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mautrix-whatsapp-config
|
||||
namespace: chat
|
||||
annotations:
|
||||
kube-1password: ji3e2el66bu56bml3kq3ghyojq
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-key: config.yaml
|
||||
labels:
|
||||
app.kubernetes.io/name: "mautrix-whatsapp"
|
||||
component: config
|
||||
type: Opaque
|
||||
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: mautrix-whatsapp
|
||||
namespace: chat
|
||||
labels:
|
||||
app.kubernetes.io/name: mautrix-whatsapp
|
||||
annotations:
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/path: "/metrics"
|
||||
prometheus.io/port: "9000"
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 29318
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
selector:
|
||||
app.kubernetes.io/name: mautrix-whatsapp
|
||||
|
||||
---
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: mautrix-whatsapp
|
||||
labels:
|
||||
app.kubernetes.io/name: mautrix-whatsapp
|
||||
spec:
|
||||
revisionHistoryLimit: 3
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: mautrix-whatsapp
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: mautrix-whatsapp
|
||||
spec:
|
||||
serviceAccountName: default
|
||||
automountServiceAccountToken: true
|
||||
dnsPolicy: ClusterFirst
|
||||
enableServiceLinks: true
|
||||
initContainers:
|
||||
- name: config-copy
|
||||
image: bash:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- -c
|
||||
- |
|
||||
cp /secrets/* /data/
|
||||
volumeMounts:
|
||||
- name: mautrix-whatsapp-config
|
||||
mountPath: /secrets/config.yaml
|
||||
subPath: config.yaml
|
||||
- name: mautrix-whatsapp-registration
|
||||
mountPath: /secrets/registration.yaml
|
||||
subPath: registration.yaml
|
||||
- name: data
|
||||
mountPath: /data
|
||||
containers:
|
||||
- name: mautrix-whatsapp
|
||||
image: "dock.mau.dev/mautrix/whatsapp:v0.10.7"
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: "TZ"
|
||||
value: "UTC"
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 29318
|
||||
protocol: TCP
|
||||
- name: metrics
|
||||
containerPort: 9000
|
||||
protocol: TCP
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /data
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: 29318
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 3
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: 29318
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 3
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
startupProbe:
|
||||
tcpSocket:
|
||||
port: 29318
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 30
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 5
|
||||
volumes:
|
||||
- name: data
|
||||
emptyDir: {}
|
||||
- name: mautrix-whatsapp-config
|
||||
secret:
|
||||
secretName: mautrix-whatsapp-config
|
||||
- name: mautrix-whatsapp-registration
|
||||
secret:
|
||||
secretName: mautrix-whatsapp-registration
|
||||
---
|
|
@ -0,0 +1,120 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mealie
|
||||
namespace: mealie
|
||||
annotations:
|
||||
kube-1password: 7ibib7oafxbxkvofnd4oxcr3qy
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-parse: "true"
|
||||
type: Opaque
|
||||
|
||||
---
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: mealie
|
||||
namespace: mealie
|
||||
spec:
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: mealie
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: mealie
|
||||
spec:
|
||||
containers:
|
||||
- name: frontend
|
||||
image: ghcr.io/mealie-recipes/mealie:v1.6.0
|
||||
imagePullPolicy: Always
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: mealie
|
||||
env:
|
||||
- name: PUID
|
||||
value: "1000"
|
||||
- name: PGID
|
||||
value: "1000"
|
||||
- name: TOKEN_TIME
|
||||
value: "168"
|
||||
- name: DB_ENGINE
|
||||
value: postgres
|
||||
- name: POSTGRES_DB
|
||||
value: mealie
|
||||
- name: RECIPE_PUBLIC
|
||||
value: "false"
|
||||
- name: RECIPE_SHOW_NUTRITION
|
||||
value: "true"
|
||||
- name: RECIPE_SHOW_ASSETS
|
||||
value: "true"
|
||||
- name: RECIPE_LANDSCAPE_VIEW
|
||||
value: "true"
|
||||
- name: RECIPE_DISABLE_COMMENTS
|
||||
value: "false"
|
||||
- name: RECIPE_DISABLE_AMOUNT
|
||||
value: "false"
|
||||
- name: ALLOW_SIGNUP
|
||||
value: "false"
|
||||
- name: BASE_URL
|
||||
value: "https://mealie.cluster.fun"
|
||||
ports:
|
||||
- containerPort: 9000
|
||||
name: web
|
||||
volumeMounts:
|
||||
- mountPath: /app/data
|
||||
name: data
|
||||
volumes:
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
claimName: mealie
|
||||
|
||||
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: mealie
|
||||
namespace: mealie
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: web
|
||||
name: web
|
||||
selector:
|
||||
app: mealie
|
||||
---
|
||||
|
||||
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: mealie
|
||||
namespace: mealie
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- mealie.cluster.fun
|
||||
secretName: mealie-ingress
|
||||
rules:
|
||||
- host: mealie.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
service:
|
||||
name: mealie
|
||||
port:
|
||||
name: web
|
|
@ -0,0 +1,13 @@
|
|||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: mealie
|
||||
namespace: mealie
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 2Gi
|
||||
storageClassName: sbs-default-retain
|
||||
---
|
|
@ -0,0 +1,255 @@
|
|||
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: kube-state-metrics
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
name: kube-state-metrics
|
||||
rules:
|
||||
- apiGroups: ["certificates.k8s.io"]
|
||||
resources:
|
||||
- certificatesigningrequests
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- configmaps
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["batch"]
|
||||
resources:
|
||||
- cronjobs
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["extensions", "apps"]
|
||||
resources:
|
||||
- daemonsets
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["extensions", "apps"]
|
||||
resources:
|
||||
- deployments
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- endpoints
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["autoscaling"]
|
||||
resources:
|
||||
- horizontalpodautoscalers
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["extensions", "networking.k8s.io"]
|
||||
resources:
|
||||
- ingresses
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["batch"]
|
||||
resources:
|
||||
- jobs
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- limitranges
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["admissionregistration.k8s.io"]
|
||||
resources:
|
||||
- mutatingwebhookconfigurations
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- namespaces
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["networking.k8s.io"]
|
||||
resources:
|
||||
- networkpolicies
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- nodes
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- persistentvolumeclaims
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- persistentvolumes
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["policy"]
|
||||
resources:
|
||||
- poddisruptionbudgets
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- pods
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["extensions", "apps"]
|
||||
resources:
|
||||
- replicasets
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- replicationcontrollers
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- resourcequotas
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- secrets
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- services
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["apps"]
|
||||
resources:
|
||||
- statefulsets
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources:
|
||||
- storageclasses
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["admissionregistration.k8s.io"]
|
||||
resources:
|
||||
- validatingwebhookconfigurations
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources:
|
||||
- volumeattachments
|
||||
verbs: ["list", "watch"]
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
name: kube-state-metrics
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: kube-state-metrics
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: kube-state-metrics
|
||||
namespace: monitoring
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: kube-state-metrics
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
annotations:
|
||||
prometheus.io/scrape: 'true'
|
||||
spec:
|
||||
type: "ClusterIP"
|
||||
ports:
|
||||
- name: "http"
|
||||
protocol: TCP
|
||||
port: 8080
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: kube-state-metrics
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
spec:
|
||||
serviceAccountName: kube-state-metrics
|
||||
securityContext:
|
||||
fsGroup: 65534
|
||||
runAsGroup: 65534
|
||||
runAsUser: 65534
|
||||
containers:
|
||||
- name: kube-state-metrics
|
||||
args:
|
||||
#- --resources=certificatesigningrequests
|
||||
- --resources=configmaps
|
||||
- --resources=cronjobs
|
||||
- --resources=daemonsets
|
||||
- --resources=deployments
|
||||
#- --resources=endpoints
|
||||
#- --resources=horizontalpodautoscalers
|
||||
- --resources=ingresses
|
||||
- --resources=jobs
|
||||
#- --resources=limitranges
|
||||
- --resources=mutatingwebhookconfigurations
|
||||
- --resources=namespaces
|
||||
#- --resources=networkpolicies
|
||||
- --resources=nodes
|
||||
- --resources=persistentvolumeclaims
|
||||
- --resources=persistentvolumes
|
||||
- --resources=poddisruptionbudgets
|
||||
- --resources=pods
|
||||
- --resources=replicasets
|
||||
#- --resources=replicationcontrollers
|
||||
#- --resources=resourcequotas
|
||||
- --resources=secrets
|
||||
- --resources=services
|
||||
- --resources=statefulsets
|
||||
- --resources=storageclasses
|
||||
- --resources=validatingwebhookconfigurations
|
||||
#- --resources=volumeattachments
|
||||
imagePullPolicy: IfNotPresent
|
||||
image: "registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.12.0"
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: 8080
|
||||
initialDelaySeconds: 5
|
||||
timeoutSeconds: 5
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: 8080
|
||||
initialDelaySeconds: 5
|
||||
timeoutSeconds: 5
|
||||
---
|
|
@ -0,0 +1,64 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: prometheus-server
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: server
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: server
|
||||
name: prometheus-server
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- nodes
|
||||
- nodes/proxy
|
||||
- nodes/metrics
|
||||
- services
|
||||
- endpoints
|
||||
- pods
|
||||
- ingresses
|
||||
- configmaps
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- "extensions"
|
||||
- "networking.k8s.io"
|
||||
resources:
|
||||
- ingresses/status
|
||||
- ingresses
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- nonResourceURLs:
|
||||
- "/metrics"
|
||||
verbs:
|
||||
- get
|
||||
---
|
||||
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: server
|
||||
name: prometheus-server
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: prometheus-server
|
||||
namespace: monitoring
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: prometheus-server
|
||||
---
|
|
@ -0,0 +1,292 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: promtail
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: promtail
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
data:
|
||||
promtail.yaml: |
|
||||
client:
|
||||
backoff_config:
|
||||
max_period: 5m
|
||||
max_retries: 10
|
||||
min_period: 500ms
|
||||
batchsize: 1048576
|
||||
batchwait: 1s
|
||||
external_labels: {}
|
||||
timeout: 10s
|
||||
positions:
|
||||
filename: /run/promtail/positions.yaml
|
||||
server:
|
||||
http_listen_port: 3101
|
||||
clients:
|
||||
- url: http://loki-distributed.proxy-civo.svc:80/loki/api/v1/push
|
||||
external_labels:
|
||||
kubernetes_cluster: civo
|
||||
target_config:
|
||||
sync_period: 10s
|
||||
scrape_configs:
|
||||
- job_name: kubernetes-pods
|
||||
pipeline_stages:
|
||||
- docker: {}
|
||||
- cri: {}
|
||||
- match:
|
||||
selector: '{app="weave-net"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{filename=~".*konnectivity.*"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{name=~".*"} |~ ".*/healthz.*"'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{name=~".*"} |~ ".*/api/health.*"'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{name=~".*"} |~ ".*kube-probe/.*"'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="internal-proxy"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="non-auth-proxy"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="vpa"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="promtail"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="csi-node"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="victoria-metrics"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="git-sync"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="ingress-nginx"}'
|
||||
stages:
|
||||
- json:
|
||||
expressions:
|
||||
request_host: host
|
||||
request_path: path
|
||||
request_method: method
|
||||
response_status: status
|
||||
- drop:
|
||||
source: "request_path"
|
||||
value: "/healthz"
|
||||
- drop:
|
||||
source: "request_path"
|
||||
value: "/health"
|
||||
- labels:
|
||||
request_host:
|
||||
request_method:
|
||||
response_status:
|
||||
- match:
|
||||
selector: '{app="traefik"}'
|
||||
stages:
|
||||
- json:
|
||||
expressions:
|
||||
request_host: RequestHost
|
||||
request_path: RequestPath
|
||||
request_method: RequestMethod
|
||||
response_status: OriginStatus
|
||||
- drop:
|
||||
source: "request_path"
|
||||
value: "/healthz"
|
||||
- drop:
|
||||
source: "request_path"
|
||||
value: "/health"
|
||||
- drop:
|
||||
source: "request_path"
|
||||
value: "/ping"
|
||||
- labels:
|
||||
request_host:
|
||||
request_method:
|
||||
response_status:
|
||||
kubernetes_sd_configs:
|
||||
- role: pod
|
||||
relabel_configs:
|
||||
- source_labels:
|
||||
- __meta_kubernetes_pod_controller_name
|
||||
regex: ([0-9a-z-.]+?)(-[0-9a-f]{8,10})?
|
||||
action: replace
|
||||
target_label: __tmp_controller_name
|
||||
- source_labels:
|
||||
- __meta_kubernetes_pod_label_app_kubernetes_io_name
|
||||
- __meta_kubernetes_pod_label_app
|
||||
- __tmp_controller_name
|
||||
- __meta_kubernetes_pod_name
|
||||
regex: ^;*([^;]+)(;.*)?$
|
||||
action: replace
|
||||
target_label: app
|
||||
- source_labels:
|
||||
- __meta_kubernetes_pod_label_app_kubernetes_io_component
|
||||
- __meta_kubernetes_pod_label_component
|
||||
regex: ^;*([^;]+)(;.*)?$
|
||||
action: replace
|
||||
target_label: component
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_node_name
|
||||
target_label: node_name
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_namespace
|
||||
target_label: namespace
|
||||
- action: replace
|
||||
replacement: $1
|
||||
separator: /
|
||||
source_labels:
|
||||
- namespace
|
||||
- app
|
||||
target_label: job
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_name
|
||||
target_label: pod
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_container_name
|
||||
target_label: container
|
||||
- action: replace
|
||||
replacement: /var/log/pods/*$1/*.log
|
||||
separator: /
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_uid
|
||||
- __meta_kubernetes_pod_container_name
|
||||
target_label: __path__
|
||||
- action: replace
|
||||
replacement: /var/log/pods/*$1/*.log
|
||||
regex: true/(.*)
|
||||
separator: /
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash
|
||||
- __meta_kubernetes_pod_annotation_kubernetes_io_config_hash
|
||||
- __meta_kubernetes_pod_container_name
|
||||
target_label: __path__
|
||||
- action: labelmap
|
||||
regex: __meta_kubernetes_pod_label_(.+)
|
||||
|
||||
---
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: promtail-clusterrole
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
rules:
|
||||
- apiGroups: [""] # "" indicates the core API group
|
||||
resources:
|
||||
- nodes
|
||||
- nodes/proxy
|
||||
- services
|
||||
- endpoints
|
||||
- pods
|
||||
verbs: ["get", "watch", "list"]
|
||||
---
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: promtail-clusterrolebinding
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: promtail
|
||||
namespace: monitoring
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: promtail-clusterrole
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: promtail
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
annotations:
|
||||
configmap.reloader.stakater.com/reload: "promtail"
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: promtail
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
annotations:
|
||||
prometheus.io/port: http-metrics
|
||||
prometheus.io/scrape: "true"
|
||||
spec:
|
||||
serviceAccountName: promtail
|
||||
containers:
|
||||
- name: promtail
|
||||
image: "grafana/promtail:2.9.8"
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- "-config.file=/etc/promtail/promtail.yaml"
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /etc/promtail
|
||||
- name: run
|
||||
mountPath: /run/promtail
|
||||
- mountPath: /var/lib/docker/containers
|
||||
name: docker
|
||||
readOnly: true
|
||||
- mountPath: /var/log/pods
|
||||
name: pods
|
||||
readOnly: true
|
||||
env:
|
||||
- name: HOSTNAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
ports:
|
||||
- containerPort: 3101
|
||||
name: http-metrics
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: true
|
||||
runAsGroup: 0
|
||||
runAsUser: 0
|
||||
readinessProbe:
|
||||
failureThreshold: 5
|
||||
httpGet:
|
||||
path: /ready
|
||||
port: http-metrics
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
tolerations:
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/master
|
||||
operator: Exists
|
||||
volumes:
|
||||
- name: config
|
||||
configMap:
|
||||
name: promtail
|
||||
- name: run
|
||||
hostPath:
|
||||
path: /run/promtail
|
||||
- hostPath:
|
||||
path: /var/lib/docker/containers
|
||||
name: docker
|
||||
- hostPath:
|
||||
path: /var/log/pods
|
||||
name: pods
|
||||
---
|
|
@ -0,0 +1,163 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: vmagent
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: victoria-metrics
|
||||
app.kubernetes.io/component: agent
|
||||
data:
|
||||
prometheus.yml: |
|
||||
global:
|
||||
scrape_interval: 1m
|
||||
external_labels:
|
||||
source: civo
|
||||
agent: vmagent
|
||||
scrape_configs:
|
||||
- job_name: 'vmagent'
|
||||
static_configs:
|
||||
- targets: ['localhost:8429']
|
||||
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
job_name: kubernetes-nodes
|
||||
kubernetes_sd_configs:
|
||||
- role: node
|
||||
relabel_configs:
|
||||
- action: labelmap
|
||||
regex: __meta_kubernetes_node_label_(.+)
|
||||
- replacement: kubernetes.default.svc:443
|
||||
target_label: __address__
|
||||
- regex: (.+)
|
||||
replacement: /api/v1/nodes/$1/proxy/metrics
|
||||
source_labels:
|
||||
- __meta_kubernetes_node_name
|
||||
target_label: __metrics_path__
|
||||
scheme: https
|
||||
tls_config:
|
||||
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||
insecure_skip_verify: true
|
||||
- job_name: kubernetes-service-endpoints
|
||||
kubernetes_sd_configs:
|
||||
- role: endpoints
|
||||
relabel_configs:
|
||||
- action: keep
|
||||
regex: true
|
||||
source_labels:
|
||||
- __meta_kubernetes_service_annotation_prometheus_io_scrape
|
||||
- action: replace
|
||||
regex: (https?)
|
||||
source_labels:
|
||||
- __meta_kubernetes_service_annotation_prometheus_io_scheme
|
||||
target_label: __scheme__
|
||||
- action: replace
|
||||
regex: (.+)
|
||||
source_labels:
|
||||
- __meta_kubernetes_service_annotation_prometheus_io_path
|
||||
target_label: __metrics_path__
|
||||
- action: replace
|
||||
regex: ([^:]+)(?::\d+)?;(\d+)
|
||||
replacement: $1:$2
|
||||
source_labels:
|
||||
- __address__
|
||||
- __meta_kubernetes_service_annotation_prometheus_io_port
|
||||
target_label: __address__
|
||||
- action: labelmap
|
||||
regex: __meta_kubernetes_service_label_(.+)
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_namespace
|
||||
target_label: kubernetes_namespace
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_service_name
|
||||
target_label: kubernetes_name
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_endpoint_port_name
|
||||
target_label: kubernetes_endpoint_port_name
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_node_name
|
||||
target_label: kubernetes_node
|
||||
- job_name: kubernetes-pods
|
||||
kubernetes_sd_configs:
|
||||
- role: pod
|
||||
relabel_configs:
|
||||
- action: keep
|
||||
regex: true
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_annotation_prometheus_io_scrape
|
||||
- action: replace
|
||||
regex: (.+)
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_annotation_prometheus_io_path
|
||||
target_label: __metrics_path__
|
||||
- action: replace
|
||||
regex: ([^:]+)(?::\d+)?;(\d+)
|
||||
replacement: $1:$2
|
||||
source_labels:
|
||||
- __address__
|
||||
- __meta_kubernetes_pod_annotation_prometheus_io_port
|
||||
target_label: __address__
|
||||
- action: labelmap
|
||||
regex: __meta_kubernetes_pod_label_(.+)
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_namespace
|
||||
target_label: kubernetes_namespace
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_name
|
||||
target_label: kubernetes_pod_name
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_container_port_name
|
||||
target_label: kubernetes_port_name
|
||||
- action: drop
|
||||
regex: Pending|Succeeded|Failed
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_phase
|
||||
|
||||
|
||||
---
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: vmagent
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: victoria-metrics
|
||||
app.kubernetes.io/component: agent
|
||||
annotations:
|
||||
configmap.reloader.stakater.com/reload: "vmagent"
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: victoria-metrics
|
||||
app.kubernetes.io/component: agent
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: victoria-metrics
|
||||
app.kubernetes.io/component: agent
|
||||
spec:
|
||||
serviceAccountName: prometheus-server
|
||||
containers:
|
||||
- name: vmagent
|
||||
image: "victoriametrics/vmagent:v1.101.0"
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
args:
|
||||
- -remoteWrite.url=http://vmcluster.proxy-civo.svc/insert/0/prometheus/
|
||||
- -remoteWrite.showURL
|
||||
- -promscrape.config=/config/prometheus.yml
|
||||
volumeMounts:
|
||||
- name: config-volume
|
||||
mountPath: /config
|
||||
volumes:
|
||||
- name: config-volume
|
||||
configMap:
|
||||
name: vmagent
|
||||
---
|
|
@ -0,0 +1,255 @@
|
|||
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: kube-state-metrics
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
name: kube-state-metrics
|
||||
rules:
|
||||
- apiGroups: ["certificates.k8s.io"]
|
||||
resources:
|
||||
- certificatesigningrequests
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- configmaps
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["batch"]
|
||||
resources:
|
||||
- cronjobs
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["extensions", "apps"]
|
||||
resources:
|
||||
- daemonsets
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["extensions", "apps"]
|
||||
resources:
|
||||
- deployments
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- endpoints
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["autoscaling"]
|
||||
resources:
|
||||
- horizontalpodautoscalers
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["extensions", "networking.k8s.io"]
|
||||
resources:
|
||||
- ingresses
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["batch"]
|
||||
resources:
|
||||
- jobs
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- limitranges
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["admissionregistration.k8s.io"]
|
||||
resources:
|
||||
- mutatingwebhookconfigurations
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- namespaces
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["networking.k8s.io"]
|
||||
resources:
|
||||
- networkpolicies
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- nodes
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- persistentvolumeclaims
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- persistentvolumes
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["policy"]
|
||||
resources:
|
||||
- poddisruptionbudgets
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- pods
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["extensions", "apps"]
|
||||
resources:
|
||||
- replicasets
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- replicationcontrollers
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- resourcequotas
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- secrets
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
- services
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["apps"]
|
||||
resources:
|
||||
- statefulsets
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources:
|
||||
- storageclasses
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["admissionregistration.k8s.io"]
|
||||
resources:
|
||||
- validatingwebhookconfigurations
|
||||
verbs: ["list", "watch"]
|
||||
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources:
|
||||
- volumeattachments
|
||||
verbs: ["list", "watch"]
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
name: kube-state-metrics
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: kube-state-metrics
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: kube-state-metrics
|
||||
namespace: monitoring
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: kube-state-metrics
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
annotations:
|
||||
prometheus.io/scrape: 'true'
|
||||
spec:
|
||||
type: "ClusterIP"
|
||||
ports:
|
||||
- name: "http"
|
||||
protocol: TCP
|
||||
port: 8080
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: kube-state-metrics
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: kube-state-metrics
|
||||
spec:
|
||||
serviceAccountName: kube-state-metrics
|
||||
securityContext:
|
||||
fsGroup: 65534
|
||||
runAsGroup: 65534
|
||||
runAsUser: 65534
|
||||
containers:
|
||||
- name: kube-state-metrics
|
||||
args:
|
||||
#- --resources=certificatesigningrequests
|
||||
- --resources=configmaps
|
||||
- --resources=cronjobs
|
||||
- --resources=daemonsets
|
||||
- --resources=deployments
|
||||
#- --resources=endpoints
|
||||
#- --resources=horizontalpodautoscalers
|
||||
- --resources=ingresses
|
||||
- --resources=jobs
|
||||
#- --resources=limitranges
|
||||
- --resources=mutatingwebhookconfigurations
|
||||
- --resources=namespaces
|
||||
#- --resources=networkpolicies
|
||||
- --resources=nodes
|
||||
- --resources=persistentvolumeclaims
|
||||
- --resources=persistentvolumes
|
||||
- --resources=poddisruptionbudgets
|
||||
- --resources=pods
|
||||
- --resources=replicasets
|
||||
#- --resources=replicationcontrollers
|
||||
#- --resources=resourcequotas
|
||||
- --resources=secrets
|
||||
- --resources=services
|
||||
- --resources=statefulsets
|
||||
- --resources=storageclasses
|
||||
- --resources=validatingwebhookconfigurations
|
||||
#- --resources=volumeattachments
|
||||
imagePullPolicy: IfNotPresent
|
||||
image: "registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.12.0"
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: 8080
|
||||
initialDelaySeconds: 5
|
||||
timeoutSeconds: 5
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: 8080
|
||||
initialDelaySeconds: 5
|
||||
timeoutSeconds: 5
|
||||
---
|
|
@ -0,0 +1,97 @@
|
|||
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: prometheus-node-exporter
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: node-exporter
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
annotations:
|
||||
prometheus.io/scrape: "true"
|
||||
labels:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: node-exporter
|
||||
name: prometheus-node-exporter
|
||||
namespace: monitoring
|
||||
spec:
|
||||
clusterIP: None
|
||||
ports:
|
||||
- name: metrics
|
||||
port: 9100
|
||||
protocol: TCP
|
||||
targetPort: 9100
|
||||
selector:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: node-exporter
|
||||
type: "ClusterIP"
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: node-exporter
|
||||
name: prometheus-node-exporter
|
||||
namespace: monitoring
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: node-exporter
|
||||
updateStrategy:
|
||||
type: RollingUpdate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: node-exporter
|
||||
spec:
|
||||
serviceAccountName: prometheus-node-exporter
|
||||
containers:
|
||||
- name: prometheus-node-exporter
|
||||
image: "prom/node-exporter:v1.8.0"
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
args:
|
||||
- --path.procfs=/host/proc
|
||||
- --path.sysfs=/host/sys
|
||||
- --no-collector.wifi
|
||||
- --no-collector.hwmon
|
||||
- --no-collector.netclass
|
||||
- --no-collector.arp
|
||||
- --no-collector.bcache
|
||||
- --no-collector.bonding
|
||||
- --no-collector.btrfs
|
||||
- --no-collector.dmi
|
||||
- --no-collector.edac
|
||||
- --no-collector.entropy
|
||||
- --no-collector.fibrechannel
|
||||
- --no-collector.infiniband
|
||||
- --no-collector.tapestats
|
||||
- --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/pods/.+)($|/)
|
||||
- --web.listen-address=:9100
|
||||
ports:
|
||||
- name: metrics
|
||||
containerPort: 9100
|
||||
hostPort: 9100
|
||||
volumeMounts:
|
||||
- name: proc
|
||||
mountPath: /host/proc
|
||||
readOnly: true
|
||||
- name: sys
|
||||
mountPath: /host/sys
|
||||
readOnly: true
|
||||
hostNetwork: true
|
||||
hostPID: true
|
||||
volumes:
|
||||
- name: proc
|
||||
hostPath:
|
||||
path: /proc
|
||||
- name: sys
|
||||
hostPath:
|
||||
path: /sys
|
||||
---
|
|
@ -0,0 +1,64 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: prometheus-server
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: server
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: server
|
||||
name: prometheus-server
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- nodes
|
||||
- nodes/proxy
|
||||
- nodes/metrics
|
||||
- services
|
||||
- endpoints
|
||||
- pods
|
||||
- ingresses
|
||||
- configmaps
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- "extensions"
|
||||
- "networking.k8s.io"
|
||||
resources:
|
||||
- ingresses/status
|
||||
- ingresses
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- nonResourceURLs:
|
||||
- "/metrics"
|
||||
verbs:
|
||||
- get
|
||||
---
|
||||
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: prometheus
|
||||
app.kubernetes.io/component: server
|
||||
name: prometheus-server
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: prometheus-server
|
||||
namespace: monitoring
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: prometheus-server
|
||||
---
|
|
@ -0,0 +1,271 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: promtail
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: promtail
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
data:
|
||||
promtail.yaml: |
|
||||
client:
|
||||
backoff_config:
|
||||
max_period: 5m
|
||||
max_retries: 10
|
||||
min_period: 500ms
|
||||
batchsize: 1048576
|
||||
batchwait: 1s
|
||||
external_labels: {}
|
||||
timeout: 10s
|
||||
positions:
|
||||
filename: /run/promtail/positions.yaml
|
||||
server:
|
||||
http_listen_port: 3101
|
||||
clients:
|
||||
- url: http://loki-distributed.auth-proxy.svc:80/loki/api/v1/push
|
||||
external_labels:
|
||||
kubernetes_cluster: scaleway
|
||||
target_config:
|
||||
sync_period: 10s
|
||||
scrape_configs:
|
||||
- job_name: kubernetes-pods
|
||||
pipeline_stages:
|
||||
- docker: {}
|
||||
- cri: {}
|
||||
- match:
|
||||
selector: '{app="weave-net"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{filename=~".*konnectivity.*"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{name=~".*"} |~ ".*/healthz.*"'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{name=~".*"} |~ ".*/api/health.*"'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{name=~".*"} |~ ".*kube-probe/.*"'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="internal-proxy"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="non-auth-proxy"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="vpa"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="promtail"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="csi-node"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="victoria-metrics"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="git-sync"}'
|
||||
action: drop
|
||||
- match:
|
||||
selector: '{app="ingress-nginx"}'
|
||||
stages:
|
||||
- json:
|
||||
expressions:
|
||||
request_host: host
|
||||
request_path: path
|
||||
request_method: method
|
||||
response_status: status
|
||||
- drop:
|
||||
source: "request_path"
|
||||
value: "/healthz"
|
||||
- drop:
|
||||
source: "request_path"
|
||||
value: "/health"
|
||||
- labels:
|
||||
request_host:
|
||||
request_method:
|
||||
response_status:
|
||||
kubernetes_sd_configs:
|
||||
- role: pod
|
||||
relabel_configs:
|
||||
- source_labels:
|
||||
- __meta_kubernetes_pod_controller_name
|
||||
regex: ([0-9a-z-.]+?)(-[0-9a-f]{8,10})?
|
||||
action: replace
|
||||
target_label: __tmp_controller_name
|
||||
- source_labels:
|
||||
- __meta_kubernetes_pod_label_app_kubernetes_io_name
|
||||
- __meta_kubernetes_pod_label_app
|
||||
- __tmp_controller_name
|
||||
- __meta_kubernetes_pod_name
|
||||
regex: ^;*([^;]+)(;.*)?$
|
||||
action: replace
|
||||
target_label: app
|
||||
- source_labels:
|
||||
- __meta_kubernetes_pod_label_app_kubernetes_io_component
|
||||
- __meta_kubernetes_pod_label_component
|
||||
regex: ^;*([^;]+)(;.*)?$
|
||||
action: replace
|
||||
target_label: component
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_node_name
|
||||
target_label: node_name
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_namespace
|
||||
target_label: namespace
|
||||
- action: replace
|
||||
replacement: $1
|
||||
separator: /
|
||||
source_labels:
|
||||
- namespace
|
||||
- app
|
||||
target_label: job
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_name
|
||||
target_label: pod
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_container_name
|
||||
target_label: container
|
||||
- action: replace
|
||||
replacement: /var/log/pods/*$1/*.log
|
||||
separator: /
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_uid
|
||||
- __meta_kubernetes_pod_container_name
|
||||
target_label: __path__
|
||||
- action: replace
|
||||
replacement: /var/log/pods/*$1/*.log
|
||||
regex: true/(.*)
|
||||
separator: /
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash
|
||||
- __meta_kubernetes_pod_annotation_kubernetes_io_config_hash
|
||||
- __meta_kubernetes_pod_container_name
|
||||
target_label: __path__
|
||||
- action: labelmap
|
||||
regex: __meta_kubernetes_pod_label_(.+)
|
||||
|
||||
---
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: promtail-clusterrole
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
rules:
|
||||
- apiGroups: [""] # "" indicates the core API group
|
||||
resources:
|
||||
- nodes
|
||||
- nodes/proxy
|
||||
- services
|
||||
- endpoints
|
||||
- pods
|
||||
verbs: ["get", "watch", "list"]
|
||||
---
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: promtail-clusterrolebinding
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: promtail
|
||||
namespace: monitoring
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: promtail-clusterrole
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
---
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: promtail
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
annotations:
|
||||
configmap.reloader.stakater.com/reload: "promtail"
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: promtail
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: promtail
|
||||
annotations:
|
||||
prometheus.io/port: http-metrics
|
||||
prometheus.io/scrape: "true"
|
||||
spec:
|
||||
serviceAccountName: promtail
|
||||
containers:
|
||||
- name: promtail
|
||||
image: "grafana/promtail:2.9.8"
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- "-config.file=/etc/promtail/promtail.yaml"
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /etc/promtail
|
||||
- name: run
|
||||
mountPath: /run/promtail
|
||||
- mountPath: /var/lib/docker/containers
|
||||
name: docker
|
||||
readOnly: true
|
||||
- mountPath: /var/log/pods
|
||||
name: pods
|
||||
readOnly: true
|
||||
env:
|
||||
- name: HOSTNAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
ports:
|
||||
- containerPort: 3101
|
||||
name: http-metrics
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: true
|
||||
runAsGroup: 0
|
||||
runAsUser: 0
|
||||
readinessProbe:
|
||||
failureThreshold: 5
|
||||
httpGet:
|
||||
path: /ready
|
||||
port: http-metrics
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
tolerations:
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/master
|
||||
operator: Exists
|
||||
volumes:
|
||||
- name: config
|
||||
configMap:
|
||||
name: promtail
|
||||
- name: run
|
||||
hostPath:
|
||||
path: /run/promtail
|
||||
- hostPath:
|
||||
path: /var/lib/docker/containers
|
||||
name: docker
|
||||
- hostPath:
|
||||
path: /var/log/pods
|
||||
name: pods
|
||||
---
|
|
@ -0,0 +1,170 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: vmagent
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: victoria-metrics
|
||||
app.kubernetes.io/component: agent
|
||||
data:
|
||||
prometheus.yml: |
|
||||
global:
|
||||
scrape_interval: 1m
|
||||
external_labels:
|
||||
source: scaleway
|
||||
agent: vmagent
|
||||
scrape_configs:
|
||||
- job_name: 'vmagent'
|
||||
static_configs:
|
||||
- targets: ['localhost:8429']
|
||||
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
job_name: kubernetes-nodes
|
||||
kubernetes_sd_configs:
|
||||
- role: node
|
||||
relabel_configs:
|
||||
- action: labelmap
|
||||
regex: __meta_kubernetes_node_label_(.+)
|
||||
- replacement: kubernetes.default.svc:443
|
||||
target_label: __address__
|
||||
- regex: (.+)
|
||||
replacement: /api/v1/nodes/$1/proxy/metrics
|
||||
source_labels:
|
||||
- __meta_kubernetes_node_name
|
||||
target_label: __metrics_path__
|
||||
scheme: https
|
||||
tls_config:
|
||||
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||
insecure_skip_verify: true
|
||||
|
||||
- job_name: kubernetes-service-endpoints
|
||||
kubernetes_sd_configs:
|
||||
- role: endpoints
|
||||
relabel_configs:
|
||||
- action: drop
|
||||
source_labels: [__meta_kubernetes_pod_container_init]
|
||||
regex: true
|
||||
- action: keep
|
||||
regex: true
|
||||
source_labels:
|
||||
- __meta_kubernetes_service_annotation_prometheus_io_scrape
|
||||
- action: replace
|
||||
regex: (https?)
|
||||
source_labels:
|
||||
- __meta_kubernetes_service_annotation_prometheus_io_scheme
|
||||
target_label: __scheme__
|
||||
- action: replace
|
||||
regex: (.+)
|
||||
source_labels:
|
||||
- __meta_kubernetes_service_annotation_prometheus_io_path
|
||||
target_label: __metrics_path__
|
||||
- action: replace
|
||||
regex: ([^:]+)(?::\d+)?;(\d+)
|
||||
replacement: $1:$2
|
||||
source_labels:
|
||||
- __address__
|
||||
- __meta_kubernetes_service_annotation_prometheus_io_port
|
||||
target_label: __address__
|
||||
- action: labelmap
|
||||
regex: __meta_kubernetes_service_label_(.+)
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_namespace
|
||||
target_label: kubernetes_namespace
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_service_name
|
||||
target_label: kubernetes_name
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_node_name
|
||||
target_label: kubernetes_node
|
||||
|
||||
- job_name: kubernetes-pods
|
||||
kubernetes_sd_configs:
|
||||
- role: pod
|
||||
relabel_configs:
|
||||
- action: drop
|
||||
source_labels: [__meta_kubernetes_pod_container_init]
|
||||
regex: true
|
||||
- action: keep
|
||||
regex: true
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_annotation_prometheus_io_scrape
|
||||
- action: replace
|
||||
regex: (.+)
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_annotation_prometheus_io_path
|
||||
target_label: __metrics_path__
|
||||
- action: replace
|
||||
regex: ([^:]+)(?::\d+)?;(\d+)
|
||||
replacement: $1:$2
|
||||
source_labels:
|
||||
- __address__
|
||||
- __meta_kubernetes_pod_annotation_prometheus_io_port
|
||||
target_label: __address__
|
||||
- action: labelmap
|
||||
regex: __meta_kubernetes_pod_label_(.+)
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_namespace
|
||||
target_label: kubernetes_namespace
|
||||
- action: replace
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_name
|
||||
target_label: kubernetes_pod_name
|
||||
- action: drop
|
||||
regex: Pending|Succeeded|Failed
|
||||
source_labels:
|
||||
- __meta_kubernetes_pod_phase
|
||||
|
||||
- job_name: 'node-exporter'
|
||||
kubernetes_sd_configs:
|
||||
- role: endpoints
|
||||
relabel_configs:
|
||||
- source_labels: [__meta_kubernetes_endpoints_name]
|
||||
regex: 'prometheus-node-exporter'
|
||||
action: keep
|
||||
---
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: vmagent
|
||||
namespace: monitoring
|
||||
labels:
|
||||
app.kubernetes.io/name: victoria-metrics
|
||||
app.kubernetes.io/component: agent
|
||||
annotations:
|
||||
configmap.reloader.stakater.com/reload: "vmagent"
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: victoria-metrics
|
||||
app.kubernetes.io/component: agent
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: victoria-metrics
|
||||
app.kubernetes.io/component: agent
|
||||
spec:
|
||||
serviceAccountName: prometheus-server
|
||||
containers:
|
||||
- name: vmagent
|
||||
image: "victoriametrics/vmagent:v1.101.0"
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
args:
|
||||
- -remoteWrite.url=http://vmcluster.auth-proxy.svc/insert/0/prometheus/
|
||||
- -remoteWrite.showURL
|
||||
- -promscrape.config=/config/prometheus.yml
|
||||
- -promscrape.suppressDuplicateScrapeTargetErrors
|
||||
volumeMounts:
|
||||
- name: config-volume
|
||||
mountPath: /config
|
||||
volumes:
|
||||
- name: config-volume
|
||||
configMap:
|
||||
name: vmagent
|
||||
---
|
|
@ -1,61 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: nextcloud
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: nextcloud-values
|
||||
namespace: nextcloud
|
||||
annotations:
|
||||
kube-1password: v32a4zpuvhmxxrwmtmmv6526ry
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-key: values.yaml
|
||||
type: Opaque
|
||||
---
|
||||
|
||||
apiVersion: helm.fluxcd.io/v1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: nextcloud
|
||||
namespace: nextcloud
|
||||
spec:
|
||||
chart:
|
||||
repository: https://kubernetes-charts.storage.googleapis.com
|
||||
name: nextcloud
|
||||
version: 1.10.0
|
||||
maxHistory: 5
|
||||
valuesFrom:
|
||||
- secretKeyRef:
|
||||
name: nextcloud-values
|
||||
namespace: nextcloud
|
||||
key: values.yaml
|
||||
optional: false
|
||||
values:
|
||||
image:
|
||||
tag: 18-apache
|
||||
ingress:
|
||||
enabled: true
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
tls:
|
||||
- hosts:
|
||||
- nextcloud.cluster.fun
|
||||
secretName: nextcloud-ingress
|
||||
nextcloud:
|
||||
host: nextcloud.cluster.fun
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClass: scw-bssd-retain
|
||||
size: 5Gi
|
||||
cronjob:
|
||||
enabled: true
|
||||
resources:
|
||||
requests:
|
||||
memory: 500Mi
|
||||
|
|
@ -0,0 +1,416 @@
|
|||
---
|
||||
# Source: nextcloud/charts/redis/templates/secret.yaml
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: nextcloud-nextcloud-redis
|
||||
namespace: nextcloud
|
||||
labels:
|
||||
app: redis
|
||||
release: "nextcloud-nextcloud"
|
||||
annotations:
|
||||
kube-1password: u54jxidod7tlnpwva37f5hcu5y
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-parse: "true"
|
||||
type: Opaque
|
||||
|
||||
---
|
||||
# Source: nextcloud/templates/secrets.yaml
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: nextcloud-nextcloud
|
||||
labels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
app.kubernetes.io/instance: nextcloud-nextcloud
|
||||
annotations:
|
||||
kube-1password: iaz4xmtr2czpsjl6xirhryzfia
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-parse: "true"
|
||||
type: Opaque
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: nextcloud-s3
|
||||
labels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
app.kubernetes.io/instance: nextcloud-nextcloud
|
||||
annotations:
|
||||
kube-1password: 7zanxzbyzfctc5d2yqfq6e5zcy
|
||||
kube-1password/vault: Kubernetes
|
||||
kube-1password/secret-text-key: s3.config.php
|
||||
type: Opaque
|
||||
|
||||
---
|
||||
# Source: nextcloud/templates/config.yaml
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: nextcloud-nextcloud-config
|
||||
labels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
app.kubernetes.io/instance: nextcloud-nextcloud
|
||||
data:
|
||||
general.config.php: |-
|
||||
<?php
|
||||
$CONFIG = array (
|
||||
'overwriteprotocol' => 'https'
|
||||
);
|
||||
.htaccess: |-
|
||||
# line below if for Apache 2.4
|
||||
<ifModule mod_authz_core.c>
|
||||
Require all denied
|
||||
</ifModule>
|
||||
# line below if for Apache 2.2
|
||||
<ifModule !mod_authz_core.c>
|
||||
deny from all
|
||||
</ifModule>
|
||||
# section for Apache 2.2 and 2.4
|
||||
<ifModule mod_autoindex.c>
|
||||
IndexIgnore *
|
||||
</ifModule>
|
||||
redis.config.php: |-
|
||||
<?php
|
||||
if (getenv('REDIS_HOST')) {
|
||||
$CONFIG = array (
|
||||
'memcache.distributed' => '\\OC\\Memcache\\Redis',
|
||||
'memcache.locking' => '\\OC\\Memcache\\Redis',
|
||||
'redis' => array(
|
||||
'host' => getenv('REDIS_HOST'),
|
||||
'port' => getenv('REDIS_HOST_PORT') ?: 6379,
|
||||
'password' => getenv('REDIS_HOST_PASSWORD'),
|
||||
'dbindex' => getenv('REDIS_DB_INDEX') ?: 0,
|
||||
),
|
||||
);
|
||||
}
|
||||
apache-pretty-urls.config.php: |-
|
||||
<?php
|
||||
$CONFIG = array (
|
||||
'htaccess.RewriteBase' => '/',
|
||||
);
|
||||
apcu.config.php: |-
|
||||
<?php
|
||||
$CONFIG = array (
|
||||
'memcache.local' => '\\OC\\Memcache\\APCu',
|
||||
);
|
||||
apps.config.php: |-
|
||||
<?php
|
||||
$CONFIG = array (
|
||||
"apps_paths" => array (
|
||||
0 => array (
|
||||
"path" => OC::$SERVERROOT."/apps",
|
||||
"url" => "/apps",
|
||||
"writable" => false,
|
||||
),
|
||||
1 => array (
|
||||
"path" => OC::$SERVERROOT."/custom_apps",
|
||||
"url" => "/custom_apps",
|
||||
"writable" => true,
|
||||
),
|
||||
),
|
||||
);
|
||||
autoconfig.php: |-
|
||||
<?php
|
||||
$autoconfig_enabled = false;
|
||||
if (getenv('SQLITE_DATABASE')) {
|
||||
$AUTOCONFIG["dbtype"] = "sqlite";
|
||||
$AUTOCONFIG["dbname"] = getenv('SQLITE_DATABASE');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
|
||||
$AUTOCONFIG["dbtype"] = "mysql";
|
||||
$AUTOCONFIG["dbname"] = getenv('MYSQL_DATABASE');
|
||||
$AUTOCONFIG["dbuser"] = getenv('MYSQL_USER');
|
||||
$AUTOCONFIG["dbpass"] = getenv('MYSQL_PASSWORD');
|
||||
$AUTOCONFIG["dbhost"] = getenv('MYSQL_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
|
||||
$AUTOCONFIG["dbtype"] = "pgsql";
|
||||
$AUTOCONFIG["dbname"] = getenv('POSTGRES_DB');
|
||||
$AUTOCONFIG["dbuser"] = getenv('POSTGRES_USER');
|
||||
$AUTOCONFIG["dbpass"] = getenv('POSTGRES_PASSWORD');
|
||||
$AUTOCONFIG["dbhost"] = getenv('POSTGRES_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
}
|
||||
if ($autoconfig_enabled) {
|
||||
$AUTOCONFIG["directory"] = getenv('NEXTCLOUD_DATA_DIR') ?: "/var/www/html/data";
|
||||
}
|
||||
smtp.config.php: |-
|
||||
<?php
|
||||
if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
|
||||
$CONFIG = array (
|
||||
'mail_smtpmode' => 'smtp',
|
||||
'mail_smtphost' => getenv('SMTP_HOST'),
|
||||
'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
|
||||
'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
|
||||
'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
|
||||
'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
|
||||
'mail_smtpname' => getenv('SMTP_NAME') ?: '',
|
||||
'mail_smtppassword' => getenv('SMTP_PASSWORD') ?: '',
|
||||
'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
|
||||
'mail_domain' => getenv('MAIL_DOMAIN'),
|
||||
);
|
||||
}
|
||||
---
|
||||
|
||||
|
||||
# Source: nextcloud/templates/service.yaml
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: nextcloud-nextcloud
|
||||
labels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
app.kubernetes.io/instance: nextcloud-nextcloud
|
||||
app.kubernetes.io/component: app
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 8080
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
selector:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
app.kubernetes.io/component: app
|
||||
---
|
||||
# Source: nextcloud/templates/deployment.yaml
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: nextcloud-nextcloud
|
||||
labels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
app.kubernetes.io/instance: nextcloud-nextcloud
|
||||
app.kubernetes.io/component: app
|
||||
spec:
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
app.kubernetes.io/instance: nextcloud-nextcloud
|
||||
app.kubernetes.io/component: app
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
app.kubernetes.io/instance: nextcloud-nextcloud
|
||||
app.kubernetes.io/component: app
|
||||
nextcloud-nextcloud-redis-client: "true"
|
||||
spec:
|
||||
containers:
|
||||
- name: nextcloud
|
||||
image: "nextcloud:29.0.0-apache"
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: SQLITE_DATABASE
|
||||
value: "nextcloud"
|
||||
- name: NEXTCLOUD_ADMIN_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud-nextcloud
|
||||
key: nextcloud-username
|
||||
- name: NEXTCLOUD_ADMIN_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud-nextcloud
|
||||
key: nextcloud-password
|
||||
- name: NEXTCLOUD_TRUSTED_DOMAINS
|
||||
value: nextcloud.cluster.fun
|
||||
- name: NEXTCLOUD_DATA_DIR
|
||||
value: "/var/www/html/data"
|
||||
- name: REDIS_HOST
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud-nextcloud-redis
|
||||
key: redis-host
|
||||
- name: REDIS_PORT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud-nextcloud-redis
|
||||
key: redis-port
|
||||
- name: REDIS_HOST_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud-nextcloud-redis
|
||||
key: redis-password
|
||||
- name: REDIS_DB_INDEX
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud-nextcloud-redis
|
||||
key: redis-db-index
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 80
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /status.php
|
||||
port: http
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "nextcloud.cluster.fun"
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 5
|
||||
successThreshold: 1
|
||||
failureThreshold: 3
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /status.php
|
||||
port: http
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "nextcloud.cluster.fun"
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 5
|
||||
successThreshold: 1
|
||||
failureThreshold: 3
|
||||
# Cover case where upgrade is being performed
|
||||
startupProbe:
|
||||
httpGet:
|
||||
path: /status.php
|
||||
port: http
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "nextcloud.cluster.fun"
|
||||
failureThreshold: 30
|
||||
periodSeconds: 10
|
||||
resources:
|
||||
requests:
|
||||
memory: 450Mi
|
||||
volumeMounts:
|
||||
- name: nextcloud-data
|
||||
mountPath: /var/www/
|
||||
subPath: root
|
||||
- name: nextcloud-data
|
||||
mountPath: /var/www/html
|
||||
subPath: html
|
||||
- name: nextcloud-data
|
||||
mountPath: /var/www/html/data
|
||||
subPath: data
|
||||
- name: nextcloud-data
|
||||
mountPath: /var/www/html/config
|
||||
subPath: config
|
||||
- name: nextcloud-data
|
||||
mountPath: /var/www/html/custom_apps
|
||||
subPath: custom_apps
|
||||
- name: nextcloud-data
|
||||
mountPath: /var/www/tmp
|
||||
subPath: tmp
|
||||
- name: nextcloud-data
|
||||
mountPath: /var/www/html/themes
|
||||
subPath: themes
|
||||
- name: nextcloud-config
|
||||
mountPath: /var/www/html/config/general.config.php
|
||||
subPath: general.config.php
|
||||
- name: nextcloud-s3
|
||||
mountPath: /var/www/html/config/s3.config.php
|
||||
subPath: s3.config.php
|
||||
- name: nextcloud-config
|
||||
mountPath: /var/www/html/config/.htaccess
|
||||
subPath: .htaccess
|
||||
- name: nextcloud-config
|
||||
mountPath: /var/www/html/config/apache-pretty-urls.config.php
|
||||
subPath: apache-pretty-urls.config.php
|
||||
- name: nextcloud-config
|
||||
mountPath: /var/www/html/config/apcu.config.php
|
||||
subPath: apcu.config.php
|
||||
- name: nextcloud-config
|
||||
mountPath: /var/www/html/config/apps.config.php
|
||||
subPath: apps.config.php
|
||||
- name: nextcloud-config
|
||||
mountPath: /var/www/html/config/autoconfig.php
|
||||
subPath: autoconfig.php
|
||||
- name: nextcloud-config
|
||||
mountPath: /var/www/html/config/redis.config.php
|
||||
subPath: redis.config.php
|
||||
- name: nextcloud-config
|
||||
mountPath: /var/www/html/config/smtp.config.php
|
||||
subPath: smtp.config.php
|
||||
volumes:
|
||||
- name: nextcloud-data
|
||||
persistentVolumeClaim:
|
||||
claimName: nextcloud-nextcloud-nextcloud
|
||||
- name: nextcloud-config
|
||||
configMap:
|
||||
name: nextcloud-nextcloud-config
|
||||
- name: nextcloud-s3
|
||||
secret:
|
||||
secretName: nextcloud-s3
|
||||
# Will mount configuration files as www-data (id: 33) for nextcloud
|
||||
securityContext:
|
||||
fsGroup: 33
|
||||
---
|
||||
# Source: nextcloud/templates/cronjob.yaml
|
||||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: nextcloud-nextcloud-cron
|
||||
labels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
app.kubernetes.io/instance: nextcloud-nextcloud
|
||||
annotations:
|
||||
{}
|
||||
spec:
|
||||
schedule: "*/5 * * * *"
|
||||
concurrencyPolicy: Forbid
|
||||
failedJobsHistoryLimit: 5
|
||||
successfulJobsHistoryLimit: 2
|
||||
jobTemplate:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
containers:
|
||||
- name: nextcloud
|
||||
image: "nextcloud:29.0.0-apache"
|
||||
imagePullPolicy: IfNotPresent
|
||||
command: [ "curl" ]
|
||||
args:
|
||||
- "--fail"
|
||||
- "-L"
|
||||
- "https://nextcloud.cluster.fun/cron.php"
|
||||
resources:
|
||||
requests:
|
||||
memory: 200Mi
|
||||
---
|
||||
# Source: nextcloud/templates/ingress.yaml
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: nextcloud-nextcloud
|
||||
labels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
app.kubernetes.io/instance: nextcloud-nextcloud
|
||||
app.kubernetes.io/component: app
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||
spec:
|
||||
rules:
|
||||
- host: nextcloud.cluster.fun
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: nextcloud-nextcloud
|
||||
port:
|
||||
number: 8080
|
||||
tls:
|
||||
- hosts:
|
||||
- nextcloud.cluster.fun
|
||||
secretName: nextcloud-ingress
|
|
@ -0,0 +1,18 @@
|
|||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: nextcloud-nextcloud-nextcloud
|
||||
labels:
|
||||
app.kubernetes.io/name: nextcloud
|
||||
helm.sh/chart: nextcloud-2.6.3
|
||||
app.kubernetes.io/instance: nextcloud-nextcloud
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/component: app
|
||||
spec:
|
||||
accessModes:
|
||||
- "ReadWriteOnce"
|
||||
resources:
|
||||
requests:
|
||||
storage: "5Gi"
|
||||
storageClassName: sbs-default-retain
|
||||
---
|
|
@ -0,0 +1,696 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
name: ingress-nginx
|
||||
---
|
||||
apiVersion: v1
|
||||
automountServiceAccountToken: true
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx
|
||||
namespace: ingress-nginx
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: admission-webhook
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-admission
|
||||
namespace: ingress-nginx
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx
|
||||
namespace: ingress-nginx
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- namespaces
|
||||
verbs:
|
||||
- get
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- configmaps
|
||||
- pods
|
||||
- secrets
|
||||
- endpoints
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- services
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- networking.k8s.io
|
||||
resources:
|
||||
- ingresses
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- networking.k8s.io
|
||||
resources:
|
||||
- ingresses/status
|
||||
verbs:
|
||||
- update
|
||||
- apiGroups:
|
||||
- networking.k8s.io
|
||||
resources:
|
||||
- ingressclasses
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- ""
|
||||
resourceNames:
|
||||
- ingress-nginx-leader
|
||||
resources:
|
||||
- configmaps
|
||||
verbs:
|
||||
- get
|
||||
- update
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- configmaps
|
||||
verbs:
|
||||
- create
|
||||
- apiGroups:
|
||||
- coordination.k8s.io
|
||||
resourceNames:
|
||||
- ingress-nginx-leader
|
||||
resources:
|
||||
- leases
|
||||
verbs:
|
||||
- get
|
||||
- update
|
||||
- apiGroups:
|
||||
- coordination.k8s.io
|
||||
resources:
|
||||
- leases
|
||||
verbs:
|
||||
- create
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- events
|
||||
verbs:
|
||||
- create
|
||||
- patch
|
||||
- apiGroups:
|
||||
- discovery.k8s.io
|
||||
resources:
|
||||
- endpointslices
|
||||
verbs:
|
||||
- list
|
||||
- watch
|
||||
- get
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: admission-webhook
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-admission
|
||||
namespace: ingress-nginx
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
verbs:
|
||||
- get
|
||||
- create
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- configmaps
|
||||
- endpoints
|
||||
- nodes
|
||||
- pods
|
||||
- secrets
|
||||
- namespaces
|
||||
verbs:
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- coordination.k8s.io
|
||||
resources:
|
||||
- leases
|
||||
verbs:
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- nodes
|
||||
verbs:
|
||||
- get
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- services
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- networking.k8s.io
|
||||
resources:
|
||||
- ingresses
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- events
|
||||
verbs:
|
||||
- create
|
||||
- patch
|
||||
- apiGroups:
|
||||
- networking.k8s.io
|
||||
resources:
|
||||
- ingresses/status
|
||||
verbs:
|
||||
- update
|
||||
- apiGroups:
|
||||
- networking.k8s.io
|
||||
resources:
|
||||
- ingressclasses
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- discovery.k8s.io
|
||||
resources:
|
||||
- endpointslices
|
||||
verbs:
|
||||
- list
|
||||
- watch
|
||||
- get
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: admission-webhook
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-admission
|
||||
rules:
|
||||
- apiGroups:
|
||||
- admissionregistration.k8s.io
|
||||
resources:
|
||||
- validatingwebhookconfigurations
|
||||
verbs:
|
||||
- get
|
||||
- update
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx
|
||||
namespace: ingress-nginx
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: ingress-nginx
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: ingress-nginx
|
||||
namespace: ingress-nginx
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: admission-webhook
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-admission
|
||||
namespace: ingress-nginx
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: ingress-nginx-admission
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: ingress-nginx-admission
|
||||
namespace: ingress-nginx
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: ingress-nginx
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: ingress-nginx
|
||||
namespace: ingress-nginx
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: admission-webhook
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-admission
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: ingress-nginx-admission
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: ingress-nginx-admission
|
||||
namespace: ingress-nginx
|
||||
---
|
||||
apiVersion: v1
|
||||
data:
|
||||
allow-snippet-annotations: "true"
|
||||
use-proxy-protocol: "true"
|
||||
log-format-upstream: '{"time": "$time_iso8601", "request_id": "$req_id", "remote_user": "$remote_user", "bytes_sent": $bytes_sent, "request_time": $request_time, "status": $status, "host": "$host", "request_proto": "$server_protocol", "path": "$uri", "request_query": "$args", "request_length": $request_length, "duration": $request_time,"method": "$request_method", "http_referrer": "$http_referer", "http_user_agent": "$http_user_agent", "redirect_location": "$redirect_location" }'
|
||||
plugins: "redirect_location"
|
||||
location-snippet: |
|
||||
set $redirect_location '';
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-controller
|
||||
namespace: ingress-nginx
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
k8s.scw.cloud/ingress: nginx
|
||||
k8s.scw.cloud/object: ConfigMap
|
||||
k8s.scw.cloud/system: ingress
|
||||
name: ingress-nginx-plugin-redirect-location
|
||||
namespace: ingress-nginx
|
||||
data:
|
||||
main.lua: |
|
||||
local ngx = ngx
|
||||
local _M = {}
|
||||
function _M.header_filter()
|
||||
ngx.var.redirect_location = ngx.resp.get_headers()["Location"]
|
||||
end
|
||||
return _M
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
annotations:
|
||||
service.beta.kubernetes.io/scw-loadbalancer-proxy-protocol-v2: "true"
|
||||
service.beta.kubernetes.io/scw-loadbalancer-use-hostname: "true"
|
||||
labels:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-controller
|
||||
namespace: ingress-nginx
|
||||
spec:
|
||||
externalTrafficPolicy: Local
|
||||
ipFamilies:
|
||||
- IPv4
|
||||
ipFamilyPolicy: SingleStack
|
||||
ports:
|
||||
- appProtocol: http
|
||||
name: http
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: http
|
||||
- appProtocol: https
|
||||
name: https
|
||||
port: 443
|
||||
protocol: TCP
|
||||
targetPort: https
|
||||
selector:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
type: LoadBalancer
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-controller-admission
|
||||
namespace: ingress-nginx
|
||||
spec:
|
||||
ports:
|
||||
- appProtocol: https
|
||||
name: https-webhook
|
||||
port: 443
|
||||
targetPort: webhook
|
||||
selector:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
type: ClusterIP
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-controller
|
||||
namespace: ingress-nginx
|
||||
spec:
|
||||
minReadySeconds: 0
|
||||
revisionHistoryLimit: 10
|
||||
replicas: 2
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
spec:
|
||||
containers:
|
||||
- args:
|
||||
- /nginx-ingress-controller
|
||||
- --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller
|
||||
- --election-id=ingress-nginx-leader
|
||||
- --controller-class=k8s.io/ingress-nginx
|
||||
- --ingress-class=nginx
|
||||
- --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
|
||||
- --validating-webhook=:8443
|
||||
- --validating-webhook-certificate=/usr/local/certificates/cert
|
||||
- --validating-webhook-key=/usr/local/certificates/key
|
||||
- --annotations-prefix=nginx.ingress.kubernetes.io
|
||||
- --watch-ingress-without-class
|
||||
- --enable-metrics
|
||||
env:
|
||||
- name: POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: LD_PRELOAD
|
||||
value: /usr/local/lib/libmimalloc.so
|
||||
image: registry.k8s.io/ingress-nginx/controller:v1.10.1@sha256:e24f39d3eed6bcc239a56f20098878845f62baa34b9f2be2fd2c38ce9fb0f29e
|
||||
imagePullPolicy: IfNotPresent
|
||||
lifecycle:
|
||||
preStop:
|
||||
exec:
|
||||
command:
|
||||
- /wait-shutdown
|
||||
livenessProbe:
|
||||
failureThreshold: 5
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: 10254
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
name: controller
|
||||
ports:
|
||||
- containerPort: 80
|
||||
name: http
|
||||
protocol: TCP
|
||||
- containerPort: 443
|
||||
name: https
|
||||
protocol: TCP
|
||||
- containerPort: 8443
|
||||
name: webhook
|
||||
protocol: TCP
|
||||
readinessProbe:
|
||||
failureThreshold: 3
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: 10254
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 90Mi
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
capabilities:
|
||||
add:
|
||||
- NET_BIND_SERVICE
|
||||
drop:
|
||||
- ALL
|
||||
runAsUser: 101
|
||||
volumeMounts:
|
||||
- mountPath: /usr/local/certificates/
|
||||
name: webhook-cert
|
||||
readOnly: true
|
||||
- name: plugins
|
||||
mountPath: /etc/nginx/lua/plugins/redirect_location
|
||||
dnsPolicy: ClusterFirst
|
||||
nodeSelector:
|
||||
kubernetes.io/os: linux
|
||||
serviceAccountName: ingress-nginx
|
||||
terminationGracePeriodSeconds: 300
|
||||
volumes:
|
||||
- name: webhook-cert
|
||||
secret:
|
||||
secretName: ingress-nginx-admission
|
||||
- name: plugins
|
||||
configMap:
|
||||
name: ingress-nginx-plugin-redirect-location
|
||||
---
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: admission-webhook
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-admission-create
|
||||
namespace: ingress-nginx
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: admission-webhook
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-admission-create
|
||||
spec:
|
||||
containers:
|
||||
- args:
|
||||
- create
|
||||
- --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc
|
||||
- --namespace=$(POD_NAMESPACE)
|
||||
- --secret-name=ingress-nginx-admission
|
||||
env:
|
||||
- name: POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20220916-gd32f8c343@sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: create
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
nodeSelector:
|
||||
kubernetes.io/os: linux
|
||||
restartPolicy: OnFailure
|
||||
securityContext:
|
||||
fsGroup: 2000
|
||||
runAsNonRoot: true
|
||||
runAsUser: 2000
|
||||
serviceAccountName: ingress-nginx-admission
|
||||
---
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: admission-webhook
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-admission-patch
|
||||
namespace: ingress-nginx
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: admission-webhook
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-admission-patch
|
||||
spec:
|
||||
containers:
|
||||
- args:
|
||||
- patch
|
||||
- --webhook-name=ingress-nginx-admission
|
||||
- --namespace=$(POD_NAMESPACE)
|
||||
- --patch-mutating=false
|
||||
- --secret-name=ingress-nginx-admission
|
||||
- --patch-failure-policy=Fail
|
||||
env:
|
||||
- name: POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20220916-gd32f8c343@sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: patch
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
nodeSelector:
|
||||
kubernetes.io/os: linux
|
||||
restartPolicy: OnFailure
|
||||
securityContext:
|
||||
fsGroup: 2000
|
||||
runAsNonRoot: true
|
||||
runAsUser: 2000
|
||||
serviceAccountName: ingress-nginx-admission
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: IngressClass
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: controller
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: nginx
|
||||
spec:
|
||||
controller: k8s.io/ingress-nginx
|
||||
---
|
||||
apiVersion: admissionregistration.k8s.io/v1
|
||||
kind: ValidatingWebhookConfiguration
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: admission-webhook
|
||||
app.kubernetes.io/instance: ingress-nginx
|
||||
app.kubernetes.io/name: ingress-nginx
|
||||
app.kubernetes.io/part-of: ingress-nginx
|
||||
app.kubernetes.io/version: 1.5.1
|
||||
name: ingress-nginx-admission
|
||||
webhooks:
|
||||
- admissionReviewVersions:
|
||||
- v1
|
||||
clientConfig:
|
||||
service:
|
||||
name: ingress-nginx-controller-admission
|
||||
namespace: ingress-nginx
|
||||
path: /networking/v1/ingresses
|
||||
failurePolicy: Fail
|
||||
matchPolicy: Equivalent
|
||||
name: validate.nginx.ingress.kubernetes.io
|
||||
rules:
|
||||
- apiGroups:
|
||||
- networking.k8s.io
|
||||
apiVersions:
|
||||
- v1
|
||||
operations:
|
||||
- CREATE
|
||||
- UPDATE
|
||||
resources:
|
||||
- ingresses
|
||||
sideEffects: None
|
|
@ -1,9 +1,4 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: node-red
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: node-red
|
||||
|
@ -14,18 +9,6 @@ metadata:
|
|||
kube-1password/secret-text-key: settings.js
|
||||
type: Opaque
|
||||
---
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: node-red
|
||||
namespace: node-red
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 5Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
|
@ -47,6 +30,8 @@ metadata:
|
|||
namespace: node-red
|
||||
spec:
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: node-red
|
||||
|
@ -71,9 +56,21 @@ spec:
|
|||
subPath: settings.js
|
||||
- name: data
|
||||
mountPath: /data
|
||||
- name: update-native-modules
|
||||
image: nodered/node-red:3.1.9-18
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- bash
|
||||
- -c
|
||||
- |
|
||||
cd /data
|
||||
npm rebuild
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /data
|
||||
containers:
|
||||
- name: web
|
||||
image: nodered/node-red:latest-12
|
||||
image: nodered/node-red:3.1.9-18
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 1880
|
||||
|
@ -89,16 +86,14 @@ spec:
|
|||
persistentVolumeClaim:
|
||||
claimName: node-red
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: node-red
|
||||
namespace: node-red
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
|
||||
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
|
@ -109,6 +104,9 @@ spec:
|
|||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
backend:
|
||||
serviceName: node-red
|
||||
servicePort: 80
|
||||
service:
|
||||
name: node-red
|
||||
port:
|
||||
number: 80
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue