Compare commits
10 commits
9a57315f6a
...
ab432dcb42
Author | SHA1 | Date | |
---|---|---|---|
ab432dcb42 | |||
eb71df1e79 | |||
6e87fd58c0 | |||
ae3f05ab03 | |||
9217c3c015 | |||
1804819284 | |||
a440908ffe | |||
396cf511b4 | |||
c7f21c5ec4 | |||
871e655d0a |
12 changed files with 144 additions and 25 deletions
|
@ -31,7 +31,7 @@ spec:
|
|||
app:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/prowlarr-develop
|
||||
tag: 1.15.0.4361@sha256:57177eab0676c5912ca7ec776aa2e5f966f795b1837eb9943addbe3c4b2049b8
|
||||
tag: 1.15.0.4361@sha256:bd8092d9136fbdcb58327eacca8d117c1c20ad861bc824ba49730a2e01405a72
|
||||
env:
|
||||
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
||||
# Ref: https://github.com/dotnet/runtime/issues/9336
|
||||
|
|
|
@ -34,7 +34,7 @@ spec:
|
|||
app:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/radarr
|
||||
tag: 5.3.6.8612@sha256:eacfe696c11ee6211c7cc4342b469b9b6b220a557bf51ca8560afbbef5f9a58b
|
||||
tag: 5.3.6.8612@sha256:4dcf3bb47fb83ca2fc8cfb7a35b3130aabf51e5042a68915e4182ebed203e1bf
|
||||
env:
|
||||
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
||||
# Ref: https://github.com/dotnet/runtime/issues/9336
|
||||
|
|
|
@ -36,7 +36,7 @@ spec:
|
|||
app:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/sabnzbd
|
||||
tag: 4.2.3@sha256:164f61c67aa79482654920651386b9a26952ce7eb0ef247902cf72b49eedd7cb
|
||||
tag: 4.2.3@sha256:bb20d3940ff32c672111ad7169ce4156f1c4c08bb653241f1b14f6d00f93b3cc
|
||||
env:
|
||||
TZ: America/Chicago
|
||||
SABNZBD__PORT: &port 80
|
||||
|
|
|
@ -34,7 +34,7 @@ spec:
|
|||
app:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/sonarr
|
||||
tag: 4.0.3.1413@sha256:a8daeb1690ce2870b291d444de5c69bf27a64248484699dddf07c26dff7074b1
|
||||
tag: 4.0.3.1413@sha256:4284def4b9fd2d3de2898ae3a6adc7aa84b9cd7f4407a35e7c61472519038396
|
||||
env:
|
||||
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
|
||||
# Ref: https://github.com/dotnet/runtime/issues/9336
|
||||
|
|
|
@ -36,7 +36,7 @@ spec:
|
|||
app:
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/tautulli
|
||||
tag: 2.13.4@sha256:b3000c0063cc4c0c6f2436fb7174f4bcfd8d91eca05206731edccb8b643ea570
|
||||
tag: 2.13.4@sha256:1fded8af129cd7621d0eed5dff006dbbf69ecc1bcdcfe871d1c842cd76f94342
|
||||
env:
|
||||
TZ: America/Chicago
|
||||
probes:
|
||||
|
|
|
@ -18,10 +18,10 @@ spec:
|
|||
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "{{ .authentik_grafana_oauth_client_secret }}"
|
||||
GF_DATE_FORMATS_USE_BROWSER_LOCALE: "true"
|
||||
GF_SERVER_ROOT_URL: https://grafana.hsn.dev
|
||||
GF_DATABASE_NAME: ${DB_NAME}
|
||||
GF_DATABASE_HOST: "grafana-primary.observability.svc:5432"
|
||||
GF_DATABASE_USER: "{{ .grafana_postgres_user }}"
|
||||
GF_DATABASE_PASSWORD: "{{ .grafana_postgres_password }}"
|
||||
GF_DATABASE_NAME: "{{ .grafana_GF_DATABASE_NAME }}"
|
||||
GF_DATABASE_HOST: "grafana-primary-real.observability.svc:5432"
|
||||
GF_DATABASE_USER: "{{ .grafana_GF_DATABASE_USER }}"
|
||||
GF_DATABASE_PASSWORD: "{{ .grafana_GF_DATABASE_PASSWORD }}"
|
||||
GF_DATABASE_SSL_MODE: "require"
|
||||
GF_DATABASE_TYPE: postgres
|
||||
GF_ANALYTICS_CHECK_FOR_UPDATES: "false"
|
||||
|
|
|
@ -5,4 +5,5 @@ kind: Kustomization
|
|||
resources:
|
||||
- ./externalsecret.yaml
|
||||
- ./helmrelease.yaml
|
||||
- ../../../../templates/postgres-database
|
||||
- ./postgresCluster.yaml
|
||||
- ./pushsecret.yaml
|
|
@ -0,0 +1,86 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/postgres-operator.crunchydata.com/postgrescluster_v1beta1.json
|
||||
apiVersion: postgres-operator.crunchydata.com/v1beta1
|
||||
kind: PostgresCluster
|
||||
metadata:
|
||||
name: "${APP}"
|
||||
spec:
|
||||
postgresVersion: 16
|
||||
dataSource:
|
||||
pgbackrest:
|
||||
stanza: db
|
||||
configuration:
|
||||
- secret:
|
||||
name: pgo-s3-creds
|
||||
global:
|
||||
repo1-path: "/${APP}/repo1"
|
||||
repo1-s3-uri-style: path
|
||||
repo:
|
||||
name: repo1
|
||||
s3:
|
||||
bucket: "crunchy-postgres"
|
||||
endpoint: "s3.hsn.dev"
|
||||
region: "us-east-1"
|
||||
patroni:
|
||||
dynamicConfiguration:
|
||||
synchronous_mode: true
|
||||
postgresql:
|
||||
synchronous_commit: "on"
|
||||
pg_hba:
|
||||
- hostnossl all all 10.244.0.0/16 md5
|
||||
- hostssl all all all md5
|
||||
instances:
|
||||
- name: postgres
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: pgo-${APP}
|
||||
replicas: 2
|
||||
dataVolumeClaimSpec:
|
||||
storageClassName: openebs-hostpath
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 5Gi
|
||||
topologySpreadConstraints:
|
||||
- maxSkew: 1
|
||||
topologyKey: "kubernetes.io/hostname"
|
||||
whenUnsatisfiable: "DoNotSchedule"
|
||||
labelSelector:
|
||||
matchLabels:
|
||||
postgres-operator.crunchydata.com/cluster: ${APP}
|
||||
postgres-operator.crunchydata.com/data: postgres
|
||||
users:
|
||||
- name: "grafana"
|
||||
databases:
|
||||
- "${DB_NAME}"
|
||||
options: "SUPERUSER"
|
||||
password:
|
||||
type: AlphaNumeric
|
||||
backups:
|
||||
pgbackrest:
|
||||
configuration:
|
||||
- secret:
|
||||
name: pgo-s3-creds
|
||||
global:
|
||||
archive-push-queue-max: 4GiB
|
||||
repo1-retention-full: "14"
|
||||
repo1-retention-full-type: time
|
||||
repo1-path: "/${APP}/repo1"
|
||||
repo1-s3-uri-style: path
|
||||
manual:
|
||||
repoName: repo1
|
||||
options:
|
||||
- --type=full
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: pgo-${APP}-backup
|
||||
repos:
|
||||
- name: repo1
|
||||
schedules:
|
||||
full: "0 1 * * 0"
|
||||
differential: "0 1 * * 1-6"
|
||||
s3:
|
||||
bucket: "crunchy-postgres"
|
||||
endpoint: "s3.hsn.dev"
|
||||
region: "us-east-1"
|
35
kubernetes/apps/observability/grafana/app/pushsecret.yaml
Normal file
35
kubernetes/apps/observability/grafana/app/pushsecret.yaml
Normal file
|
@ -0,0 +1,35 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/pushsecret_v1alpha1.json
|
||||
apiVersion: external-secrets.io/v1alpha1
|
||||
kind: PushSecret
|
||||
metadata:
|
||||
name: grafana
|
||||
spec:
|
||||
refreshInterval: 1h
|
||||
secretStoreRefs:
|
||||
- name: onepassword-connect
|
||||
kind: ClusterSecretStore
|
||||
selector:
|
||||
secret:
|
||||
name: grafana-pguser-grafana
|
||||
data:
|
||||
- match:
|
||||
secretKey: dbname
|
||||
remoteRef:
|
||||
remoteKey: grafana
|
||||
property: GF_DATABASE_NAME
|
||||
- match:
|
||||
secretKey: host
|
||||
remoteRef:
|
||||
remoteKey: grafana
|
||||
property: GF_DATABASE_HOST
|
||||
- match:
|
||||
secretKey: user
|
||||
remoteRef:
|
||||
remoteKey: grafana
|
||||
property: GF_DATABASE_USER
|
||||
- match:
|
||||
secretKey: password
|
||||
remoteRef:
|
||||
remoteKey: grafana
|
||||
property: GF_DATABASE_PASSWORD
|
|
@ -23,9 +23,8 @@ spec:
|
|||
cleanupOnFail: true
|
||||
crds: CreateReplace
|
||||
remediation:
|
||||
strategy: rollback
|
||||
retries: 3
|
||||
uninstall:
|
||||
keepHistory: false
|
||||
dependsOn:
|
||||
- name: openebs
|
||||
namespace: openebs-system
|
||||
|
@ -107,13 +106,13 @@ spec:
|
|||
enabled: true
|
||||
thanosServiceMonitor:
|
||||
enabled: true
|
||||
thanosServiceExternal:
|
||||
enabled: true
|
||||
type: LoadBalancer
|
||||
annotations:
|
||||
external-dns.alpha.kubernetes.io/hostname: thanos.jahanson.tech
|
||||
io.cilium/lb-ipam-ips: 10.45.0.6
|
||||
externalTrafficPolicy: Cluster
|
||||
# thanosServiceExternal:
|
||||
# enabled: true
|
||||
# type: LoadBalancer
|
||||
# annotations:
|
||||
# external-dns.alpha.kubernetes.io/hostname: thanos.jahanson.tech
|
||||
# io.cilium/lb-ipam-ips: 10.45.0.6
|
||||
# externalTrafficPolicy: Cluster
|
||||
prometheusSpec:
|
||||
podMetadata:
|
||||
annotations:
|
||||
|
@ -129,7 +128,7 @@ spec:
|
|||
enableAdminAPI: true
|
||||
walCompression: true
|
||||
enableFeatures:
|
||||
- auto-gomaxprocs
|
||||
- auto-gomemlimit
|
||||
- memory-snapshot-on-shutdown
|
||||
- new-service-discovery-manager
|
||||
image:
|
||||
|
@ -191,6 +190,8 @@ spec:
|
|||
forceDeployDashboards: true
|
||||
sidecar:
|
||||
dashboards:
|
||||
annotations:
|
||||
grafana_folder: Kubernetes
|
||||
multicluster:
|
||||
etcd:
|
||||
enabled: true
|
|
@ -74,10 +74,6 @@ spec:
|
|||
enabled: true
|
||||
storageClass: openebs-hostpath
|
||||
size: 10Gi
|
||||
query:
|
||||
replicas: 2
|
||||
extraArgs: ["--alert.query-url=https://thanos.jahanson.tech"]
|
||||
additionalStores: ["thanos.jahanson.tech:10901"]
|
||||
queryFrontend:
|
||||
enabled: true
|
||||
replicas: 2
|
||||
|
|
|
@ -38,7 +38,7 @@ spec:
|
|||
nameOverride: qbittorrent
|
||||
image:
|
||||
repository: ghcr.io/onedr0p/qbittorrent
|
||||
tag: 4.6.4@sha256:055f3bc32d0337de67671c33a67e71c96a1f409e9fa9d168941c00f0839737cc
|
||||
tag: 4.6.4@sha256:cb8a7df4e63bf410834af7846b6d5eee4f10748d03819ee7218015c5b0332a29
|
||||
env:
|
||||
UMASK: "022"
|
||||
QBITTORRENT__PORT: &port 8080
|
||||
|
|
Loading…
Reference in a new issue