Compare commits

..

10 commits

12 changed files with 144 additions and 25 deletions

View file

@ -31,7 +31,7 @@ spec:
app:
image:
repository: ghcr.io/onedr0p/prowlarr-develop
tag: 1.15.0.4361@sha256:57177eab0676c5912ca7ec776aa2e5f966f795b1837eb9943addbe3c4b2049b8
tag: 1.15.0.4361@sha256:bd8092d9136fbdcb58327eacca8d117c1c20ad861bc824ba49730a2e01405a72
env:
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
# Ref: https://github.com/dotnet/runtime/issues/9336

View file

@ -34,7 +34,7 @@ spec:
app:
image:
repository: ghcr.io/onedr0p/radarr
tag: 5.3.6.8612@sha256:eacfe696c11ee6211c7cc4342b469b9b6b220a557bf51ca8560afbbef5f9a58b
tag: 5.3.6.8612@sha256:4dcf3bb47fb83ca2fc8cfb7a35b3130aabf51e5042a68915e4182ebed203e1bf
env:
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
# Ref: https://github.com/dotnet/runtime/issues/9336

View file

@ -36,7 +36,7 @@ spec:
app:
image:
repository: ghcr.io/onedr0p/sabnzbd
tag: 4.2.3@sha256:164f61c67aa79482654920651386b9a26952ce7eb0ef247902cf72b49eedd7cb
tag: 4.2.3@sha256:bb20d3940ff32c672111ad7169ce4156f1c4c08bb653241f1b14f6d00f93b3cc
env:
TZ: America/Chicago
SABNZBD__PORT: &port 80

View file

@ -34,7 +34,7 @@ spec:
app:
image:
repository: ghcr.io/onedr0p/sonarr
tag: 4.0.3.1413@sha256:a8daeb1690ce2870b291d444de5c69bf27a64248484699dddf07c26dff7074b1
tag: 4.0.3.1413@sha256:4284def4b9fd2d3de2898ae3a6adc7aa84b9cd7f4407a35e7c61472519038396
env:
# Ref: https://github.com/Radarr/Radarr/issues/7030#issuecomment-1039689518
# Ref: https://github.com/dotnet/runtime/issues/9336

View file

@ -36,7 +36,7 @@ spec:
app:
image:
repository: ghcr.io/onedr0p/tautulli
tag: 2.13.4@sha256:b3000c0063cc4c0c6f2436fb7174f4bcfd8d91eca05206731edccb8b643ea570
tag: 2.13.4@sha256:1fded8af129cd7621d0eed5dff006dbbf69ecc1bcdcfe871d1c842cd76f94342
env:
TZ: America/Chicago
probes:

View file

@ -18,10 +18,10 @@ spec:
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "{{ .authentik_grafana_oauth_client_secret }}"
GF_DATE_FORMATS_USE_BROWSER_LOCALE: "true"
GF_SERVER_ROOT_URL: https://grafana.hsn.dev
GF_DATABASE_NAME: ${DB_NAME}
GF_DATABASE_HOST: "grafana-primary.observability.svc:5432"
GF_DATABASE_USER: "{{ .grafana_postgres_user }}"
GF_DATABASE_PASSWORD: "{{ .grafana_postgres_password }}"
GF_DATABASE_NAME: "{{ .grafana_GF_DATABASE_NAME }}"
GF_DATABASE_HOST: "grafana-primary-real.observability.svc:5432"
GF_DATABASE_USER: "{{ .grafana_GF_DATABASE_USER }}"
GF_DATABASE_PASSWORD: "{{ .grafana_GF_DATABASE_PASSWORD }}"
GF_DATABASE_SSL_MODE: "require"
GF_DATABASE_TYPE: postgres
GF_ANALYTICS_CHECK_FOR_UPDATES: "false"

View file

@ -5,4 +5,5 @@ kind: Kustomization
resources:
- ./externalsecret.yaml
- ./helmrelease.yaml
- ../../../../templates/postgres-database
- ./postgresCluster.yaml
- ./pushsecret.yaml

View file

@ -0,0 +1,86 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/postgres-operator.crunchydata.com/postgrescluster_v1beta1.json
apiVersion: postgres-operator.crunchydata.com/v1beta1
kind: PostgresCluster
metadata:
name: "${APP}"
spec:
postgresVersion: 16
dataSource:
pgbackrest:
stanza: db
configuration:
- secret:
name: pgo-s3-creds
global:
repo1-path: "/${APP}/repo1"
repo1-s3-uri-style: path
repo:
name: repo1
s3:
bucket: "crunchy-postgres"
endpoint: "s3.hsn.dev"
region: "us-east-1"
patroni:
dynamicConfiguration:
synchronous_mode: true
postgresql:
synchronous_commit: "on"
pg_hba:
- hostnossl all all 10.244.0.0/16 md5
- hostssl all all all md5
instances:
- name: postgres
metadata:
labels:
app.kubernetes.io/name: pgo-${APP}
replicas: 2
dataVolumeClaimSpec:
storageClassName: openebs-hostpath
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
topologySpreadConstraints:
- maxSkew: 1
topologyKey: "kubernetes.io/hostname"
whenUnsatisfiable: "DoNotSchedule"
labelSelector:
matchLabels:
postgres-operator.crunchydata.com/cluster: ${APP}
postgres-operator.crunchydata.com/data: postgres
users:
- name: "grafana"
databases:
- "${DB_NAME}"
options: "SUPERUSER"
password:
type: AlphaNumeric
backups:
pgbackrest:
configuration:
- secret:
name: pgo-s3-creds
global:
archive-push-queue-max: 4GiB
repo1-retention-full: "14"
repo1-retention-full-type: time
repo1-path: "/${APP}/repo1"
repo1-s3-uri-style: path
manual:
repoName: repo1
options:
- --type=full
metadata:
labels:
app.kubernetes.io/name: pgo-${APP}-backup
repos:
- name: repo1
schedules:
full: "0 1 * * 0"
differential: "0 1 * * 1-6"
s3:
bucket: "crunchy-postgres"
endpoint: "s3.hsn.dev"
region: "us-east-1"

View file

@ -0,0 +1,35 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/pushsecret_v1alpha1.json
apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
name: grafana
spec:
refreshInterval: 1h
secretStoreRefs:
- name: onepassword-connect
kind: ClusterSecretStore
selector:
secret:
name: grafana-pguser-grafana
data:
- match:
secretKey: dbname
remoteRef:
remoteKey: grafana
property: GF_DATABASE_NAME
- match:
secretKey: host
remoteRef:
remoteKey: grafana
property: GF_DATABASE_HOST
- match:
secretKey: user
remoteRef:
remoteKey: grafana
property: GF_DATABASE_USER
- match:
secretKey: password
remoteRef:
remoteKey: grafana
property: GF_DATABASE_PASSWORD

View file

@ -23,9 +23,8 @@ spec:
cleanupOnFail: true
crds: CreateReplace
remediation:
strategy: rollback
retries: 3
uninstall:
keepHistory: false
dependsOn:
- name: openebs
namespace: openebs-system
@ -107,13 +106,13 @@ spec:
enabled: true
thanosServiceMonitor:
enabled: true
thanosServiceExternal:
enabled: true
type: LoadBalancer
annotations:
external-dns.alpha.kubernetes.io/hostname: thanos.jahanson.tech
io.cilium/lb-ipam-ips: 10.45.0.6
externalTrafficPolicy: Cluster
# thanosServiceExternal:
# enabled: true
# type: LoadBalancer
# annotations:
# external-dns.alpha.kubernetes.io/hostname: thanos.jahanson.tech
# io.cilium/lb-ipam-ips: 10.45.0.6
# externalTrafficPolicy: Cluster
prometheusSpec:
podMetadata:
annotations:
@ -129,7 +128,7 @@ spec:
enableAdminAPI: true
walCompression: true
enableFeatures:
- auto-gomaxprocs
- auto-gomemlimit
- memory-snapshot-on-shutdown
- new-service-discovery-manager
image:
@ -191,6 +190,8 @@ spec:
forceDeployDashboards: true
sidecar:
dashboards:
annotations:
grafana_folder: Kubernetes
multicluster:
etcd:
enabled: true

View file

@ -74,10 +74,6 @@ spec:
enabled: true
storageClass: openebs-hostpath
size: 10Gi
query:
replicas: 2
extraArgs: ["--alert.query-url=https://thanos.jahanson.tech"]
additionalStores: ["thanos.jahanson.tech:10901"]
queryFrontend:
enabled: true
replicas: 2

View file

@ -38,7 +38,7 @@ spec:
nameOverride: qbittorrent
image:
repository: ghcr.io/onedr0p/qbittorrent
tag: 4.6.4@sha256:055f3bc32d0337de67671c33a67e71c96a1f409e9fa9d168941c00f0839737cc
tag: 4.6.4@sha256:cb8a7df4e63bf410834af7846b6d5eee4f10748d03819ee7218015c5b0332a29
env:
UMASK: "022"
QBITTORRENT__PORT: &port 8080