Compare commits
1 commit
07bff868a3
...
9de688ac1f
| Author | SHA1 | Date | |
|---|---|---|---|
| 9de688ac1f |
66 changed files with 7794 additions and 14837 deletions
argocd
cert-manager
cnpg
kustomization.yaml
resources
coder
contour/crds
dragonfly-operator
ente
fider
forgejo
hcloud
hedgedoc
kube-prometheus
linkwarden
nocodb
s3-csi
umami
vaultwarden
vikunja
zipline
|
|
@ -13,7 +13,7 @@ resources:
|
|||
images:
|
||||
- name: argocd
|
||||
newName: code.icb4dc0.de/infrastructure/images/argocd
|
||||
newTag: v2.12.2
|
||||
newTag: v2.12.0
|
||||
|
||||
labels:
|
||||
- includeSelectors: true
|
||||
|
|
@ -26,7 +26,7 @@ helmCharts:
|
|||
repo: https://argoproj.github.io/argo-helm
|
||||
releaseName: argo-cd
|
||||
namespace: argo-system
|
||||
version: "7.4.5"
|
||||
version: "7.4.1"
|
||||
valuesFile: config/values.argo-cd.yaml
|
||||
apiVersions:
|
||||
- monitoring.coreos.com/v1
|
||||
|
|
@ -12,7 +12,7 @@ resources:
|
|||
helmCharts:
|
||||
- name: cert-manager
|
||||
repo: https://charts.jetstack.io
|
||||
version: "v1.15.3"
|
||||
version: "v1.15.2"
|
||||
releaseName: cert-manager
|
||||
namespace: kube-system
|
||||
valuesFile: config/values.cert-manager.yaml
|
||||
|
|
|
|||
|
|
@ -6,17 +6,14 @@ resources:
|
|||
- resources/secrets/ext-pgo-admin.yaml
|
||||
- resources/secrets/cnpg-backup-creds.yaml
|
||||
- resources/cluster.yaml
|
||||
- resources/backup.yaml
|
||||
- resources/pool.yaml
|
||||
|
||||
helmCharts:
|
||||
- releaseName: cnpg
|
||||
name: cloudnative-pg
|
||||
repo: https://cloudnative-pg.github.io/charts
|
||||
version: 0.22.0
|
||||
version: 0.21.6
|
||||
valuesFile: config/values.cnpg.yaml
|
||||
namespace: postgres-system
|
||||
includeCRDs: true
|
||||
|
||||
- releaseName: ext-pgo
|
||||
name: ext-postgres-operator
|
||||
|
|
@ -24,4 +21,3 @@ helmCharts:
|
|||
version: 1.2.6
|
||||
valuesFile: config/values.ext-pgo.yaml
|
||||
namespace: postgres
|
||||
includeCRDs: true
|
||||
|
|
|
|||
|
|
@ -1,11 +0,0 @@
|
|||
---
|
||||
apiVersion: postgresql.cnpg.io/v1
|
||||
kind: ScheduledBackup
|
||||
metadata:
|
||||
name: daily-backup
|
||||
namespace: postgres
|
||||
spec:
|
||||
schedule: "0 1 * * *"
|
||||
backupOwnerReference: self
|
||||
cluster:
|
||||
name: app-cluster
|
||||
|
|
@ -6,22 +6,13 @@ metadata:
|
|||
spec:
|
||||
instances: 2
|
||||
|
||||
postgresql:
|
||||
parameters:
|
||||
max_connections: "150"
|
||||
|
||||
managed:
|
||||
roles:
|
||||
- name: ext_pgo_admin
|
||||
ensure: present
|
||||
login: true
|
||||
superuser: true
|
||||
createrole: true
|
||||
createdb: true
|
||||
inherit: true
|
||||
connectionLimit: -1
|
||||
passwordSecret:
|
||||
name: ext-pgo-admin
|
||||
|
||||
storage:
|
||||
size: 10Gi
|
||||
|
|
@ -29,8 +20,7 @@ spec:
|
|||
|
||||
backup:
|
||||
barmanObjectStore:
|
||||
destinationPath: "s3://cnpg/app-cluster/"
|
||||
endpointURL: "http://garage.garage.svc:3900"
|
||||
destinationPath: cnpg
|
||||
s3Credentials:
|
||||
accessKeyId:
|
||||
name: cnpg-backup-creds
|
||||
|
|
@ -38,20 +28,15 @@ spec:
|
|||
secretAccessKey:
|
||||
name: cnpg-backup-creds
|
||||
key: ACCESS_SECRET_KEY
|
||||
region:
|
||||
name: cnpg-backup-creds
|
||||
key: AWS_REGION
|
||||
wal:
|
||||
compression: snappy
|
||||
retentionPolicy: "30d"
|
||||
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 600Mi
|
||||
memory: 400Mi
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 900Mi
|
||||
memory: 800Mi
|
||||
|
||||
affinity:
|
||||
enablePodAntiAffinity: true
|
||||
|
|
|
|||
|
|
@ -1,18 +0,0 @@
|
|||
apiVersion: postgresql.cnpg.io/v1
|
||||
kind: Pooler
|
||||
metadata:
|
||||
name: app-cluster-pooler-rw
|
||||
namespace: postgres
|
||||
spec:
|
||||
cluster:
|
||||
name: app-cluster
|
||||
|
||||
instances: 3
|
||||
type: rw
|
||||
pgbouncer:
|
||||
poolMode: session
|
||||
parameters:
|
||||
max_client_conn: "1000"
|
||||
default_pool_size: "10"
|
||||
monitoring:
|
||||
enablePodMonitor: true
|
||||
Binary file not shown.
Binary file not shown.
|
|
@ -10,8 +10,8 @@ coder:
|
|||
- name: CODER_PG_CONNECTION_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: coder-db-credentials-coder
|
||||
key: PQ_URL
|
||||
name: default-cluster-pguser-coder
|
||||
key: uri
|
||||
- name: CODER_DISABLE_PASSWORD_AUTH
|
||||
value: "true"
|
||||
- name: CODER_OIDC_ISSUER_URL
|
||||
|
|
|
|||
|
|
@ -7,14 +7,12 @@ resources:
|
|||
- "resources/namespace.yaml"
|
||||
- "resources/http_routes.yaml"
|
||||
- "resources/secret.yaml"
|
||||
- "resources/db/db.yaml"
|
||||
- "resources/db/user.yaml"
|
||||
|
||||
helmCharts:
|
||||
- name: coder
|
||||
repo: https://helm.coder.com/v2
|
||||
releaseName: coder
|
||||
namespace: coder
|
||||
version: "2.14.2"
|
||||
version: "2.13.3"
|
||||
valuesFile: config/values.coder.yml
|
||||
skipTests: true
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: coder
|
||||
spec:
|
||||
database: coder
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: coder
|
||||
spec:
|
||||
role: coder
|
||||
database: coder
|
||||
secretName: coder-db-credentials
|
||||
privileges: OWNER
|
||||
secretTemplate:
|
||||
PQ_URL: "postgresql://{{.Role}}:{{.Password}}@{{.Host}}:5432/{{.Database}}?sslmode=require&search_path=coder"
|
||||
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: contourconfigurations.projectcontour.io
|
||||
spec:
|
||||
preserveUnknownFields: false
|
||||
|
|
@ -120,12 +120,6 @@ spec:
|
|||
defaults to 3.
|
||||
format: int32
|
||||
type: integer
|
||||
perHostMaxConnections:
|
||||
description: |-
|
||||
PerHostMaxConnections is the maximum number of connections
|
||||
that Envoy will allow to each individual host in a cluster.
|
||||
format: int32
|
||||
type: integer
|
||||
type: object
|
||||
dnsLookupFamily:
|
||||
description: |-
|
||||
|
|
@ -606,9 +600,9 @@ spec:
|
|||
description: |-
|
||||
FeatureFlags defines toggle to enable new contour features.
|
||||
Available toggles are:
|
||||
useEndpointSlices - Configures contour to fetch endpoint data
|
||||
from k8s endpoint slices. defaults to true,
|
||||
If false then reads endpoint data from the k8s endpoints.
|
||||
useEndpointSlices - configures contour to fetch endpoint data
|
||||
from k8s endpoint slices. defaults to false and reading endpoint
|
||||
data from the k8s endpoints.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
|
|
@ -1147,10 +1141,8 @@ spec:
|
|||
type:
|
||||
description: |-
|
||||
Defines the XDSServer to use for `contour serve`.
|
||||
Values: `envoy` (default), `contour (deprecated)`.
|
||||
Values: `contour` (default), `envoy`.
|
||||
Other values will produce an error.
|
||||
Deprecated: this field will be removed in a future release when
|
||||
the `contour` xDS server implementation is removed.
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
|
|
@ -1368,7 +1360,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: contourdeployments.projectcontour.io
|
||||
spec:
|
||||
preserveUnknownFields: false
|
||||
|
|
@ -1822,8 +1814,6 @@ spec:
|
|||
to container and the other way around.
|
||||
When not set, MountPropagationNone is used.
|
||||
This field is beta in 1.10.
|
||||
When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
|
||||
(which defaults to None).
|
||||
type: string
|
||||
name:
|
||||
description: This must match the Name of a Volume.
|
||||
|
|
@ -1833,21 +1823,6 @@ spec:
|
|||
Mounted read-only if true, read-write otherwise (false or unspecified).
|
||||
Defaults to false.
|
||||
type: boolean
|
||||
recursiveReadOnly:
|
||||
description: |-
|
||||
RecursiveReadOnly specifies whether read-only mounts should be handled
|
||||
recursively.
|
||||
If ReadOnly is false, this field has no meaning and must be unspecified.
|
||||
If ReadOnly is true, and this field is set to Disabled, the mount is not made
|
||||
recursively read-only. If this field is set to IfPossible, the mount is made
|
||||
recursively read-only, if it is supported by the container runtime. If this
|
||||
field is set to Enabled, the mount is made recursively read-only if it is
|
||||
supported by the container runtime, otherwise the pod will not be started and
|
||||
an error will be generated to indicate the reason.
|
||||
If this field is set to IfPossible or Enabled, MountPropagation must be set to
|
||||
None (or be unspecified, which defaults to None).
|
||||
If this field is not specified, it is treated as an equivalent of Disabled.
|
||||
type: string
|
||||
subPath:
|
||||
description: |-
|
||||
Path within the volume from which the container's volume should be mounted.
|
||||
|
|
@ -1975,7 +1950,6 @@ spec:
|
|||
items:
|
||||
type: string
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
path:
|
||||
description: 'path is Optional: Used as the mounted
|
||||
root, rather than the full Ceph tree, default is /'
|
||||
|
|
@ -1997,15 +1971,10 @@ spec:
|
|||
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
|
||||
properties:
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
type: string
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
|
|
@ -2041,15 +2010,10 @@ spec:
|
|||
to OpenStack.
|
||||
properties:
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
type: string
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
|
|
@ -2114,17 +2078,11 @@ spec:
|
|||
- path
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
type: string
|
||||
optional:
|
||||
description: optional specify whether the ConfigMap
|
||||
|
|
@ -2157,15 +2115,10 @@ spec:
|
|||
secret object contains more than one secret, all secret references are passed.
|
||||
properties:
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
type: string
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
|
|
@ -2209,8 +2162,8 @@ spec:
|
|||
properties:
|
||||
fieldRef:
|
||||
description: 'Required: Selects a field of the
|
||||
pod: only annotations, labels, name, namespace
|
||||
and uid are supported.'
|
||||
pod: only annotations, labels, name and namespace
|
||||
are supported.'
|
||||
properties:
|
||||
apiVersion:
|
||||
description: Version of the schema the FieldPath
|
||||
|
|
@ -2269,7 +2222,6 @@ spec:
|
|||
- path
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
type: object
|
||||
emptyDir:
|
||||
description: |-
|
||||
|
|
@ -2361,7 +2313,6 @@ spec:
|
|||
items:
|
||||
type: string
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
dataSource:
|
||||
description: |-
|
||||
dataSource field can be used to specify either:
|
||||
|
|
@ -2506,13 +2457,11 @@ spec:
|
|||
items:
|
||||
type: string
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
matchLabels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
|
|
@ -2540,7 +2489,7 @@ spec:
|
|||
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
|
||||
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
|
||||
exists.
|
||||
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
|
||||
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
|
||||
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
|
||||
type: string
|
||||
volumeMode:
|
||||
|
|
@ -2584,7 +2533,6 @@ spec:
|
|||
items:
|
||||
type: string
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
wwids:
|
||||
description: |-
|
||||
wwids Optional: FC volume world wide identifiers (wwids)
|
||||
|
|
@ -2592,7 +2540,6 @@ spec:
|
|||
items:
|
||||
type: string
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
type: object
|
||||
flexVolume:
|
||||
description: |-
|
||||
|
|
@ -2629,15 +2576,10 @@ spec:
|
|||
scripts.
|
||||
properties:
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
type: string
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
|
|
@ -2818,7 +2760,6 @@ spec:
|
|||
items:
|
||||
type: string
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
readOnly:
|
||||
description: |-
|
||||
readOnly here will force the ReadOnly setting in VolumeMounts.
|
||||
|
|
@ -2829,15 +2770,10 @@ spec:
|
|||
target and initiator authentication
|
||||
properties:
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
type: string
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
|
|
@ -3008,13 +2944,11 @@ spec:
|
|||
items:
|
||||
type: string
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
matchLabels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
|
|
@ -3093,17 +3027,11 @@ spec:
|
|||
- path
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
type: string
|
||||
optional:
|
||||
description: optional specify whether the
|
||||
|
|
@ -3126,7 +3054,7 @@ spec:
|
|||
fieldRef:
|
||||
description: 'Required: Selects a field
|
||||
of the pod: only annotations, labels,
|
||||
name, namespace and uid are supported.'
|
||||
name and namespace are supported.'
|
||||
properties:
|
||||
apiVersion:
|
||||
description: Version of the schema
|
||||
|
|
@ -3190,7 +3118,6 @@ spec:
|
|||
- path
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
type: object
|
||||
secret:
|
||||
description: secret information about the secret
|
||||
|
|
@ -3234,17 +3161,11 @@ spec:
|
|||
- path
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
type: string
|
||||
optional:
|
||||
description: optional field specify whether
|
||||
|
|
@ -3283,7 +3204,6 @@ spec:
|
|||
type: object
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
type: object
|
||||
quobyte:
|
||||
description: quobyte represents a Quobyte mount on the host
|
||||
|
|
@ -3354,7 +3274,6 @@ spec:
|
|||
items:
|
||||
type: string
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
pool:
|
||||
description: |-
|
||||
pool is the rados pool name.
|
||||
|
|
@ -3375,15 +3294,10 @@ spec:
|
|||
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
|
||||
properties:
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
type: string
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
|
|
@ -3427,15 +3341,10 @@ spec:
|
|||
sensitive information. If this is not provided, Login operation will fail.
|
||||
properties:
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
type: string
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
|
|
@ -3520,7 +3429,6 @@ spec:
|
|||
- path
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
optional:
|
||||
description: optional field specify whether the Secret
|
||||
or its keys must be defined
|
||||
|
|
@ -3552,15 +3460,10 @@ spec:
|
|||
credentials. If not specified, default values will be attempted.
|
||||
properties:
|
||||
name:
|
||||
default: ""
|
||||
description: |-
|
||||
Name of the referent.
|
||||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
type: string
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
|
|
@ -3902,12 +3805,6 @@ spec:
|
|||
Service; defaults to 3.
|
||||
format: int32
|
||||
type: integer
|
||||
perHostMaxConnections:
|
||||
description: |-
|
||||
PerHostMaxConnections is the maximum number of connections
|
||||
that Envoy will allow to each individual host in a cluster.
|
||||
format: int32
|
||||
type: integer
|
||||
type: object
|
||||
dnsLookupFamily:
|
||||
description: |-
|
||||
|
|
@ -4388,9 +4285,9 @@ spec:
|
|||
description: |-
|
||||
FeatureFlags defines toggle to enable new contour features.
|
||||
Available toggles are:
|
||||
useEndpointSlices - Configures contour to fetch endpoint data
|
||||
from k8s endpoint slices. defaults to true,
|
||||
If false then reads endpoint data from the k8s endpoints.
|
||||
useEndpointSlices - configures contour to fetch endpoint data
|
||||
from k8s endpoint slices. defaults to false and reading endpoint
|
||||
data from the k8s endpoints.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
|
|
@ -4931,10 +4828,8 @@ spec:
|
|||
type:
|
||||
description: |-
|
||||
Defines the XDSServer to use for `contour serve`.
|
||||
Values: `envoy` (default), `contour (deprecated)`.
|
||||
Values: `contour` (default), `envoy`.
|
||||
Other values will produce an error.
|
||||
Deprecated: this field will be removed in a future release when
|
||||
the `contour` xDS server implementation is removed.
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
|
|
@ -5028,7 +4923,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: extensionservices.projectcontour.io
|
||||
spec:
|
||||
preserveUnknownFields: false
|
||||
|
|
@ -5073,39 +4968,6 @@ spec:
|
|||
description: ExtensionServiceSpec defines the desired state of an ExtensionService
|
||||
resource.
|
||||
properties:
|
||||
circuitBreakerPolicy:
|
||||
description: |-
|
||||
CircuitBreakerPolicy specifies the circuit breaker budget across the extension service.
|
||||
If defined this overrides the global circuit breaker budget.
|
||||
properties:
|
||||
maxConnections:
|
||||
description: The maximum number of connections that a single Envoy
|
||||
instance allows to the Kubernetes Service; defaults to 1024.
|
||||
format: int32
|
||||
type: integer
|
||||
maxPendingRequests:
|
||||
description: The maximum number of pending requests that a single
|
||||
Envoy instance allows to the Kubernetes Service; defaults to
|
||||
1024.
|
||||
format: int32
|
||||
type: integer
|
||||
maxRequests:
|
||||
description: The maximum parallel requests a single Envoy instance
|
||||
allows to the Kubernetes Service; defaults to 1024
|
||||
format: int32
|
||||
type: integer
|
||||
maxRetries:
|
||||
description: The maximum number of parallel retries a single Envoy
|
||||
instance allows to the Kubernetes Service; defaults to 3.
|
||||
format: int32
|
||||
type: integer
|
||||
perHostMaxConnections:
|
||||
description: |-
|
||||
PerHostMaxConnections is the maximum number of connections
|
||||
that Envoy will allow to each individual host in a cluster.
|
||||
format: int32
|
||||
type: integer
|
||||
type: object
|
||||
loadBalancerPolicy:
|
||||
description: |-
|
||||
The policy for load balancing GRPC service requests. Note that the
|
||||
|
|
@ -5509,7 +5371,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: httpproxies.projectcontour.io
|
||||
spec:
|
||||
preserveUnknownFields: false
|
||||
|
|
@ -8364,7 +8226,6 @@ spec:
|
|||
x-kubernetes-list-type: atomic
|
||||
type: object
|
||||
type: array
|
||||
x-kubernetes-list-type: atomic
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
|
|
@ -8380,7 +8241,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.14.0
|
||||
name: tlscertificatedelegations.projectcontour.io
|
||||
spec:
|
||||
preserveUnknownFields: false
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -9,7 +9,7 @@ images:
|
|||
newTag: v0.16.0
|
||||
- name: dragonfly-operator
|
||||
newName: docker.dragonflydb.io/dragonflydb/operator
|
||||
newTag: v1.1.7
|
||||
newTag: v1.1.6
|
||||
|
||||
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -10,10 +10,10 @@ images:
|
|||
newTag: cdbf8c5f0971cb383df03c6b2f72ffb85387beef
|
||||
- name: photos
|
||||
newName: code.icb4dc0.de/infrastructure/images/ente/photos
|
||||
newTag: v0.9.27
|
||||
newTag: v0.9.16
|
||||
- name: cast
|
||||
newName: code.icb4dc0.de/infrastructure/images/ente/cast
|
||||
newTag: v0.9.27
|
||||
newTag: v0.9.16
|
||||
|
||||
labels:
|
||||
- includeSelectors: true
|
||||
|
|
@ -23,8 +23,6 @@ labels:
|
|||
|
||||
resources:
|
||||
- resources/namespace.yaml
|
||||
- resources/museum/db/db.yaml
|
||||
- resources/museum/db/user.yaml
|
||||
- resources/museum/deployment.yaml
|
||||
- resources/museum/service.yaml
|
||||
- resources/photos/deployment.yaml
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: ente
|
||||
spec:
|
||||
database: ente
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: ente
|
||||
spec:
|
||||
role: ente
|
||||
database: ente-ente
|
||||
secretName: ente-db-credentials
|
||||
privileges: OWNER
|
||||
|
|
@ -23,23 +23,23 @@ spec:
|
|||
- name: ENTE_DB_HOST
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ente-db-credentials-ente-ente
|
||||
key: HOST
|
||||
name: default-cluster-pguser-ente
|
||||
key: host
|
||||
- name: ENTE_DB_NAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ente-db-credentials-ente-ente
|
||||
key: DATABASE_NAME
|
||||
name: default-cluster-pguser-ente
|
||||
key: dbname
|
||||
- name: ENTE_DB_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ente-db-credentials-ente-ente
|
||||
key: LOGIN
|
||||
name: default-cluster-pguser-ente
|
||||
key: user
|
||||
- name: ENTE_DB_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ente-db-credentials-ente-ente
|
||||
key: PASSWORD
|
||||
name: default-cluster-pguser-ente
|
||||
key: password
|
||||
- name: ENTE_DB_SSLMODE
|
||||
value: require
|
||||
resources:
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -11,8 +11,6 @@ labels:
|
|||
|
||||
resources:
|
||||
- "resources/namespace.yaml"
|
||||
- "resources/db/db.yaml"
|
||||
- "resources/db/user.yaml"
|
||||
- "resources/deployment.yaml"
|
||||
- "resources/service.yaml"
|
||||
- "resources/http_routes.yaml"
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: fider
|
||||
spec:
|
||||
database: fider
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: fider
|
||||
spec:
|
||||
role: fider
|
||||
database: fider
|
||||
secretName: db-credentials
|
||||
privileges: OWNER
|
||||
secretTemplate:
|
||||
PQ_URL: "postgresql://{{.Role}}:{{.Password}}@app-cluster-pooler-rw.postgres.svc:5432/{{.Database}}?sslmode=require"
|
||||
|
|
@ -26,11 +26,6 @@ spec:
|
|||
valueFrom:
|
||||
resourceFieldRef:
|
||||
resource: limits.memory
|
||||
- name: DATABASE_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: db-credentials-fider
|
||||
key: PQ_URL
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: fider-config
|
||||
|
|
|
|||
|
|
@ -28,56 +28,10 @@ spec:
|
|||
parentRefs:
|
||||
- name: contour
|
||||
namespace: projectcontour
|
||||
sectionName: https
|
||||
hostnames:
|
||||
- fider.icb4dc0.de
|
||||
rules:
|
||||
- backendRefs:
|
||||
- name: fider
|
||||
port: 3000
|
||||
---
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
name: fider-login-https
|
||||
spec:
|
||||
parentRefs:
|
||||
- name: contour
|
||||
namespace: projectcontour
|
||||
sectionName: fider-login
|
||||
hostnames:
|
||||
- fider.icb4dc0.de
|
||||
rules:
|
||||
- backendRefs:
|
||||
- name: fider
|
||||
port: 3000
|
||||
---
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
name: inetmock-fider-https
|
||||
spec:
|
||||
parentRefs:
|
||||
- name: contour
|
||||
namespace: projectcontour
|
||||
sectionName: inetmock-fider-community
|
||||
hostnames:
|
||||
- community.inetmock.icb4dc0.de
|
||||
rules:
|
||||
- backendRefs:
|
||||
- name: fider
|
||||
port: 3000
|
||||
---
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
name: buildr-fider-https
|
||||
spec:
|
||||
parentRefs:
|
||||
- name: contour
|
||||
namespace: projectcontour
|
||||
sectionName: buildr-fider-community
|
||||
hostnames:
|
||||
- login.fider.icb4dc0.de
|
||||
- community.buildr.icb4dc0.de
|
||||
- community.inetmock.icb4dc0.de
|
||||
rules:
|
||||
- backendRefs:
|
||||
|
|
|
|||
|
|
@ -91,9 +91,9 @@ gitea:
|
|||
STORAGE_TYPE: minio
|
||||
database:
|
||||
DB_TYPE: postgres
|
||||
HOST: app-cluster-pooler-rw.postgres.svc
|
||||
HOST: default-cluster-primary.postgres.svc
|
||||
NAME: forgejo
|
||||
USER: forgejo-6a95jj
|
||||
USER: forgejo
|
||||
SSL_MODE: require
|
||||
log_sql: "false"
|
||||
cache:
|
||||
|
|
|
|||
|
|
@ -12,14 +12,12 @@ labels:
|
|||
images:
|
||||
- name: act_runner
|
||||
newName: code.forgejo.org/forgejo/runner
|
||||
newTag: "3.5.1"
|
||||
newTag: "3.5.0"
|
||||
- name: dind
|
||||
newName: docker
|
||||
newTag: 27.1.2-dind
|
||||
newTag: 27.1.1-dind
|
||||
|
||||
resources:
|
||||
- resources/db/db.yaml
|
||||
- resources/db/user.yaml
|
||||
- resources/secrets/admin-credentials.yaml
|
||||
- resources/secrets/infra-credentials.yaml
|
||||
- resources/secrets/meili-credentials.yaml
|
||||
|
|
@ -48,7 +46,7 @@ helmCharts:
|
|||
repo: oci://codeberg.org/forgejo-contrib
|
||||
releaseName: forgejo
|
||||
namespace: forgejo
|
||||
version: "8.2.0"
|
||||
version: "8.1.0"
|
||||
valuesFile: config/values.forgejo.yaml
|
||||
skipTests: true
|
||||
apiVersions:
|
||||
|
|
@ -57,6 +55,6 @@ helmCharts:
|
|||
repo: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
releaseName: forgejo-indexer
|
||||
namespace: forgejo
|
||||
version: "0.9.1"
|
||||
version: "0.8.0"
|
||||
valuesFile: config/values.meilisearch.yaml
|
||||
skipTests: true
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: forgejo
|
||||
spec:
|
||||
database: forgejo
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: forgejo
|
||||
spec:
|
||||
role: forgejo
|
||||
database: forgejo
|
||||
secretName: forgejo-db-credentials
|
||||
privileges: OWNER
|
||||
Binary file not shown.
|
|
@ -19,5 +19,5 @@ helmCharts:
|
|||
repo: https://charts.hetzner.cloud
|
||||
releaseName: hcloud-csi-driver
|
||||
namespace: kube-system
|
||||
version: "2.9.0"
|
||||
version: "2.8.0"
|
||||
valuesFile: config/values.csi.yaml
|
||||
|
|
@ -16,8 +16,6 @@ labels:
|
|||
|
||||
resources:
|
||||
- "resources/namespace.yaml"
|
||||
- "resources/db/db.yaml"
|
||||
- "resources/db/user.yaml"
|
||||
- "resources/deployment.yaml"
|
||||
- "resources/service.yaml"
|
||||
- "resources/http_routes.yaml"
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: hedgedoc
|
||||
spec:
|
||||
database: hedgedoc
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: hedgedoc
|
||||
spec:
|
||||
role: hedgedoc
|
||||
database: hedgedoc
|
||||
secretName: db-credentials
|
||||
privileges: OWNER
|
||||
secretTemplate:
|
||||
PQ_URL: "postgresql://{{.Role}}:{{.Password}}@app-cluster-pooler-rw.postgres.svc:5432/{{.Database}}?sslmode=require"
|
||||
|
|
@ -19,8 +19,8 @@ spec:
|
|||
- name: CMD_DB_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: db-credentials-hedgedoc
|
||||
key: PQ_URL
|
||||
name: default-cluster-pguser-hedgedoc
|
||||
key: uri
|
||||
- name: NODE_EXTRA_CA_CERTS
|
||||
value: /certs/ca.crt
|
||||
envFrom:
|
||||
|
|
|
|||
|
|
@ -15,9 +15,24 @@ prometheus:
|
|||
retention: 7d
|
||||
nodeSelector:
|
||||
kubernetes.io/arch: arm64
|
||||
serviceMonitorSelectorNilUsesHelmValues: false
|
||||
podMonitorSelectorNilUsesHelmValues: false
|
||||
ruleSelectorNilUsesHelmValues: false
|
||||
serviceMonitorNamespaceSelector:
|
||||
matchLabels:
|
||||
prometheus: default
|
||||
serviceMonitorSelector:
|
||||
matchLabels:
|
||||
prometheus: default
|
||||
ruleSelector:
|
||||
matchLabels:
|
||||
prometheus: default
|
||||
ruleNamespaceSelector:
|
||||
matchLabels:
|
||||
prometheus: default
|
||||
podMonitorSelector:
|
||||
matchLabels:
|
||||
prometheus: default
|
||||
podMonitorNamespaceSelector:
|
||||
matchLabels:
|
||||
prometheus: default
|
||||
resources:
|
||||
requests:
|
||||
memory: 1500Mi
|
||||
|
|
@ -74,17 +89,17 @@ grafana:
|
|||
enabled: false
|
||||
envFromSecrets:
|
||||
- name: grafana-auth
|
||||
- name: db-credentials-grafana
|
||||
- name: grafana-db
|
||||
grafana.ini:
|
||||
server:
|
||||
domain: grafana.icb4dc0.de
|
||||
root_url: "https://%(domain)s"
|
||||
database:
|
||||
type: postgres
|
||||
host: app-cluster-pooler-rw.postgres.svc:5432
|
||||
name: "${DATABASE_NAME}"
|
||||
user: "${LOGIN}"
|
||||
password: "${PASSWORD}"
|
||||
host: default-cluster-primary.postgres.svc:5432
|
||||
name: grafana
|
||||
user: "${GF_DB_USER}"
|
||||
password: "${GF_DB_PASSWORD}"
|
||||
ssl_mode: require
|
||||
auth:
|
||||
disable_login_form: true
|
||||
|
|
|
|||
|
|
@ -7,8 +7,6 @@ resources:
|
|||
- resources/secret.grafana-admin.yaml
|
||||
- resources/secret.auth.yaml
|
||||
- resources/secret.db.yaml
|
||||
- resources/db/db.yaml
|
||||
- resources/db/user.yaml
|
||||
- resources/http_routes.grafana.yaml
|
||||
|
||||
helmCharts:
|
||||
|
|
@ -17,5 +15,5 @@ helmCharts:
|
|||
includeCRDs: true
|
||||
namespace: observability-system
|
||||
releaseName: prometheus
|
||||
version: "62.3.0"
|
||||
version: "61.7.1"
|
||||
valuesFile: config/values.prometheus.yaml
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: grafana
|
||||
spec:
|
||||
database: grafana
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: grafana
|
||||
spec:
|
||||
role: grafana
|
||||
database: grafana
|
||||
secretName: db-credentials
|
||||
privileges: OWNER
|
||||
|
|
@ -11,12 +11,10 @@ labels:
|
|||
images:
|
||||
- name: linkwarden
|
||||
newName: ghcr.io/linkwarden/linkwarden
|
||||
newTag: "v2.7.1"
|
||||
newTag: "v2.6.2"
|
||||
|
||||
resources:
|
||||
- "resources/namespace.yaml"
|
||||
- "resources/db/db.yaml"
|
||||
- "resources/db/user.yaml"
|
||||
- "resources/deployment.yaml"
|
||||
- "resources/service.yaml"
|
||||
- "resources/http_routes.yaml"
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: linkwarden
|
||||
spec:
|
||||
database: linkwarden
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,13 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: linkwarden
|
||||
spec:
|
||||
role: linkwarden
|
||||
database: linkwarden
|
||||
secretName: db-credentials
|
||||
privileges: OWNER
|
||||
secretTemplate:
|
||||
PQ_URL: "postgresql://{{.Role}}:{{.Password}}@app-cluster-pooler-rw.postgres.svc:5432/{{.Database}}?sslmode=require&pgbouncer=true"
|
||||
PQ_MIGRATE_URL: "postgresql://{{.Role}}:{{.Password}}@{{.Host}}:5432/{{.Database}}?sslmode=require"
|
||||
|
|
@ -30,8 +30,8 @@ spec:
|
|||
- name: DATABASE_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: db-credentials-linkwarden
|
||||
key: PQ_MIGRATE_URL
|
||||
name: default-cluster-pguser-linkwarden
|
||||
key: uri
|
||||
containers:
|
||||
- name: linkwarden
|
||||
image: linkwarden
|
||||
|
|
@ -41,8 +41,8 @@ spec:
|
|||
- name: DATABASE_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: db-credentials-linkwarden
|
||||
key: PQ_URL
|
||||
name: default-cluster-pguser-linkwarden
|
||||
key: uri
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: linkwarden-config
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -6,7 +6,7 @@ namespace: nocodb
|
|||
images:
|
||||
- name: nocodb
|
||||
newName: docker.io/nocodb/nocodb
|
||||
newTag: 0.255.0
|
||||
newTag: 0.251.3
|
||||
|
||||
labels:
|
||||
- includeSelectors: true
|
||||
|
|
@ -16,8 +16,6 @@ labels:
|
|||
|
||||
resources:
|
||||
- resources/namespace.yaml
|
||||
- resources/db/db.yaml
|
||||
- resources/db/user.yaml
|
||||
- resources/dragonfly.yaml
|
||||
- resources/pvc.yaml
|
||||
- resources/deployment.yaml
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: noco
|
||||
spec:
|
||||
database: noco
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: noco
|
||||
spec:
|
||||
role: noco
|
||||
database: noco
|
||||
secretName: db-credentials
|
||||
privileges: OWNER
|
||||
secretTemplate:
|
||||
NC_DB_JSON: '{"client": "pg","connection": {"host": "app-cluster-pooler-rw.postgres.svc","port": 5432,"user": "{{.Role}}","password": "{{.Password}}","database": "{{.Database}}","ssl": {"ca": "-----BEGIN CERTIFICATE-----\nMIIBkjCCATigAwIBAgIQDfi4fTFY2eKrhN88nKEUDTAKBggqhkjOPQQDAjApMREw\nDwYDVQQLEwhwb3N0Z3JlczEUMBIGA1UEAxMLYXBwLWNsdXN0ZXIwHhcNMjQwODE0\nMTg0MzIzWhcNMjQxMTEyMTg0MzIzWjApMREwDwYDVQQLEwhwb3N0Z3JlczEUMBIG\nA1UEAxMLYXBwLWNsdXN0ZXIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQotXOi\nx9tfnUaG7A6T6x5YuBgKCvBAGw7q0C0teHWRIxSaoaiD6KV21juVpAgKoZckXA8x\niZW0GUHOoAUrCV7Ao0IwQDAOBgNVHQ8BAf8EBAMCAgQwDwYDVR0TAQH/BAUwAwEB\n/zAdBgNVHQ4EFgQUuMEs3ztFClbC2agTqXkfkB1GHjkwCgYIKoZIzj0EAwIDSAAw\nRQIgK6FHhGYZ/FwxG8dDq2czVLvLCs+yozZZhNuhZBeT8v0CIQDhwRgJNeMxKtRS\nu3ziF4E4aniICEqa/To3Lvaa1cJJiQ==\n-----END CERTIFICATE-----","key": "","cert": "","rejectUnauthorized": false}}}'
|
||||
|
|
@ -19,12 +19,6 @@ spec:
|
|||
containers:
|
||||
- name: nocodb
|
||||
image: nocodb
|
||||
env:
|
||||
- name: NC_DB_JSON
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: db-credentials-noco
|
||||
key: NC_DB_JSON
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: nocodb-config
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ images:
|
|||
newTag: v2.10.1
|
||||
- name: provisioner
|
||||
newName: registry.k8s.io/sig-storage/csi-provisioner
|
||||
newTag: v5.1.0
|
||||
newTag: v5.0.2
|
||||
- name: csi
|
||||
newName: code.icb4dc0.de/infrastructure/csi-s3
|
||||
newTag: 0.38.3
|
||||
|
|
|
|||
|
|
@ -16,8 +16,6 @@ labels:
|
|||
|
||||
resources:
|
||||
- "resources/namespace.yaml"
|
||||
- "resources/db/db.yaml"
|
||||
- "resources/db/user.yaml"
|
||||
- "resources/deployment.yaml"
|
||||
- "resources/service.yaml"
|
||||
- "resources/http_route.yaml"
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: umami
|
||||
spec:
|
||||
database: umami
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: umami
|
||||
spec:
|
||||
role: umami
|
||||
database: umami
|
||||
secretName: db-credentials
|
||||
privileges: OWNER
|
||||
secretTemplate:
|
||||
PQ_URL: "postgresql://{{.Role}}:{{.Password}}@{{.Host}}:5432/{{.Database}}"
|
||||
|
|
@ -25,8 +25,8 @@ spec:
|
|||
- name: DATABASE_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: db-credentials-umami
|
||||
key: PQ_URL
|
||||
name: default-cluster-pguser-umami
|
||||
key: uri
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: umami-config
|
||||
|
|
@ -53,8 +53,8 @@ spec:
|
|||
- name: DATABASE_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: db-credentials-umami
|
||||
key: PQ_URL
|
||||
name: default-cluster-pguser-umami
|
||||
key: uri
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: umami-config
|
||||
|
|
|
|||
|
|
@ -12,12 +12,10 @@ labels:
|
|||
images:
|
||||
- name: vaultwarden
|
||||
newName: ghcr.io/dani-garcia/vaultwarden
|
||||
newTag: "1.32.0-alpine"
|
||||
newTag: "1.31.0-alpine"
|
||||
|
||||
resources:
|
||||
- "resources/namespace.yaml"
|
||||
- "resources/db/db.yaml"
|
||||
- "resources/db/user.yaml"
|
||||
- "resources/pvc.yaml"
|
||||
- "resources/deployment.yaml"
|
||||
- "resources/service.yaml"
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: vaultwarden
|
||||
spec:
|
||||
database: vaultwarden
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: vaultwarden
|
||||
spec:
|
||||
role: vaultwarden
|
||||
database: vaultwarden
|
||||
secretName: vaultwarden-db-credentials
|
||||
privileges: OWNER
|
||||
secretTemplate:
|
||||
PQ_URL: "postgresql://{{.Role}}:{{.Password}}@app-cluster-pooler-rw.postgres.svc:5432/{{.Database}}?sslmode=require"
|
||||
|
|
@ -24,8 +24,8 @@ spec:
|
|||
- name: DATABASE_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: vaultwarden-db-credentials-vaultwarden
|
||||
key: PQ_URL
|
||||
name: default-cluster-pguser-vaultwarden
|
||||
key: uri
|
||||
resources:
|
||||
limits:
|
||||
memory: "128Mi"
|
||||
|
|
|
|||
|
|
@ -19,8 +19,6 @@ labels:
|
|||
|
||||
resources:
|
||||
- resources/namespace.yaml
|
||||
- resources/db/db.yaml
|
||||
- resources/db/user.yaml
|
||||
- resources/api/dragonfly.yaml
|
||||
- resources/api/pvc.yaml
|
||||
- resources/api/deployment.yaml
|
||||
|
|
|
|||
|
|
@ -30,22 +30,25 @@ spec:
|
|||
- name: VIKUNJA_DATABASE_SSLMODE
|
||||
value: require
|
||||
- name: VIKUNJA_DATABASE_HOST
|
||||
value: app-cluster-pooler-rw.postgres.svc
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: default-cluster-pguser-vikunja
|
||||
key: host
|
||||
- name: VIKUNJA_DATABASE_DATABASE
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: db-credentials-vikunja
|
||||
key: DATABASE_NAME
|
||||
name: default-cluster-pguser-vikunja
|
||||
key: dbname
|
||||
- name: VIKUNJA_DATABASE_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: db-credentials-vikunja
|
||||
key: LOGIN
|
||||
name: default-cluster-pguser-vikunja
|
||||
key: user
|
||||
- name: VIKUNJA_DATABASE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: db-credentials-vikunja
|
||||
key: PASSWORD
|
||||
name: default-cluster-pguser-vikunja
|
||||
key: password
|
||||
- name: GOMEMLIMIT
|
||||
valueFrom:
|
||||
resourceFieldRef:
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: vikunja
|
||||
spec:
|
||||
database: vikunja
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: vikunja
|
||||
spec:
|
||||
role: vikunja
|
||||
database: vikunja
|
||||
secretName: db-credentials
|
||||
privileges: OWNER
|
||||
Binary file not shown.
|
|
@ -16,8 +16,6 @@ labels:
|
|||
|
||||
resources:
|
||||
- "resources/namespace.yaml"
|
||||
- "resources/db/db.yaml"
|
||||
- "resources/db/user.yaml"
|
||||
- "resources/deployment.yaml"
|
||||
- "resources/service.yaml"
|
||||
- "resources/http_route.yaml"
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: Postgres
|
||||
metadata:
|
||||
name: zipline
|
||||
spec:
|
||||
database: zipline
|
||||
dropOnDelete: false
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
---
|
||||
apiVersion: db.movetokube.com/v1alpha1
|
||||
kind: PostgresUser
|
||||
metadata:
|
||||
name: zipline
|
||||
spec:
|
||||
role: zipline
|
||||
database: zipline
|
||||
secretName: db-credentials
|
||||
privileges: OWNER
|
||||
secretTemplate:
|
||||
PQ_URL: "postgresql://{{.Role}}:{{.Password}}@app-cluster-pooler-rw.postgres.svc:5432/{{.Database}}?sslmode=require"
|
||||
|
|
@ -16,12 +16,6 @@ spec:
|
|||
containers:
|
||||
- name: zipline
|
||||
image: zipline
|
||||
env:
|
||||
- name: CORE_DATABASE_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: db-credentials-zipline
|
||||
key: PQ_URL
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: zipline-config
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue