nocodelytics
/
infrastructure
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add http-auth to prometheus

This commit is contained in:
Florian Herrengt 2024-07-26 15:08:50 +01:00
parent b038191aae
commit 44eddce1ca
7 changed files with 229 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -6,7 +6,7 @@
- install docker
- install k3s
- apt-get install tmate
- apt-get install tmate cifs-utils
## Backups

135
apps/minio.yaml Normal file
View File

@ -0,0 +1,135 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitea-pvc
namespace: apps
spec:
accessModes:
- ReadWriteOnce
storageClassName: longhorn
resources:
requests:
storage: 5Gi
limits:
storage: 5Gi
---
apiVersion: v1
kind: Service
metadata:
name: gitea
namespace: apps
spec:
type: NodePort
ports:
- port: 3000
name: frontend
targetPort: 3000
selector:
app: gitea
---
# apiVersion: v1
# kind: Pod
# metadata:
# name: gitea-debug
# namespace: apps
# spec:
# containers:
# - name: gitea-debug
# image: busybox
# command: ["/bin/sh"]
# args: ["-c", "while true; do sleep 30; done;"]
# volumeMounts:
# - mountPath: /data
# name: gitea-data
# volumes:
# - name: gitea-data
# persistentVolumeClaim:
# claimName: gitea-pvc
# ---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gitea
namespace: apps
spec:
replicas: 1
selector:
matchLabels:
app: gitea
template:
metadata:
labels:
app: gitea
spec:
containers:
- name: gitea
image: gitea/gitea:1.21.1
env:
- name: USER_UID
value: "1000"
- name: USER_GID
value: "1000"
- name: DISABLE_REGISTRATION
value: "true"
- name: START_SSH_SERVER
value: "true"
- name: SSH_PORT
value: "30022"
- name: SSH_LISTEN_PORT
value: "30022"
- name: GITEA__database__DB_TYPE
value: "postgres"
- name: GITEA__database__HOST
value: "postgres.databases:5432"
- name: GITEA__database__NAME
value: "gitea"
- name: GITEA__database__USER
value: "postgres"
- name: GITEA__database__PASSWD
valueFrom:
secretKeyRef:
name: secrets
key: POSTGRES_PASSWORD
ports:
- containerPort: 3000
- containerPort: 30022
volumeMounts:
- mountPath: /data
name: gitea-data
- mountPath: /etc/timezone
name: timezone
readOnly: true
- mountPath: /etc/localtime
name: localtime
readOnly: true
volumes:
- name: gitea-data
persistentVolumeClaim:
claimName: gitea-pvc
- name: timezone
hostPath:
path: /etc/timezone
type: File
- name: localtime
hostPath:
path: /etc/localtime
type: File
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: gitea
namespace: apps
spec:
entryPoints:
- websecure
routes:
- match: Host(`gitea.nocodelytics.com`)
kind: Rule
services:
- name: gitea
port: 3000
tls:
certResolver: letsencrypt
domains:
- main: gitea.nocodelytics.com

8
apps/tooljet.yaml
View File

@ -27,8 +27,12 @@ spec:
spec:
containers:
- name: tooljet
image: tooljet/tooljet:2
image: tooljet/tooljet:latest
env:
- name: SERVE_CLIENT
value: "true"
- name: ENABLE_TOOLJET_DB
value: "false"
- name: TOOLJET_HOST
value: https://tooljet.nocodelytics.com
- name: LOCKBOX_MASTER_KEY
@ -47,7 +51,7 @@ spec:
name: secrets
key: POSTGRES_PASSWORD
- name: DATABASE_URL
value: postgres://postgres:$(POSTGRES_PASSWORD)@databases.postgres:5432/tooljet?sslmode=disable
value: postgres://postgres:$(POSTGRES_PASSWORD)@postgres.databases:5432/tooljet?sslmode=disable
ports:
- containerPort: 80
---

63
databases/redis.yaml Normal file
View File

@ -0,0 +1,63 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: redis-pvc
namespace: databases
spec:
accessModes:
- ReadWriteOnce
storageClassName: longhorn
resources:
requests:
storage: 1Gi
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: redis
namespace: databases
spec:
serviceName: "redis"
replicas: 1
selector:
matchLabels:
app: redis
template:
metadata:
labels:
app: redis
spec:
terminationGracePeriodSeconds: 30
containers:
- name: redis
image: redis:7.2.4
ports:
- containerPort: 6379
volumeMounts:
- name: data
mountPath: /data
env:
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: secret
key: REDIS_PASSWORD
volumes:
- name: data
persistentVolumeClaim:
claimName: redis-pvc
---
apiVersion: v1
kind: Service
metadata:
name: redis
namespace: databases
spec:
type: NodePort
ports:
- port: 6379
targetPort: 6379
selector:
app: redis

17
dependencies/02-storage.yaml vendored Normal file
View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-storagebox
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
csi:
driver: cifs.csi.k8s.io
volumeHandle: "storagebox-pv"
volumeAttributes:
source: "//u414460.your-storagebox.de/backup"
mountOptions: "iocharset=utf8,rw,credentials=/etc/backup-credentials.txt,uid=root,gid=root,file_mode=0660,dir_mode=0770"
storageClassName: cifs

2
secrets

@ -1 +1 @@
Subproject commit 1ee014d3868536e98f086d8b92047eb4fcafc404
Subproject commit 4ab80d3aa85b86bd9e8389bf5719b7d8fa079879

6
sysadmin/prometheus-deployment.yaml
View File

@ -169,6 +169,12 @@ spec:
services:
- name: prometheus
port: 9090
middlewares:
- name: https-redirect
namespace: default
- name: http-auth
namespace: default
tls:
certResolver: letsencrypt
domains: