diff --git a/plausible/.gitattributes b/plausible/.gitattributes new file mode 100644 index 0000000..4a7f4ca --- /dev/null +++ b/plausible/.gitattributes @@ -0,0 +1 @@ +config/*.env filter=age diff=age merge=age -text diff --git a/plausible/config/plausible.env b/plausible/config/plausible.env new file mode 100644 index 0000000..4e12a8c Binary files /dev/null and b/plausible/config/plausible.env differ diff --git a/plausible/kustomization.yaml b/plausible/kustomization.yaml new file mode 100644 index 0000000..f20a018 --- /dev/null +++ b/plausible/kustomization.yaml @@ -0,0 +1,20 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: plausible + +images: + - name: plausible + newName: ghcr.io/plausible/community-edition + newTag: "v2.1.4" + +resources: + - resources/namespace.yaml + - resources/postgres/db.yaml + - resources/postgres/user.yaml + - resources/deployment.yaml + +secretGenerator: + - name: plausible-config + envs: + - "config/plausible.env" diff --git a/plausible/pw b/plausible/pw deleted file mode 100644 index bbfa239..0000000 --- a/plausible/pw +++ /dev/null @@ -1 +0,0 @@ -ToLqfKE7y4wFvVbz diff --git a/plausible/resources/deployment.yaml b/plausible/resources/deployment.yaml new file mode 100644 index 0000000..39179ac --- /dev/null +++ b/plausible/resources/deployment.yaml @@ -0,0 +1,65 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: plausible +spec: + selector: + matchLabels: + app.kubernetes.io/name: plausible + replicas: 2 + template: + metadata: + labels: + app.kubernetes.io/name: plausible + spec: + containers: + - name: plausible + image: plausible + env: + - name: DATABASE_URL + valueFrom: + secretKeyRef: + name: db-credentials-plausible + key: POSTGRES_URL + envFrom: + - secretRef: + name: plausible-config + ports: + - containerPort: 3000 + protocol: TCP + name: web + volumeMounts: + - mountPath: /var/lib/plausible/tmp + name: temp + resources: + requests: + memory: "256Mi" + cpu: "250m" + limits: + memory: "512Mi" + cpu: "500m" + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + preference: + matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - arm64 + volumes: + - name: temp + emptyDir: + sizeLimit: 1500Mi + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + runAsNonRoot: true diff --git a/plausible/resources/namespace.yaml b/plausible/resources/namespace.yaml new file mode 100644 index 0000000..af4bc3a --- /dev/null +++ b/plausible/resources/namespace.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: plausible + labels: + prometheus: default diff --git a/plausible/resources/postgres/db.yaml b/plausible/resources/postgres/db.yaml new file mode 100644 index 0000000..2436d76 --- /dev/null +++ b/plausible/resources/postgres/db.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: db.movetokube.com/v1alpha1 +kind: Postgres +metadata: + name: plausible +spec: + database: plausible + dropOnDelete: false diff --git a/plausible/resources/postgres/user.yaml b/plausible/resources/postgres/user.yaml new file mode 100644 index 0000000..4f29762 --- /dev/null +++ b/plausible/resources/postgres/user.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: db.movetokube.com/v1alpha1 +kind: PostgresUser +metadata: + name: plausible +spec: + role: plausible + database: plausible + secretName: db-credentials + privileges: OWNER