Update quay.io/prometheus/alertmanager:main Docker digest to c9158d4

2024-01-04 12:03:09 +00:00
13 changed files with 29 additions and 137 deletions
--- a/kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/helmrelease.yaml
+++ b/kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/helmrelease.yaml
@ -10,7 +10,7 @@ spec:
  chart:
    spec:
      chart: cert-manager-webhook-dnsimple
-      version: 0.0.11
+      version: 0.0.10
      interval: 30m
      sourceRef:
        kind: HelmRepository
--- a/kubernetes/apps/database/crunchy-postgres/operator/kustomization.yaml
+++ b/kubernetes/apps/database/crunchy-postgres/operator/kustomization.yaml
@ -5,5 +5,3 @@ kind: Kustomization
 namespace: database
 resources:
  - ./helmrelease.yaml
-  - ./objectbucketclaim.yaml
-  - ./podmonitor.yaml
--- a/kubernetes/apps/database/crunchy-postgres/operator/podmonitor.yaml
+++ b/kubernetes/apps/database/crunchy-postgres/operator/podmonitor.yaml
@ -1,33 +0,0 @@
-# yaml-language-server: $schema=https://ks.hsn.dev/monitoring.coreos.com/podmonitor_v1.json
---
-apiVersion: monitoring.coreos.com/v1
-kind: PodMonitor
-metadata:
-  name: crunchy-postgres-exporter
-spec:
-  selector:
-    matchLabels:
-      postgres-operator.crunchydata.com/crunchy-postgres-exporter: 'true'
-  namespaceSelector:
-    matchNames:
-      - peertube
-  podMetricsEndpoints:
-    - port: "exporter"
-      relabelings:
-        - sourceLabels: [__meta_kubernetes_pod_container_port_number]
-          action: keep
-          regex: "9187"
-        - sourceLabels: [__meta_kubernetes_namespace]
-          targetLabel: kubernetes_namespace
-        - sourceLabels: [__meta_kubernetes_pod_name]
-          targetLabel: pod
-        - sourceLabels: [__meta_kubernetes_namespace, __meta_kubernetes_pod_label_postgres_operator_crunchydata_com_cluster]
-          separator: ":"
-          targetLabel: pg_cluster
-          replacement: "$1$2"
-        - sourceLabels: [__meta_kubernetes_pod_ip]
-          targetLabel: ip
-        - sourceLabels: [__meta_kubernetes_pod_label_postgres_operator_crunchydata_com_instance]
-          targetLabel: deployment
-        - sourceLabels: [__meta_kubernetes_pod_label_postgres_operator_crunchydata_com_role]
-          targetLabel: role
--- a/kubernetes/apps/monitoring/alertmanager/app/helmrelease.yaml
+++ b/kubernetes/apps/monitoring/alertmanager/app/helmrelease.yaml
@ -27,7 +27,7 @@ spec:
          main:
            image:
              repository: quay.io/prometheus/alertmanager
-              tag: main@sha256:12e1a50fbb3970f0df6bf96f712d009f48fbf55f29256ce80b4f38c78b8b4264
+              tag: main@sha256:c9158d4597dda0887f089c9a6d81c5c989fb147bb66e562c81a97f896a6198ce
              pullPolicy: IfNotPresent
    podAnnotations:
      reloader.stakater.com/auto: "true"
--- a/kubernetes/apps/monitoring/grafana/app/helmrelease.yaml
+++ b/kubernetes/apps/monitoring/grafana/app/helmrelease.yaml
@ -154,14 +154,6 @@ spec:
            editable: true
            options:
              path: /var/lib/grafana/dashboards/thanos
-          - name: crunchy-postgres
-            orgId: 1
-            folder: Crunchy Postgres
-            type: file
-            disableDeletion: false
-            editable: true
-            options:
-              path: /var/lib/grafana/dashboards/crunchy-postgres
    dashboards:
      default:
        external-dns:
@ -191,28 +183,6 @@ spec:
          gnetId: 5342
          revision: 9
          datasource: Prometheus
-      crunchy-postgres:
-        pgbackrest:
-          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/pgbackrest.json
-          datasource: Prometheus
-        pods:
-          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/pod_details.json
-          datasource: Prometheus
-        postgresql:
-          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/postgresql_details.json
-          datasource: Prometheus
-        postgresql-overview:
-          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/postgresql_overview.json
-          datasource: Prometheus
-        postgresql-health:
-          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/postgresql_service_health.json
-          datasource: Prometheus
-        postgresql-alerts:
-          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/prometheus_alerts.json
-          datasource: Prometheus
-        query-stats:
-          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/query_statistics.json
-          datasource: Prometheus
      flux:
        flux-cluster:
          url: https://raw.githubusercontent.com/fluxcd/flux2-monitoring-example/main/monitoring/configs/dashboards/cluster.json
--- a/kubernetes/apps/monitoring/kube-prometheus-stack/app/helmrelease.yaml
+++ b/kubernetes/apps/monitoring/kube-prometheus-stack/app/helmrelease.yaml
@ -102,7 +102,7 @@ spec:
              - severity = "warning"
            equal: ["alertname", "namespace"]
      ingress:
-        enabled: false
+        enabled: true
      alertmanagerSpec:
        replicas: 3
        storage:
--- a/kubernetes/apps/network/ingress-nginx/ks.yaml
+++ b/kubernetes/apps/network/ingress-nginx/ks.yaml
@ -17,8 +17,8 @@ spec:
  wait: true
  dependsOn:
    - name: cluster-apps-cert-manager-issuers
---
-# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
+# ---
+# # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
 # apiVersion: kustomize.toolkit.fluxcd.io/v1
 # kind: Kustomization
 # metadata:
--- a/kubernetes/apps/network/ingress-nginx/peertube/helmrelease.yaml
+++ b/kubernetes/apps/network/ingress-nginx/peertube/helmrelease.yaml
@ -29,7 +29,7 @@ spec:
          load-balancer.hetzner.cloud/location: fsn1
          load-balancer.hetzner.cloud/protocol: tcp
          load-balancer.hetzner.cloud/name: peertube-nginx
-          load-balancer.hetzner.cloud/use-private-ip: false
+          load-balancer.hetzner.cloud/use-private-ip: true
          load-balancer.hetzner.cloud/uses-proxyprotocol: true

      publishService:
--- a/kubernetes/apps/peertube/peertube/app/externalsecret.yaml
+++ b/kubernetes/apps/peertube/peertube/app/externalsecret.yaml
@ -55,7 +55,7 @@ spec:
            source: "(.*)"
            target: "peertube_$1"
    - extract:
-        key: crunchy-postgres
+        key: crunchybridge
      rewrite:
        - regexp:
            source: "(.*)"
--- a/kubernetes/apps/peertube/peertube/app/helmrelease.yaml
+++ b/kubernetes/apps/peertube/peertube/app/helmrelease.yaml
@ -10,7 +10,7 @@ spec:
  chart:
    spec:
      chart: app-template
-      version: 2.4.0
+      version: 2.0.3
      interval: 30m
      sourceRef:
        kind: HelmRepository
@ -22,24 +22,11 @@ spec:
      main:
        annotations:
          reloader.stakater.com/auto: "true"
-        initContainers:
-          init-config:
-            image:
-              repository: docker.io/chocobozzz/peertube
-              tag: &peertube-version v6.0.2-bookworm
-            command:
-              - "/bin/sh"
-              - "-c"
-            args:
-              - cp /app/support/docker/production/config/* /config;
-                cp /app/config/default.yaml /config;
-                chown -R peertube:peertube /data /config;
-                cp -r /app/client/dist/* /assets/;
        containers:
          main:
            image:
              repository: docker.io/chocobozzz/peertube
-              tag: *peertube-version
+              tag: v6.0.2-bookworm
              pullPolicy: Always
            envFrom:
              - secretRef:
@ -57,54 +44,25 @@ spec:
                failureThreshold: 3
                periodSeconds: 30
                initialDelaySeconds: 15
-          nginx:
-            image:
-              repository: docker.io/library/nginx
-              tag: 1.25.3-alpine
-              pullPolicy: Always
    service:
      main:
        ports:
          http:
            port: &port-api 9000

-    ingress:
-      main:
-        enabled: true
-        className: "peertube-nginx"
-        annotations:
-          nginx.ingress.kubernetes.io/proxy-body-size: "0"
-          nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
-          nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
-        hosts:
-          - host: &host "khazadtube.tv"
-            paths:
-              - path: /
-                service:
-                  name: main
-                  port: http
-        tls:
-          - hosts:
-              - *host
-
    persistence:
-      # config:
-      #   enabled: true
-      #   type: configMap
-      #   name: peertube-configmap
-      #   globalMounts:
-      #     - path: /config
-      nginx-conf:
+      config:
        enabled: true
        type: configMap
-        name: peertube-nginx
+        name: peertube-configmap
        globalMounts:
-          - path: /etc/nginx/conf.d
-      assets:
-        type: emptyDir
-        globalMounts:
-          - path: /assets
-
+          - path: /config
+      media:
+        existingClaim: nas-storage
+        advancedMounts:
+          main:
+            main:
+              - path: /data

    resources:
      requests:
--- a/kubernetes/apps/peertube/peertube/app/kustomization.yaml
+++ b/kubernetes/apps/peertube/peertube/app/kustomization.yaml
@ -5,9 +5,10 @@ kind: Kustomization
 namespace: peertube
 resources:
  - ./externalsecret.yaml
-  - ./helmrelease.yaml
+  # - ./helmrelease.yaml
  # - ./ingress.yaml
  - ./postgresCluster.yaml
+  - ./objectbucketclaim.yaml
  - ./pvc.yaml
 configMapGenerator:
  - name: peertube-configmap
--- a/kubernetes/apps/database/crunchy-postgres/operator/objectbucketclaim.yaml
+++ b/kubernetes/apps/database/crunchy-postgres/operator/objectbucketclaim.yaml
@ -3,8 +3,8 @@
 apiVersion: objectbucket.io/v1alpha1
 kind: ObjectBucketClaim
 metadata:
-  name: crunchy-postgres
+  name: pgo-peertube-backup-bucket-v1
  namespace: monitoring
 spec:
-  bucketName: crunchy-postgres
+  bucketName: pgo-peertube-backup-v1
  storageClassName: ceph-bucket
--- a/kubernetes/apps/peertube/peertube/app/postgresCluster.yaml
+++ b/kubernetes/apps/peertube/peertube/app/postgresCluster.yaml
@ -13,12 +13,12 @@ spec:
      postgresql:
        synchronous_commit: "on"
        pg_hba:
-          - hostnossl all all 10.32.0.0/16 md5
-          - hostnossl all all all md5
-  monitoring:
-    pgmonitor:
-      exporter:
-        image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.5.0-0
+          - host peertube peertube 10.32.0.0/16 md5
+          - host all peertube 127.0.0.1 md5
+  # monitoring:
+  #   pgmonitor:
+  #     exporter:
+  #       image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.4.3-0

  instances:
    - name: postgres
@ -35,8 +35,6 @@ spec:
      databases:
        - peertube
      options: "SUPERUSER"
-      password:
-        type: AlphaNumeric
  backups:
    pgbackrest:
      configuration:
@ -58,6 +56,6 @@ spec:
            full: "0 1 * * 0"
            differential: "0 1 * * 1-6"
          s3:
-            bucket: "crunchy-postgres"
+            bucket: "pgo-peertube-backup-v1"
            endpoint: "rook-ceph-rgw-ceph-objectstore.rook-ceph.svc"
            region: ""