AverageMarcus/cluster.fun
1
0
Fork 0
Code Issues 1 Pull Requests 2 Releases Activity

Compare commits

base: AverageMarcus:renovate/grafana-promtail-3.x
Branches Tags
AverageMarcus:master AverageMarcus:renovate/rancher-mirrored-library-traefik-3.x AverageMarcus:renovate/grafana-promtail-3.x AverageMarcus:increase_cluster_max
..
compare: AverageMarcus:b8507a6038c8b5a945d29adf2e5880f4a0c678b9
Branches Tags
AverageMarcus:renovate/rancher-mirrored-library-traefik-3.x AverageMarcus:renovate/grafana-promtail-3.x AverageMarcus:master AverageMarcus:increase_cluster_max

1 Commits
renovate/g ... b8507a6038

Author SHA1 Message Date
Renovate Bot
b8507a6038 Update rancher/mirrored-library-traefik Docker tag to v3 2025-09-05 03:34:55 +00:00
39 changed files with 1064 additions and 399 deletions
Expand all files Collapse all files

24
manifests/_apps/certmanager_chart.yaml
View File

@@ -1,3 +1,27 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cert-manager-civo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: cert-manager
name: civo
source:
path: manifests/certmanager-civo
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
---
apiVersion: argoproj.io/v1alpha1 apiVersion: argoproj.io/v1alpha1
kind: Application kind: Application
metadata: metadata:

35
manifests/_apps/goldilocks.yaml
View File

@@ -1,35 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-fun-goldilocks
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: goldilocks
name: cluster-fun (v2)
source:
repoURL: 'https://charts.fairwinds.com/stable'
targetRevision: 10.1.0
chart: goldilocks
helm:
version: v3
values: |-
vpa:
enabled: true
controller:
flags:
on-by-default: true
dashboard:
flags:
on-by-default: true
replicaCount: 1
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
---

24
manifests/_apps/monitoring-civo.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: monitoring-civo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: monitoring
name: civo
source:
path: manifests/monitoring-civo
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data

24
manifests/_apps/proxy-civo.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: proxy-civo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: proxy-civo
name: civo
source:
path: manifests/proxy-civo
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data

23
manifests/_apps/reloader.yaml
View File

@@ -21,3 +21,26 @@ spec:
jsonPointers: jsonPointers:
- /data - /data
--- ---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-fun-reloader-civo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: cluster.fun
destination:
namespace: kube-system
name: civo
source:
repoURL: 'https://stakater.github.io/stakater-charts'
targetRevision: v0.0.89
chart: reloader
syncPolicy:
automated: {}
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
---

4
manifests/_apps/svg-to-dxf.yaml
View File

@@ -9,9 +9,9 @@ spec:
project: cluster.fun project: cluster.fun
destination: destination:
namespace: svg-to-dxf namespace: svg-to-dxf
name: cluster-fun (v2) name: civo
source: source:
path: manifests/svg-to-dxf name: cluster-fun (v2)
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git" repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD targetRevision: HEAD
syncPolicy: syncPolicy:

4
manifests/_apps/text-to-dxf.yaml
View File

@@ -9,9 +9,9 @@ spec:
project: cluster.fun project: cluster.fun
destination: destination:
namespace: text-to-dxf namespace: text-to-dxf
name: cluster-fun (v2) name: civo
source: source:
path: manifests/text-to-dxf name: cluster-fun (v2)
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git" repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD targetRevision: HEAD
syncPolicy: syncPolicy:

7
manifests/_apps/priority-classes.yaml → manifests/_apps/traefik.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: argoproj.io/v1alpha1 apiVersion: argoproj.io/v1alpha1
kind: Application kind: Application
metadata: metadata:
name: cluster-fun-priority-classes name: traefik-civo
namespace: argocd namespace: argocd
finalizers: finalizers:
- resources-finalizer.argocd.argoproj.io - resources-finalizer.argocd.argoproj.io
@@ -9,9 +9,9 @@ spec:
project: cluster.fun project: cluster.fun
destination: destination:
namespace: kube-system namespace: kube-system
name: cluster-fun (v2) name: civo
source: source:
path: manifests/priority-classes path: manifests/traefik
repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git" repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git"
targetRevision: HEAD targetRevision: HEAD
syncPolicy: syncPolicy:
@@ -22,4 +22,3 @@ spec:
- kind: Secret - kind: Secret
jsonPointers: jsonPointers:
- /data - /data
---

5
manifests/auth-proxy/proxy.yaml
View File

@@ -38,7 +38,6 @@ spec:
labels: labels:
app: internal-proxy app: internal-proxy
spec: spec:
priorityClassName: critical
serviceAccountName: default serviceAccountName: default
dnsPolicy: ClusterFirst dnsPolicy: ClusterFirst
dnsConfig: dnsConfig:
@@ -102,9 +101,9 @@ spec:
protocol: TCP protocol: TCP
resources: resources:
limits: limits:
memory: 80Mi memory: 50Mi
requests: requests:
memory: 80Mi memory: 50Mi
volumes: volumes:
- name: host-mappings - name: host-mappings
configMap: configMap:

1
manifests/base64/base64.yaml
View File

@@ -29,7 +29,6 @@ spec:
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: docker-config - name: docker-config
priorityClassName: low
containers: containers:
- name: web - name: web
image: rg.fr-par.scw.cloud/averagemarcus/base64:latest image: rg.fr-par.scw.cloud/averagemarcus/base64:latest

23
manifests/certmanager-civo/certmanager_chart.yaml Normal file
View File

@@ -0,0 +1,23 @@
apiVersion: v1
kind: Namespace
metadata:
name: cert-manager
labels:
certmanager.k8s.io/disable-validation: "true"
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: letsencrypt@marcusnoble.co.uk
privateKeySecretRef:
name: letsencrypt
solvers:
- http01:
ingress:
class: traefik

1
manifests/civo-versions/civo-versions.yaml
View File

@@ -38,7 +38,6 @@ spec:
labels: labels:
app: civo-versions app: civo-versions
spec: spec:
priorityClassName: low
containers: containers:
- name: web - name: web
image: rg.fr-par.scw.cloud/averagemarcus/civo-versions:latest image: rg.fr-par.scw.cloud/averagemarcus/civo-versions:latest

3
manifests/gitea/gitea.yaml
View File

@@ -40,10 +40,9 @@ spec:
labels: labels:
app: git app: git
spec: spec:
priorityClassName: critical
containers: containers:
- name: git - name: git
image: gitea/gitea:1.24.6 image: gitea/gitea:1.24.5
env: env:
- name: APP_NAME - name: APP_NAME
value: "Git" value: "Git"

1
manifests/grist/grist.yaml
View File

@@ -70,7 +70,6 @@ spec:
app.kubernetes.io/name: grist app.kubernetes.io/name: grist
spec: spec:
serviceAccountName: grist serviceAccountName: grist
priorityClassName: critical
containers: containers:
- name: grist - name: grist
image: gristlabs/grist-oss:1.7.3 image: gristlabs/grist-oss:1.7.3

1
manifests/link/link.yaml
View File

@@ -69,7 +69,6 @@ spec:
labels: labels:
app: link app: link
spec: spec:
priorityClassName: critical
containers: containers:
- name: web - name: web
image: rg.fr-par.scw.cloud/averagemarcus/link:latest image: rg.fr-par.scw.cloud/averagemarcus/link:latest

1
manifests/mastodon-digest/mastodon_digest.yaml
View File

@@ -123,7 +123,6 @@ spec:
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: docker-config - name: docker-config
priorityClassName: low
containers: containers:
- args: - args:
- --cookie-secure=false - --cookie-secure=false

12
manifests/mealie/mealie.yaml
View File

@@ -28,10 +28,9 @@ spec:
labels: labels:
app: mealie app: mealie
spec: spec:
priorityClassName: critical
containers: containers:
- name: frontend - name: frontend
image: ghcr.io/mealie-recipes/mealie:v3.2.1 image: ghcr.io/mealie-recipes/mealie:v3.1.2
imagePullPolicy: Always imagePullPolicy: Always
envFrom: envFrom:
- secretRef: - secretRef:
@@ -69,18 +68,12 @@ spec:
volumeMounts: volumeMounts:
- mountPath: /app/data - mountPath: /app/data
name: data name: data
resources:
requests:
cpu: 200m
memory: 650M
limits:
cpu: 1000m
memory: 650M
volumes: volumes:
- name: data - name: data
persistentVolumeClaim: persistentVolumeClaim:
claimName: mealie claimName: mealie
--- ---
apiVersion: v1 apiVersion: v1
@@ -98,6 +91,7 @@ spec:
app: mealie app: mealie
--- ---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:

255
manifests/monitoring-civo/kube-state-metrics.yaml Normal file
View File

@@ -0,0 +1,255 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-state-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: kube-state-metrics
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
name: kube-state-metrics
rules:
- apiGroups: ["certificates.k8s.io"]
resources:
- certificatesigningrequests
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- configmaps
verbs: ["list", "watch"]
- apiGroups: ["batch"]
resources:
- cronjobs
verbs: ["list", "watch"]
- apiGroups: ["extensions", "apps"]
resources:
- daemonsets
verbs: ["list", "watch"]
- apiGroups: ["extensions", "apps"]
resources:
- deployments
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- endpoints
verbs: ["list", "watch"]
- apiGroups: ["autoscaling"]
resources:
- horizontalpodautoscalers
verbs: ["list", "watch"]
- apiGroups: ["extensions", "networking.k8s.io"]
resources:
- ingresses
verbs: ["list", "watch"]
- apiGroups: ["batch"]
resources:
- jobs
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- limitranges
verbs: ["list", "watch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources:
- mutatingwebhookconfigurations
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- namespaces
verbs: ["list", "watch"]
- apiGroups: ["networking.k8s.io"]
resources:
- networkpolicies
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- nodes
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- persistentvolumeclaims
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- persistentvolumes
verbs: ["list", "watch"]
- apiGroups: ["policy"]
resources:
- poddisruptionbudgets
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- pods
verbs: ["list", "watch"]
- apiGroups: ["extensions", "apps"]
resources:
- replicasets
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- replicationcontrollers
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- resourcequotas
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- secrets
verbs: ["list", "watch"]
- apiGroups: [""]
resources:
- services
verbs: ["list", "watch"]
- apiGroups: ["apps"]
resources:
- statefulsets
verbs: ["list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources:
- storageclasses
verbs: ["list", "watch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources:
- validatingwebhookconfigurations
verbs: ["list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources:
- volumeattachments
verbs: ["list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
name: kube-state-metrics
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kube-state-metrics
subjects:
- kind: ServiceAccount
name: kube-state-metrics
namespace: monitoring
---
apiVersion: v1
kind: Service
metadata:
name: kube-state-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: kube-state-metrics
annotations:
prometheus.io/scrape: 'true'
spec:
type: "ClusterIP"
ports:
- name: "http"
protocol: TCP
port: 8080
targetPort: 8080
selector:
app.kubernetes.io/name: kube-state-metrics
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kube-state-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: kube-state-metrics
spec:
selector:
matchLabels:
app.kubernetes.io/name: kube-state-metrics
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/name: kube-state-metrics
spec:
serviceAccountName: kube-state-metrics
securityContext:
fsGroup: 65534
runAsGroup: 65534
runAsUser: 65534
containers:
- name: kube-state-metrics
args:
#- --resources=certificatesigningrequests
- --resources=configmaps
- --resources=cronjobs
- --resources=daemonsets
- --resources=deployments
#- --resources=endpoints
#- --resources=horizontalpodautoscalers
- --resources=ingresses
- --resources=jobs
#- --resources=limitranges
- --resources=mutatingwebhookconfigurations
- --resources=namespaces
#- --resources=networkpolicies
- --resources=nodes
- --resources=persistentvolumeclaims
- --resources=persistentvolumes
- --resources=poddisruptionbudgets
- --resources=pods
- --resources=replicasets
#- --resources=replicationcontrollers
#- --resources=resourcequotas
- --resources=secrets
- --resources=services
- --resources=statefulsets
- --resources=storageclasses
- --resources=validatingwebhookconfigurations
#- --resources=volumeattachments
imagePullPolicy: IfNotPresent
image: "registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.17.0"
ports:
- containerPort: 8080
livenessProbe:
httpGet:
path: /healthz
port: 8080
initialDelaySeconds: 5
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /
port: 8080
initialDelaySeconds: 5
timeoutSeconds: 5
---

64
manifests/monitoring-civo/prometheus-server.yaml Normal file
View File

@@ -0,0 +1,64 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: prometheus-server
namespace: monitoring
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
name: prometheus-server
rules:
- apiGroups:
- ""
resources:
- nodes
- nodes/proxy
- nodes/metrics
- services
- endpoints
- pods
- ingresses
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses/status
- ingresses
verbs:
- get
- list
- watch
- nonResourceURLs:
- "/metrics"
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: prometheus
app.kubernetes.io/component: server
name: prometheus-server
subjects:
- kind: ServiceAccount
name: prometheus-server
namespace: monitoring
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus-server
---

292
manifests/monitoring-civo/promtail.yaml Normal file
View File

@@ -0,0 +1,292 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: promtail
namespace: monitoring
labels:
app.kubernetes.io/name: promtail
---
apiVersion: v1
kind: ConfigMap
metadata:
name: promtail
namespace: monitoring
labels:
app.kubernetes.io/name: promtail
data:
promtail.yaml: |
client:
backoff_config:
max_period: 5m
max_retries: 10
min_period: 500ms
batchsize: 1048576
batchwait: 1s
external_labels: {}
timeout: 10s
positions:
filename: /run/promtail/positions.yaml
server:
http_listen_port: 3101
clients:
- url: http://loki-distributed.proxy-civo.svc:80/loki/api/v1/push
external_labels:
kubernetes_cluster: civo
target_config:
sync_period: 10s
scrape_configs:
- job_name: kubernetes-pods
pipeline_stages:
- docker: {}
- cri: {}
- match:
selector: '{app="weave-net"}'
action: drop
- match:
selector: '{filename=~".*konnectivity.*"}'
action: drop
- match:
selector: '{name=~".*"} |~ ".*/healthz.*"'
action: drop
- match:
selector: '{name=~".*"} |~ ".*/api/health.*"'
action: drop
- match:
selector: '{name=~".*"} |~ ".*kube-probe/.*"'
action: drop
- match:
selector: '{app="internal-proxy"}'
action: drop
- match:
selector: '{app="non-auth-proxy"}'
action: drop
- match:
selector: '{app="vpa"}'
action: drop
- match:
selector: '{app="promtail"}'
action: drop
- match:
selector: '{app="csi-node"}'
action: drop
- match:
selector: '{app="victoria-metrics"}'
action: drop
- match:
selector: '{app="git-sync"}'
action: drop
- match:
selector: '{app="ingress-nginx"}'
stages:
- json:
expressions:
request_host: host
request_path: path
request_method: method
response_status: status
- drop:
source: "request_path"
value: "/healthz"
- drop:
source: "request_path"
value: "/health"
- labels:
request_host:
request_method:
response_status:
- match:
selector: '{app="traefik"}'
stages:
- json:
expressions:
request_host: RequestHost
request_path: RequestPath
request_method: RequestMethod
response_status: OriginStatus
- drop:
source: "request_path"
value: "/healthz"
- drop:
source: "request_path"
value: "/health"
- drop:
source: "request_path"
value: "/ping"
- labels:
request_host:
request_method:
response_status:
kubernetes_sd_configs:
- role: pod
relabel_configs:
- source_labels:
- __meta_kubernetes_pod_controller_name
regex: ([0-9a-z-.]+?)(-[0-9a-f]{8,10})?
action: replace
target_label: __tmp_controller_name
- source_labels:
- __meta_kubernetes_pod_label_app_kubernetes_io_name
- __meta_kubernetes_pod_label_app
- __tmp_controller_name
- __meta_kubernetes_pod_name
regex: ^;*([^;]+)(;.*)?$
action: replace
target_label: app
- source_labels:
- __meta_kubernetes_pod_label_app_kubernetes_io_component
- __meta_kubernetes_pod_label_component
regex: ^;*([^;]+)(;.*)?$
action: replace
target_label: component
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: node_name
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: namespace
- action: replace
replacement: $1
separator: /
source_labels:
- namespace
- app
target_label: job
- action: replace
source_labels:
- __meta_kubernetes_pod_name
target_label: pod
- action: replace
source_labels:
- __meta_kubernetes_pod_container_name
target_label: container
- action: replace
replacement: /var/log/pods/*$1/*.log
separator: /
source_labels:
- __meta_kubernetes_pod_uid
- __meta_kubernetes_pod_container_name
target_label: __path__
- action: replace
replacement: /var/log/pods/*$1/*.log
regex: true/(.*)
separator: /
source_labels:
- __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash
- __meta_kubernetes_pod_annotation_kubernetes_io_config_hash
- __meta_kubernetes_pod_container_name
target_label: __path__
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: promtail-clusterrole
labels:
app.kubernetes.io/name: promtail
rules:
- apiGroups: [""] # "" indicates the core API group
resources:
- nodes
- nodes/proxy
- services
- endpoints
- pods
verbs: ["get", "watch", "list"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: promtail-clusterrolebinding
labels:
app.kubernetes.io/name: promtail
subjects:
- kind: ServiceAccount
name: promtail
namespace: monitoring
roleRef:
kind: ClusterRole
name: promtail-clusterrole
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: promtail
namespace: monitoring
labels:
app.kubernetes.io/name: promtail
annotations:
configmap.reloader.stakater.com/reload: "promtail"
spec:
selector:
matchLabels:
app.kubernetes.io/name: promtail
template:
metadata:
labels:
app.kubernetes.io/name: promtail
annotations:
prometheus.io/port: http-metrics
prometheus.io/scrape: "true"
spec:
serviceAccountName: promtail
containers:
- name: promtail
image: "grafana/promtail:2.9.15"
imagePullPolicy: IfNotPresent
args:
- "-config.file=/etc/promtail/promtail.yaml"
volumeMounts:
- name: config
mountPath: /etc/promtail
- name: run
mountPath: /run/promtail
- mountPath: /var/lib/docker/containers
name: docker
readOnly: true
- mountPath: /var/log/pods
name: pods
readOnly: true
env:
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
ports:
- containerPort: 3101
name: http-metrics
securityContext:
readOnlyRootFilesystem: true
runAsGroup: 0
runAsUser: 0
readinessProbe:
failureThreshold: 5
httpGet:
path: /ready
port: http-metrics
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
volumes:
- name: config
configMap:
name: promtail
- name: run
hostPath:
path: /run/promtail
- hostPath:
path: /var/lib/docker/containers
name: docker
- hostPath:
path: /var/log/pods
name: pods
---

163
manifests/monitoring-civo/vmagent.yaml Normal file
View File

@@ -0,0 +1,163 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: vmagent
namespace: monitoring
labels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
data:
prometheus.yml: |
global:
scrape_interval: 1m
external_labels:
source: civo
agent: vmagent
scrape_configs:
- job_name: 'vmagent'
static_configs:
- targets: ['localhost:8429']
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
job_name: kubernetes-nodes
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- replacement: kubernetes.default.svc:443
target_label: __address__
- regex: (.+)
replacement: /api/v1/nodes/$1/proxy/metrics
source_labels:
- __meta_kubernetes_node_name
target_label: __metrics_path__
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
- job_name: kubernetes-service-endpoints
kubernetes_sd_configs:
- role: endpoints
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scrape
- action: replace
regex: (https?)
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_scheme
target_label: __scheme__
- action: replace
regex: (.+)
source_labels:
- __meta_kubernetes_service_annotation_prometheus_io_path
target_label: __metrics_path__
- action: replace
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
source_labels:
- __address__
- __meta_kubernetes_service_annotation_prometheus_io_port
target_label: __address__
- action: labelmap
regex: __meta_kubernetes_service_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: kubernetes_namespace
- action: replace
source_labels:
- __meta_kubernetes_service_name
target_label: kubernetes_name
- action: replace
source_labels:
- __meta_kubernetes_endpoint_port_name
target_label: kubernetes_endpoint_port_name
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: kubernetes_node
- job_name: kubernetes-pods
kubernetes_sd_configs:
- role: pod
relabel_configs:
- action: keep
regex: true
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_scrape
- action: replace
regex: (.+)
source_labels:
- __meta_kubernetes_pod_annotation_prometheus_io_path
target_label: __metrics_path__
- action: replace
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
source_labels:
- __address__
- __meta_kubernetes_pod_annotation_prometheus_io_port
target_label: __address__
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: kubernetes_namespace
- action: replace
source_labels:
- __meta_kubernetes_pod_name
target_label: kubernetes_pod_name
- action: replace
source_labels:
- __meta_kubernetes_pod_container_port_name
target_label: kubernetes_port_name
- action: drop
regex: Pending|Succeeded|Failed
source_labels:
- __meta_kubernetes_pod_phase
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: vmagent
namespace: monitoring
labels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
annotations:
configmap.reloader.stakater.com/reload: "vmagent"
spec:
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent
spec:
serviceAccountName: prometheus-server
containers:
- name: vmagent
image: "victoriametrics/vmagent:v1.125.1"
imagePullPolicy: "IfNotPresent"
args:
- -remoteWrite.url=http://vmcluster.proxy-civo.svc/insert/0/prometheus/
- -remoteWrite.showURL
- -promscrape.config=/config/prometheus.yml
volumeMounts:
- name: config-volume
mountPath: /config
volumes:
- name: config-volume
configMap:
name: vmagent
---

87
manifests/monitoring/cadvisor.yaml
View File

@@ -1,87 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
namespace: monitoring
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
annotations:
seccomp.security.alpha.kubernetes.io/pod: docker/default
labels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
namespace: monitoring
spec:
selector:
matchLabels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
template:
metadata:
labels:
app: cadvisor
app.kubernetes.io/name: cadvisor
name: cadvisor
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
priorityClassName: system-node-critical
tolerations:
- key: "CriticalAddonsOnly"
operator: "Exists"
automountServiceAccountToken: false
containers:
- image: ghcr.io/google/cadvisor:v0.53.0
name: cadvisor
ports:
- containerPort: 8080
name: http
protocol: TCP
resources:
limits:
cpu: 800m
memory: 2000Mi
requests:
cpu: 400m
memory: 400Mi
volumeMounts:
- mountPath: /rootfs
name: rootfs
readOnly: true
- mountPath: /var/run
name: var-run
readOnly: true
- mountPath: /sys
name: sys
readOnly: true
- mountPath: /var/lib/docker
name: docker
readOnly: true
- mountPath: /dev/disk
name: disk
readOnly: true
serviceAccountName: cadvisor
terminationGracePeriodSeconds: 30
volumes:
- hostPath:
path: /
name: rootfs
- hostPath:
path: /var/run
name: var-run
- hostPath:
path: /sys
name: sys
- hostPath:
path: /var/lib/docker
name: docker
- hostPath:
path: /dev/disk
name: disk

142
manifests/monitoring/ephemeral-storage-exporter.yaml
View File

@@ -1,142 +0,0 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
name: k8s-ephemeral-storage-metrics
namespace: monitoring
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: k8s-ephemeral-storage-metrics
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
rules:
- apiGroups: [""]
resources: ["nodes","nodes/proxy", "nodes/stats", "pods"]
verbs: ["get","list", "watch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: k8s-ephemeral-storage-metrics
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
subjects:
- kind: ServiceAccount
name: k8s-ephemeral-storage-metrics
namespace: monitoring
roleRef:
kind: ClusterRole
name: k8s-ephemeral-storage-metrics
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Service
metadata:
name: k8s-ephemeral-storage-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9100"
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
ports:
- name: metrics
port: 9100
protocol: TCP
targetPort: metrics
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: k8s-ephemeral-storage-metrics
namespace: monitoring
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
spec:
replicas: 1
revisionHistoryLimit: 3
selector:
matchLabels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
template:
metadata:
labels:
app.kubernetes.io/name: k8s-ephemeral-storage-metrics
spec:
serviceAccountName: k8s-ephemeral-storage-metrics
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
containers:
- name: metrics
image: ghcr.io/jmcgrath207/k8s-ephemeral-storage-metrics:1.18.2
imagePullPolicy: IfNotPresent
ports:
- name: metrics
containerPort: 9100
protocol: TCP
livenessProbe:
failureThreshold: 10
httpGet:
path: /metrics
port: 9100
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 30
readinessProbe:
failureThreshold: 10
httpGet:
path: /metrics
port: 9100
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: false
runAsNonRoot: true
env:
- name: DEPLOY_TYPE
value: "Deployment"
- name: SCRAPE_INTERVAL
value: "15"
- name: MAX_NODE_CONCURRENCY
value: "10"
- name: CLIENT_GO_QPS
value: "5"
- name: CLIENT_GO_BURST
value: "10"
- name: LOG_LEVEL
value: "info"
- name: EPHEMERAL_STORAGE_POD_USAGE
value: "true"
- name: EPHEMERAL_STORAGE_NODE_AVAILABLE
value: "true"
- name: EPHEMERAL_STORAGE_NODE_CAPACITY
value: "true"
- name: EPHEMERAL_STORAGE_NODE_PERCENTAGE
value: "true"
- name: EPHEMERAL_STORAGE_CONTAINER_LIMIT_PERCENTAGE
value: "true"
- name: EPHEMERAL_STORAGE_CONTAINER_VOLUME_USAGE
value: "true"
- name: EPHEMERAL_STORAGE_CONTAINER_VOLUME_LIMITS_PERCENTAGE
value: "true"
- name: EPHEMERAL_STORAGE_INODES
value: "true"

1
manifests/monitoring/kube-state-metrics.yaml
View File

@@ -201,7 +201,6 @@ spec:
labels: labels:
app.kubernetes.io/name: kube-state-metrics app.kubernetes.io/name: kube-state-metrics
spec: spec:
priorityClassName: system-cluster-critical
serviceAccountName: kube-state-metrics serviceAccountName: kube-state-metrics
securityContext: securityContext:
fsGroup: 65534 fsGroup: 65534

1
manifests/monitoring/node-exporter.yaml
View File

@@ -51,7 +51,6 @@ spec:
app.kubernetes.io/name: prometheus app.kubernetes.io/name: prometheus
app.kubernetes.io/component: node-exporter app.kubernetes.io/component: node-exporter
spec: spec:
priorityClassName: system-node-critical
serviceAccountName: prometheus-node-exporter serviceAccountName: prometheus-node-exporter
containers: containers:
- name: prometheus-node-exporter - name: prometheus-node-exporter

3
manifests/monitoring/promtail.yaml
View File

@@ -212,11 +212,10 @@ spec:
prometheus.io/port: http-metrics prometheus.io/port: http-metrics
prometheus.io/scrape: "true" prometheus.io/scrape: "true"
spec: spec:
priorityClassName: system-node-critical
serviceAccountName: promtail serviceAccountName: promtail
containers: containers:
- name: promtail - name: promtail
image: "grafana/promtail:3.5.5" image: "grafana/promtail:2.9.15"
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
args: args:
- "-config.file=/etc/promtail/promtail.yaml" - "-config.file=/etc/promtail/promtail.yaml"

66
manifests/monitoring/vmagent.yaml
View File

@@ -17,11 +17,6 @@ data:
- job_name: 'vmagent' - job_name: 'vmagent'
static_configs: static_configs:
- targets: ['localhost:8429'] - targets: ['localhost:8429']
relabel_configs:
- action: drop
source_labels: [__name__]
regex: "flag"
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
job_name: kubernetes-nodes job_name: kubernetes-nodes
kubernetes_sd_configs: kubernetes_sd_configs:
@@ -41,38 +36,6 @@ data:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true insecure_skip_verify: true
- job_name: cadvisor
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: true
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- replacement: kubernetes.default.svc:443
target_label: __address__
- source_labels: [__meta_kubernetes_node_name]
regex: (.+)
target_label: __metrics_path__
replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor
# Drop high cardinality labels
- action: labeldrop
regex: id
# Drop unneeded labels
- action: labeldrop
regex: beta_kubernetes_io_os
- action: labeldrop
regex: beta_kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_os
- action: labeldrop
regex: topology_jiva_openebs_io_nodeName
- job_name: kubernetes-service-endpoints - job_name: kubernetes-service-endpoints
kubernetes_sd_configs: kubernetes_sd_configs:
- role: endpoints - role: endpoints
@@ -115,21 +78,6 @@ data:
source_labels: source_labels:
- __meta_kubernetes_pod_node_name - __meta_kubernetes_pod_node_name
target_label: kubernetes_node target_label: kubernetes_node
# We don't care about the flag metrics from VM
- action: drop
source_labels: [__name__]
regex: "flag"
# Drop unneeded labels
- action: labeldrop
regex: beta_kubernetes_io_os
- action: labeldrop
regex: beta_kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_os
- action: labeldrop
regex: topology_jiva_openebs_io_nodeName
- job_name: kubernetes-pods - job_name: kubernetes-pods
kubernetes_sd_configs: kubernetes_sd_configs:
@@ -168,17 +116,6 @@ data:
regex: Pending|Succeeded|Failed regex: Pending|Succeeded|Failed
source_labels: source_labels:
- __meta_kubernetes_pod_phase - __meta_kubernetes_pod_phase
# Drop unneeded labels
- action: labeldrop
regex: beta_kubernetes_io_os
- action: labeldrop
regex: beta_kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_arch
- action: labeldrop
regex: kubernetes_io_os
- action: labeldrop
regex: topology_jiva_openebs_io_nodeName
- job_name: 'node-exporter' - job_name: 'node-exporter'
kubernetes_sd_configs: kubernetes_sd_configs:
@@ -213,11 +150,10 @@ spec:
app.kubernetes.io/name: victoria-metrics app.kubernetes.io/name: victoria-metrics
app.kubernetes.io/component: agent app.kubernetes.io/component: agent
spec: spec:
priorityClassName: system-cluster-critical
serviceAccountName: prometheus-server serviceAccountName: prometheus-server
containers: containers:
- name: vmagent - name: vmagent
image: "victoriametrics/vmagent:v1.126.0" image: "victoriametrics/vmagent:v1.125.1"
imagePullPolicy: "IfNotPresent" imagePullPolicy: "IfNotPresent"
args: args:
- -remoteWrite.url=http://vmcluster.auth-proxy.svc/insert/0/prometheus/ - -remoteWrite.url=http://vmcluster.auth-proxy.svc/insert/0/prometheus/

10
manifests/nextcloud_chart/manifest.yaml
View File

@@ -201,10 +201,9 @@ spec:
app.kubernetes.io/component: app app.kubernetes.io/component: app
nextcloud-nextcloud-redis-client: "true" nextcloud-nextcloud-redis-client: "true"
spec: spec:
priorityClassName: critical
containers: containers:
- name: nextcloud - name: nextcloud
image: "nextcloud:31.0.9-apache" image: "nextcloud:31.0.8-apache"
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: SQLITE_DATABASE - name: SQLITE_DATABASE
@@ -283,10 +282,7 @@ spec:
periodSeconds: 10 periodSeconds: 10
resources: resources:
requests: requests:
cpu: 1038m memory: 450Mi
memory: 512M
limits:
cpu: 1200m
volumeMounts: volumeMounts:
- name: nextcloud-data - name: nextcloud-data
mountPath: /var/www/ mountPath: /var/www/
@@ -378,7 +374,7 @@ spec:
restartPolicy: Never restartPolicy: Never
containers: containers:
- name: nextcloud - name: nextcloud
image: "nextcloud:31.0.9-apache" image: "nextcloud:31.0.8-apache"
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
command: [ "curl" ] command: [ "curl" ]
args: args:

2
manifests/nginx-lb/nginx-lb.yaml
View File

@@ -533,7 +533,7 @@ spec:
resources: resources:
requests: requests:
cpu: 100m cpu: 100m
memory: 150Mi memory: 90Mi
securityContext: securityContext:
allowPrivilegeEscalation: true allowPrivilegeEscalation: true
capabilities: capabilities:

5
manifests/outline/outline.yaml
View File

@@ -43,10 +43,9 @@ spec:
labels: labels:
app.kubernetes.io/name: outline app.kubernetes.io/name: outline
spec: spec:
priorityClassName: critical
containers: containers:
- name: outline - name: outline
image: outlinewiki/outline:0.87.4 image: outlinewiki/outline:0.87.3
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: ALLOWED_DOMAINS - name: ALLOWED_DOMAINS
@@ -73,7 +72,7 @@ spec:
resources: resources:
requests: requests:
cpu: 8m cpu: 8m
memory: 1024Mi memory: 800Mi
volumeMounts: volumeMounts:
- mountPath: /opt/outline/.env - mountPath: /opt/outline/.env
subPath: .env subPath: .env

7
manifests/priority-classes/critical.yaml
View File

@@ -1,7 +0,0 @@
apiVersion: scheduling.k8s.io/v1
kind: PriorityClass
metadata:
name: critical
value: 1000
globalDefault: false
preemptionPolicy: PreemptLowerPriority

7
manifests/priority-classes/low.yaml
View File

@@ -1,7 +0,0 @@
apiVersion: scheduling.k8s.io/v1
kind: PriorityClass
metadata:
name: low
value: 10
globalDefault: false
preemptionPolicy: Never

7
manifests/priority-classes/normal.yaml
View File

@@ -1,7 +0,0 @@
apiVersion: scheduling.k8s.io/v1
kind: PriorityClass
metadata:
name: normal
value: 100
globalDefault: true
preemptionPolicy: PreemptLowerPriority

149
manifests/proxy-civo/non-auth-proxy.yaml Normal file
View File

@@ -0,0 +1,149 @@
apiVersion: v1
kind: Secret
metadata:
name: tailscale-auth
namespace: proxy-civo
annotations:
kube-1password: 2cqycmsgv5r7vcyvjpblcl2l4y
kube-1password/vault: Kubernetes
type: Opaque
---
apiVersion: v1
kind: ConfigMap
metadata:
name: host-mappings
namespace: proxy-civo
labels:
app: proxy
data:
mapping.json: |
{
"vmcluster.proxy-civo.svc": "vmcluster.cluster.local",
"loki.proxy-civo.svc": "loki-write.cluster.local",
"loki.proxy-civo.svc:80": "loki-write.cluster.local",
"loki-distributed.proxy-civo.svc": "loki-loki.cluster.local",
"loki-distributed.proxy-civo.svc:80": "loki-loki.cluster.local"
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: internal-proxy
namespace: proxy-civo
labels:
app: internal-proxy
annotations:
configmap.reloader.stakater.com/reload: "host-mappings"
secret.reloader.stakater.com/reload: "tailscale-auth"
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: internal-proxy
template:
metadata:
labels:
app: internal-proxy
spec:
serviceAccountName: default
dnsPolicy: ClusterFirst
dnsConfig:
nameservers:
- 100.100.100.100
containers:
- name: proxy
image: rg.fr-par.scw.cloud/averagemarcus/proxy:latest
imagePullPolicy: Always
env:
- name: PROXY_DESTINATION
value: talos.tail4dfb.ts.net
- name: PORT
value: "8080"
- name: TS_AUTH_KEY
valueFrom:
secretKeyRef:
name: tailscale-auth
key: password
- name: TS_HOSTNAME
value: proxy-civo-internal-proxy
ports:
- containerPort: 8080
protocol: TCP
volumeMounts:
- name: host-mappings
mountPath: /config/
volumes:
- name: host-mappings
configMap:
name: host-mappings
---
apiVersion: v1
kind: Service
metadata:
name: loki
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
name: loki-distributed
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
name: prometheus
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
name: vmcluster
namespace: proxy-civo
labels:
app: internal-proxy
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: internal-proxy
type: ClusterIP
---

1
manifests/redis/redis.yaml
View File

@@ -327,7 +327,6 @@ spec:
weight: 1 weight: 1
nodeAffinity: nodeAffinity:
terminationGracePeriodSeconds: 30 terminationGracePeriodSeconds: 30
priorityClassName: critical
containers: containers:
- name: redis - name: redis
image: docker.io/bitnamilegacy/redis:7.2.4-debian-11-r11 image: docker.io/bitnamilegacy/redis:7.2.4-debian-11-r11

4
manifests/rss/miniflux.yaml
View File

@@ -25,8 +25,6 @@ data:
POLLING_FREQUENCY: "15" POLLING_FREQUENCY: "15"
BASE_URL: "https://miniflux.cluster.fun/" BASE_URL: "https://miniflux.cluster.fun/"
METRICS_COLLECTOR: "1" METRICS_COLLECTOR: "1"
CLEANUP_ARCHIVE_READ_DAYS: "365"
CLEANUP_ARCHIVE_UNREAD_DAYS: "365"
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
@@ -68,7 +66,7 @@ spec:
spec: spec:
containers: containers:
- name: web - name: web
image: ghcr.io/miniflux/miniflux:2.2.13 image: ghcr.io/miniflux/miniflux:2.2.12
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
envFrom: envFrom:
- configMapRef: - configMapRef:

1
manifests/svg-to-dxf/svg-to-dxf.yaml
View File

@@ -27,7 +27,6 @@ spec:
labels: labels:
app: svg-to-dxf app: svg-to-dxf
spec: spec:
priorityClassName: low
containers: containers:
- name: web - name: web
image: rg.fr-par.scw.cloud/averagemarcus/svg-to-dxf:latest image: rg.fr-par.scw.cloud/averagemarcus/svg-to-dxf:latest

1
manifests/text-to-dxf/text-to-dxf.yaml
View File

@@ -27,7 +27,6 @@ spec:
labels: labels:
app: text-to-dxf app: text-to-dxf
spec: spec:
priorityClassName: low
containers: containers:
- name: web - name: web
image: rg.fr-par.scw.cloud/averagemarcus/text-to-dxf:latest image: rg.fr-par.scw.cloud/averagemarcus/text-to-dxf:latest

2
manifests/traefik/traefik.yaml
View File

@@ -45,7 +45,7 @@ spec:
- --entrypoints.websecure.http.tls=true - --entrypoints.websecure.http.tls=true
- --entrypoints.web.http.redirections.entrypoint.to=websecure - --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https - --entrypoints.web.http.redirections.entrypoint.scheme=https
image: rancher/mirrored-library-traefik:2.11.29 image: rancher/mirrored-library-traefik:3.5.1
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
livenessProbe: livenessProbe:
failureThreshold: 3 failureThreshold: 3