Compare commits
2 commits
Author | SHA1 | Date | |
---|---|---|---|
8a57dfc0e0 | |||
d083f9313a |
38 changed files with 128 additions and 564 deletions
|
@ -29,7 +29,7 @@ spec:
|
|||
sources:
|
||||
- chart: woodpecker
|
||||
repoURL: https://woodpecker-ci.org/
|
||||
targetRevision: 2.0.3
|
||||
targetRevision: 1.6.0
|
||||
helm:
|
||||
releaseName: woodpecker
|
||||
valueFiles:
|
||||
|
@ -93,24 +93,3 @@ spec:
|
|||
automated:
|
||||
selfHeal: false
|
||||
prune: true
|
||||
---
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: sb-server-monitor
|
||||
namespace: argocd
|
||||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: https://git.ar21.de/yolokube/core-deployments.git
|
||||
targetRevision: HEAD
|
||||
path: sb-server-monitor
|
||||
destination:
|
||||
server: https://kubernetes.default.svc
|
||||
namespace: sb-server-monitor
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
automated:
|
||||
selfHeal: true
|
||||
prune: true
|
||||
|
|
|
@ -9,7 +9,7 @@ spec:
|
|||
sources:
|
||||
- repoURL: https://traefik.github.io/charts
|
||||
chart: traefik
|
||||
targetRevision: 33.2.1
|
||||
targetRevision: 32.1.1
|
||||
helm:
|
||||
releaseName: traefik
|
||||
valueFiles:
|
||||
|
@ -39,7 +39,7 @@ spec:
|
|||
sources:
|
||||
- repoURL: https://argoproj.github.io/argo-helm
|
||||
chart: argo-cd
|
||||
targetRevision: 7.7.11
|
||||
targetRevision: 7.6.12
|
||||
helm:
|
||||
releaseName: argo
|
||||
valueFiles:
|
||||
|
@ -106,7 +106,7 @@ spec:
|
|||
sources:
|
||||
- chart: kube-prometheus-stack
|
||||
repoURL: https://prometheus-community.github.io/helm-charts
|
||||
targetRevision: 67.3.1
|
||||
targetRevision: 65.0.0
|
||||
helm:
|
||||
releaseName: prometheus
|
||||
valueFiles:
|
||||
|
@ -157,7 +157,7 @@ spec:
|
|||
sources:
|
||||
- chart: cilium
|
||||
repoURL: https://helm.cilium.io/
|
||||
targetRevision: 1.16.5
|
||||
targetRevision: 1.16.3
|
||||
helm:
|
||||
releaseName: cilium-cni
|
||||
valueFiles:
|
||||
|
@ -280,7 +280,7 @@ spec:
|
|||
sources:
|
||||
- chart: loki
|
||||
repoURL: https://grafana.github.io/helm-charts
|
||||
targetRevision: 6.24.0
|
||||
targetRevision: 6.18.0
|
||||
helm:
|
||||
releaseName: loki
|
||||
valueFiles:
|
||||
|
@ -380,9 +380,9 @@ metadata:
|
|||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: https://git.ar21.de/yolokube/core-deployments.git
|
||||
repoURL: https://git.ar21.de/yolokube/grafana-backuper-deployment.git
|
||||
targetRevision: HEAD
|
||||
path: grafana-backuper
|
||||
path: "overlay"
|
||||
destination:
|
||||
server: https://kubernetes.default.svc
|
||||
namespace: grafana-backuper
|
||||
|
@ -401,7 +401,7 @@ spec:
|
|||
sources:
|
||||
- repoURL: https://charts.jetstack.io
|
||||
chart: cert-manager
|
||||
targetRevision: v1.16.2
|
||||
targetRevision: v1.16.1
|
||||
helm:
|
||||
releaseName: cert-manager
|
||||
valueFiles:
|
||||
|
@ -460,23 +460,3 @@ spec:
|
|||
- CreateNamespace=true
|
||||
automated:
|
||||
prune: false
|
||||
---
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: traefik-certmanager
|
||||
namespace: argocd
|
||||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: https://git.ar21.de/yolokube/core-deployments.git
|
||||
targetRevision: HEAD
|
||||
path: traefik-certmanager/overlay
|
||||
destination:
|
||||
server: https://kubernetes.default.svc
|
||||
namespace: traefik
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
automated:
|
||||
prune: false
|
||||
|
|
7
appflowy/namespace.yaml
Normal file
7
appflowy/namespace.yaml
Normal file
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/instance: appflowy
|
||||
name: appflowy
|
30
appflowy/service.yaml
Normal file
30
appflowy/service.yaml
Normal file
|
@ -0,0 +1,30 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app: appflowy-gotrue
|
||||
name: appflowy-gotrue
|
||||
namespace: appflowy
|
||||
spec:
|
||||
ports:
|
||||
- name: goetrue
|
||||
port: 9999
|
||||
selector:
|
||||
app: appflowy
|
||||
type: ClusterIP
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app: appflowy-cloud
|
||||
name: appflowy-cloud
|
||||
namespace: appflowy
|
||||
spec:
|
||||
ports:
|
||||
- name: cloud
|
||||
port: 8000
|
||||
selector:
|
||||
app: appflowy
|
||||
type: ClusterIP
|
|
@ -92,7 +92,7 @@ spec:
|
|||
secretKeyRef:
|
||||
key: authentik_host_insecure
|
||||
name: authentik-outpost-api
|
||||
image: ghcr.io/goauthentik/proxy:2024.12.1
|
||||
image: ghcr.io/goauthentik/proxy:2024.8.3
|
||||
name: proxy
|
||||
ports:
|
||||
- containerPort: 9000
|
||||
|
|
|
@ -5,5 +5,5 @@ kind: Kustomization
|
|||
images:
|
||||
- name: git.ar21.de/yolokube/dashboard
|
||||
newName: git.ar21.de/yolokube/dashboard
|
||||
newTag: "275"
|
||||
newTag: "187"
|
||||
namespace: dashboard
|
||||
|
|
|
@ -5,7 +5,7 @@ kind: Kustomization
|
|||
images:
|
||||
- name: git.ar21.de/yolokube/dashboard
|
||||
newName: git.ar21.de/yolokube/dashboard
|
||||
newTag: staging-274
|
||||
newTag: staging-186
|
||||
namespace: dashboard-staging
|
||||
patches:
|
||||
- patch: |-
|
||||
|
|
|
@ -32,10 +32,10 @@ spec:
|
|||
protocol: TCP
|
||||
resources:
|
||||
limits:
|
||||
cpu: 1000m
|
||||
cpu: 800m
|
||||
memory: 128Mi
|
||||
requests:
|
||||
cpu: 400m
|
||||
cpu: 200m
|
||||
memory: 32Mi
|
||||
volumeMounts:
|
||||
- mountPath: /var/run/fail2ban/fail2ban.sock
|
||||
|
|
|
@ -36,10 +36,6 @@ spec:
|
|||
- env:
|
||||
- name: GEOIP_LISTEN_ADDRESS
|
||||
value: :8080
|
||||
- name: GEOIP_EXPORTER_ADDRESS
|
||||
value: :9191
|
||||
- name: GEOIP_ENABLE_EXPORTER
|
||||
value: "true"
|
||||
- name: GEOIP_DATA_URL
|
||||
value: https://data.neuber.io/data.csv
|
||||
image: git.ar21.de/yolokube/country-geo-locations:latest
|
||||
|
@ -49,9 +45,6 @@ spec:
|
|||
- containerPort: 8080
|
||||
name: http
|
||||
protocol: TCP
|
||||
- containerPort: 9191
|
||||
name: http-metrics
|
||||
protocol: TCP
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
httpHeaders:
|
||||
|
|
|
@ -10,8 +10,8 @@ kind: Kustomization
|
|||
images:
|
||||
- name: git.ar21.de/yolokube/country-geo-locations
|
||||
newName: git.ar21.de/yolokube/country-geo-locations
|
||||
newTag: "62"
|
||||
newTag: "29"
|
||||
- name: git.ar21.de/yolokube/fail2ban-prometheus-exporter
|
||||
newName: git.ar21.de/yolokube/fail2ban-prometheus-exporter
|
||||
newTag: "102"
|
||||
newTag: "48"
|
||||
namespace: fail2ban-prometheus
|
||||
|
|
|
@ -13,10 +13,6 @@ spec:
|
|||
- name: http
|
||||
port: 80
|
||||
targetPort: http
|
||||
- name: http-metrics
|
||||
port: 9191
|
||||
protocol: TCP
|
||||
targetPort: 9191
|
||||
selector:
|
||||
app: fail2ban-geoip
|
||||
type: ClusterIP
|
||||
|
|
|
@ -26,31 +26,3 @@ spec:
|
|||
matchLabels:
|
||||
app.kubernetes.io/instance: fail2ban-prometheus
|
||||
app.kubernetes.io/name: fail2ban-prometheus-exporter
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
labels:
|
||||
app: fail2ban-geoip
|
||||
app.kubernetes.io/instance: fail2ban-prometheus
|
||||
app.kubernetes.io/name: fail2ban-geoip
|
||||
name: fail2ban-geoip-servicemonitor
|
||||
namespace: fail2ban-prometheus
|
||||
spec:
|
||||
attachMetadata:
|
||||
node: false
|
||||
endpoints:
|
||||
- interval: 10s
|
||||
path: /metrics
|
||||
port: http-metrics
|
||||
relabelings:
|
||||
- action: replace
|
||||
sourceLabels:
|
||||
- __meta_kubernetes_endpoint_node_name
|
||||
targetLabel: node
|
||||
scheme: http
|
||||
jobLabel: jobLabel
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/instance: fail2ban-prometheus
|
||||
app.kubernetes.io/name: fail2ban-geoip
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: grafana-backuper
|
|
@ -1,58 +0,0 @@
|
|||
---
|
||||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: grafana-backuper
|
||||
namespace: grafana-backuper
|
||||
spec:
|
||||
schedule: "0 * * * *"
|
||||
successfulJobsHistoryLimit: 1
|
||||
failedJobsHistoryLimit: 3
|
||||
jobTemplate:
|
||||
spec:
|
||||
ttlSecondsAfterFinished: 3600
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: grafana-backuper
|
||||
image: git.ar21.de/yolokube/grafana-backuper:latest
|
||||
env:
|
||||
- name: GB_GRAFANA_URL
|
||||
value: "http://prometheus-grafana.prometheus/api"
|
||||
- name: GB_GRAFANA_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: grafana-secrets
|
||||
key: grafana-auth-token
|
||||
- name: GB_GIT_REPO
|
||||
value: "https://git.ar21.de/yolokube/grafana-dashboards.git"
|
||||
- name: GB_GIT_BRANCH
|
||||
value: "main"
|
||||
- name: GB_GIT_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: git-secrets
|
||||
key: git-user
|
||||
- name: GB_GIT_EMAIL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: git-secrets
|
||||
key: git-email
|
||||
- name: GB_GIT_PASS
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: git-secrets
|
||||
key: git-pass
|
||||
- name: GB_SIGNING_KEY
|
||||
value: /app/keys/signing-key.asc
|
||||
- name: GB_SEQUENCE
|
||||
value: "backup,restore"
|
||||
volumeMounts:
|
||||
- name: key-volume
|
||||
mountPath: /app/keys
|
||||
imagePullPolicy: IfNotPresent
|
||||
volumes:
|
||||
- name: key-volume
|
||||
secret:
|
||||
secretName: gpg-key
|
||||
restartPolicy: Never
|
File diff suppressed because one or more lines are too long
|
@ -1,12 +0,0 @@
|
|||
generators:
|
||||
- secret-generator.yaml
|
||||
resources:
|
||||
- 0-namespace.yaml
|
||||
- 1-cronjob.yaml
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
images:
|
||||
- name: git.ar21.de/yolokube/grafana-backuper
|
||||
newName: git.ar21.de/yolokube/grafana-backuper
|
||||
newTag: "33"
|
||||
namespace: grafana-backuper
|
|
@ -1,11 +0,0 @@
|
|||
---
|
||||
apiVersion: viaduct.ai/v1
|
||||
kind: ksops
|
||||
metadata:
|
||||
name: secret-generator
|
||||
annotations:
|
||||
config.kubernetes.io/function: |
|
||||
exec:
|
||||
path: ksops
|
||||
files:
|
||||
- 2-secret.yaml
|
|
@ -6,7 +6,7 @@ metadata:
|
|||
namespace: longhorn-system
|
||||
spec:
|
||||
cron: "40 * * * *"
|
||||
task: "snapshot"
|
||||
task: "backup"
|
||||
retain: 12
|
||||
concurrency: 2
|
||||
---
|
||||
|
|
|
@ -6,13 +6,13 @@ metadata:
|
|||
namespace: longhorn-system
|
||||
type: Opaque
|
||||
data:
|
||||
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:4kZPRNprd1eQe4tqGkVYs5lgGI6JLkdtxkW85g==,iv:AQ6Z8X8VeqvlQfSOp2RX9X+blPclrJ1MUDGRvlGH3EI=,tag:p0vao7xV3DOb8TMZ7MnOEA==,type:str]
|
||||
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:0hXGgxGA84hu+KpCKbLVkd+ghup9ZPb77XjRl5Ouy7MWAskQVvovvy+j8tl2L329ckPdgYxfGdo=,iv:H5pzOdD4i1c57zWMMSTdo+cW+tqO6kyNlt7w/5cv4/k=,tag:6xDkVvTxfw6JlhnO/bfZbg==,type:str]
|
||||
# ENC[AES256_GCM,data:Vx/DzAeiBwPH6UR8uJWzEqKkyPcrhHBAtNbme9gCiXIqkJuwyL7XDVv0LxbZ6EUTeeKUbCEFDwgCUv3VlQqLZy76pWhQ7UHg6YsoegAVh3U9UYlD4ySJAVLO3+EruUFbBpu+Z0KuNhrXQDluns8WIOzZGdgRgCTM2FDcrgpuiElxFTh1WF7bFRs1bmCiH3jNun4udnZ5aYaiqNlUzzv+P76IdDKWHO8Hhx/WBE/G0gbrGgK+SAa1gU3WYFXqzsipuU1LYKwJ2fpHxPNWei6m5lWHPc+IjdnSNASKW5E1NpXagYGby8nvorbIc6ncGbchc+mC4DKm7CAofvHGIKDkOvUKi4KYAAtpuxoUUwAcdXdqaR9Quxx+358Ax1qh0q+3A+U6kOaIeD/8KCia3vp/Xjem7H0iEutyVmglR05eypqMcBvwx1XWEw==,iv:Nd4MtiUT1zNQJWIjACnNal8URcqNFkV+rscnOBTjkqs=,tag:YFo/xMz4sIFI0fPENXTQnw==,type:comment]
|
||||
AWS_ENDPOINTS: ENC[AES256_GCM,data:PU28KCvIGZ1zDlCDITP8DD7zInsof5Greb05yzCUeY0VtH4NQVFWNOdNeBbuQl+Z,iv:3jO/fnHdjEKXvd+JecBgxrMfBCOeAgGRcVjIw42OUOg=,tag:Cx56308yFW1gcKwuwvJy9Q==,type:str]
|
||||
# ENC[AES256_GCM,data:aRsCbIvtGR7oXsa784OZviwTYKTKrRnzurgbgDpxeWa5LeUbODJoEtYZ7EDd9q+7T4GUT0doN4NADT3tfrpkcVF1/me0cJP8SAPPzdyRnFkWYwHdcFwpaug4dhjdTVhH3AnmR7tY9odrpXu8oh80Ug4V4kFtgObBa2Sb85x3p2Apn6PGRor8p56G95EE6AHy51bRK/0924AFNJYHHgdlUbftTP79owBwGxqfDtTsA2iF2K5oyZBCzfFRevDYGZv4VkyxM+Jn70JubMvC+25SwwmSLraJeaiCGGXIWut0lo9U9SKxoAkhhsbypSduKiupYdV+tknetEuN0xlWEip3kO584d5sQ77ZQZU0NkO/scQEGQ5cNWlCvpsURSuCsQYtN8kZ2wnNx2CYIVK1+iRFyr14naXAnpLqJhYGRa5U9g0nMDUQmLa5e6R5K0KlgfPQWH8AN6ZG9jlKu/3RwuUYHTM/6+SQ+GMwvA7zLPlBwxYq0f+uPxhcGLh2rlY=,iv:V32ZLstCviLMljxlBUyrlXYhXd1oA9wGtzu1o3+pdmk=,tag:6dyCf2hhfXqDwQyzRX+iNA==,type:comment]
|
||||
# ENC[AES256_GCM,data:uoEFaivWcAh7WqOe4pFvmfuXi3JybpyiHirK+Xi6HR2bwP5D4gwUNAY96LiwJ0OV0xZ204R1PkX2vSkoOVEfX49gQxCrzEQh9EynLOkx27d5nqUOYJ6jtjKve719B9pGIqVnaGjbrrq+OpCdUq+qquyTX+WyE3J3yOep2z1WrsyljFRpwyEa6eXxNnp9C9MOBtxoHp8kksiIM1njPrdix65EoKPnSdUNsjyq6yCrmpCHMzbb350h5fRIZBC3DvjK0NYzjlKPElLE8xYnZrKk0OI3OrHRfvZZSqaM0Qe374FESG1yaBcWapFRR6gzXsUO6U2UW2YiRKQDHeO23a7k8wmO1+kF9fzG+Eix/FTfpOpged3AksRrvrjtOn6DiOEn3d1xZG9qI3nrNlzy2mxUfx3OAH0syT/H19mGUdT7GWEd53sNJjCteKV9g3XTWoDV1zIPJaqsHYG+cf8SgleQxgrnLqlJ4AESbm0RTsntSfm/e7HA8E4NBanICSzi229/cTcu3aAgzKR+pH97jHh1d+oUoMD+ptlz29YcdM7sYs4qFihMFG+DBGS+TLyhfnRVH4RBkH7JpJ+jYfKGQrZbOfpgdVrHq6tUUsSAZYn1cwI=,iv:FgI1Xwb5jotVCZOZWAAA+1LfGdYHqz6nBtjY6VjuPgE=,tag:HXr4uv0tFMKqnqf+5Fd3TQ==,type:comment]
|
||||
# ENC[AES256_GCM,data:S/P9l0rJozDfGv3TDGy0MIDs5YvBln7BFL2c+QSUmhgLB89nrxR1t3NQlQQwMRpG7w3sXpr3vHnn1WEuFGBYFku+54vOmWp+EyWKKnUvt9rFkjE4e0mx23T81yzXd7aaoC1+1JNNYMAATnmLBY0lCVFHr4Nyn4Gw2VmjFhtU6SkgNy4FcnyUiG9OUxtkqj1stgNa/fpyq/VhNkC0v7yFk0nqJWk9YSynH5hGqvS367akGk1vsHGCOlG0ej4E4MRj5459BLW9J5o+sPsQUxxiOnoZZWOp5pM7rG/qZyW5kYQqcmQPpvx4TmnKFpbDNgXMCiLax/1pzyPxWoe3sy+n1XpKbjLY5WJZ1j1XOiv1BFSwh1DPVrr8qQdvIT0ZSWnDQg4BwodpPli56mVVU+6tFyQQUitKaPkJTXgzAQjI+qnzb7UV3+UMRqVG3eS6naRXpT52aJ1SFSVa1dndPZK5jFNI80GGTIH3XMBeoA1/8PnO/rz//lO0Ik36SJYRoksUzB0r3cgikn2uhOLr1UUcEJk5fh5N7rkQRW2URpG4BTIxMeCSxCsHRr9IXwkAgnXxRoI4fueXrFwB0yTKt0cWA1wGlbo/TwrrUS/tv5TIGa/OKpWzKBfJ5+Pv7krZio4S20rJ5LgQTF7ed2U+8X9EIX391Wpzp0BLNA9zp19MPQYVroSy1YE7fL2p9BguLEzdLhQnLf012Q/QpjD6viLUa9QkwWqfejfKegNUfCgKqd+V+SqbezhPof8c97k=,iv:M/6W8wStPgv5NQKH8rkXHRBobk/7UkjuoHbJarjAF+Y=,tag:L5iGKql3zhbYNqPXkx+3MQ==,type:comment]
|
||||
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:78iskasj0MX32r8qp4LCmTsf5q8r3W5nCs7BrA==,iv:dQFU/Pm+bQQKWfWKq7c63XTW2+czjOeIZuoL2mrPKbM=,tag:we+rZ+YoMpeiAve7zcH6pg==,type:str]
|
||||
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:zR3LNrmweWn9ONkpOlgNGfJ0ERJeNgNsurvBcsX7JZox/vyaZRb6lt4VEjdBDMdTZ+dWRvtvHUw=,iv:CCLoHHixnzVaT0SX3uOjyb7SCNyAe5H30acmMEIgubI=,tag:c7nWPRTZQXqgp8jVgtU57g==,type:str]
|
||||
# ENC[AES256_GCM,data:p1aNW086iJ/xbZGc3A9VFitml4AB0ly8BOyJztOoIBd9I7Ld,iv:5um8w4PL9EfHcCHlfIW0Yr6aqvgs5FVh4Y54RDQDOLY=,tag:17ELSDORVx0aj2hzFDaxUA==,type:comment]
|
||||
AWS_ENDPOINTS: ENC[AES256_GCM,data:Cm4ISXx3mosAwVCzFqK5461gFIAqWtSwazvhfe/01blpOLOGpEW7b7S00fnRMviR,iv:Zflw/1JEQjcKarQPOrpBSpCprdL/2Ry6FH74K3/NfFo=,tag:l6idxnQStu2ycr0og2/otw==,type:str]
|
||||
# ENC[AES256_GCM,data:0QVDgxSYpM+pFAiXf2+xcAnZath1zSzyZDy/zS8L36kZrSQnBSDN91OwAKLYpOb1m+cbex6lWN9OYFRYcIhUjA==,iv:Cm7bwYZS6F4XkRFaqUcBehXUQXmUI/48l+cDBPjlao8=,tag:jBUadTKqWJbPqpljshBoRg==,type:comment]
|
||||
# ENC[AES256_GCM,data:oxfKvt9xbus8la9hJGLOCVBfyQMCP4wpD4QZcEIw/SFWysMm2NaFzUHtUH39QAG2kCw1C5gKtTQ5EhJ1C2bgxVB6qlC6DUhO5uwlIoXtDqNsfhnsyWuIvJMH5jnPwAfO8Y+plLk2g4dV3aMmYt8Hfg==,iv:Ai/0l0GDbJzTaVy7Xhp1offyaqKD/Ge/oU9YDiGXC28=,tag:wIGYy7TBnCZYrbKDd1y7xQ==,type:comment]
|
||||
# ENC[AES256_GCM,data:6IieK5gwtUr+u3PjRjOXs5fJafO3N14yLmDCxBdU5VBfgOpIV4P5nX07DJ5jXw9BJgr6nqsQA0tlgeddT0vnO/cQNKJFBeQXVCzjxLHlrNv7JLg6EbtXZoO/eNow0XBGCLyg6Mq+6S83J2p8pix4tEae4YQrwveQ+dD0A15hK7n5gWOdFz50qE5IImbZsm9aR3ymxs1o9fjkZYTNycsneWe069SNCdb2gFtf4Q==,iv:N30tKPf2ajQT2s0/GYZPV8ipy1Qkkfh+dAlJ4pdGm9M=,tag:qtfr6TY8nyAoMykRONC3kQ==,type:comment]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
@ -22,32 +22,32 @@ sops:
|
|||
- recipient: age1mraede6gqxkh2rkeq5fjrcflp7emenl2qn885asxvtx5erga2pdqujuexz
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOQmhEOFlmNGpCUys4c2Zl
|
||||
K29RdUpxbCtkbEdqWGhjcW1xTGp6c09lUFM4ClliK1hLQzVtQ0RpZW4zLzhWeDAz
|
||||
SkNNdUtCQ0JxYXZ6aGZTeEpYTVk0bGcKLS0tIHFKRzdFdlR5dlRrVFhtZzFVazBa
|
||||
c1l4enNuc0QwZTMycjVYdm5CWmxYWW8KeIfVkmMC+YBSpX1SYQyCtwRNWaOpQgXE
|
||||
WN/hCyWaxiG7gwYuolUmeZVgN71WWyJFymdQUwTMNPe795lSqWx33A==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIUUV2UTR2dUpxWlpKWjNM
|
||||
WDI2NVRUK0EvZkdjZ3N0OXFNclNJdzlIRXlZCmZBOUErb2pZUHZlNVpGLzhTUlRK
|
||||
N21nSjM3RzRRdXR4QStyakdYRExCOHMKLS0tIHdJczRmNnBDMmJjNm9WeXlvU1cx
|
||||
U1lFckFhTWloSmI0LzJoWDJDSExnbHcK4Sz2SU5czvG58HiQtn4AJbltSwfikS3A
|
||||
JUKhzPja3ZgHhmed+Bs9SLyKcQ1gm+ou1JLjqJ2/0s2MEAoTnQ9aCw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1s9nvc4rxj3kaj4apmzzn8fmjrudrvdhgu70rg04we9hyse5aadsq7kmckn
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRRy9PZnZFZXlqeitndHc2
|
||||
V1djOXdmanZuSTVuc0U1TTJuSmNETnpORHpvCmZYL1pPRng1Z0lHRE5Pby9MTDNj
|
||||
VWZVbjBkSjZtWmRpNVFjTGFDdHlUeXMKLS0tIGk2aFdiLzcyKzZSQnhuVTBLK2Fp
|
||||
c3EvQWJaVCsxMkphSm5JTnN3cHl0NVEKYMAk1Nb5tG9kHvaLmybQkp17HDlDRZgT
|
||||
qaq3KD9GxhlR3zieW0SPxNAaxiOegZy2qsftARRhFq5a42nEaXH2Qg==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5OEVaTk9IUzR1bkNneitF
|
||||
dGtadHJjRUJUYTREV0J2M3Z2dzJCSnpEREZNCkpZZnFxNE1QMU5UUXNITXJpV2Rt
|
||||
dUcvaUw4aC9iQzhIRXVmYmlpUmhqRm8KLS0tIDUxRGxsQldqWWlFeXJITXg2RkhX
|
||||
bkwvRVlsSDYyZGJkbU94bFUxdnN2VkkKg9LB1b0aD/GqpbRIZD1hIcNaRWr4eybL
|
||||
17orZ6j01e84zMutrinpOP1sTMyqCEBYG2FrEAnRaTxRkOW7SaVHIw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1z5wtjmk0jw0j9qz9k5rrnp30nzqxrl3v6wgl7eryvqus28zekp4qpx9jc2
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2SXpqL3MxUlBleWN0bGta
|
||||
MWpoZGlXT1p3V2hWSzJCdzF0ZnV5VTJLKzN3CnQxSnZmR0dpVEZMdTJSSGIyME1h
|
||||
THlmakVzdUNGczVqYnh3NkkyT0dmbGsKLS0tIGh4MjZvWlN4VGIyMWlpUmo4bTZr
|
||||
enM5VUpmUFlodUY0YkI5ZE1PTHNzamsKZ9wzXs9tmGBztTVsFjO8BVOJGSQVYSXy
|
||||
46BrF45tbufUGXlqSlRkxo5TYY3NLbHZkBxawNIqlLiaAnQc2qaZDg==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArZ3FUMlpFRVdrVVZxdXdo
|
||||
b2pJZ0lValNUMUlZcGRVb296QjlPM1JPZUFrCkVDWlhZNEYxaVRnd2FTWFRtSHcr
|
||||
eTN0ZERFSWpPa0lyczF2TEk5dTB4d00KLS0tIHZ2MzdpUTd1eHdicHduQzJsRzAr
|
||||
SU5ibzRiK3Q2RnVNRUhjVm5YSFNmc0UKNA0uHFT1L8RuQR6TmiopYCgLBxsLp0bU
|
||||
vsS68gQieQI94bBiMOsJQTzLSWBc9juvuBdHhRoyYhkzJ75TAifNVQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-11-06T01:22:24Z"
|
||||
mac: ENC[AES256_GCM,data:2uNXiOi1RduF2dqAR41eakZxdiqpTPk7B+AAuCppDbUNsL0JAMB3VKexyc4oNLN1kjuH1JN2mQWLXOY3mfbGwZfL2u0TqZU6IavNsRwJhyHLmZ+Smd0oNWk6Ff06B90zo2wQmRHQYPMtUdgi9vF72qKOGxuDmuB4XI6pPkmDhxo=,iv:Yxs56ofaHkzo8NERxU6YllfwknirVHb3mFebRqeFT+A=,tag:0rV6kPjRTYi5XYBrR4y34Q==,type:str]
|
||||
lastmodified: "2024-09-30T19:48:48Z"
|
||||
mac: ENC[AES256_GCM,data:cu2bF925hVUs69HmKzs3sc61rN3hNWwN0x6VyBhoobNDF7IJ65Aw/iSYSh80EdoDy4WQq0lfr4SO8sayqs3vxgTwFpujcjnQ16rgq0q00V8e+iDlR78h/SbYp+cuFiu6QBKSl9a/vHfRSTSOAOt0zF+cPYl25Htas5L7S12xJ68=,iv:wDkA8egy2ONoRaUYXV915ID6JX+myOmStxdXXtC66sw=,tag:UxoGQpiB023vcwSc3es21Q==,type:str]
|
||||
pgp: []
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.9.1
|
||||
version: 3.9.0
|
||||
|
|
|
@ -12,10 +12,9 @@ persistence:
|
|||
"isGroup":false
|
||||
}
|
||||
]'
|
||||
disableRevisionCounter: false
|
||||
defaultSettings:
|
||||
defaultDataPath: /storage1
|
||||
backupTarget: "s3://yolokube-backups@weur/"
|
||||
backupTarget: "s3://yolokube-backup@weur/"
|
||||
backupTargetCredentialSecret: longhorn-backup-target
|
||||
replicaAutoBalance: best-effort
|
||||
defaultLonghornStaticStorageClass: longhorn
|
||||
|
|
|
@ -1,12 +1,9 @@
|
|||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"dependencyDashboard": true,
|
||||
"enabledManagers": [
|
||||
"argocd",
|
||||
"kubernetes"
|
||||
],
|
||||
"enabledManagers": ["argocd"],
|
||||
"argocd": {
|
||||
"fileMatch": ["^app-files/.*\\.yaml$"]
|
||||
"fileMatch": ["^app-files/core-deployments\\.yaml$"]
|
||||
},
|
||||
"kubernetes": {
|
||||
"enabled": true,
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/instance: sb-server-monitor
|
||||
prometheus: yolokube
|
||||
name: sb-server-monitor
|
|
@ -1,9 +0,0 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/instance: sb-server-monitor
|
||||
app.kubernetes.io/name: sb-server-monitor-exporter
|
||||
name: sb-server-monitor-exporter-service-account
|
||||
namespace: sb-server-monitor
|
|
@ -1,42 +0,0 @@
|
|||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: sb-server-monitor-exporter
|
||||
app.kubernetes.io/instance: sb-server-monitor
|
||||
app.kubernetes.io/name: sb-server-monitor-exporter
|
||||
name: sb-server-monitor-exporter
|
||||
namespace: sb-server-monitor
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: sb-server-monitor-exporter
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: sb-server-monitor-exporter
|
||||
app.kubernetes.io/instance: sb-server-monitor
|
||||
app.kubernetes.io/name: sb-server-monitor-exporter
|
||||
spec:
|
||||
containers:
|
||||
- env:
|
||||
- name: SBSERVERMONITOR_SCRAPE_INTERVAL
|
||||
value: "300"
|
||||
image: git.ar21.de/yolokube/sb-server-monitor:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: sb-server-monitor-exporter
|
||||
ports:
|
||||
- containerPort: 9192
|
||||
name: http-metrics
|
||||
protocol: TCP
|
||||
resources:
|
||||
limits:
|
||||
cpu: "2"
|
||||
memory: 4Gi
|
||||
requests:
|
||||
cpu: 500m
|
||||
memory: 2Gi
|
||||
restartPolicy: Always
|
||||
serviceAccountName: sb-server-monitor-exporter-service-account
|
|
@ -1,19 +0,0 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app: sb-server-monitor-exporter
|
||||
app.kubernetes.io/instance: sb-server-monitor
|
||||
app.kubernetes.io/name: sb-server-monitor-exporter
|
||||
name: sb-server-monitor-exporter
|
||||
namespace: sb-server-monitor
|
||||
spec:
|
||||
ports:
|
||||
- name: http-metrics
|
||||
port: 9192
|
||||
protocol: TCP
|
||||
targetPort: 9192
|
||||
selector:
|
||||
app: sb-server-monitor-exporter
|
||||
type: ClusterIP
|
|
@ -1,28 +0,0 @@
|
|||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
labels:
|
||||
app: sb-server-monitor-exporter
|
||||
app.kubernetes.io/instance: sb-server-monitor
|
||||
app.kubernetes.io/name: sb-server-monitor-exporter
|
||||
name: sb-server-monitor-exporter-servicemonitor
|
||||
namespace: sb-server-monitor
|
||||
spec:
|
||||
attachMetadata:
|
||||
node: false
|
||||
endpoints:
|
||||
- interval: 5m
|
||||
path: /metrics
|
||||
port: http-metrics
|
||||
relabelings:
|
||||
- action: replace
|
||||
sourceLabels:
|
||||
- __meta_kubernetes_endpoint_node_name
|
||||
targetLabel: node
|
||||
scheme: http
|
||||
jobLabel: jobLabel
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/instance: sb-server-monitor
|
||||
app.kubernetes.io/name: sb-server-monitor-exporter
|
|
@ -1,13 +0,0 @@
|
|||
resources:
|
||||
- ./0-namespace.yaml
|
||||
- ./1-service-account.yaml
|
||||
- ./2-deployment.yaml
|
||||
- ./3-service.yaml
|
||||
- ./4-service-monitor.yaml
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
images:
|
||||
- name: git.ar21.de/yolokube/sb-server-monitor
|
||||
newName: git.ar21.de/yolokube/sb-server-monitor
|
||||
newTag: "26"
|
||||
namespace: sb-server-monitor
|
|
@ -22,7 +22,7 @@ spec:
|
|||
fsGroup: 1001
|
||||
containers:
|
||||
- name: querier
|
||||
image: quay.io/thanos/thanos:v0.37.2
|
||||
image: quay.io/thanos/thanos:v0.36.1
|
||||
args:
|
||||
- query
|
||||
- --log.level=info
|
||||
|
@ -63,7 +63,7 @@ spec:
|
|||
cpu: 100m
|
||||
memory: 256Mi
|
||||
limits:
|
||||
cpu: 750m
|
||||
cpu: 500m
|
||||
memory: 2Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
|
|
|
@ -36,7 +36,7 @@ spec:
|
|||
mountPath: /data
|
||||
containers:
|
||||
- name: storegateway
|
||||
image: quay.io/thanos/thanos:v0.37.2
|
||||
image: quay.io/thanos/thanos:v0.36.1
|
||||
securityContext:
|
||||
runAsUser: 1001
|
||||
args:
|
||||
|
@ -78,7 +78,7 @@ spec:
|
|||
memory: 512Mi
|
||||
limits:
|
||||
cpu: 1000m
|
||||
memory: 5Gi
|
||||
memory: 1.5Gi
|
||||
volumeMounts:
|
||||
- name: objstore
|
||||
mountPath: /conf/objstore.yml
|
||||
|
|
|
@ -46,7 +46,7 @@ spec:
|
|||
mountPath: /data
|
||||
containers:
|
||||
- name: compactor
|
||||
image: quay.io/thanos/thanos:v0.37.2
|
||||
image: quay.io/thanos/thanos:v0.36.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsUser: 1001
|
||||
|
@ -85,11 +85,11 @@ spec:
|
|||
timeoutSeconds: 30
|
||||
resources:
|
||||
requests:
|
||||
cpu: 200m
|
||||
cpu: 100m
|
||||
memory: 256Mi
|
||||
limits:
|
||||
cpu: 750m
|
||||
memory: 500Mi
|
||||
cpu: 500m
|
||||
memory: 256Mi
|
||||
volumeMounts:
|
||||
- name: objstore
|
||||
mountPath: /conf/objstore.yml
|
||||
|
|
|
@ -54,18 +54,6 @@ spec:
|
|||
serviceAccount: thanos
|
||||
securityContext:
|
||||
fsGroup: 1001
|
||||
affinity:
|
||||
podAntiAffinity:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
- podAffinityTerm:
|
||||
labelSelector:
|
||||
matchExpressions:
|
||||
- key: app.kubernetes.io/name
|
||||
operator: In
|
||||
values:
|
||||
- receiver
|
||||
topologyKey: kubernetes.io/hostname
|
||||
weight: 1
|
||||
initContainers:
|
||||
- name: init-chmod-data
|
||||
image: docker.io/bitnami/minideb:buster
|
||||
|
@ -83,7 +71,7 @@ spec:
|
|||
mountPath: /data
|
||||
containers:
|
||||
- name: receiver
|
||||
image: quay.io/thanos/thanos:v0.37.2
|
||||
image: quay.io/thanos/thanos:v0.36.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsUser: 1001
|
||||
|
@ -164,7 +152,7 @@ spec:
|
|||
accessModes: [ReadWriteOnce]
|
||||
resources:
|
||||
requests:
|
||||
storage: 40Gi
|
||||
storage: 30Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
|
@ -205,18 +193,6 @@ spec:
|
|||
serviceAccount: thanos
|
||||
securityContext:
|
||||
fsGroup: 1001
|
||||
affinity:
|
||||
podAntiAffinity:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
- podAffinityTerm:
|
||||
labelSelector:
|
||||
matchExpressions:
|
||||
- key: app.kubernetes.io/name
|
||||
operator: In
|
||||
values:
|
||||
- receiver
|
||||
topologyKey: kubernetes.io/hostname
|
||||
weight: 1
|
||||
initContainers:
|
||||
- name: init-chmod-data
|
||||
image: docker.io/bitnami/minideb:buster
|
||||
|
@ -234,7 +210,7 @@ spec:
|
|||
mountPath: /data
|
||||
containers:
|
||||
- name: receiver
|
||||
image: quay.io/thanos/thanos:v0.37.2
|
||||
image: quay.io/thanos/thanos:v0.36.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsUser: 1001
|
||||
|
@ -315,7 +291,7 @@ spec:
|
|||
accessModes: [ReadWriteOnce]
|
||||
resources:
|
||||
requests:
|
||||
storage: 40Gi
|
||||
storage: 30Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- traefik-certmanager.yaml
|
|
@ -1,66 +0,0 @@
|
|||
# from https://github.com/ncsa/traefik-certmanager
|
||||
#
|
||||
# Used to automatically create cert request for IngressRoute Objects
|
||||
#
|
||||
# Added by Aaron
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: traefik-certmanager
|
||||
namespace: traefik
|
||||
---
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: traefik-certmanager
|
||||
rules:
|
||||
- apiGroups: ["traefik.io"]
|
||||
resources: ["ingressroutes"]
|
||||
verbs: ["watch", "patch"]
|
||||
- apiGroups: ["cert-manager.io"]
|
||||
resources: ["certificates"]
|
||||
verbs: ["get", "create", "delete"]
|
||||
---
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: traefik-certmanager
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: traefik-certmanager
|
||||
namespace: traefik
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: traefik-certmanager
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: traefik-certmanager
|
||||
namespace: traefik
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: traefik-certmanager
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: traefik-certmanager
|
||||
spec:
|
||||
serviceAccount: traefik-certmanager
|
||||
containers:
|
||||
- name: traefik-certmanager
|
||||
image: git.ar21.de/yolokube/traefik-certmanager:latest
|
||||
imagePullPolicy: Always
|
||||
env:
|
||||
- name: ISSUER_NAME
|
||||
value: letsencrypt-prod
|
||||
- name: ISSUER_KIND
|
||||
value: ClusterIssuer
|
||||
- name: CERT_CLEANUP
|
||||
value: "true"
|
||||
- name: PATCH_SECRETNAME
|
||||
value: "true"
|
|
@ -1,8 +0,0 @@
|
|||
resources:
|
||||
- ../base
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
images:
|
||||
- name: git.ar21.de/yolokube/traefik-certmanager
|
||||
newName: git.ar21.de/yolokube/traefik-certmanager
|
||||
newTag: "2"
|
13
traefik/dashboard-cert.yaml
Normal file
13
traefik/dashboard-cert.yaml
Normal file
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: traefik-cert
|
||||
namespace: traefik
|
||||
spec:
|
||||
secretName: traefik-tls-key
|
||||
issuerRef:
|
||||
name: letsencrypt-prod
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- traefik.services.yolokube.de
|
|
@ -33,9 +33,6 @@ updateStrategy:
|
|||
maxSurge: 0
|
||||
|
||||
providers:
|
||||
kubernetesIngress:
|
||||
publishedService:
|
||||
enabled: false
|
||||
kubernetesCRD:
|
||||
allowCrossNamespace: true
|
||||
|
||||
|
|
|
@ -16,20 +16,28 @@ spec:
|
|||
port: 9000
|
||||
targetPort: grpc
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
namespace: woodpecker
|
||||
annotations:
|
||||
kubernetes.io/tls-acme: "true"
|
||||
traefik.ingress.kubernetes.io/loadbalancer.server.scheme: h2c
|
||||
traefik.ingress.kubernetes.io/service.serversscheme: h2c
|
||||
name: woodpecker-grpc
|
||||
namespace: woodpecker
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: Host(`woodpecker-grpc.apps.yolokube.de`) && Header(`Content-Type`, `application/grpc`)
|
||||
services:
|
||||
- name: woodpecker-grpc
|
||||
port: grpc
|
||||
scheme: h2c
|
||||
rules:
|
||||
- host: "woodpecker-grpc.apps.yolokube.de"
|
||||
http:
|
||||
paths:
|
||||
- pathType: Prefix
|
||||
path: "/"
|
||||
backend:
|
||||
service:
|
||||
name: woodpecker-grpc
|
||||
port:
|
||||
name: grpc
|
||||
tls:
|
||||
secretName: woodpecker-grpc-tls-key
|
||||
- hosts:
|
||||
- woodpecker-grpc.apps.yolokube.de
|
||||
secretName: woodpecker-grpc-tls-key
|
||||
|
|
|
@ -29,7 +29,6 @@ server:
|
|||
WOODPECKER_LOG_LEVEL: "error"
|
||||
extraSecretNamesForEnvFrom:
|
||||
- woodpecker-forgejo
|
||||
createAgentSecret: false
|
||||
agent:
|
||||
extraSecretNamesForEnvFrom:
|
||||
- woodpecker-forgejo
|
||||
|
@ -37,5 +36,3 @@ agent:
|
|||
env:
|
||||
WOODPECKER_MAX_WORKFLOWS: 2
|
||||
WOODPECKER_BACKEND_K8S_STORAGE_CLASS: 'longhorn-local'
|
||||
WOODPECKER_BACKEND_K8S_VOLUME_SIZE: 2G
|
||||
mapAgentSecret: false
|
||||
|
|
Loading…
Reference in a new issue