refactor: postgres-operator and migration
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
c592010f90
commit
0ac1d722a3
48 changed files with 719 additions and 429 deletions
92
.drone.yml
92
.drone.yml
|
@ -28,95 +28,3 @@ steps:
|
||||||
IMAGE_REGISTRY: code.icb4dc0.de
|
IMAGE_REGISTRY: code.icb4dc0.de
|
||||||
IMAGE_REPO: prskr/infrastructure/keydb
|
IMAGE_REPO: prskr/infrastructure/keydb
|
||||||
IMAGE_TAG: v6.3.3
|
IMAGE_TAG: v6.3.3
|
||||||
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: arm64
|
|
||||||
|
|
||||||
platform:
|
|
||||||
arch: arm64
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: manifest
|
|
||||||
image: quay.io/buildah/stable
|
|
||||||
network_mode: host
|
|
||||||
privileged: true
|
|
||||||
commands:
|
|
||||||
- |
|
|
||||||
buildah login "$${IMAGE_REGISTRY}" --username "$${GITEA_USER}" --password "$${GITEA_TOKEN}"
|
|
||||||
buildah bud \
|
|
||||||
--tag "$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${IMAGE_TAG}" \
|
|
||||||
--arch $${IMAGE_ARCH} \
|
|
||||||
apps/ghostcms
|
|
||||||
buildah push "$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${IMAGE_TAG}"
|
|
||||||
environment:
|
|
||||||
GITEA_USER: prskr
|
|
||||||
GITEA_TOKEN:
|
|
||||||
from_secret: gitea_token
|
|
||||||
IMAGE_REGISTRY: code.icb4dc0.de
|
|
||||||
IMAGE_REPO: prskr/ghostcms
|
|
||||||
IMAGE_TAG: 5.71.0-alpine_arm64
|
|
||||||
IMAGE_ARCH: arm64
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: amd64
|
|
||||||
|
|
||||||
platform:
|
|
||||||
arch: amd64
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: manifest
|
|
||||||
image: quay.io/buildah/stable
|
|
||||||
network_mode: host
|
|
||||||
privileged: true
|
|
||||||
commands:
|
|
||||||
- |
|
|
||||||
buildah login "$${IMAGE_REGISTRY}" --username "$${GITEA_USER}" --password "$${GITEA_TOKEN}"
|
|
||||||
buildah bud \
|
|
||||||
--tag "$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${IMAGE_TAG}" \
|
|
||||||
--arch $${IMAGE_ARCH} \
|
|
||||||
apps/ghostcms
|
|
||||||
buildah push "$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${IMAGE_TAG}"
|
|
||||||
environment:
|
|
||||||
GITEA_USER: prskr
|
|
||||||
GITEA_TOKEN:
|
|
||||||
from_secret: gitea_token
|
|
||||||
IMAGE_REGISTRY: code.icb4dc0.de
|
|
||||||
IMAGE_REPO: prskr/ghostcms
|
|
||||||
IMAGE_TAG: 5.71.0-alpine_amd64
|
|
||||||
IMAGE_ARCH: amd64
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: manifest
|
|
||||||
|
|
||||||
platform:
|
|
||||||
arch: arm64
|
|
||||||
|
|
||||||
depends_on:
|
|
||||||
- amd64
|
|
||||||
- arm64
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: manifest
|
|
||||||
image: quay.io/buildah/stable
|
|
||||||
network_mode: host
|
|
||||||
privileged: true
|
|
||||||
commands:
|
|
||||||
- |
|
|
||||||
buildah login "$${IMAGE_REGISTRY}" --username "$${GITEA_USER}" --password "$${GITEA_TOKEN}"
|
|
||||||
buildah manifest create "$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${DRONE_COMMIT_SHA}"
|
|
||||||
buildah pull --arch amd64 "docker://$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${IMAGE_TAG}_amd64"
|
|
||||||
buildah pull --arch arm64 "docker://$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${IMAGE_TAG}_arm64"
|
|
||||||
buildah manifest add "$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${DRONE_COMMIT_SHA}" "$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${IMAGE_TAG}_amd64"
|
|
||||||
buildah manifest add "$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${DRONE_COMMIT_SHA}" "$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${IMAGE_TAG}_arm64"
|
|
||||||
buildah manifest push --all "$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${DRONE_COMMIT_SHA}" "docker://$${IMAGE_REGISTRY}/$${IMAGE_REPO}:$${IMAGE_TAG}"
|
|
||||||
environment:
|
|
||||||
GITEA_USER: prskr
|
|
||||||
GITEA_TOKEN:
|
|
||||||
from_secret: gitea_token
|
|
||||||
IMAGE_REGISTRY: code.icb4dc0.de
|
|
||||||
IMAGE_REPO: prskr/ghostcms
|
|
||||||
IMAGE_TAG: 5.71.0-alpine
|
|
||||||
|
|
|
@ -33,10 +33,12 @@ env:
|
||||||
|
|
||||||
DRONE_DATABASE_DRIVER: postgres
|
DRONE_DATABASE_DRIVER: postgres
|
||||||
DRONE_GIT_ALWAYS_AUTH: true
|
DRONE_GIT_ALWAYS_AUTH: true
|
||||||
|
DRONE_LOGS_DEBUG: true
|
||||||
|
|
||||||
DRONE_S3_ENDPOINT: http://minio.minio.svc.cluster.local:9000
|
DRONE_S3_ENDPOINT: https://2df513adaee2eeae12106af900bed297.r2.cloudflarestorage.com
|
||||||
DRONE_S3_BUCKET: drone
|
DRONE_S3_BUCKET: drone
|
||||||
DRONE_S3_PATH_STYLE: true
|
DRONE_S3_PATH_STYLE: true
|
||||||
AWS_DEFAULT_REGION: us-east-1
|
DRONE_S3_SKIP_VERIFY: true
|
||||||
AWS_REGION: us-east-1
|
AWS_REGION: us-east-1
|
||||||
|
AWS_DEFAULT_REGION: us-east-1
|
||||||
DRONE_REDIS_CONNECTION: redis://drone-session-cache-keydb:6379
|
DRONE_REDIS_CONNECTION: redis://drone-session-cache-keydb:6379
|
|
@ -5,10 +5,10 @@ metadata:
|
||||||
namespace: drone
|
namespace: drone
|
||||||
type: Opaque
|
type: Opaque
|
||||||
stringData:
|
stringData:
|
||||||
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:bLbQALnKFmjIWayuvgJK+w==,iv:MXpJa4ctbumf8u7erB66dpu6umQFmcKry0rJijECSpQ=,tag:UE8z+UW4ulwG9i3NKyfO4w==,type:str]
|
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:HWUsFOc2tD8CnEm4m4+2nuynOOW6lbUrtROLaPNgkmI=,iv:pmfvhL69opyb/MPlLRNjhjid5ORtE/E1B2/tCdOJKIc=,tag:xUVez9qJc4eBR14HeHyYmA==,type:str]
|
||||||
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:5oEn7d5MII2h1swwLS2YKHXLUYdTLZ9c4NU+j3xjk/I+ZdXZkXsy4mfewxWCZT+AmJHlJY2A1pB5t0nKFw5H,iv:bgoy8y+eOuIRPSuN7LZSQLVPnRjTVhBhUXJ2Vn54acc=,tag:LeuivYJtkSXtoMVRGz1F5A==,type:str]
|
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:skSkCr5p1YpNqeiwUz1zTUstRb9wbaSUVOzCgyLJxf9kKXWpPjQOQxve7s5m6iNhwgxICBmjNgxA6f2wYXrF2w==,iv:h/kNCcbYfXDGyH1oUz1A2Nfeb/AM92msQQ65YXHu+o4=,tag:xv7tm2PtVOCBtJ45K6H/QA==,type:str]
|
||||||
DRONE_COOKIE_SECRET: ENC[AES256_GCM,data:zG8FSKnxIRVk7cCbtIP6VC2tbM+FfjFcg5Y6mTE19Tw=,iv:Ac50qD8l7CwtGxFFITl/0dMq1McHbztU7320v4pPWFs=,tag:JZCwGhJ+NQ/pdpULMzI+pQ==,type:str]
|
DRONE_COOKIE_SECRET: ENC[AES256_GCM,data:zG8FSKnxIRVk7cCbtIP6VC2tbM+FfjFcg5Y6mTE19Tw=,iv:Ac50qD8l7CwtGxFFITl/0dMq1McHbztU7320v4pPWFs=,tag:JZCwGhJ+NQ/pdpULMzI+pQ==,type:str]
|
||||||
DRONE_DATABASE_DATASOURCE: ENC[AES256_GCM,data:qoH2QxBMwK+24ZsWe0F5VcbINvreEIdyT258uusu7BjjzEOWql8b5h8Ipj8fUK4lsPR+WnqG68TlGRYEZFM12o9EB7IPs8R47ERE6qfFN1Sdi5Vdf4kmEYWPnsJrJyc7mzovLTFJLwr85ZpYv64aSw7n0io13y0=,iv:1+xiSO+htrq381gpIri9/2I4CkzGSfT2Av0h3RXEQ5Q=,tag:f9Mg2CDo0HlkWpBkl6j+nw==,type:str]
|
DRONE_DATABASE_DATASOURCE: ENC[AES256_GCM,data:j5sqt/EpuGOHQH2p+kuwm/CYIxT0DviopKST2MrTpXR+Jh20NRgiq9CnYFTzCIHQZaSsO16b4Gyu0ViXgYSEK5t0j0QNnEjo8/z+ko6mOYEMyAbdAUuBmS9i/vbCb0HaXTpoTy3RG7Vjxif3WqDf,iv:b1rssEhX4K/cHNEytIuLW8NZaOPSnOokmhH+kBggyN8=,tag:Ns4lIcSWntsT1zpKMNd7cg==,type:str]
|
||||||
DRONE_DATABASE_SECRET: ENC[AES256_GCM,data:qSNVcSzH0y0pCY07Y3yDjfMaPZFtPWEmf3tqq076n7o=,iv:XNJaU2kQJeS7iMJyIoAkwzVS3QdqLAZy/FbE3VFvYXU=,tag:FPYbmgQ8/VSkMexXko+7Nw==,type:str]
|
DRONE_DATABASE_SECRET: ENC[AES256_GCM,data:qSNVcSzH0y0pCY07Y3yDjfMaPZFtPWEmf3tqq076n7o=,iv:XNJaU2kQJeS7iMJyIoAkwzVS3QdqLAZy/FbE3VFvYXU=,tag:FPYbmgQ8/VSkMexXko+7Nw==,type:str]
|
||||||
DRONE_GITEA_CLIENT_ID: ENC[AES256_GCM,data:jTR4bxuyrxt5llnRDuBHnughiIyzKQ2JEylh16wjZDIyWrid,iv:NrUudI15R+ZiaL3M/k70Mdfm20aerCWjDs6R0MHC4Hc=,tag:kfX4fNcCP4Xy//V72WzDrg==,type:str]
|
DRONE_GITEA_CLIENT_ID: ENC[AES256_GCM,data:jTR4bxuyrxt5llnRDuBHnughiIyzKQ2JEylh16wjZDIyWrid,iv:NrUudI15R+ZiaL3M/k70Mdfm20aerCWjDs6R0MHC4Hc=,tag:kfX4fNcCP4Xy//V72WzDrg==,type:str]
|
||||||
DRONE_GITEA_CLIENT_SECRET: ENC[AES256_GCM,data:0t8swJmx5qSvx7q9GsuRU+FOfcKxelIzDm5u16Nypfrqf5m9CbqmT39Uibj1wL8dWwx04Xo4mxc=,iv:agqn9RVuDq9WXly1AvckabpIyOqyK+0E89u4iItKRn4=,tag:KZLQlq+61QZtFGY/CnlQ2w==,type:str]
|
DRONE_GITEA_CLIENT_SECRET: ENC[AES256_GCM,data:0t8swJmx5qSvx7q9GsuRU+FOfcKxelIzDm5u16Nypfrqf5m9CbqmT39Uibj1wL8dWwx04Xo4mxc=,iv:agqn9RVuDq9WXly1AvckabpIyOqyK+0E89u4iItKRn4=,tag:KZLQlq+61QZtFGY/CnlQ2w==,type:str]
|
||||||
|
@ -38,8 +38,8 @@ sops:
|
||||||
VGN1VEJlL3RxOXVwNmo3RTk4aUhEb1EKtAHu3KqQ7EH7SQE/Dvc6gfuSmkcsy3+c
|
VGN1VEJlL3RxOXVwNmo3RTk4aUhEb1EKtAHu3KqQ7EH7SQE/Dvc6gfuSmkcsy3+c
|
||||||
1xxDYh69cMHkV3q4Wfnqg/DyWUq6D7OE4tVAuzNfo1SzZuBHXXCdQQ==
|
1xxDYh69cMHkV3q4Wfnqg/DyWUq6D7OE4tVAuzNfo1SzZuBHXXCdQQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-10-26T19:21:02Z"
|
lastmodified: "2023-11-08T18:21:47Z"
|
||||||
mac: ENC[AES256_GCM,data:lwiL9GLN8fDPfIrKxqciJXOz7vUbgxtayfqQwrxp94TTOTaAnraKIy60RlkP2PJUuj9Rdcl7sTLSWRrkwgUq08xvNjEOnQ70TuWQAaSR9J0udWsvPQWn951xr3lzzkE6M6ZI/3JCX87gXrocAih1ogpU9b6uz4zUiuhuHk8UogI=,iv:OZJhT0XFhsU2+HZ1YhqAsZniGeBipQqYcP6CJFJjTac=,tag:LYzqKBUiw7ETaRETVOym5A==,type:str]
|
mac: ENC[AES256_GCM,data:Lblzygh5+S25J2c1bH+hlKE9DGkmYAzI+BcBfpoLs3uB16NIyIku833XN0jEerpxINSiJMClLBVzZ2uKCpDCfcxxz0rJIldtoUqOzKtxTtcziMt6VXoG3h5m9pPbILzGU27uzo/D7E9SbXAUAmTGYsEFLx/R7bZYWMCdhgCOO0I=,iv:tnjm+xhTCie9W8LPG4MYCK3KNMZBa8TJPmzpYxZ0HQc=,tag:R4W/OU/aNCz5S7pXHjIWbg==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -73,24 +73,25 @@ gitea:
|
||||||
DEFAULT_USER_IS_RESTRICTED: 'true'
|
DEFAULT_USER_IS_RESTRICTED: 'true'
|
||||||
storage:
|
storage:
|
||||||
STORAGE_TYPE: minio
|
STORAGE_TYPE: minio
|
||||||
MINIO_ENDPOINT: minio.minio.svc.cluster.local:9000
|
MINIO_ENDPOINT: 2df513adaee2eeae12106af900bed297.r2.cloudflarestorage.com:443
|
||||||
MINIO_BUCKET: gitea
|
MINIO_BUCKET: gitea
|
||||||
MINIO_LOCATION: us-east-1
|
MINIO_LOCATION: us-east-1
|
||||||
MINIO_USE_SSL: 'false'
|
MINIO_USE_SSL: 'true'
|
||||||
attachment:
|
attachment:
|
||||||
ALLOWED_TYPES: .bz2,.gz,.md,.pdf,.tgz,.txt,.zip,.tar.gz,.txt,application/gzip,application/x-gzip,application/x-gtar,application/x-tgz,application/x-compressed-tar,text/plain
|
ALLOWED_TYPES: .bz2,.gz,.md,.pdf,.tgz,.txt,.zip,.tar.gz,.txt,application/gzip,application/x-gzip,application/x-gtar,application/x-tgz,application/x-compressed-tar,text/plain
|
||||||
MAX_SIZE: 30
|
MAX_SIZE: 30
|
||||||
MAX_FILES: 15
|
MAX_FILES: 15
|
||||||
STORAGE_TYPE: minio
|
STORAGE_TYPE: minio
|
||||||
MINIO_ENDPOINT: minio.minio.svc.cluster.local:9000
|
MINIO_ENDPOINT: 2df513adaee2eeae12106af900bed297.r2.cloudflarestorage.com:443
|
||||||
MINIO_BUCKET: gitea
|
MINIO_BUCKET: gitea
|
||||||
MINIO_LOCATION: us-east-1
|
MINIO_LOCATION: us-east-1
|
||||||
MINIO_USE_SSL: 'false'
|
MINIO_USE_SSL: 'true'
|
||||||
database:
|
database:
|
||||||
DB_TYPE: postgres
|
DB_TYPE: postgres
|
||||||
HOST: postgres-15-postgresql.postgres.svc.cluster.local:5432
|
HOST: default-cluster-primary.postgres.svc
|
||||||
NAME: gitea
|
NAME: forgejo
|
||||||
USER: gitea
|
USER: forgejo
|
||||||
|
SSL_MODE: require
|
||||||
log_sql: "false"
|
log_sql: "false"
|
||||||
metrics:
|
metrics:
|
||||||
ENABLED: true
|
ENABLED: true
|
||||||
|
|
|
@ -4,9 +4,9 @@ metadata:
|
||||||
name: forgejo-credentials
|
name: forgejo-credentials
|
||||||
type: Opaque
|
type: Opaque
|
||||||
stringData:
|
stringData:
|
||||||
database: ENC[AES256_GCM,data:XnZgkrfXpUElOMMqXKSYn4tFNPcKznUZ/U+ZKWnioqC3,iv:s6cwX7Pcic4GSdJUkAp79VZmTjWvaMQGRpRBLym7G+U=,tag:yzSUbsiG9hpTQhkXLK3ZsA==,type:str]
|
database: ENC[AES256_GCM,data:kTQSEpMRi0ze+d0nsYerRFfhlS8VzZ7stF6AaXCKg4c=,iv:ZK+l+N2LTmXiJ7eHbNpgq5cQ2geXJJVUwcnhqSvJaTk=,tag:zfK4sXZVg89aXNco2zVYkw==,type:str]
|
||||||
attachment: ENC[AES256_GCM,data:pdNzbwfjEFKk4XBNA+/mKKy/SWQD1cFnu8JuEsZfIoRUM3u6qmcw0Hc8H1epsE+YcLpjfIxM7SLGS+pSaYBHSCltyk4IoJ0kPOetAwg+JcHorzUawKbPTOfRzgZFuSG/x7fze3I3RabWA+hpqM/+8ioVe8ecMRqxiyf8iA==,iv:fs9AzB8mkd4p5yVvaoPh4Hf9RMYv2b6l0dj+sMajhqo=,tag:gIvxxD40wFQH7WhzMWkcZw==,type:str]
|
attachment: ENC[AES256_GCM,data:1yXF5ynIGQ8gv6F9SkehA+xnwlI0b1BuZAaSpmymNF/nm01rM5St0G2HBRAQp9i9HeJuRL3DitywAXqVyT1Usx5PFZrK3DnN1NoCCKFEOq5E3JFDQcVrisWtqab562y4ucR5GlynZHG+mjWEExTldnCoQc03KM8m/JsHI4Z5lV23/p+yrSMu/GpxERsu,iv:Llsh9nftLztMX5+3HML0u3hnaKoFKADR0Lj8WCDtsaU=,tag:yH65vLuB+/jUL+Rvaxt6CA==,type:str]
|
||||||
storage: ENC[AES256_GCM,data:ESAb9DiIldMUINDnK/xMt8DmFbuFnumHSoDVGS9HBABkKBfb5zKvqNXLq9NIm4KGNKojAoy+axgZwv1sAFZNMLTuDQNOczEJ9yPyr3IbuQHXWKpyDyN6nlY26FLH0ib6JuL6n15s67IaFPYuFa1ukfQn9IRTKnwmY8OK+w==,iv:tmQ4Xtl3rmI/mhBPlTbsVL5yTrDbHZlIc+I4Dx1SeP4=,tag:SWqOxnHg3yE1H8mrroAOtg==,type:str]
|
storage: ENC[AES256_GCM,data:6RyQ4kXlBexGZbHd8/RO7TdZ6jv+I9LC7rqHfZo9949G4FWDS47PdAtMWWV9IG/k2RziB//aBe8E7C5uvFWIpSQF7p4gxNTmdSzRq4/e1HrSdOKZ2+GdDPAzD7PWo7L7GhDN5iuAlUKAVsl/DFJWUkH6vFWPmVf3nJ/sW5MRjpjgzWuAzQAgdJttCxEi,iv:Xoy0TJ4QSoyY/b+EWkFEnx3OlBQSXNLJQL3nwTOv6Tg=,tag:7E2AMs7IkdZkN99cb7gAAg==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -31,8 +31,8 @@ sops:
|
||||||
bHk2WG41aDdPeWVJR0NjRWZOVnVMS2cKLZZt2VNc5XdqW9Cknr2Re7pW2+s5CSYj
|
bHk2WG41aDdPeWVJR0NjRWZOVnVMS2cKLZZt2VNc5XdqW9Cknr2Re7pW2+s5CSYj
|
||||||
hQyzCSAPp8hN9mietVqzX3eyFf9ngYJ96TjvBd+2dduxchxAEoi4tQ==
|
hQyzCSAPp8hN9mietVqzX3eyFf9ngYJ96TjvBd+2dduxchxAEoi4tQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-10-30T09:24:54Z"
|
lastmodified: "2023-11-07T21:04:47Z"
|
||||||
mac: ENC[AES256_GCM,data:pE1MqMtsOmDcpI2N2BK++JLwENVMiN6fhjiqfqsjg0iq90nmmdm55Ot8AW9TK1EHdjBpghMjoIJoF4hI72RPnc6DunZPE/q5LZrTnW37do+EmF+KzSFz4goDovkj9KvAcyjY8b3PobpwX7wtNvRjaUqy1pr6WJZjntkHTojUUSg=,iv:CAGiBKa/ydi4n51dbSxqC9pJ5Wlh87rk9tiJYCoFmTg=,tag:v4ZvCi77mhVjZ90QNtscsQ==,type:str]
|
mac: ENC[AES256_GCM,data:+9JzeBV2UT8O+d98Pvmx4+IujahWvuIIQijjW/JYaE6vbNfzcp21L+3jtU4JZb5Yj3KTySLvlaMvHKDxER/xHsIbYKUF0MMm90eJnccxiiJ7YhPKMkHmRhGbNEP60COv01O1bba4RrAqFdS0velAo74PmYFZO0gAX5T0080+4KQ=,iv:9J6QCO1J4scRCQklRtc62rcNSaVxsKfgqHpjsITruZM=,tag:jlUKMcYvSWmG7KpUOhNN5A==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -1,11 +0,0 @@
|
||||||
ARG GHOST_IMAGE_TAG=5.71.0-alpine
|
|
||||||
|
|
||||||
FROM docker.io/node:18-alpine AS s3-storage-adapter
|
|
||||||
|
|
||||||
WORKDIR /s3
|
|
||||||
|
|
||||||
RUN npm install ghos3
|
|
||||||
|
|
||||||
FROM docker.io/ghost:${GHOST_IMAGE_TAG}
|
|
||||||
|
|
||||||
COPY --from=s3-storage-adapter /s3/node_modules/ghos3/* ./content/adapters/storage/s3
|
|
|
@ -1,15 +0,0 @@
|
||||||
database__client=mysql
|
|
||||||
database__connection__host=ghostcms-db
|
|
||||||
database__connection__database=ghostcms
|
|
||||||
server__host=0.0.0.0
|
|
||||||
server__port=2368
|
|
||||||
storage__active=s3
|
|
||||||
storage__media__adapter=s3
|
|
||||||
storage__files__adapter=s3
|
|
||||||
storage__s3__region=us-east-1
|
|
||||||
storage__s3__bucket=ghostcms
|
|
||||||
storage__s3__endpoint=minio.minio.svc.cluster.local:9000
|
|
||||||
storage__s3__forcePathStyle=true
|
|
||||||
cache__imageSizes__adapter=Redis
|
|
||||||
cache__Redis__host=ghostcms-keydb.ghostcms.svc
|
|
||||||
cache__Redis__port=6379
|
|
|
@ -5,7 +5,7 @@ namespace: ghostcms
|
||||||
|
|
||||||
images:
|
images:
|
||||||
- name: ghostcms
|
- name: ghostcms
|
||||||
newName: code.icb4dc0.de/prskr/ghostcms
|
newName: docker.io/ghost
|
||||||
newTag: 5.71.0-alpine
|
newTag: 5.71.0-alpine
|
||||||
|
|
||||||
commonLabels:
|
commonLabels:
|
||||||
|
@ -15,6 +15,7 @@ commonLabels:
|
||||||
resources:
|
resources:
|
||||||
- resources/namespace.yaml
|
- resources/namespace.yaml
|
||||||
- resources/db.yaml
|
- resources/db.yaml
|
||||||
|
- resources/pvc.yaml
|
||||||
- resources/deployment.yaml
|
- resources/deployment.yaml
|
||||||
- resources/service.yaml
|
- resources/service.yaml
|
||||||
- resources/ingress.yaml
|
- resources/ingress.yaml
|
||||||
|
@ -22,11 +23,6 @@ resources:
|
||||||
generators:
|
generators:
|
||||||
- ./secret-generator.yaml
|
- ./secret-generator.yaml
|
||||||
|
|
||||||
secretGenerator:
|
|
||||||
- name: ghostcms-base-config
|
|
||||||
envs:
|
|
||||||
- "config/base.env"
|
|
||||||
|
|
||||||
helmCharts:
|
helmCharts:
|
||||||
- name: keydb
|
- name: keydb
|
||||||
repo: https://enapter.github.io/charts/
|
repo: https://enapter.github.io/charts/
|
||||||
|
|
|
@ -4,10 +4,12 @@ metadata:
|
||||||
name: ghostcms-secret-config
|
name: ghostcms-secret-config
|
||||||
type: Opaque
|
type: Opaque
|
||||||
stringData:
|
stringData:
|
||||||
database__connection__user: ENC[AES256_GCM,data:RB9Ne7UwdiE=,iv:i+qC2xTv2I6iQfJnzui1V+M3YOCu7OD9qmtY6G1pp3A=,tag:PPe9wMGHeM7fItM+GJhchA==,type:str]
|
database__client: ENC[AES256_GCM,data:sr6EfhI=,iv:pOo9u6/twN/F7O9B2TDoB5Zs5FC60vyLYtvJVDMUtV0=,tag:v2CLpeiV5CVzLK7pKAFbKA==,type:str]
|
||||||
database__connection__password: ENC[AES256_GCM,data:EH5AnurBZlQPpybbS+mbFgMQk2H6GXrXlw2nDDChoaU=,iv:wShvZE2GEUG4OVBoSydE9MbFPO9T70QG4H65lf4itWw=,tag:J7fKtAVGWEYvXDWfC7ZNIQ==,type:str]
|
database__connection__host: ENC[AES256_GCM,data:f8eQyV/1OvXQdHs/DtW6q1NbHqLIqbMi,iv:F0ChUjxJunyuKG2hKwHjylaHTDLA9SgMNMMX93aHo7c=,tag:4DcCiD1JRSqPd/KQSsyHsg==,type:str]
|
||||||
adapters__storage__s3__accessKeyId: ENC[AES256_GCM,data:zRnYiP0OGRJhYYuYGwjwgw==,iv:3S53/I21EW+ONOdU5lriqcnwEfCa74GK2NVwbOfnUlg=,tag:+Aljr4KLvC0/38LmYbSfpw==,type:str]
|
database__connection__user: ENC[AES256_GCM,data:zq6qSDV2N18=,iv:Pdt16Av6sw6iAEBPDu6W06AFsgBq7wkhTaxkyQahhac=,tag:RJesMhyVRK5VFFsJQsWeoA==,type:str]
|
||||||
adapters__storage__s3__secretAccessKey: ENC[AES256_GCM,data:lK3nL/2VwcA1znIol0mtZOdbTEXoplnh7kb30xj8A/hLUVeWhDXf5EqGXlI5tsBHme2i51KjDTzk+taFEZkb,iv:0nwuVhcoW+7HB9EreZ6jlpzXkxYSAMNbX4wUAHzH0yU=,tag:frst/SlL3sgmM+wRAgQBJQ==,type:str]
|
database__connection__password: ENC[AES256_GCM,data:irsrzl+G4+HHosntR8/Y6BEuHmi5WAJEsZf+jwzlsbo=,iv:29BoRix+4CpMIjcFKFFDXTxEaQjHwERUTvxWwUgkLas=,tag:WoB18ym4MxO20oAnqxP5GQ==,type:str]
|
||||||
|
database__connection__database: ENC[AES256_GCM,data:+tiIhcFt06I=,iv:kwX/n8+4LW5eKmST3wxhdvPcmZoxtEh6zJ+spbvccPM=,tag:ZlwXxLRfZ6XpGE3hRga/2g==,type:str]
|
||||||
|
url: ENC[AES256_GCM,data:iNCEULqcDoiGhvAA1y80mbL0+lOzCxo=,iv:lw+5Sk1tRPJFOqIKH1MaQn7RvG02Hg0kmLTIT7JSeNE=,tag:vGNQVyRrnu1kBLYNEdNIzA==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -32,8 +34,8 @@ sops:
|
||||||
UnE2NTVSSUp1OEVFVDd5bHJYOEZpaVkKqmw9GLZavqaPQOJjGhLqXo4ggfmFDgXz
|
UnE2NTVSSUp1OEVFVDd5bHJYOEZpaVkKqmw9GLZavqaPQOJjGhLqXo4ggfmFDgXz
|
||||||
C9HNxeDVr2kY452gleVS/YFTPWo0QPevl0SjpZg2gvnz28qLDSNXYQ==
|
C9HNxeDVr2kY452gleVS/YFTPWo0QPevl0SjpZg2gvnz28qLDSNXYQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-10-31T17:51:51Z"
|
lastmodified: "2023-11-02T19:37:36Z"
|
||||||
mac: ENC[AES256_GCM,data:MMIdx3HIiclIbWDpMkxNiC9cGpzZysYtqZCObA8jBB39GdokRbIFaNS1JQuZ/6u3KyTj2X15HDvgphUWzjTIgl1nYvEumEj6ZyI82VqKP59BBOQ3jCz3rTvLqcqkI+HHd6CUzHehElS11xFZ1VV8CmcGrzhNtoGfIcpFr/7W0/E=,iv:HySrtTaz23uYOOOEnEDY34AGxFYyFRQ92xaD4kCQxe8=,tag:VqBbHcQIxJZRig+Krl3EFg==,type:str]
|
mac: ENC[AES256_GCM,data:W1Q9cRmdgxtpREVPzbI9kF3wEFFkF9vWTek8n6sNEDyYd2sew9FQ0gaqoA2bSKro8ff4iLBpwChQIhM7AZbiw5CP0OjUZMWbcjw8YeJEwowIZ+jp3D4qrMuAfjdqhoAJf2G75RyWsChsRG2fPyQ0rVU0sPJf3haiA0MziZi97xM=,iv:yghPQbr5/CLZIeltIGPXYozs08KdcmypSOTO+OrZiHk=,tag:nIh+ntR5wcLJm2AihwhQ9A==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -4,6 +4,8 @@ kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: ghostcms
|
name: ghostcms
|
||||||
spec:
|
spec:
|
||||||
|
strategy:
|
||||||
|
type: Recreate
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app.kubernetes.io/name: ghostcms
|
app.kubernetes.io/name: ghostcms
|
||||||
|
@ -12,30 +14,56 @@ spec:
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: ghostcms
|
app.kubernetes.io/name: ghostcms
|
||||||
spec:
|
spec:
|
||||||
|
initContainers:
|
||||||
|
- name: plugins
|
||||||
|
image: ghostcms
|
||||||
|
imagePullPolicy: Always
|
||||||
|
command:
|
||||||
|
- /bin/ash
|
||||||
|
- -c
|
||||||
|
- '-'
|
||||||
|
args:
|
||||||
|
- |
|
||||||
|
if [ ! -d "/var/lib/ghost/content/adapters/storage/s3" ]; then
|
||||||
|
npm install --prefix /tmp ghos3
|
||||||
|
mkdir -p /var/lib/ghost/content/adapters/storage/s3
|
||||||
|
cp -r /tmp/node_modules/ghos3/* /var/lib/ghost/content/adapters/storage/s3
|
||||||
|
fi
|
||||||
|
volumeMounts:
|
||||||
|
- name: ghost-content
|
||||||
|
mountPath: /var/lib/ghost/content
|
||||||
containers:
|
containers:
|
||||||
- name: ghostcms
|
- name: ghostcms
|
||||||
image: ghostcms
|
image: ghostcms
|
||||||
ports:
|
imagePullPolicy: Always
|
||||||
- containerPort: 2368
|
envFrom:
|
||||||
env:
|
- secretRef:
|
||||||
- name: NODE_ENV
|
name: ghostcms-secret-config
|
||||||
value: production
|
ports:
|
||||||
envFrom:
|
- containerPort: 2368
|
||||||
- secretRef:
|
env:
|
||||||
name: ghostcms-base-config
|
- name: NODE_ENV
|
||||||
- secretRef:
|
value: production
|
||||||
name: ghostcms-secret-config
|
securityContext:
|
||||||
securityContext:
|
allowPrivilegeEscalation: false
|
||||||
allowPrivilegeEscalation: false
|
readOnlyRootFilesystem: false
|
||||||
readOnlyRootFilesystem: true
|
capabilities:
|
||||||
runAsNonRoot: true
|
drop:
|
||||||
capabilities:
|
- ALL
|
||||||
drop:
|
privileged: false
|
||||||
- ALL
|
resources:
|
||||||
privileged: false
|
limits:
|
||||||
runAsUser: 1000
|
memory: "384Mi"
|
||||||
runAsGroup: 1000
|
cpu: "100m"
|
||||||
resources:
|
volumeMounts:
|
||||||
limits:
|
- name: ghost-content
|
||||||
memory: "384Mi"
|
mountPath: /var/lib/ghost/content
|
||||||
cpu: "100m"
|
securityContext:
|
||||||
|
fsGroup: 1000
|
||||||
|
runAsGroup: 1000
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsNonRoot: true
|
||||||
|
volumes:
|
||||||
|
- name: ghost-content
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: ghost-content
|
||||||
|
|
13
apps/ghostcms/resources/pvc.yaml
Normal file
13
apps/ghostcms/resources/pvc.yaml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: ghost-content
|
||||||
|
spec:
|
||||||
|
storageClassName: hcloud-volumes
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 10Gi
|
||||||
|
volumeMode: Filesystem
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteOnce
|
|
@ -31,6 +31,8 @@ CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name
|
||||||
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email
|
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email
|
||||||
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username
|
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username
|
||||||
CMD_IMAGE_UPLOAD_TYPE=minio
|
CMD_IMAGE_UPLOAD_TYPE=minio
|
||||||
CMD_MINIO_ENDPOINT=minio.minio.svc.cluster.local
|
CMD_S3_BUCKET=hedgedoc
|
||||||
CMD_MINIO_PORT=9000
|
CMD_S3_PUBLIC_FILES=false
|
||||||
|
CMD_MINIO_ENDPOINT=2df513adaee2eeae12106af900bed297.r2.cloudflarestorage.com
|
||||||
|
CMD_MINIO_PORT=443
|
||||||
CMD_MINIO_SECURE=true
|
CMD_MINIO_SECURE=true
|
|
@ -5,8 +5,8 @@ metadata:
|
||||||
type: Opaque
|
type: Opaque
|
||||||
stringData:
|
stringData:
|
||||||
CMD_DB_URL: ENC[AES256_GCM,data:4nqueG0hIb5fPQbPJll+keWZVODpFxBUhVkeHTKJ2/J8Kpj8DMuU41HLQ1+iGFiUtEdv2LPvbgDOeXT4UR3zjDdGL96SpKbLQIKQlNjPWNfUXeHASkiIiMHh9Y7z3d/s2coopzk9ULTHs5XIMywCUoY8DX4=,iv:drx1hQdbsLbPSojSL79TFop1wni2KxNPJ+KwlOL9WQo=,tag:4JbriWueqRye/n3rnBpSkw==,type:str]
|
CMD_DB_URL: ENC[AES256_GCM,data:4nqueG0hIb5fPQbPJll+keWZVODpFxBUhVkeHTKJ2/J8Kpj8DMuU41HLQ1+iGFiUtEdv2LPvbgDOeXT4UR3zjDdGL96SpKbLQIKQlNjPWNfUXeHASkiIiMHh9Y7z3d/s2coopzk9ULTHs5XIMywCUoY8DX4=,iv:drx1hQdbsLbPSojSL79TFop1wni2KxNPJ+KwlOL9WQo=,tag:4JbriWueqRye/n3rnBpSkw==,type:str]
|
||||||
CMD_MINIO_ACCESS_KEY: ENC[AES256_GCM,data:X35aVIq7gnKpmqDRc7GTPA==,iv:awU1uonCr4xtgUB5/aFWWQOH+ztD8VQVj4b0wX/Lrwg=,tag:5VYSNlAVGuW1WGQHJfrsvA==,type:str]
|
CMD_MINIO_ACCESS_KEY: ENC[AES256_GCM,data:VqudURssSgmCDVhCRjak2TDG10pwvCNfi0w9FlEh4SI=,iv:VGavO528JfqsUVyvWSAlWkMTXJAmLUablaGZ3VCEtq8=,tag:unvEa2k/9AzfVMEnhCDB1Q==,type:str]
|
||||||
CMD_MINIO_SECRET_KEY: ENC[AES256_GCM,data:jM21N3cxeiKh/IJJY9Tka4cj77yzTmI6F8lxA/H69XErUnOy8Ve8NQWCGb6NkZvHCVelfs2FUoPtVitNbXte,iv:jNVspSWVTCco0R6sbRdn8EyIzA5YPziMzUrpf0q57ow=,tag:Oo6ppZnPo9umgCYMEDC8Zg==,type:str]
|
CMD_MINIO_SECRET_KEY: ENC[AES256_GCM,data:/iQq6wnoH/WwEzApap6szpr7z+KZJ+twcuINgqtbHOMDXeVz9Yi7cjC0hGlqQHZTCO4jR5gp+OwdIkzRk0zDsw==,iv:1OHm8K3AA340q0xkNCF3RsPpcpKmUE5Yibu+IWIZ7+E=,tag:cB/pckdoEZQlzlRVWoYKmA==,type:str]
|
||||||
CMD_OAUTH2_CLIENT_ID: ENC[AES256_GCM,data:x1zEeQl4WM49dmbx9v159APlimVVmQX4uPUTa0Nwu7jazcD1,iv:eXSk8Js2OhKC6q1M2anzCdC30IqA9YIj7rxmzFRE4bo=,tag:zgutG/3INA7DxUY5PRJoIg==,type:str]
|
CMD_OAUTH2_CLIENT_ID: ENC[AES256_GCM,data:x1zEeQl4WM49dmbx9v159APlimVVmQX4uPUTa0Nwu7jazcD1,iv:eXSk8Js2OhKC6q1M2anzCdC30IqA9YIj7rxmzFRE4bo=,tag:zgutG/3INA7DxUY5PRJoIg==,type:str]
|
||||||
CMD_OAUTH2_CLIENT_SECRET: ENC[AES256_GCM,data:biyLVbyONbJK2V16Zz9/MVdpdqu3iTzsyBVx0iKK5MCyNfU1Y0lV9g88w44junGvvby/LWOAEGs=,iv:uSRtuu+bHpt8JOVfw5BpCXjqWW07x0jJ8Ja2pIcoQf4=,tag:He4d6BrE1V9OJbNH3hrPcQ==,type:str]
|
CMD_OAUTH2_CLIENT_SECRET: ENC[AES256_GCM,data:biyLVbyONbJK2V16Zz9/MVdpdqu3iTzsyBVx0iKK5MCyNfU1Y0lV9g88w44junGvvby/LWOAEGs=,iv:uSRtuu+bHpt8JOVfw5BpCXjqWW07x0jJ8Ja2pIcoQf4=,tag:He4d6BrE1V9OJbNH3hrPcQ==,type:str]
|
||||||
CMD_SESSION_SECRET: ENC[AES256_GCM,data:Nq6arL1aE69BeTRjx4pA90xZqcOtqOb3R/Zt98FyIVd+Uq53dWsqURG2M+IQpvl9MEpY8FpUNY0=,iv:JaOAe8YgNVnDBzV2x1TSqMJq36Qwqazk6cCkWwseBZc=,tag:FMKKOhow/w5HLwfNarQdjQ==,type:str]
|
CMD_SESSION_SECRET: ENC[AES256_GCM,data:Nq6arL1aE69BeTRjx4pA90xZqcOtqOb3R/Zt98FyIVd+Uq53dWsqURG2M+IQpvl9MEpY8FpUNY0=,iv:JaOAe8YgNVnDBzV2x1TSqMJq36Qwqazk6cCkWwseBZc=,tag:FMKKOhow/w5HLwfNarQdjQ==,type:str]
|
||||||
|
@ -34,8 +34,8 @@ sops:
|
||||||
ZXpzNmEzbXhtZDkySFM2L0VQTzZCdTQKh46uRnVtRzzdnnnuCJNwgQo8AeNKpc6B
|
ZXpzNmEzbXhtZDkySFM2L0VQTzZCdTQKh46uRnVtRzzdnnnuCJNwgQo8AeNKpc6B
|
||||||
WC91My4qyOtvM9J+FJC71DTovfmHrZw0YWbPwXqNRU6XBWHfC/MViA==
|
WC91My4qyOtvM9J+FJC71DTovfmHrZw0YWbPwXqNRU6XBWHfC/MViA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-10-25T20:06:34Z"
|
lastmodified: "2023-11-08T19:19:28Z"
|
||||||
mac: ENC[AES256_GCM,data:WbkEZi02UASYMudLJVaQpuB7blx4UDm80dBiN0zPad6n5tRs+W0g5cahhMa9LkFH6mlUQbGTk4ndjQZgVeXVBE8LKyfvz+tlAP7+OR6yFx3AsHG1KCORolDJkFAQbqmV6fprvE0OxZZgPtu6OkSEMw2s5tdpRYr2EV1E2y7X0NU=,iv:AUeybEhdKQJNqBtTgpLWojk4x0aEpT5QFisEAQCFmWg=,tag:hAWw0vd8lzKeWbS1nb7fJA==,type:str]
|
mac: ENC[AES256_GCM,data:mG1SOLX1AFuPuJ3v8o12ofU+rHD/Iwwp3xFfIoayHp+K/w8btnwZ1rrbzZLRwZfR2nnxF9Rn4UZ2d1v6B9z2Dlz/p4EDc2pDyyhgWFCoJgf1J3w7Gj7b1C9ukoGrxcQ0RaZjhhZrU0XjN5EyfTgxcl1e5UahOrHVUu5OMBukkKg=,iv:2M5gtUdMpsYmLZkuaWXoHGGKPM9pvXwEpqqRjhSN8yo=,tag:ORpppvL5KKXRVgIwAoTOCw==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -24,6 +24,9 @@ spec:
|
||||||
- containerPort: 3000
|
- containerPort: 3000
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
name: web
|
name: web
|
||||||
|
volumeMounts:
|
||||||
|
- name: upload-tmp
|
||||||
|
mountPath: /tmp
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: "168Mi"
|
memory: "168Mi"
|
||||||
|
@ -40,4 +43,8 @@ spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
runAsGroup: 1000
|
runAsGroup: 1000
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
|
volumes:
|
||||||
|
- name: upload-tmp
|
||||||
|
emptyDir:
|
||||||
|
sizeLimit: 500Mi
|
|
@ -5,7 +5,5 @@ DB_QUERY_LIMIT_MAX=1000
|
||||||
DB_QUERY_LIMIT_MIN=1
|
DB_QUERY_LIMIT_MIN=1
|
||||||
NC_JWT_EXPIRES_IN=1h
|
NC_JWT_EXPIRES_IN=1h
|
||||||
NC_DISABLE_TELE=true
|
NC_DISABLE_TELE=true
|
||||||
NC_S3_REGION=us-east-1
|
|
||||||
NC_S3_BUCKET_NAME=noco
|
|
||||||
NC_ADMIN_EMAIL=peter.kurfer@gmail.com
|
NC_ADMIN_EMAIL=peter.kurfer@gmail.com
|
||||||
NC_REDIS_URL=redis://nocodb-keydb:6379/0
|
NC_REDIS_URL=redis://nocodb-keydb:6379/0
|
|
@ -6,7 +6,7 @@ namespace: nocodb
|
||||||
images:
|
images:
|
||||||
- name: nocodb
|
- name: nocodb
|
||||||
newName: docker.io/nocodb/nocodb
|
newName: docker.io/nocodb/nocodb
|
||||||
newTag: "0.202.4"
|
newTag: "0.202.5"
|
||||||
|
|
||||||
commonLabels:
|
commonLabels:
|
||||||
app.kubernetes.io/instance: icb4dc0de
|
app.kubernetes.io/instance: icb4dc0de
|
||||||
|
|
|
@ -5,13 +5,10 @@ metadata:
|
||||||
type: Opaque
|
type: Opaque
|
||||||
stringData:
|
stringData:
|
||||||
#ENC[AES256_GCM,data:Hs6V,iv:5x3mHRFQ64to+CJGDDx+JNW1IEnHJ/ybe6JeecPJNeE=,tag:PBkuJceINQDF0YdjqmtcjA==,type:comment]
|
#ENC[AES256_GCM,data:Hs6V,iv:5x3mHRFQ64to+CJGDDx+JNW1IEnHJ/ybe6JeecPJNeE=,tag:PBkuJceINQDF0YdjqmtcjA==,type:comment]
|
||||||
NC_DB: ENC[AES256_GCM,data:OkLE4jyqG4jH0bSH0bU0oGrm5ARbXOaw91MQOM6IfqVMOd0Z+Z9z6bHc1iFrt5NvQlNeJm/ivHxaj3fX0kyOp5Y5JQq9sJfkOPaOxYbI2Z5VCQymxFreT/5sH/it8cLqpkt2G5r1PIpch0p3,iv:nuv8A73AYhCWhIRp0o3IN2YV0xo7l/gtlv8EgBeJ4uk=,tag:FyNH9FvTz3P+kod52kCHLw==,type:str]
|
NC_DB_JSON: ENC[AES256_GCM,data:z2Ersb4CH2aQKdO8f4lxWfxUnNvYA5ese5hMsAnDT5uuaSGCUIIOEYhbREbbu/3rZhIrOMm10S3DZAlDDmc+Z1a4UeRHTsO5WEA9eyMG4mq5+6FV2FELORn+23jhpLgn9rP17IP5fSPlmWp6RdGsdsvXCFbHrz5YEofIlxJYQDL8ix/toTkVjKynNheqzU2bSyTQTfC7ZzDmGaCw43OtB4lo4S1flrNDyZubsqIAM3E8igOCTLbXf7ak9AMwTIs2jo/HAj5ErWXcdgBUZkNOPOYGbdKAIBdMS49EUsX4k5CAKZEmU14VGdWYwwpthAQ2osOELuZleXdlAdkhqFGgBG5zwKpDqV5EZ9HkbQtgL81gDnVR+nVXgU/Lnor2qS32szWl3xNskk0wyB/9OdbvJwV4L9yuLW0rwWI07aBWRACfXAvtDL/kUi7YPzC2ZueFw6628Bfjif3gUbm++plNpkDPKJw+MJRXvDqjCnB+ewaZ7O1nqQh7BjO0ZjkrOsJqm1HaCr8FpXVc5i8PrkYCIPrVA8zcdbu7AO/ngLpmN7AfcXOwjXKdFKdtwVgkK3mJBh976vGFRPTc0+4ENt3OnDVRIb+A0AdGuqWWNp9ctkjDGv4Ne2sH7dwCnnK0r0yORyfkr5ZQRUT8YCd42hUnEUlP54TDBMH9ZOpZX/nYKbv9BfFPRPP44hbYElkLtwAM02DkJX9EEW2yILGVE/roMrDlham+VNNSB7/Hrm7aUEWYwOBk9XghxOC1vhrxaG9LPZHhsKBakX/Jz1I3lWpcDf4ILa4clfej4M5gYwzMYY9P38G+MAzjnmyrjrgSvPVw8dZw9d6X4X+CRNKPXWm2UYLQHFHODkx1F4yH3aXQUy7nkCosX9SK03/kuBFo5FcARSudsYDJ9Y8SSTVtn3rTJeZF2hFww5tstZ3Ca0jTz75kaWYwvj4DpCd3AKw7/b9pw6DNCpPg07ipFI+fPjLVY+wXy1S+e8HmB6041BiMmc3dDyd4r0vuCH8a8b3Gna6/E4SyQWEv2dhEBAcKb5Eekdf8u9aSMjT7z9fVfrG7V5FQXZ+U46OgbNIUYKzQkJzO5WfRwVhbtUWlqV+YGIaBdq4V6lt0eNq5gdWSgY4pXLBOFtELbJN4wkwqeNh30vJAqmyT+SzfZxxEhire/kRAUFArql2m1aaWUEUw1rwMED8NIRryrQsBSirUFtHPSJM8NtU5/9bvZmS73prn3PTYJfKSVxD8b4c9/5O8WMWL9DxcLNRt863DT1p/RzA=,iv:dLiu9WddIz9iO3cOT7jny4PpdxiN7R/YccF/aaEy6Rc=,tag:w71GGULEaSzy0vrh4gOLvQ==,type:str]
|
||||||
#ENC[AES256_GCM,data:MQnRuJg=,iv:E82k3W8MaSx0BM7hXCkY1tN+H7D5S1kDPKmvP3Gi4/4=,tag:H4502GVmN8WvwPsiek5VpA==,type:comment]
|
#ENC[AES256_GCM,data:MQnRuJg=,iv:E82k3W8MaSx0BM7hXCkY1tN+H7D5S1kDPKmvP3Gi4/4=,tag:H4502GVmN8WvwPsiek5VpA==,type:comment]
|
||||||
NC_AUTH_JWT_SECRET: ENC[AES256_GCM,data:Js/NIpruZBw9hqvEP8cC0poEh5jf99mPd7fpDEJYsfNf5bGNN1hdXgypl8Y=,iv:aYw84L2YA4NBkICn/kP8eo345O4hEE87MwodzmlAGZk=,tag:5wyFoE9zpV9bp1ltheVHIQ==,type:str]
|
NC_AUTH_JWT_SECRET: ENC[AES256_GCM,data:Js/NIpruZBw9hqvEP8cC0poEh5jf99mPd7fpDEJYsfNf5bGNN1hdXgypl8Y=,iv:aYw84L2YA4NBkICn/kP8eo345O4hEE87MwodzmlAGZk=,tag:5wyFoE9zpV9bp1ltheVHIQ==,type:str]
|
||||||
NC_ADMIN_PASSWORD: ENC[AES256_GCM,data:sKchDix8Q5VtC56G6cjT1rbO4h0/wzy+bFm9TUbhtvA=,iv:eR7nEDGn18t8hPMZK2xV26EvmrGmiWGuGFF1vgR0giA=,tag:KHLXghuZ8FE2oQ5HOkQbiQ==,type:str]
|
NC_ADMIN_PASSWORD: ENC[AES256_GCM,data:sKchDix8Q5VtC56G6cjT1rbO4h0/wzy+bFm9TUbhtvA=,iv:eR7nEDGn18t8hPMZK2xV26EvmrGmiWGuGFF1vgR0giA=,tag:KHLXghuZ8FE2oQ5HOkQbiQ==,type:str]
|
||||||
#ENC[AES256_GCM,data:48558Bjlc8t8SgJRrG1FH1Bs,iv:7wiJ1kI5A373sHUZXdHzJVC+jRTtI9fCLal3uo3TQXg=,tag:QOC0SCF9aJQNp/Gir6UyMw==,type:comment]
|
|
||||||
NC_S3_ACCESS_KEY: ENC[AES256_GCM,data:5KLAyGVTRJmdv+Pf4VLtxA==,iv:YluvNO+9YH9i/kJiiAwriQx5+zd1WXuvR0Grne8hHk0=,tag:WsULzFKDgHspG/hfBLQuOg==,type:str]
|
|
||||||
NC_S3_ACCESS_SECRET: ENC[AES256_GCM,data:Zquz2bKAYoHYWvKde1HqlNSC7kD66xYS9ZU51RYvWaYZGCk1vP+mC1iqmSRn0L9yjictpDJU6QtTzm9QTDBT,iv:oHaWAXWIqdz3DCtTuzeoN1OGE4dn6iNKR43b/VF4Evo=,tag:+1ROQuBjpceJHDkCFhz4Yg==,type:str]
|
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -36,8 +33,8 @@ sops:
|
||||||
UmFSZEd1ekI1alFVOG1qUVNBcHFUQlUKW7idC59jIRv2NgxxwDIMAYRe9tvBI6or
|
UmFSZEd1ekI1alFVOG1qUVNBcHFUQlUKW7idC59jIRv2NgxxwDIMAYRe9tvBI6or
|
||||||
rjkpmb3b1ONLX470pY4FtmejOw02rm7YoeFTLPSePQgeK/+7tE3P+Q==
|
rjkpmb3b1ONLX470pY4FtmejOw02rm7YoeFTLPSePQgeK/+7tE3P+Q==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-10-26T19:51:21Z"
|
lastmodified: "2023-11-08T20:15:51Z"
|
||||||
mac: ENC[AES256_GCM,data:Fv6ttgDO4Y+SOwxNh6Qa14EZXvYbao9SL8wekODKs4S7jhY16pGfziMkqWXkc7pzb+BszeBO9Ajc+XZ5GpGg5EAbSdb8faZgsg1lBN6JM4ptbV7E8F6wB3iBNDb0aW4W3Oq35b4CBzjUbP7Sh+SkxnSpla8LLK/wZTs+fMhkTZs=,iv:3KjNdKoM3FEvlaT0YeeQVcBSoc3v1exmBl0FYYCXrLc=,tag:E1qsnAqpCMUjE9Xng9EQdw==,type:str]
|
mac: ENC[AES256_GCM,data:Hvm/nLFI9TV9r8QxLzGM/dWRTX96TFcSUlEo1Q5nWfXym3pAI8LXqtxOri8IF9aZYdo87G9u3K+IPoGHL+1rYchYRF5O9T/Dez5lm9rMBc0z3dvq3gU0HKVjNaK9bso0b7Z90VSilbb7S0ZgI8gd2Xc//jgKnRrlMTeNVVgICQ0=,iv:icFu9+L4zlFLY62J7z+/1xwkTilUh2a1ZhrkCkbWyPI=,tag:L5QgfT9w2S2N+EIugXABuQ==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -32,6 +32,8 @@ spec:
|
||||||
name: nocodb-metadata
|
name: nocodb-metadata
|
||||||
- mountPath: /usr/src/app/
|
- mountPath: /usr/src/app/
|
||||||
name: app-volume
|
name: app-volume
|
||||||
|
- mountPath: /tmp
|
||||||
|
name: app-tmp
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
httpGet:
|
httpGet:
|
||||||
path: /api/v1/health
|
path: /api/v1/health
|
||||||
|
@ -72,6 +74,9 @@ spec:
|
||||||
- name: app-volume
|
- name: app-volume
|
||||||
emptyDir:
|
emptyDir:
|
||||||
sizeLimit: 1500Mi
|
sizeLimit: 1500Mi
|
||||||
|
- name: app-tmp
|
||||||
|
emptyDir:
|
||||||
|
sizeLimit: 500Mi
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
runAsGroup: 1000
|
runAsGroup: 1000
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
|
|
||||||
namespace: postgres-system
|
|
||||||
|
|
||||||
labels:
|
labels:
|
||||||
- includeTemplates: true
|
- includeTemplates: true
|
||||||
pairs:
|
pairs:
|
||||||
|
@ -23,4 +21,8 @@ resources:
|
||||||
- resources/rbac/service_account.yaml
|
- resources/rbac/service_account.yaml
|
||||||
- resources/rbac/role.yaml
|
- resources/rbac/role.yaml
|
||||||
- resources/rbac/role_binding.yaml
|
- resources/rbac/role_binding.yaml
|
||||||
- resources/manager.yaml
|
- resources/manager.yaml
|
||||||
|
- resources/db/default-cluster.yaml
|
||||||
|
|
||||||
|
generators:
|
||||||
|
- ./secret-generator.yaml
|
77
apps/postgres-operator/resources/db/default-cluster.yaml
Normal file
77
apps/postgres-operator/resources/db/default-cluster.yaml
Normal file
|
@ -0,0 +1,77 @@
|
||||||
|
---
|
||||||
|
apiVersion: postgres-operator.crunchydata.com/v1beta1
|
||||||
|
kind: PostgresCluster
|
||||||
|
metadata:
|
||||||
|
name: default-cluster
|
||||||
|
namespace: postgres
|
||||||
|
spec:
|
||||||
|
image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-15.4-1
|
||||||
|
postgresVersion: 15
|
||||||
|
users:
|
||||||
|
- name: postgres
|
||||||
|
- name: coder
|
||||||
|
databases:
|
||||||
|
- coder
|
||||||
|
- name: drone
|
||||||
|
databases:
|
||||||
|
- drone
|
||||||
|
- name: fider
|
||||||
|
databases:
|
||||||
|
- fider
|
||||||
|
- name: forgejo
|
||||||
|
databases:
|
||||||
|
- forgejo
|
||||||
|
- name: grafana
|
||||||
|
databases:
|
||||||
|
- grafana
|
||||||
|
- name: hedgedoc
|
||||||
|
databases:
|
||||||
|
- hedgedoc
|
||||||
|
- name: nextcloud
|
||||||
|
databases:
|
||||||
|
- nextcloud
|
||||||
|
- name: noco
|
||||||
|
databases:
|
||||||
|
- noco
|
||||||
|
- name: vikunja
|
||||||
|
databases:
|
||||||
|
- vikunja
|
||||||
|
- name: zipline
|
||||||
|
databases:
|
||||||
|
- zipline
|
||||||
|
instances:
|
||||||
|
- name: instance1
|
||||||
|
replicas: 2
|
||||||
|
dataVolumeClaimSpec:
|
||||||
|
storageClassName: hcloud-volumes
|
||||||
|
accessModes:
|
||||||
|
- "ReadWriteOnce"
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 10Gi
|
||||||
|
affinity:
|
||||||
|
podAntiAffinity:
|
||||||
|
preferredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
- weight: 1
|
||||||
|
podAffinityTerm:
|
||||||
|
topologyKey: kubernetes.io/hostname
|
||||||
|
labelSelector:
|
||||||
|
matchLabels:
|
||||||
|
postgres-operator.crunchydata.com/cluster: default-cluster
|
||||||
|
postgres-operator.crunchydata.com/instance-set: instance1
|
||||||
|
|
||||||
|
backups:
|
||||||
|
pgbackrest:
|
||||||
|
image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.47-1
|
||||||
|
configuration:
|
||||||
|
- secret:
|
||||||
|
name: pgo-s3-creds
|
||||||
|
global:
|
||||||
|
repo1-path: /pgbackrest/default-cluster/repo1
|
||||||
|
repo1-s3-uri-style: path
|
||||||
|
repos:
|
||||||
|
- name: repo1
|
||||||
|
s3:
|
||||||
|
bucket: backup
|
||||||
|
endpoint: 2df513adaee2eeae12106af900bed297.r2.cloudflarestorage.com
|
||||||
|
region: us-east-1
|
37
apps/postgres-operator/resources/db/pgo-s3-creds.enc.yaml
Normal file
37
apps/postgres-operator/resources/db/pgo-s3-creds.enc.yaml
Normal file
|
@ -0,0 +1,37 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: pgo-s3-creds
|
||||||
|
namespace: postgres
|
||||||
|
type: Opaque
|
||||||
|
stringData:
|
||||||
|
s3.conf: ENC[AES256_GCM,data:nd12eOx2aXNyvUyNxZVP7v9dgh/P51f5UM+vgvP2odnBX9dzE79/2/kI5dn/hJsa/6Jibmk/3Pvexl9PTc1BmYFogVXfkVH04RhH1iaP6Jsl8oycIaG4oPdPgfwSseZlGCmSIBP+GTRoQ8mUmNDVxaSb4SwYHI9vjTalxoSyo+vnE8ABBt7h5J5QgXo=,iv:av60ntIqiRfv7gum585jjO1McCOXmMVD+voBuWfukm0=,tag:+GgMk3Z16JFyfLvsHH/m0Q==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age18e0w4jn03n66qwg8h3rjstz7g5zx2vhvz28aterkfkfetrxtpuysftp6we
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoU3pnbVhrREF3d3ZiU040
|
||||||
|
UjU1TUMraXhlV0k3aGprSnZvaUZncDU3Q1hFCkZtMklKS0VWS0w1SllxQ3lKYmxC
|
||||||
|
b2NFSitjSEtqMEpiZnNmeEhPb2RBa28KLS0tIFYxQ2w1aW1zaFVGY1RZekJVOEdH
|
||||||
|
UGZwVWhNTHdCS1hDMjJYcy9kVittTlEKLMWQALBbEmqMLx2gGMWr6m6CHb7vP9k3
|
||||||
|
lIZNhA5nwpH2R7TSbbNpnzsq3yhC9ClM8smfAmr+02rUK6T4RYaZiQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1yssdnqk90tn6zzggmwt70krndw04yfk9hwzdac3wsgfxmttngd7q89qzjr
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4RVRxb2h5WjRFc0xBdE5m
|
||||||
|
b0JrbHJvM1pCZDlFVXU4bG0wdVpnQjRRaUd3CmphMU9LbGx4NURrNUlUekJMUHN6
|
||||||
|
ZVFncDgvcXdNeVVjSk52LzZ1N2NmSk0KLS0tIEJvQlBnNHFEQnVvZFZESDlRSHox
|
||||||
|
RHhmT1VJWHNsK2QrS1p1dEkyM2JrcTQKs4gzaEY/ofkMHkD03Yu9JIgnR12c5LWm
|
||||||
|
2bwb+wJ056Sxz2jwC66gW2F7CcX8tIBOuWW99JqfHhFBj9oYZGoDxw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2023-11-07T18:09:57Z"
|
||||||
|
mac: ENC[AES256_GCM,data:yndsk1ZStyVRDFm8h3dTARBzsiXAgWNNvrVmQeHuzYAYO78UxDXljbuQHBIJHGpSD4jEZl569cy3VY8Wk8ulUHHJM82LSMtYeAabv3GMJIpPxMHsczngBpbqmLQEpW6Yb6EB8eY7F8gL0MtZu46r4Dw9zZJKmGW6V1cIPK6G6As=,iv:udMhvZbf966Rdyl/2I/0IQL6kOvUOY4OSQMj+bWEKvM=,tag:BQPy3GoWP9FKcH6+o4B/8g==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
||||||
|
version: 3.8.1
|
|
@ -3,6 +3,7 @@ apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: pgo
|
name: pgo
|
||||||
|
namespace: postgres-system
|
||||||
labels:
|
labels:
|
||||||
postgres-operator.crunchydata.com/control-plane: postgres-operator
|
postgres-operator.crunchydata.com/control-plane: postgres-operator
|
||||||
spec:
|
spec:
|
||||||
|
|
|
@ -3,5 +3,12 @@ apiVersion: v1
|
||||||
kind: Namespace
|
kind: Namespace
|
||||||
metadata:
|
metadata:
|
||||||
name: postgres-system
|
name: postgres-system
|
||||||
|
labels:
|
||||||
|
prometheus: default
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: postgres
|
||||||
labels:
|
labels:
|
||||||
prometheus: default
|
prometheus: default
|
|
@ -11,4 +11,5 @@ roleRef:
|
||||||
name: postgres-operator
|
name: postgres-operator
|
||||||
subjects:
|
subjects:
|
||||||
- kind: ServiceAccount
|
- kind: ServiceAccount
|
||||||
name: pgo
|
name: pgo
|
||||||
|
namespace: postgres-system
|
|
@ -3,5 +3,6 @@ apiVersion: v1
|
||||||
kind: ServiceAccount
|
kind: ServiceAccount
|
||||||
metadata:
|
metadata:
|
||||||
name: pgo
|
name: pgo
|
||||||
|
namespace: postgres-system
|
||||||
labels:
|
labels:
|
||||||
postgres-operator.crunchydata.com/control-plane: postgres-operator
|
postgres-operator.crunchydata.com/control-plane: postgres-operator
|
10
apps/postgres-operator/secret-generator.yaml
Normal file
10
apps/postgres-operator/secret-generator.yaml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
apiVersion: viaduct.ai/v1
|
||||||
|
kind: ksops
|
||||||
|
metadata:
|
||||||
|
name: postgres-secret-generator
|
||||||
|
annotations:
|
||||||
|
config.kubernetes.io/function: |
|
||||||
|
exec:
|
||||||
|
path: ksops
|
||||||
|
files:
|
||||||
|
- ./resources/db/pgo-s3-creds.enc.yaml
|
28
apps/vikunja/kustomization.yaml
Normal file
28
apps/vikunja/kustomization.yaml
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
namespace: vikunja
|
||||||
|
|
||||||
|
images:
|
||||||
|
- name: vikunja-api
|
||||||
|
newName: docker.io/vikunja/api
|
||||||
|
newTag: latest
|
||||||
|
- name: vikunja-ui
|
||||||
|
newName: docker.io/vikunja/frontend
|
||||||
|
newTag: latest
|
||||||
|
|
||||||
|
commonLabels:
|
||||||
|
app.kubernetes.io/instance: icb4dc0de
|
||||||
|
app.kubernetes.io/managed-by: kustomize
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- resources/namespace.yaml
|
||||||
|
- resources/api/pvc.yaml
|
||||||
|
- resources/api/deployment.yaml
|
||||||
|
- resources/api/service.yaml
|
||||||
|
- resources/ui/deployment.yaml
|
||||||
|
- resources/ui/service.yaml
|
||||||
|
- resources/ingress.yaml
|
||||||
|
|
||||||
|
generators:
|
||||||
|
- ./secret-generator.yaml
|
36
apps/vikunja/resources/api/config.enc.yaml
Normal file
36
apps/vikunja/resources/api/config.enc.yaml
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: vikunja-config
|
||||||
|
type: Opaque
|
||||||
|
stringData:
|
||||||
|
config.yml: ENC[AES256_GCM,data:tmSeQoniqMDqsVqhpBvEZaSgQtXXwJFShVtwaUW/z43tsOybO38w1NkkyjPnOxVLb0SWkznSG5bDdvDPEXgk7EXBA2N29+hnDpp6kxE2MPQbIzLlNgZrfLC6tjEZtezOmXrZE6Xb5kleljuHFN+ph9WGes2m/ha7++fVKf/GD48MytqmC7SPBAJpitROXfx8NkqI2fhJIHkBhRsfTVy4Ur69dTryFt7xGLsC1ckxOWZebf7TYj10bpVPLAtxyLN7Os+l4Hl9GGbfjWMQ9lkSzIat3l4BNnkIWoZ2CoRqla2z/POn1crMJm7xeMkx1f6yB45NQM9r+/9HSbk3LDNGw5rgqrwkShj+/aXk2ePzGJK5O6zUSUidZpPpTLmxPNSaCu7QVmz6XR9zfzoXa4Ppdee4vbnqTa6FxUeM/oGcFI68X8kqRR+UImbjTrFKzFOPRw3hU7zHVwg2Wzh/k/4R+GNpLTLU+RlrT3dw9IvRFIERb15XTJzfId5+nWIxoMaH6tjaib84HVe1wtaRahYZNoYi7WZ748fiSx1b+AWRnxhCfK2EsQjul5Zdh2SSkYZysHi9Bmog,iv:K41jhC1s98trTYvcceAQOxx+ckAHrx22HLa5U6CYxWk=,tag:r7m/tjgYfaW3Wpfl8cJKTA==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age18e0w4jn03n66qwg8h3rjstz7g5zx2vhvz28aterkfkfetrxtpuysftp6we
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiRkFMcWRyNE9tMU5NVkVs
|
||||||
|
UmNsSFVDN3k4SDJxK2tva1Rza2xuR2ExcUhVCndua28xNUZBaVlGeTJ0TG0xMlpo
|
||||||
|
cTB5ZTBkMzZ4NW03T1ZacmVGRnZMUXMKLS0tIEYyVGdMZlVCTHREdnBOR3h3NU4x
|
||||||
|
UzBWYXdMS3RadXpEQmN6cVBBUUpHWkUKugUfHbVc5+0597P5r8k8bAIcXHx2BfFe
|
||||||
|
DVdOoxLasWTXvz1GWTFuzvin3Z42GB9zCnjfzkEnwXbATwQy26MhaQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1yssdnqk90tn6zzggmwt70krndw04yfk9hwzdac3wsgfxmttngd7q89qzjr
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBndE9JcHB5NWtBRDZLYTQ4
|
||||||
|
QXhJRG93bEtXYUlmRWhKWC93Mng2YUtDN2ljCmE3RklOdTN2dE42Q0RSc0djSXpX
|
||||||
|
UzBkdXRPVHJ2YUFDR0REeSt5YS9NNEUKLS0tIGJGR0pBWUp3Vm5tMVNneUtaQ1NB
|
||||||
|
UnE2NTVSSUp1OEVFVDd5bHJYOEZpaVkKqmw9GLZavqaPQOJjGhLqXo4ggfmFDgXz
|
||||||
|
C9HNxeDVr2kY452gleVS/YFTPWo0QPevl0SjpZg2gvnz28qLDSNXYQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2023-11-03T13:04:43Z"
|
||||||
|
mac: ENC[AES256_GCM,data:V29XEZk91KgM0cgTFO6qtwWcY73o+mSFTEVw5MN/NJoEPEHtzcnGXVcHePSvtVEWdWajOX8mz51WM/5sV/B3+Iah3tHNXXzlyCte/kBBa+8NTWvWXSrVUAY0b+W7kRAaAHtXIwYrHwMGkyN+lvNRTAXEcs21OSmM7n375nDsmlY=,iv:wTEKdY34e6B1lxM9qiOGcm5MWIa7RP5wYewwafz+X7A=,tag:XoGiBJwplBWyhVcqaJhkng==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
||||||
|
version: 3.8.1
|
82
apps/vikunja/resources/api/deployment.yaml
Normal file
82
apps/vikunja/resources/api/deployment.yaml
Normal file
|
@ -0,0 +1,82 @@
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: vikunja-api
|
||||||
|
spec:
|
||||||
|
strategy:
|
||||||
|
type: Recreate
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/name: vikunja
|
||||||
|
app.kubernetes.io/component: api
|
||||||
|
app.kubernetes.io/part-of: vikunja
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: vikunja
|
||||||
|
app.kubernetes.io/component: api
|
||||||
|
app.kubernetes.io/part-of: vikunja
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: vikunja-api
|
||||||
|
image: vikunja-api
|
||||||
|
command:
|
||||||
|
- /app/vikunja/vikunja
|
||||||
|
env:
|
||||||
|
- name: VIKUNJA_DATABASE_TYPE
|
||||||
|
value: postgres
|
||||||
|
- name: VIKUNJA_SERVICE_FRONTENDURL
|
||||||
|
value: https://todo.icb4dc0.de
|
||||||
|
- name: VIKUNJA_DATABASE_SSLMODE
|
||||||
|
value: require
|
||||||
|
- name: VIKUNJA_DATABASE_HOST
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: default-cluster-pguser-vikunja
|
||||||
|
key: host
|
||||||
|
- name: VIKUNJA_DATABASE_DATABASE
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: default-cluster-pguser-vikunja
|
||||||
|
key: dbname
|
||||||
|
- name: VIKUNJA_DATABASE_USER
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: default-cluster-pguser-vikunja
|
||||||
|
key: user
|
||||||
|
- name: VIKUNJA_DATABASE_PASSWORD
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: default-cluster-pguser-vikunja
|
||||||
|
key: password
|
||||||
|
ports:
|
||||||
|
- containerPort: 3456
|
||||||
|
securityContext:
|
||||||
|
allowPrivilegeEscalation: false
|
||||||
|
readOnlyRootFilesystem: true
|
||||||
|
capabilities:
|
||||||
|
drop:
|
||||||
|
- ALL
|
||||||
|
privileged: false
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
memory: "384Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
volumeMounts:
|
||||||
|
- name: vikunja-config
|
||||||
|
mountPath: /etc/vikunja
|
||||||
|
- name: vikunja-content
|
||||||
|
mountPath: /app/vikunja/files
|
||||||
|
securityContext:
|
||||||
|
fsGroup: 1000
|
||||||
|
runAsGroup: 1000
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsNonRoot: false
|
||||||
|
volumes:
|
||||||
|
- name: vikunja-config
|
||||||
|
secret:
|
||||||
|
secretName: vikunja-config
|
||||||
|
- name: vikunja-content
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: vikunja-content
|
13
apps/vikunja/resources/api/pvc.yaml
Normal file
13
apps/vikunja/resources/api/pvc.yaml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: vikunja-content
|
||||||
|
spec:
|
||||||
|
storageClassName: hcloud-volumes
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 10Gi
|
||||||
|
volumeMode: Filesystem
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteOnce
|
14
apps/vikunja/resources/api/service.yaml
Normal file
14
apps/vikunja/resources/api/service.yaml
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: vikunja-api
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
app.kubernetes.io/name: vikunja
|
||||||
|
app.kubernetes.io/component: api
|
||||||
|
app.kubernetes.io/part-of: vikunja
|
||||||
|
ports:
|
||||||
|
- protocol: TCP
|
||||||
|
port: 3456
|
||||||
|
targetPort: 3456
|
30
apps/vikunja/resources/ingress.yaml
Normal file
30
apps/vikunja/resources/ingress.yaml
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
---
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: vikunja
|
||||||
|
annotations:
|
||||||
|
gethomepage.dev/description: ToDos
|
||||||
|
gethomepage.dev/enabled: "true"
|
||||||
|
gethomepage.dev/group: Apps
|
||||||
|
gethomepage.dev/icon: vikunja.png
|
||||||
|
gethomepage.dev/name: Vikunja
|
||||||
|
spec:
|
||||||
|
rules:
|
||||||
|
- host: todo.icb4dc0.de
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- pathType: Prefix
|
||||||
|
path: /
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: vikunja-ui
|
||||||
|
port:
|
||||||
|
number: 8080
|
||||||
|
- pathType: Prefix
|
||||||
|
path: /api/v1
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: vikunja-api
|
||||||
|
port:
|
||||||
|
number: 3456
|
7
apps/vikunja/resources/namespace.yaml
Normal file
7
apps/vikunja/resources/namespace.yaml
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: vikunja
|
||||||
|
labels:
|
||||||
|
prometheus: default
|
32
apps/vikunja/resources/ui/deployment.yaml
Normal file
32
apps/vikunja/resources/ui/deployment.yaml
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: vikunja-ui
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app.kubernetes.io/name: vikunja
|
||||||
|
app.kubernetes.io/component: ui
|
||||||
|
app.kubernetes.io/part-of: vikunja
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: vikunja
|
||||||
|
app.kubernetes.io/component: ui
|
||||||
|
app.kubernetes.io/part-of: vikunja
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: vikunja-ui
|
||||||
|
image: vikunja-ui
|
||||||
|
env:
|
||||||
|
- name: VIKUNJA_API_URL
|
||||||
|
value: https://todo.icb4dc0.de/api/v1
|
||||||
|
- name: VIKUNJA_HTTP_PORT
|
||||||
|
value: "8080"
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "50m"
|
||||||
|
ports:
|
||||||
|
- containerPort: 8080
|
13
apps/vikunja/resources/ui/service.yaml
Normal file
13
apps/vikunja/resources/ui/service.yaml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: vikunja-ui
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
app.kubernetes.io/name: vikunja
|
||||||
|
app.kubernetes.io/component: ui
|
||||||
|
app.kubernetes.io/part-of: vikunja
|
||||||
|
ports:
|
||||||
|
- port: 8080
|
||||||
|
targetPort: 8080
|
10
apps/vikunja/secret-generator.yaml
Normal file
10
apps/vikunja/secret-generator.yaml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
apiVersion: viaduct.ai/v1
|
||||||
|
kind: ksops
|
||||||
|
metadata:
|
||||||
|
name: vikunja-secret-generator
|
||||||
|
annotations:
|
||||||
|
config.kubernetes.io/function: |
|
||||||
|
exec:
|
||||||
|
path: ksops
|
||||||
|
files:
|
||||||
|
- ./resources/api/config.enc.yaml
|
|
@ -3,10 +3,11 @@ CORE_HOST=0.0.0.0
|
||||||
CORE_PORT=3000
|
CORE_PORT=3000
|
||||||
CORE_LOGGER=true
|
CORE_LOGGER=true
|
||||||
DATASOURCE_TYPE=s3
|
DATASOURCE_TYPE=s3
|
||||||
DATASOURCE_S3_ENDPOINT=minio.minio.svc.cluster.local
|
DATASOURCE_S3_ENDPOINT=2df513adaee2eeae12106af900bed297.r2.cloudflarestorage.com
|
||||||
DATASOURCE_S3_PORT=9000
|
DATASOURCE_S3_PORT=443
|
||||||
DATASOURCE_S3_BUCKET=zipline
|
DATASOURCE_S3_BUCKET=zipline
|
||||||
DATASOURCE_S3_FORCE_S3_PATH=true
|
DATASOURCE_S3_FORCE_S3_PATH=true
|
||||||
|
DATASOURCE_S3_USE_SSL=true
|
||||||
DATASOURCE_S3_REGION=us-east-1
|
DATASOURCE_S3_REGION=us-east-1
|
||||||
FEATURES_INVITES=true
|
FEATURES_INVITES=true
|
||||||
FEATURES_OAUTH_REGISTRATION=true
|
FEATURES_OAUTH_REGISTRATION=true
|
||||||
|
|
|
@ -4,10 +4,10 @@ metadata:
|
||||||
name: zipline-secret-config
|
name: zipline-secret-config
|
||||||
type: Opaque
|
type: Opaque
|
||||||
stringData:
|
stringData:
|
||||||
CORE_DATABASE_URL: ENC[AES256_GCM,data:yfEb6JfVXws1d9hgLggSCMd3Wj6IN9oul9Atc3mnv6Wf61b7RXzvRxAm6Jh9kI8/4Rujb5AAfUGSFcfSFGTtLE+ZrCNO5FN+sYmviDpegMBZPLj0/FBipCsAqqhbVMjDpIgIzFsEDplJ+w5loY3LQvLs,iv:TDED4Us+87Y58SiBZMLbjo98uEFaQoQGoMz5VtoR16M=,tag:mUlgfZEDyTRcjNIyygBQsQ==,type:str]
|
CORE_DATABASE_URL: ENC[AES256_GCM,data:5wI/kj0+X2vx4898sQS9Axhgp20IQh1xpbQgZOgobvYRvPxni7ad3RDd6misLSGF4eTeNWn7LQltf5aONGmvC6C6ueAF+sZhnzQPRfXZS2msiL8CtWXaON3Vo+boPqUNfoGHpg2+NH3tm+L1r3HwZDQkWg==,iv:hMTkTw/oLPFs4XVRnCViKNxKmE7OBlcLQa+aXgqnWes=,tag:Au1mkU0XBQPPumGvx+VWvw==,type:str]
|
||||||
CORE_SECRET: ENC[AES256_GCM,data:taa93xNb8h0vUVdWgDQ69+PQr541weQQmGJWau+2fXdTm13VtOLv2sH430Y=,iv:vxh60WKz2MM62O1AA4Uzxsz8rvxkdQTKxBfpjAOa1KY=,tag:OF5fOv5W+2U4yaRHOo2ohA==,type:str]
|
CORE_SECRET: ENC[AES256_GCM,data:taa93xNb8h0vUVdWgDQ69+PQr541weQQmGJWau+2fXdTm13VtOLv2sH430Y=,iv:vxh60WKz2MM62O1AA4Uzxsz8rvxkdQTKxBfpjAOa1KY=,tag:OF5fOv5W+2U4yaRHOo2ohA==,type:str]
|
||||||
DATASOURCE_S3_ACCESS_KEY_ID: ENC[AES256_GCM,data:v9qPjC25URN5AANOsXYCpQ==,iv:PuBrLEVmME3nFLPLW/KZQ9cBm0xjdLJg3NZ+ywktP2E=,tag:Xy0xeViZ1TD4g72VdpCSrA==,type:str]
|
DATASOURCE_S3_ACCESS_KEY_ID: ENC[AES256_GCM,data:WcbIP7ir/5/j14GSXprxNGSQxnNhSxZHdqNk5k4EKy0=,iv:fCWBiA2vXbNFTQhjaoOl5Lhy5oKmIfnJr80El3O2SXY=,tag:uaPwWdtR2y07nuxzti14JA==,type:str]
|
||||||
DATASOURCE_S3_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:YkErE1Enmw70fD53Q1xs175zm58SGPblj3lUXFwG01i7vLXFPhlw3MezcF9Oi6a9Lobw/NzYVhXVaZZjVJ8w,iv:zy/F9GwdE2aR3sGCd7aCurcsBRI5e0qHVqvBuZxFtm0=,tag:1DstmxoIX0yCe4X5Gz4YeQ==,type:str]
|
DATASOURCE_S3_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:52dOiJH4BxDVgHBLGAHVv0yocB4VWJx7RPUQ4ge012T9gU8k2jYJ2Y3aL3Y+mFqdB24S6HJZ918dR0aglhiQyA==,iv:j+cs1zkb3VY3AVdbGeNcdIJ1S9ytSwfxwGt5/S96dsI=,tag:iy+Xgc97GierA74BYtHMZg==,type:str]
|
||||||
OAUTH_GITHUB_CLIENT_ID: ENC[AES256_GCM,data:7a773t7iacejEQayPqUbkKxL2XY=,iv:tfZuc2oTEmB/LI1BvPTbPVoA07kSW0AG4FH+8yJ72/A=,tag:B/kD0/rOW38trSpe+LVH5w==,type:str]
|
OAUTH_GITHUB_CLIENT_ID: ENC[AES256_GCM,data:7a773t7iacejEQayPqUbkKxL2XY=,iv:tfZuc2oTEmB/LI1BvPTbPVoA07kSW0AG4FH+8yJ72/A=,tag:B/kD0/rOW38trSpe+LVH5w==,type:str]
|
||||||
OAUTH_GITHUB_CLIENT_SECRET: ENC[AES256_GCM,data:IgxkqECtYbUdc3u/o2AATlQVkVPtcRU0+zvjwBLWNoPYdneWd2YBJg==,iv:XQq/HjK3wca31T8g5zqIreJ58Ar6GptLK3Um0Eh1CHY=,tag:lfvAOFAtj57mPPHdIdW7mQ==,type:str]
|
OAUTH_GITHUB_CLIENT_SECRET: ENC[AES256_GCM,data:IgxkqECtYbUdc3u/o2AATlQVkVPtcRU0+zvjwBLWNoPYdneWd2YBJg==,iv:XQq/HjK3wca31T8g5zqIreJ58Ar6GptLK3Um0Eh1CHY=,tag:lfvAOFAtj57mPPHdIdW7mQ==,type:str]
|
||||||
sops:
|
sops:
|
||||||
|
@ -34,8 +34,8 @@ sops:
|
||||||
eEQxM25tM2FxY1RvNEhxQWk2cE1wdTgKFq1rbrN1ScKuujg2xyRaESwswoMu2+zr
|
eEQxM25tM2FxY1RvNEhxQWk2cE1wdTgKFq1rbrN1ScKuujg2xyRaESwswoMu2+zr
|
||||||
LvIVDhLTl4jyUb0WH8Iy8/xQhUhsp7KJnccXFoCc5TFE7QzEKfrv6Q==
|
LvIVDhLTl4jyUb0WH8Iy8/xQhUhsp7KJnccXFoCc5TFE7QzEKfrv6Q==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-10-26T18:54:35Z"
|
lastmodified: "2023-11-08T20:23:36Z"
|
||||||
mac: ENC[AES256_GCM,data:Vzm8EBTJXvPNFeV/6UlnVzeId41SiiVpEftTdrDBxTD+5bDU6xq047MzLGGzo4dhFmxOXD7PMbQw40fcEZz2+DT9BOzuk8JBDIN7d+WhOtrwXjP6fqtvqpYqc9Go1VHbhVpNApYyK7fhz7eqfARmlZNam7XD5dySJnjccuXSujk=,iv:4CW3t7b8EsFtMnHQ24oDOhnffNmTRnK2x4MTaXiPHRE=,tag:9+ZFYyAatfc4dUnY67RzAQ==,type:str]
|
mac: ENC[AES256_GCM,data:+PwY2NaAQTCbWAWl5sovsb0dang4WmUBI6FIjtwn2OzCIkUkvKvsHOl5sVoj8DyiQJT46Ui4xDwB/kKDUwobmQZXxaorJrEmBv1tfF7NBXIilrs0JWprxQ/0AZZY94KrQ/1lgcZ/a+Ax5JXDUxmHh81gM224X2sHLKS4tAaTfzY=,iv:vWHbCE50vIoI4uQMexywNB+HiBo43F2Ne067ITK2f1I=,tag:q8zqd8FCjdEYXhADlOg/yA==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
unencrypted_regex: ^(apiVersion|metadata|kind|type)$
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
|
@ -1,11 +1,10 @@
|
||||||
- name: Configure cluster
|
- name: Configure cluster
|
||||||
hosts: localhost
|
hosts: localhost
|
||||||
roles:
|
roles:
|
||||||
- role: cifs-csi
|
# - role: cifs-csi
|
||||||
- role: coder
|
# - role: coder
|
||||||
- role: prometheus
|
# - role: prometheus
|
||||||
- role: postgres
|
# - role: postgres
|
||||||
- role: hcloud
|
# - role: hcloud
|
||||||
- role: minio
|
# - role: fider
|
||||||
- role: fider
|
|
||||||
- role: nextcloud
|
- role: nextcloud
|
||||||
|
|
|
@ -1,149 +1,157 @@
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
32616231373536333534333134333639396335323730386466333964323263326332356662653264
|
38303064643634643931393932353266653032316631303432633136323165376165653136396533
|
||||||
3038646138613833306131396563636263313536626630360a393138343635646461366465353537
|
6436393762353630373231366530366239316337303066360a336132663334336462656533303134
|
||||||
61633861303137363930623139306435643034323739386537656333366466646664386138633762
|
66643134373439633931366638316365306330303334613033396238333361333434653833393039
|
||||||
3366353962656531620a393162393638653963636563643636616436373030316263626133376263
|
3538396130653538330a616264386230396633346131663032663764353937313162333630333365
|
||||||
65396561623631633134663133383863363932633661663265633361386165616436326366386461
|
35323064636531363937613563333336636634393763613730386237393633653136616165313034
|
||||||
66326230626337643737313738313031323638393234633236383764333035343162326364363364
|
65396166373334386236396266616639333866616434666337626433323233363461316666383034
|
||||||
66323130643831663734616635373131386435373832363732373462313236366337323438396631
|
63373131376239353330316236306464303739386139663439616339363636666137613137336336
|
||||||
36666430316131386235646138383461396564616363646639343833613964323864386536343766
|
65393462386436376137656363333362393265396537323632646561373030303263613466383534
|
||||||
31376432656337646131386136366563373562663236636137396363316333623336306262386266
|
35353834646461363661356430646463383663626135663133643633633335383763326438646462
|
||||||
63383330613163323332663666373163626535303934313232646330366561303664393634303137
|
64393062646264386364343638326562646130313330316162633636356233363661613033303965
|
||||||
31396135656338643037306239623634613632643365313866366166366430616435363332653564
|
32346565373839663233336338366536333636306333353839633761326638393538343638343436
|
||||||
62393366643765616564363465303565393362663461383066613033646634363635373437303638
|
38313466393836336137643162663862313732303161356161343234393965393337346161666535
|
||||||
62656139626233663465333232343437326138376137316163373936366530626638363335356565
|
34336534356463653331643163653032643631343832323838633862353339303632353033343761
|
||||||
61373339383762623135356531646564623834323130633538306330616530396638393833383938
|
66356465323838313966623832396338316436616162633866386262306134623134393430393737
|
||||||
30326361373065333966613430633638303931396530636335326338653237633535663033373734
|
66333664333133376638306238393534303230386133346661636435373035323736306230613132
|
||||||
65643831633538393434313030306432363664626435326238343631336661323461373965376162
|
66633838303939636564346333666636336434303839303565363063666430623866356232646336
|
||||||
38336466393631393564313365393263333638663539386536336135636635613566356566653030
|
39316636616239646538636537396336363933376136663263633830623235303038613030326337
|
||||||
33353530316264626330643830623166613233353262363461346135646135396337356639323035
|
37633264376534303061343539653538633137316464386438653639613035613962646431626436
|
||||||
64616435363366306138613565366236623963666632303566356565373130353961643163356365
|
38656437323963663935353430303462653865353666346362343536623836653733366538323239
|
||||||
64663031346362356237313437316136376661373063353338383137363865393163353632343966
|
37316330303131333238303263653235303063616230663139396130646432626664636531343934
|
||||||
62626262383262613739623635393966653730323263636462613966633135633938336535323062
|
30383665316364303661373330373838383565323637636532333961363863316235366264373634
|
||||||
66326363636463313633313036386138323330346538376666616437373932366235373163393061
|
62313936386334326332313235366461613636376533333262623262636539656336633531643435
|
||||||
65383036333264636633643332356363383634663234643031333866376664646232643735333064
|
36613435383763303761646263653139633233346661306265333365376135306238663465313331
|
||||||
35653231363261636365336362326533636461363331623665623465306234623061623161366663
|
64326139306338633664646437363639373564643131616436343163313838346137396462373536
|
||||||
64373063373631643166306433383834396165656231643566386438653535386131376531633164
|
33376530636130623437623561343239663163346232316664326533316339353165623735343236
|
||||||
65633136653862313233623033383463623534633934376364313535323133323134643430623531
|
37626136626662633561616233666338353863633330323933373863316462623361633066646632
|
||||||
31353234316436306437643565623064663262616638333031343138623165633939616465613932
|
63386565626537363932643534633730346564326163383064303735656164636439353039333138
|
||||||
62353939613061326639303936663534303531396330336135383663343435363362313737323762
|
61656238356462303836633361663938346436666638316233356631646365666636376134396133
|
||||||
34366161353030653839383532613234653864373138343934333862366339363334336337656335
|
37346366663363306336326532666439353333666137663832363064316331316337613763633863
|
||||||
32393666613333363331353236633563333931363965633064613431316133323637643639623439
|
33333665316432373965356261613638613261633937383365653936666538346432353838613162
|
||||||
37616537613437656539313031316639376136386136653932346264386562623562333632386136
|
63376534313135646331626662623037376363323465653963376431633835643238386161383630
|
||||||
65346662663539656163363331346166623862666666656638383434616333303062643365636561
|
39313436643566326630336639663464316538323262623238666662653364626432353963626333
|
||||||
37376465393237666134303564306164316334626334383865333161303137323235616437666137
|
30663335613265383138626532653061643933336664346266396263363130386162613637353561
|
||||||
32323830376530636133386464656533386137626135393762383462313935613961656332303132
|
65643464376536323139613566653633633533666438323838666230383638316266646334326632
|
||||||
38356262663962333465393635613963333434333865326633383033353361663064653833396232
|
36306130383138656565366638323766656261636564346464616339633465303539343137636465
|
||||||
37396136353036623861643538616132636332613835643738366531303339663761346636383030
|
35346238326161356634313136323331393539663965353635616439393765643731373238663131
|
||||||
33383030336137343235633439343339646332613735316366656264306134386561323637336136
|
36383036663166373562376333393236383266653337613766386636303638666362613264336231
|
||||||
31353466313561353664623034363662383136626166633033366430383738323766313832633565
|
32373164326538613432356136353935623930663965323932653133343836636566353739383766
|
||||||
36386338663131666264396238623731656464316261646630346333623737633130373336653066
|
65386266383665653835386634653531623161346165383335376165316538316130353432343533
|
||||||
65306336366436303930393337626630653634333666373461666337623337366235323236656537
|
35306431663135626162636165613464326538633163383563383166353236643038616631653233
|
||||||
36663863323938313333626433323635623933313364353433616239393566333366353334616262
|
36613330373130376364303662356464343462303039383934316432346539393130336662376364
|
||||||
65653538653834373834383066323636396364356666343638353766623033666133386237306137
|
32306537656436393438373565373735363530323366336431363165393033326661343732366333
|
||||||
32393836306435336634646661623137663935653535616162376338636462343430353966306435
|
31333031326633616536636338393932643337376237666533383238343761663538303235633036
|
||||||
63343132656332323635636261326330306530316666666661653833613339373363643466626163
|
61366433326662623663376331316363643633356335353939336462636335656263313665663333
|
||||||
34353962616564316162656530643335356637643166356334393035633736633534353838313830
|
36306361353432663639616339616338346663346532356534303165393664636263333861343066
|
||||||
36656666383130396539333861613738396364366132626539643735353465653033393934393530
|
31636266643861316539353639616163393535393935343763313863656438613733643866323363
|
||||||
30656664376462333236363236326238623337323665663930653964356566353033396236663434
|
36316337393936623836356332373239663365303863616563343833336337633731303063376431
|
||||||
33656332326434326632356239343931653430363465623735343237656639373536666131636163
|
66653139353764313631333134383262666331316632623438316537343039396539643130376631
|
||||||
64656539626130633463303739653439396534313536373336393630363538623466663936353765
|
38623134393339363033623136393538633830363764323661623332356139303035653236623265
|
||||||
36663139643132333937353032363538663138383365383866656530643439303136316363386430
|
63653366343133303564626231396336666533316534356230363664333231313862393631346432
|
||||||
62646266396364656565323539333538623437303530663837653864363537316134316532316530
|
37336231656262633763356162656264623363633237643661393337323034613338336239376331
|
||||||
62663438396137313331636233396630326535633364336162376432663730356439663861393264
|
65663833613564353139666332613062373162333831393636363835373237636464356235323836
|
||||||
30636339633863356362373865663561383162363431393832373664393965363834653263353632
|
61363532383939653638376464393232303636353836613936623362646661316534313366643337
|
||||||
61376137663963616433363866636331376634623664623639373333343461616563633030333634
|
37633534333465306330303433353264636534303037616639316464336161393339636462393738
|
||||||
38646238353035663438343734616166316236643138643362343865633565666231366465633662
|
31336563303134336133313737653933373137393532623238396464636665613166633438623132
|
||||||
37363830316161303033623537616639663738303964373662373933353035623064626166653835
|
65346161646362653661376639366636653336373364636439316363656530386334333233336530
|
||||||
61343038383735353566636464376639376636353264366136613934383238396230633034313464
|
36663137643736356264636438363837363561353666333232343639343361646534396166316163
|
||||||
61353039643964303766663031623065396464343935353630386631396631633262363962633962
|
34373262336332373961326631363065613364316131633838616539333632373835653333616535
|
||||||
65313435396130633936663031386237306365633833303766336365356434636131383930316337
|
31343034373939353834313532383264343939303931366632386362663065303637356362306564
|
||||||
65656566613065376334363065396332363138346130633230643935376339643339616632666631
|
36376365393865323036613165303538343938343132663137626635643031653637383961613861
|
||||||
35376361393262663736316666346138303031323431623461646234363635353366366336323532
|
65303366363236386431373761346261353466613035616331613835333332303235613834346439
|
||||||
34353361386466323162623330343137633933663639303631656636346238376531653361656464
|
33646634393434323164363631393639616661336233346562646461613231613064646331633932
|
||||||
32353838326534396130346233313965303365303332653539343562623136373531363939633466
|
35376538663764303137616138353030353664646564356534363139643836613937303838343239
|
||||||
66336666633239396130393836363961633233643435613463343262623132316535343962333433
|
32623739376332633531363766343862353530313837353535346337623337333238353231303636
|
||||||
35633233353631666536383633353462313630353762643764643264663137633636333635303935
|
62616134323730623732313633343230613735663766353665636538383761346131313634393036
|
||||||
39663036633833306561326165393962613963343135373365336432336638316438383639396161
|
61646163343332653339643933326665366536383365376535643265613535396137663962666538
|
||||||
35353136636664383435383031383064303039653766653735336339353365313465666337353839
|
32626166326462306331313133343736323664646234376239623861643833383839373439343139
|
||||||
39323132636639323637316665373132346462613633643633653536626561376161366132393164
|
33386536366435653861363738333338316162383365636632343431376131656562616432313163
|
||||||
32353930303265396163373236653534383536666537366238356362623237393264306133623035
|
39623066386638396662653338656533373135393338623037383037353865626566366131363639
|
||||||
64613764373862366635336139326235313138663165313335663433306336353332626236366639
|
64393462656135623237623832373063626166633166663337653633396332393364316331326136
|
||||||
61343336613762636630366538393564356130363263636562626438333534613437663635633431
|
30316563386434333534656163656639663031323265643462626136616435376262346336633534
|
||||||
33613438343134393963393563316437373364356632323865343132356435366565306138363133
|
64626533623535323061373834326139326634396564343861356366323461313334326165633336
|
||||||
36346135636339626263353663376236393238656131326233653666333336636536303562356231
|
33323639613765623431363661613065386561373639646333333132313263356535396363333134
|
||||||
64306135333764333136356131616264346266323562346466333830303664313336333263313861
|
61346237323565383632393031373635656135383162633066653730366562336265653136393934
|
||||||
37333235623635613934313561306437333962363931323235653337643331343037333039326434
|
30613231643132633936326531303131663139633630323734643166316636626338373136333266
|
||||||
65323031653265656237623535383035393562353365656161353634646666393965313332353736
|
62623165363536393766626438613934613532323566646634383263663331623461393335666265
|
||||||
33666234336432333038326430343461353365326263313638363665623435613333653032353637
|
61653063633030633866353630623038653463383131613332626630323835373836656138333335
|
||||||
66663934613038643131653266643539646437323132383966383665643838623862613333663433
|
63323335393737323134333065633733343631333638373463356531313562383532653137653063
|
||||||
65343866306134613134656633336534333334313033626565663062363961306139376631373466
|
33363065306662353633666535373961643862613161626664613634303233376664373566336666
|
||||||
38343937383338343136626634343366363863663663373538653931353765303839326136643365
|
64643862346563666261363938306464383931383035326262316135343662343338393164336233
|
||||||
63663665656238323961396433663530363535616337636361616137393066653234383434636539
|
63373361303034306134396365323466303139363062383537353862393964316664313238393233
|
||||||
37326366646534313934313261366463326335323662643930326665306431306632333036313863
|
37313732633732303535316437663865653537613330616466623531656461636530623163393465
|
||||||
36303966393865353762346431643132626266653733336530626132376261363438326537616535
|
66353233616133343935663061666130643536623634396363383930373761623732323066666264
|
||||||
61336339653839643463343365643336643431613533376237333731316334656439326565663035
|
38666332353038666665636561323561383037353864316365343635313764653966366531396331
|
||||||
33326465646437623638336437613839316231343563303032613835653362616261646162646363
|
32306531323763353736333231386663616662663834616263316565393736323239636163323031
|
||||||
35383530383230396332356238373866633962653362336230646335393138323131313661613166
|
34616437316564666335343735356435306231616331363038393136663733643934356462313566
|
||||||
36323430623161343462653830373938393766353230373765613463313531323533313838346630
|
37623032363135306633343964343464333434396366303162613135633365343436376363656164
|
||||||
35633035613639353638323239306262366232363537643562643330373961623964363432393161
|
30646334613266613638326665313930343163303238336362633061366337346338313430663165
|
||||||
30626433663139303331636435343639666532626136623865366261623266323162643730346363
|
37336536343632356538343536373033363263376630626666643563646331306438653262386530
|
||||||
36333864343832613961323461353239383663643030306434623165343938613739303836613064
|
61346362653338383865656131363165353634393739323465613865373437633166643861356536
|
||||||
33636566336561326335346535623232393636663139313866323233393437373139636636353338
|
64333139636233646166376361393937643937383765306362613662383537663765363961353263
|
||||||
30363132636131303734336564353066336233613138633262313936646134303837656466363064
|
30313637646536373233343033653936613233373635616366343463323837616537396539643036
|
||||||
39643337336237396235356333356331613665323766333064643239393530643937663736386631
|
33346435636164333362303461323237383937343366356534633435633631616233383539636562
|
||||||
35366366653431353730343066643938373937306464626636373562353534353232326263656463
|
66356461303735323863633465356133303339333139326133366465353435373962663435383863
|
||||||
38636134376432396465653130663132366462323362633539396464653764366566346462313537
|
34323931653465306336356132396235623135333061623538616632613834393630393663373638
|
||||||
35613933333864373435336637666362316131313064326136653862663366346437663134323532
|
32316331343438386564386238323764313033396535663461626163393166386534373061636530
|
||||||
31386563306464333631653530626265383838323138616334396564333139643038623639383264
|
64633236636139393164613862623338313839623233353963363866363530663032633264356563
|
||||||
39336331333630633732383231373266376134623265373434373438383363663130303030653664
|
62366636626230383032353930656134363061366262643234343838306566366463333430373630
|
||||||
39383639613830343132613763656433366431666666376430626464363961303564663737613736
|
32316563616461313764306434633133366361383938616339383161653563313930313165353962
|
||||||
39363339356136656464613366363933643263386464336565646538633938333930386135666132
|
37326466393438383762656335653763316236633139363562306332373030313639666363346633
|
||||||
65396137626634316361346435623435383931656262336230343634373231323866306331323565
|
63656531633934633261653331383531653831663331373932613665643430323063376331656438
|
||||||
61663162393965643361323734303362303030316262623332346131613865616563303961363933
|
33666639646530613735366665666238336263663066373234663332373533313031633565643535
|
||||||
61373931636566376131323262313132663838373635336438613334626264666635633931333733
|
61653465623462633131393864393964316561643562343966316166373035656436376361336564
|
||||||
61643739313763303564376362373536343035633234313562383565363865643761666364303333
|
32363339363666616335376630613137333761333239653534376666386438396438333363313530
|
||||||
31343230646161666463313465316464343239383936646135623839646234623365616332373234
|
61643638353139313931323765313336653263636433633765666535643532636362656539633632
|
||||||
61353966336666353034663034333037663539333963333737303532313062303938666433323461
|
31393964373434366435613763343737646235313236613361666334656237333438303265313630
|
||||||
30623833656565363061646665623861663564396362366562393161363539613036353139353635
|
35366233393561303432383834656537373562336633316437316432383031383431653931393763
|
||||||
38623965313934353764323666636231356263653837363633306463636632646166313434333637
|
66616664363735663261383732333438356237653830326336666666343761653963393533653037
|
||||||
32623937383730303233323532646430306239333564303935353963363863313937383839386335
|
35643339346566396634356137323661663037373830373438613866376333613838356362303934
|
||||||
31663939356333393834626535383961356464333132333662333032613036386530636564323938
|
33373361633437326265353035653033656436346539396166626634633530316465656630326134
|
||||||
38393863353563353533323166343430326435616666386366663835306361376535303365343366
|
37353265363533653938363337643039336464633962663130383032643664663536323664303138
|
||||||
36633265316637313732653335633230306531313637356131316437643230303266356537393037
|
39323661316636316361393534376338346666636336656234363166356461383732313164393231
|
||||||
66303564333561656335383530323063643437616562326435653433306263633932363065323662
|
61633936336162663464353631313931373533313861633335383662343131653566343863326432
|
||||||
35653065663738326633343732373939323362623035323137363366646234313165376230663538
|
33333961323231623239356437393166636463323465613234346434373264323565633162626535
|
||||||
65616238303363636334343434613132636234343431323530343738613530313730373261306562
|
64643337366439633736623933393761623266363036313763376535643834366633663937376564
|
||||||
36326538663164396565303762623366396633323961373633363365303038643435366436623366
|
61336238336130323632653138326536656165346237663463336336303363623838633665393330
|
||||||
62656162383936663434323335336565313031346361373636613665356433396533323461653339
|
65376236303564336434613566613565363366613065356334623734616134373239663430373631
|
||||||
39626131386466623836653766376666663765396430343334343237616464366163656532646232
|
37333862386364653262336436313639656565356233376239363565396638393761616466653763
|
||||||
37323239376438353166363834313937393033373737376135326462646564333931303734613335
|
33323238626434316334376264653831346236616332383533333964643832356330363439393433
|
||||||
35386564666132366236336337656136633733323132653065386435386562663436646263383638
|
34666532396661333439346430656637343033323831663962613838616132663365393465613435
|
||||||
36376636646563303264646562316166656331363065383035393330656161353065663062323732
|
64656534316164343839633063323431613135633665613630656265366334333262636363346531
|
||||||
62393237353035303736643032623662333637346364343762373534326134343063613734306565
|
30356331373464663736656661373661356265393064346539313034356334633437313838346338
|
||||||
66636636663933383236663062323661393435633235313639633162636638346335613735656435
|
61663137353733383333363836343130326662343633336637616134393163663939316663333738
|
||||||
66633736343630663765343034323466333261356433343137346237393035643665396136363533
|
61316333663862643038663466343733636465383739376363396534373061666430336163376265
|
||||||
30353233393662613234633139386164366166623562346630313638366362306531383938623130
|
39663066303534343936323032393038396139373733663133336330363436643638643561343465
|
||||||
30386461353065333730303037663338393765663239353666376565633336643530396566323765
|
62343930653539356664643934613433336462363634616439346338303161656632616435633831
|
||||||
36366232326531653164393138353435303230663639633531376562663638656262343863373136
|
31343934313636323665303037303862376236333765323436343734303535663565303237656237
|
||||||
63366330633330633139313664663638313534386266393830613766373732346431646131353134
|
30373431643631623232646265393839653538383636333230663563393531653637303237376465
|
||||||
39653962303433373066613463386431343838376536326630613066383865643032303031386361
|
36353235623839653630353663306135353131343537656338343631386263653833393234333238
|
||||||
30636136333363666430396330633134366461396630363464613465373166633031303431626438
|
30353232303433396434393730666662373230343838616264363466393365326239333537363138
|
||||||
31643665306265323061393264343936393661306166643261343835616439353939363463353139
|
35363163333564373865366265373566363763326466653164313636626337336636623834643335
|
||||||
38373365303539333965633733373830363865373737623061383232643130623463333037666135
|
36643564323839316435633032376433393938393030643531636265663635366331346137396339
|
||||||
35363038663435313330396433613230373132363939613262306532383636383636623730363732
|
38663831643237646239353463343662633931613464326132376139303764643930636265656466
|
||||||
32313534353634393834363331653264353436656264363636616133333432323263303734316330
|
35646530643330356662623238646635316134663962613164323566653231363464313530356263
|
||||||
38636336323934316165626337393639376361626137643033396432343336323562386265613962
|
64376335636266613333653361353739306131373364316335623764306566366535633530376432
|
||||||
64393061626465336135323137303566316337336131646336623062396432333134393966643230
|
32356363626633633138623132666638623236353539366531643637383030636239656138386537
|
||||||
61623165346338353432386637653630663132353861363839383564643439336363656631393730
|
34303431623039316565613036626531666638343835633133393533306334323866623630393462
|
||||||
65316162396631393139663664663761643539323664623730316231653534646163653465333565
|
65343832663434323338313433376135333439336133636438373938386233386633633337346362
|
||||||
35363937316231346261626564393464303033393433313361663964353937393438376130303933
|
30303062633735363339323934393730373761333133333166636639623764383330383732343061
|
||||||
36333234303833656130363939316363653136316236363166353539323137623630646333366562
|
39623735356238333333616362646137376562333432313535323835383263633165323930303461
|
||||||
33623136323031656162373363653663363237346235356563333161643565303861373638626162
|
32396662643664333566653239306137636430313434393335633161336330386637343261633737
|
||||||
37656561353230373133363362613562643130356163623664376238376337323037653136636364
|
32323337383834366563626565363639663536346538386466623936396636666339353037646166
|
||||||
36313933663162303861336230326630373837653866373935643138613666393933313463633164
|
30346238323164663839386364333963313336666435393935613730616433346630613463383938
|
||||||
35333739663932666635353231633163653335386635316637376331323430663962393334326265
|
65343736343764373465316261383731626631363661613639393162643566646365333061323035
|
||||||
38626336646332326361376137663737656631353235373433353563373335313566383164343437
|
66623030363961356335663334376530313961366235646431336538336162383632363264643639
|
||||||
32626634616264336265323632323433343938633232633161643665366231616362383137656239
|
65646531373964323635386134343032313137633239363030633539383639373965656135316334
|
||||||
64386365383066326361303331376334626431666662616439303537333337366131313733386633
|
62343131643333383131323662366163326137343933323539383063373066363561643665363063
|
||||||
34373232666238303537
|
36653036643930313835343631383631326231653762323433336238396332386133303132373462
|
||||||
|
62333366383133326161343537623833323431323732393433333839656464373433396531653262
|
||||||
|
64313930656162326637656534323263393336303235653362323632316138663166363864653164
|
||||||
|
31383462373033616137623339633031343235623537353130333235613464636333383064376137
|
||||||
|
64313365356335636235616333313965366264366134376235333565323132313636643239376639
|
||||||
|
64373439636230623537663834653763616133356537313566306261343933386130623566373165
|
||||||
|
35663263393034306134633630643463383063643339623533383235646266363234336562303636
|
||||||
|
65623238343936353933313465363330333361323262656535653133396538366462306564643265
|
||||||
|
32636362633239633162
|
||||||
|
|
|
@ -17,5 +17,5 @@ EMAIL_SMTP_ENABLE_STARTTLS='true'
|
||||||
# Blog storage
|
# Blog storage
|
||||||
BLOB_STORAGE=s3
|
BLOB_STORAGE=s3
|
||||||
BLOB_STORAGE_S3_REGION=us-east-1
|
BLOB_STORAGE_S3_REGION=us-east-1
|
||||||
BLOB_STORAGE_S3_ENDPOINT_URL=http://minio.minio.svc.cluster.local:9000
|
BLOB_STORAGE_S3_ENDPOINT_URL=https://2df513adaee2eeae12106af900bed297.r2.cloudflarestorage.com
|
||||||
BLOB_STORAGE_S3_BUCKET=fider
|
BLOB_STORAGE_S3_BUCKET=fider
|
||||||
|
|
|
@ -22,7 +22,7 @@
|
||||||
namespace: fider
|
namespace: fider
|
||||||
data:
|
data:
|
||||||
# Connection string to the PostgreSQL database
|
# Connection string to the PostgreSQL database
|
||||||
DATABASE_URL: "{{ 'postgres://%s:%s@postgres-15-postgresql.postgres.svc.cluster.local:5432/fider?sslmode=disable' | format(fider.db.user, fider.db.password) | b64encode }}"
|
DATABASE_URL: "{{ 'postgres://%s:%s@default-cluster-primary.postgres.svc:5432/fider?sslmode=require' | format(fider.db.user, fider.db.password) | b64encode }}"
|
||||||
|
|
||||||
# SMTP credentials
|
# SMTP credentials
|
||||||
EMAIL_NOREPLY: "{{ fider.smtp.user | b64encode }}"
|
EMAIL_NOREPLY: "{{ fider.smtp.user | b64encode }}"
|
||||||
|
@ -37,8 +37,8 @@
|
||||||
OAUTH_GITHUB_SECRET: "{{ fider.github.clientSecret | b64encode }}"
|
OAUTH_GITHUB_SECRET: "{{ fider.github.clientSecret | b64encode }}"
|
||||||
|
|
||||||
# Blob storage
|
# Blob storage
|
||||||
BLOB_STORAGE_S3_ACCESS_KEY_ID: "{{ minio.rootUser | b64encode }}"
|
BLOB_STORAGE_S3_ACCESS_KEY_ID: "{{ fider.blob.accessKeyId | b64encode }}"
|
||||||
BLOB_STORAGE_S3_SECRET_ACCESS_KEY: "{{ minio.rootPassword | b64encode }}"
|
BLOB_STORAGE_S3_SECRET_ACCESS_KEY: "{{ fider.blob.secretAccessKey | b64encode }}"
|
||||||
|
|
||||||
- name: Deploy Fider kustomization
|
- name: Deploy Fider kustomization
|
||||||
k8s:
|
k8s:
|
||||||
|
|
|
@ -1,14 +0,0 @@
|
||||||
mode: standalone
|
|
||||||
existingSecret: minio-credentials
|
|
||||||
persistence:
|
|
||||||
enabled: true
|
|
||||||
storageClass: hcloud-volumes
|
|
||||||
size: 50Gi
|
|
||||||
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
memory: 250Mi
|
|
||||||
cpu: 100m
|
|
||||||
limits:
|
|
||||||
memory: 384Mi
|
|
||||||
cpu: 250m
|
|
|
@ -1,38 +0,0 @@
|
||||||
---
|
|
||||||
- name: Create MinIO namespace
|
|
||||||
kubernetes.core.k8s:
|
|
||||||
name: minio
|
|
||||||
api_version: v1
|
|
||||||
kind: Namespace
|
|
||||||
state: present
|
|
||||||
definition:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
prometheus: default
|
|
||||||
|
|
||||||
- name: Create MinIO secret
|
|
||||||
kubernetes.core.k8s:
|
|
||||||
state: present
|
|
||||||
definition:
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: minio-credentials
|
|
||||||
namespace: minio
|
|
||||||
data:
|
|
||||||
rootUser: "{{ minio.rootUser | b64encode }}"
|
|
||||||
rootPassword: "{{ minio.rootPassword | b64encode }}"
|
|
||||||
|
|
||||||
- name: Add MinIO chart repo
|
|
||||||
kubernetes.core.helm_repository:
|
|
||||||
name: minio
|
|
||||||
repo_url: https://charts.min.io/
|
|
||||||
|
|
||||||
|
|
||||||
- name: Deploy MinIO chart
|
|
||||||
kubernetes.core.helm:
|
|
||||||
name: minio
|
|
||||||
chart_ref: minio/minio
|
|
||||||
release_namespace: minio
|
|
||||||
chart_version: 5.0.9
|
|
||||||
release_values: "{{ lookup('ansible.builtin.file', 'values.minio.yaml') | from_yaml }}"
|
|
|
@ -34,6 +34,6 @@
|
||||||
name: nextcloud
|
name: nextcloud
|
||||||
chart_ref: nextcloud/nextcloud
|
chart_ref: nextcloud/nextcloud
|
||||||
release_namespace: nextcloud
|
release_namespace: nextcloud
|
||||||
chart_version: "4.3.5"
|
chart_version: "4.4.0"
|
||||||
update_repo_cache: true
|
update_repo_cache: true
|
||||||
release_values: "{{ lookup('template', 'values.nextcloud.yml.j2') | from_yaml }}"
|
release_values: "{{ lookup('template', 'values.nextcloud.yml.j2') | from_yaml }}"
|
|
@ -79,7 +79,7 @@ internalDatabase:
|
||||||
externalDatabase:
|
externalDatabase:
|
||||||
enabled: true
|
enabled: true
|
||||||
type: postgresql
|
type: postgresql
|
||||||
host: postgres-15-postgresql.postgres.svc.cluster.local:5432
|
host: default-cluster-primary.postgres.svc:5432;sslmode=require
|
||||||
database: nextcloud
|
database: nextcloud
|
||||||
user: "{{ nextcloud.db.username }}"
|
user: "{{ nextcloud.db.username }}"
|
||||||
password: "{{ nextcloud.db.password }}"
|
password: "{{ nextcloud.db.password }}"
|
||||||
|
|
|
@ -28,18 +28,18 @@
|
||||||
user: "{{ grafana.admin.user | b64encode }}"
|
user: "{{ grafana.admin.user | b64encode }}"
|
||||||
password: "{{ grafana.admin.password | b64encode }}"
|
password: "{{ grafana.admin.password | b64encode }}"
|
||||||
|
|
||||||
- name: Update Prometheus operator CRDs
|
# - name: Update Prometheus operator CRDs
|
||||||
kubernetes.core.k8s:
|
# kubernetes.core.k8s:
|
||||||
state: present
|
# state: present
|
||||||
definition: "{{ lookup('ansible.builtin.url', item, split_lines=False) | from_yaml }}"
|
# definition: "{{ lookup('ansible.builtin.url', item, split_lines=False) | from_yaml }}"
|
||||||
loop:
|
# loop:
|
||||||
- https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
|
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
|
||||||
- https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
|
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
|
||||||
- https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
|
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
|
||||||
- https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
|
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
|
||||||
- https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
|
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
|
||||||
- https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
|
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
|
||||||
- https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
|
# - https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
|
||||||
|
|
||||||
- name: Deploy Prometheus chart
|
- name: Deploy Prometheus chart
|
||||||
kubernetes.core.helm:
|
kubernetes.core.helm:
|
||||||
|
|
|
@ -93,11 +93,11 @@ grafana:
|
||||||
root_url: "https://%(domain)s"
|
root_url: "https://%(domain)s"
|
||||||
database:
|
database:
|
||||||
type: postgres
|
type: postgres
|
||||||
host: postgres-15-postgresql.postgres.svc.cluster.local:5432
|
host: default-cluster-primary.postgres.svc:5432
|
||||||
name: grafana
|
name: grafana
|
||||||
user: "{{ grafana.db.user }}"
|
user: "{{ grafana.db.user }}"
|
||||||
password: "{{ grafana.db.password }}"
|
password: "{{ grafana.db.password }}"
|
||||||
ssl_mode: disable
|
ssl_mode: require
|
||||||
auth:
|
auth:
|
||||||
disable_login_form: true
|
disable_login_form: true
|
||||||
auth.generic_oauth:
|
auth.generic_oauth:
|
||||||
|
|
Loading…
Reference in a new issue