Update quay.io/prometheus/alertmanager:main Docker digest to c9158d4

2024-01-04 12:03:09 +00:00
13 changed files with 29 additions and 137 deletions
--- a/kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/helmrelease.yaml
+++ b/kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/helmrelease.yaml
@ -10,7 +10,7 @@ spec:
  chart:
    spec:
      chart: cert-manager-webhook-dnsimple
-      version: 0.0.11
+      version: 0.0.10
      interval: 30m
      sourceRef:
        kind: HelmRepository
--- a/kubernetes/apps/database/crunchy-postgres/operator/kustomization.yaml
+++ b/kubernetes/apps/database/crunchy-postgres/operator/kustomization.yaml
@ -5,5 +5,3 @@ kind: Kustomization
 namespace: database
 resources:
  - ./helmrelease.yaml
  - ./objectbucketclaim.yaml
  - ./podmonitor.yaml
--- a/kubernetes/apps/database/crunchy-postgres/operator/podmonitor.yaml
+++ b/kubernetes/apps/database/crunchy-postgres/operator/podmonitor.yaml
@ -1,33 +0,0 @@
 # yaml-language-server: $schema=https://ks.hsn.dev/monitoring.coreos.com/podmonitor_v1.json
 ---
 apiVersion: monitoring.coreos.com/v1
 kind: PodMonitor
 metadata:
  name: crunchy-postgres-exporter
 spec:
  selector:
    matchLabels:
      postgres-operator.crunchydata.com/crunchy-postgres-exporter: 'true'
  namespaceSelector:
    matchNames:
      - peertube
  podMetricsEndpoints:
    - port: "exporter"
      relabelings:
        - sourceLabels: [__meta_kubernetes_pod_container_port_number]
          action: keep
          regex: "9187"
        - sourceLabels: [__meta_kubernetes_namespace]
          targetLabel: kubernetes_namespace
        - sourceLabels: [__meta_kubernetes_pod_name]
          targetLabel: pod
        - sourceLabels: [__meta_kubernetes_namespace, __meta_kubernetes_pod_label_postgres_operator_crunchydata_com_cluster]
          separator: ":"
          targetLabel: pg_cluster
          replacement: "$1$2"
        - sourceLabels: [__meta_kubernetes_pod_ip]
          targetLabel: ip
        - sourceLabels: [__meta_kubernetes_pod_label_postgres_operator_crunchydata_com_instance]
          targetLabel: deployment
        - sourceLabels: [__meta_kubernetes_pod_label_postgres_operator_crunchydata_com_role]
          targetLabel: role
--- a/kubernetes/apps/monitoring/alertmanager/app/helmrelease.yaml
+++ b/kubernetes/apps/monitoring/alertmanager/app/helmrelease.yaml
@ -27,7 +27,7 @@ spec:
          main:
            image:
              repository: quay.io/prometheus/alertmanager
-              tag: main@sha256:12e1a50fbb3970f0df6bf96f712d009f48fbf55f29256ce80b4f38c78b8b4264
+              tag: main@sha256:c9158d4597dda0887f089c9a6d81c5c989fb147bb66e562c81a97f896a6198ce
              pullPolicy: IfNotPresent
    podAnnotations:
      reloader.stakater.com/auto: "true"
--- a/kubernetes/apps/monitoring/grafana/app/helmrelease.yaml
+++ b/kubernetes/apps/monitoring/grafana/app/helmrelease.yaml
@ -154,14 +154,6 @@ spec:
            editable: true
            options:
              path: /var/lib/grafana/dashboards/thanos
          - name: crunchy-postgres
            orgId: 1
            folder: Crunchy Postgres
            type: file
            disableDeletion: false
            editable: true
            options:
              path: /var/lib/grafana/dashboards/crunchy-postgres
    dashboards:
      default:
        external-dns:
@ -191,28 +183,6 @@ spec:
          gnetId: 5342
          revision: 9
          datasource: Prometheus
      crunchy-postgres:
        pgbackrest:
          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/pgbackrest.json
          datasource: Prometheus
        pods:
          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/pod_details.json
          datasource: Prometheus
        postgresql:
          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/postgresql_details.json
          datasource: Prometheus
        postgresql-overview:
          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/postgresql_overview.json
          datasource: Prometheus
        postgresql-health:
          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/postgresql_service_health.json
          datasource: Prometheus
        postgresql-alerts:
          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/prometheus_alerts.json
          datasource: Prometheus
        query-stats:
          url: https://raw.githubusercontent.com/CrunchyData/pgmonitor/development/grafana/containers/query_statistics.json
          datasource: Prometheus
      flux:
        flux-cluster:
          url: https://raw.githubusercontent.com/fluxcd/flux2-monitoring-example/main/monitoring/configs/dashboards/cluster.json
--- a/kubernetes/apps/monitoring/kube-prometheus-stack/app/helmrelease.yaml
+++ b/kubernetes/apps/monitoring/kube-prometheus-stack/app/helmrelease.yaml
@ -102,7 +102,7 @@ spec:
              - severity = "warning"
            equal: ["alertname", "namespace"]
      ingress:
-        enabled: false
+        enabled: true
      alertmanagerSpec:
        replicas: 3
        storage:
--- a/kubernetes/apps/network/ingress-nginx/ks.yaml
+++ b/kubernetes/apps/network/ingress-nginx/ks.yaml
@ -17,8 +17,8 @@ spec:
  wait: true
  dependsOn:
    - name: cluster-apps-cert-manager-issuers
---
+# ---
-# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
+# # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
 # apiVersion: kustomize.toolkit.fluxcd.io/v1
 # kind: Kustomization
 # metadata:
--- a/kubernetes/apps/network/ingress-nginx/peertube/helmrelease.yaml
+++ b/kubernetes/apps/network/ingress-nginx/peertube/helmrelease.yaml
@ -29,7 +29,7 @@ spec:
          load-balancer.hetzner.cloud/location: fsn1
          load-balancer.hetzner.cloud/protocol: tcp
          load-balancer.hetzner.cloud/name: peertube-nginx
-          load-balancer.hetzner.cloud/use-private-ip: false
+          load-balancer.hetzner.cloud/use-private-ip: true
          load-balancer.hetzner.cloud/uses-proxyprotocol: true
      publishService:
--- a/kubernetes/apps/peertube/peertube/app/externalsecret.yaml
+++ b/kubernetes/apps/peertube/peertube/app/externalsecret.yaml
@ -55,7 +55,7 @@ spec:
            source: "(.*)"
            target: "peertube_$1"
    - extract:
-        key: crunchy-postgres
+        key: crunchybridge
      rewrite:
        - regexp:
            source: "(.*)"
--- a/kubernetes/apps/peertube/peertube/app/helmrelease.yaml
+++ b/kubernetes/apps/peertube/peertube/app/helmrelease.yaml
@ -10,7 +10,7 @@ spec:
  chart:
    spec:
      chart: app-template
-      version: 2.4.0
+      version: 2.0.3
      interval: 30m
      sourceRef:
        kind: HelmRepository
@ -22,24 +22,11 @@ spec:
      main:
        annotations:
          reloader.stakater.com/auto: "true"
        initContainers:
          init-config:
            image:
              repository: docker.io/chocobozzz/peertube
              tag: &peertube-version v6.0.2-bookworm
            command:
              - "/bin/sh"
              - "-c"
            args:
              - cp /app/support/docker/production/config/* /config;
                cp /app/config/default.yaml /config;
                chown -R peertube:peertube /data /config;
                cp -r /app/client/dist/* /assets/;
        containers:
          main:
            image:
              repository: docker.io/chocobozzz/peertube
-              tag: *peertube-version
+              tag: v6.0.2-bookworm
              pullPolicy: Always
            envFrom:
              - secretRef:
@ -57,54 +44,25 @@ spec:
                failureThreshold: 3
                periodSeconds: 30
                initialDelaySeconds: 15
          nginx:
            image:
              repository: docker.io/library/nginx
              tag: 1.25.3-alpine
              pullPolicy: Always
    service:
      main:
        ports:
          http:
            port: &port-api 9000
    ingress:
      main:
        enabled: true
        className: "peertube-nginx"
        annotations:
          nginx.ingress.kubernetes.io/proxy-body-size: "0"
          nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
          nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
        hosts:
          - host: &host "khazadtube.tv"
            paths:
              - path: /
                service:
                  name: main
                  port: http
        tls:
          - hosts:
              - *host
    persistence:
-      # config:
+      config:
      #   enabled: true
      #   type: configMap
      #   name: peertube-configmap
      #   globalMounts:
      #     - path: /config
      nginx-conf:
        enabled: true
        type: configMap
-        name: peertube-nginx
+        name: peertube-configmap
        globalMounts:
-          - path: /etc/nginx/conf.d
+          - path: /config
-      assets:
+      media:
-        type: emptyDir
+        existingClaim: nas-storage
-        globalMounts:
+        advancedMounts:
-          - path: /assets
+          main:
-
+            main:
              - path: /data
    resources:
      requests:
--- a/kubernetes/apps/peertube/peertube/app/kustomization.yaml
+++ b/kubernetes/apps/peertube/peertube/app/kustomization.yaml
@ -5,9 +5,10 @@ kind: Kustomization
 namespace: peertube
 resources:
  - ./externalsecret.yaml
-  - ./helmrelease.yaml
+  # - ./helmrelease.yaml
  # - ./ingress.yaml
  - ./postgresCluster.yaml
  - ./objectbucketclaim.yaml
  - ./pvc.yaml
 configMapGenerator:
  - name: peertube-configmap
--- a/kubernetes/apps/database/crunchy-postgres/operator/objectbucketclaim.yaml
+++ b/kubernetes/apps/database/crunchy-postgres/operator/objectbucketclaim.yaml
@ -3,8 +3,8 @@
 apiVersion: objectbucket.io/v1alpha1
 kind: ObjectBucketClaim
 metadata:
-  name: crunchy-postgres
+  name: pgo-peertube-backup-bucket-v1
  namespace: monitoring
 spec:
-  bucketName: crunchy-postgres
+  bucketName: pgo-peertube-backup-v1
  storageClassName: ceph-bucket
--- a/kubernetes/apps/peertube/peertube/app/postgresCluster.yaml
+++ b/kubernetes/apps/peertube/peertube/app/postgresCluster.yaml
@ -13,12 +13,12 @@ spec:
      postgresql:
        synchronous_commit: "on"
        pg_hba:
-          - hostnossl all all 10.32.0.0/16 md5
+          - host peertube peertube 10.32.0.0/16 md5
-          - hostnossl all all all md5
+          - host all peertube 127.0.0.1 md5
-  monitoring:
+  # monitoring:
-    pgmonitor:
+  #   pgmonitor:
-      exporter:
+  #     exporter:
-        image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.5.0-0
+  #       image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.4.3-0
  instances:
    - name: postgres
@ -35,8 +35,6 @@ spec:
      databases:
        - peertube
      options: "SUPERUSER"
      password:
        type: AlphaNumeric
  backups:
    pgbackrest:
      configuration:
@ -58,6 +56,6 @@ spec:
            full: "0 1 * * 0"
            differential: "0 1 * * 1-6"
          s3:
-            bucket: "crunchy-postgres"
+            bucket: "pgo-peertube-backup-v1"
            endpoint: "rook-ceph-rgw-ceph-objectstore.rook-ceph.svc"
            region: ""