diff --git a/argocd/templates/authentik.yaml b/argocd/templates/authentik.yaml deleted file mode 100644 index 735fa1a..0000000 --- a/argocd/templates/authentik.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: authentik - namespace: argocd -spec: - project: default - source: - repoURL: https://gitlab.com/developerdurp/homelab.git - targetRevision: main - path: authentik - destination: - namespace: authentik - name: in-cluster - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true - diff --git a/argocd/templates/bitwarden.yaml b/argocd/templates/bitwarden.yaml deleted file mode 100644 index 6aad52f..0000000 --- a/argocd/templates/bitwarden.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: bitwarden - namespace: argocd -spec: - project: default - source: - repoURL: https://gitlab.com/developerdurp/homelab.git - targetRevision: main - path: bitwarden - directory: - recurse: true - destination: - server: https://kubernetes.default.svc - namespace: bitwarden - syncPolicy: - automated: - prune: true - selfHeal: false - syncOptions: - - CreateNamespace=true - diff --git a/argocd/templates/crossplane.yml b/argocd/templates/crossplane.yml deleted file mode 100644 index e079c78..0000000 --- a/argocd/templates/crossplane.yml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: crossplane - namespace: argocd -spec: - project: default - source: - repoURL: https://gitlab.com/developerdurp/homelab.git - targetRevision: main - path: crossplane - destination: - namespace: crossplane - name: in-cluster - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true diff --git a/argocd/templates/durpapi.yaml b/argocd/templates/durpapi.yaml deleted file mode 100644 index 53c2db6..0000000 --- a/argocd/templates/durpapi.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: durpapi - namespace: argocd -spec: - project: default - source: - repoURL: https://gitlab.com/developerdurp/homelab.git - targetRevision: main - path: durpapi - destination: - namespace: durpapi - name: in-cluster - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true diff --git a/argocd/templates/durpot.yaml b/argocd/templates/durpot.yaml deleted file mode 100644 index 1bfcd37..0000000 --- a/argocd/templates/durpot.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: durpot - namespace: argocd -spec: - project: default - source: - repoURL: https://gitlab.com/developerdurp/homelab.git - targetRevision: main - path: durpot - destination: - namespace: durpot - name: in-cluster - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true diff --git a/argocd/templates/heimdall.yaml b/argocd/templates/heimdall.yaml deleted file mode 100644 index d695e34..0000000 --- a/argocd/templates/heimdall.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: heimdall - namespace: argocd -spec: - project: default - source: - repoURL: https://gitlab.com/developerdurp/homelab.git - targetRevision: main - path: heimdall - destination: - namespace: heimdall - name: in-cluster - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true diff --git a/argocd/templates/krakend.yaml b/argocd/templates/krakend.yaml deleted file mode 100644 index 68a57d1..0000000 --- a/argocd/templates/krakend.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: krakend - namespace: argocd -spec: - project: default - source: - repoURL: https://gitlab.com/developerdurp/homelab.git - targetRevision: main - path: krakend - destination: - namespace: krakend - name: in-cluster - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true diff --git a/argocd/templates/littlelink.yaml b/argocd/templates/littlelink.yaml deleted file mode 100644 index 99b08fe..0000000 --- a/argocd/templates/littlelink.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: littlelink - namespace: argocd -spec: - project: default - source: - repoURL: https://gitlab.com/developerdurp/homelab.git - targetRevision: main - path: littlelink - directory: - recurse: true - destination: - server: https://kubernetes.default.svc - namespace: littlelink - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true diff --git a/argocd/templates/nfs-client.yaml b/argocd/templates/nfs-client.yaml deleted file mode 100644 index e374885..0000000 --- a/argocd/templates/nfs-client.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: nfs-client - namespace: argocd -spec: - project: default - source: - repoURL: https://gitlab.com/developerdurp/homelab.git - targetRevision: main - path: nfs-client - directory: - recurse: true - destination: - namespace: nfs-client - name: in-cluster - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true - diff --git a/argocd/templates/open-webui.yaml b/argocd/templates/open-webui.yaml deleted file mode 100644 index a2b25fa..0000000 --- a/argocd/templates/open-webui.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: open-webui - namespace: argocd -spec: - project: default - source: - repoURL: https://gitlab.com/developerdurp/homelab.git - targetRevision: main - path: open-webui - destination: - namespace: open-webui - name: in-cluster - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true diff --git a/argocd/templates/secrets.yaml b/argocd/templates/secrets.yaml deleted file mode 100644 index baeaaee..0000000 --- a/argocd/templates/secrets.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: vault-argocd - labels: - app.kubernetes.io/part-of: argocd -spec: - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: client-secret - data: - - secretKey: clientSecret - remoteRef: - key: secrets/argocd/authentik - property: clientsecret diff --git a/argocd/templates/vault.yaml b/argocd/templates/vault.yaml deleted file mode 100644 index 6e243c5..0000000 --- a/argocd/templates/vault.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: vault - namespace: argocd -spec: - project: default - source: - repoURL: https://gitlab.com/developerdurp/homelab.git - targetRevision: main - path: vault - destination: - namespace: vault - name: in-cluster - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true - ignoreDifferences: - - group: admissionregistration.k8s.io - kind: MutatingWebhookConfiguration - jqPathExpressions: - - .webhooks[]?.clientConfig.caBundle diff --git a/authentik/Chart.yaml b/authentik/Chart.yaml deleted file mode 100644 index 640dc35..0000000 --- a/authentik/Chart.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v2 -name: authentik -description: A Helm chart for Kubernetes -type: application - -version: 0.1.0 -appVersion: "1.16.0" - -dependencies: -- name: authentik - repository: https://charts.goauthentik.io - version: 2024.4.1 diff --git a/authentik/templates/authentik-pv.yaml b/authentik/templates/authentik-pv.yaml deleted file mode 100644 index 8fbc2e2..0000000 --- a/authentik/templates/authentik-pv.yaml +++ /dev/null @@ -1,24 +0,0 @@ -#apiVersion: v1 -#kind: PersistentVolume -#metadata: -# annotations: -# pv.kubernetes.io/provisioned-by: durp.info/nfs -# finalizers: -# - kubernetes.io/pv-protection -# name: authentik-pv -#spec: -# accessModes: -# - ReadWriteMany -# capacity: -# storage: 10Gi -# claimRef: -# apiVersion: v1 -# kind: PersistentVolumeClaim -# name: authentik-pvc -# namespace: authentik -# nfs: -# path: /mnt/user/k3s/authentik -# server: 192.168.20.253 -# persistentVolumeReclaimPolicy: Retain -# storageClassName: nfs-storage -# volumeMode: Filesystem diff --git a/authentik/templates/authentik-pvc.yaml b/authentik/templates/authentik-pvc.yaml deleted file mode 100644 index f22640b..0000000 --- a/authentik/templates/authentik-pvc.yaml +++ /dev/null @@ -1,18 +0,0 @@ -#apiVersion: v1 -#kind: PersistentVolumeClaim -#metadata: -# labels: -# app.kubernetes.io/component: app -# app.kubernetes.io/instance: authentik -# app.kubernetes.io/managed-by: Helm -# app.kubernetes.io/name: authentik -# helm.sh/chart: authentik-2.14.4 -# name: authentik-pvc -# namespace: authentik -#spec: -# accessModes: -# - ReadWriteMany -# resources: -# requests: -# storage: 10Gi -# storageClassName: nfs-storage \ No newline at end of file diff --git a/authentik/templates/ingress.yaml b/authentik/templates/ingress.yaml deleted file mode 100644 index ac10303..0000000 --- a/authentik/templates/ingress.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: authentik-ingress -spec: - entryPoints: - - websecure - routes: - - match: Host(`authentik.durp.info`) && PathPrefix(`/`) - kind: Rule - services: - - name: authentik-server - port: 80 - tls: - secretName: authentik-tls - ---- - -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: authentik-tls -spec: - secretName: authentik-tls - issuerRef: - name: letsencrypt-production - kind: ClusterIssuer - commonName: "authentik.durp.info" - dnsNames: - - "authentik.durp.info" - ---- - -kind: Service -apiVersion: v1 -metadata: - name: authentik-external-dns - annotations: - external-dns.alpha.kubernetes.io/hostname: authentik.durp.info -spec: - type: ExternalName - externalName: durp.info diff --git a/authentik/templates/secrets.yaml b/authentik/templates/secrets.yaml deleted file mode 100644 index 07b7747..0000000 --- a/authentik/templates/secrets.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: authentik-secret -spec: - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: db-pass - data: - - secretKey: dbpass - remoteRef: - key: secrets/authentik/database - property: dbpass - - secretKey: secretkey - remoteRef: - key: secrets/authentik/database - property: secretkey - - secretKey: postgresql-postgres-password - remoteRef: - key: secrets/authentik/database - property: dbpass - - secretKey: postgresql-password - remoteRef: - key: secrets/authentik/database - property: dbpass - diff --git a/authentik/values.yaml b/authentik/values.yaml deleted file mode 100644 index bd03ad1..0000000 --- a/authentik/values.yaml +++ /dev/null @@ -1,51 +0,0 @@ -authentik: - global: - env: - - name: AUTHENTIK_POSTGRESQL__PASSWORD - valueFrom: - secretKeyRef: - name: db-pass - key: dbpass - - name: AUTHENTIK_SECRET_KEY - valueFrom: - secretKeyRef: - name: db-pass - key: secretkey - revisionHistoryLimit: 1 - image: - repository: registry.internal.durp.info/goauthentik/server - pullPolicy: Always - authentik: - outposts: - container_image_base: registry.internal.durp.info/goauthentik/%(type)s:%(version)s - postgresql: - host: '{{ .Release.Name }}-postgresql-hl' - name: "authentik" - user: "authentik" - port: 5432 - server: - name: server - replicas: 3 - postgresql: - enabled: true - image: - registry: registry.internal.durp.info - repository: bitnami/postgresql - pullPolicy: Always - postgresqlUsername: "authentik" - postgresqlDatabase: "authentik" - existingSecret: db-pass - persistence: - enabled: true - storageClass: longhorn - accessModes: - - ReadWriteMany - redis: - enabled: true - image: - registry: registry.internal.durp.info - repository: bitnami/redis - pullPolicy: Always - architecture: standalone - auth: - enabled: false diff --git a/bitwarden/Chart.yaml b/bitwarden/Chart.yaml deleted file mode 100644 index cfdd821..0000000 --- a/bitwarden/Chart.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v2 -name: bitwarden -description: A Helm chart for Kubernetes -type: application - -version: 0.1.0 -appVersion: "1.16.0" diff --git a/bitwarden/templates/bitwarden-pv.yaml b/bitwarden/templates/bitwarden-pv.yaml deleted file mode 100644 index ff647d1..0000000 --- a/bitwarden/templates/bitwarden-pv.yaml +++ /dev/null @@ -1,25 +0,0 @@ -#apiVersion: v1 -#kind: PersistentVolume -#metadata: -# annotations: -# pv.kubernetes.io/provisioned-by: durp.info/nfs -# finalizers: -# - kubernetes.io/pv-protection -# name: bitwarden-pv -#spec: -# accessModes: -# - ReadWriteMany -# capacity: -# storage: 10Gi -# claimRef: -# apiVersion: v1 -# kind: PersistentVolumeClaim -# name: bitwarden-pvc -# namespace: bitwarden -# nfs: -# path: /mnt/user/k3s/bitwarden -# server: 192.168.20.253 -# persistentVolumeReclaimPolicy: Retain -# storageClassName: nfs-storage -# volumeMode: Filesystem -# \ No newline at end of file diff --git a/bitwarden/templates/bitwarden-pvc.yaml b/bitwarden/templates/bitwarden-pvc.yaml deleted file mode 100644 index 333af4d..0000000 --- a/bitwarden/templates/bitwarden-pvc.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: bitwarden-pvc -spec: - storageClassName: longhorn - accessModes: - - ReadWriteMany - resources: - requests: - storage: 10Gi diff --git a/bitwarden/templates/deployment.yaml b/bitwarden/templates/deployment.yaml deleted file mode 100644 index d6e1788..0000000 --- a/bitwarden/templates/deployment.yaml +++ /dev/null @@ -1,50 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - namespace: bitwarden - name: bitwarden - labels: - app: bitwarden -spec: - selector: - matchLabels: - app: bitwarden - replicas: 1 - template: - metadata: - labels: - app: bitwarden - spec: - containers: - - name: bitwarden - image: registry.internal.durp.info/vaultwarden/server:1.30.3 - imagePullPolicy: Always - volumeMounts: - - name: bitwarden-pvc - mountPath: /data - subPath: bitwaren-data - ports: - - name: http - containerPort: 80 - env: - - name: SIGNUPS_ALLOWED - value: "FALSE" - - name: INVITATIONS_ALLOWED - value: "FALSE" - - name: WEBSOCKET_ENABLED - value: "TRUE" - - name: ROCKET_ENV - value: "staging" - - name: ROCKET_PORT - value: "80" - - name: ROCKET_WORKERS - value: "10" - - name: SECRET_USERNAME - valueFrom: - secretKeyRef: - name: bitwarden-secret - key: ADMIN_TOKEN - volumes: - - name: bitwarden-pvc - persistentVolumeClaim: - claimName: bitwarden-pvc diff --git a/bitwarden/templates/ingress.yaml b/bitwarden/templates/ingress.yaml deleted file mode 100644 index 8a9a628..0000000 --- a/bitwarden/templates/ingress.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: bitwarden-ingress -spec: - entryPoints: - - websecure - routes: - - match: Host(`bitwarden.durp.info`) && PathPrefix(`/`) - kind: Rule - services: - - name: bitwarden - port: 80 - tls: - secretName: bitwarden-tls - ---- - -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: bitwarden-tls -spec: - secretName: bitwarden-tls - issuerRef: - name: letsencrypt-production - kind: ClusterIssuer - commonName: "bitwarden.durp.info" - dnsNames: - - "bitwarden.durp.info" - ---- - -kind: Service -apiVersion: v1 -metadata: - name: bitwarden-external-dns - annotations: - external-dns.alpha.kubernetes.io/hostname: bitwarden.durp.info -spec: - type: ExternalName - externalName: durp.info \ No newline at end of file diff --git a/bitwarden/templates/secrets.yaml b/bitwarden/templates/secrets.yaml deleted file mode 100644 index 7a8d858..0000000 --- a/bitwarden/templates/secrets.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: bitwarden-secret -spec: - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: bitwarden-secret - data: - - secretKey: ADMIN_TOKEN - remoteRef: - key: secrets/bitwarden/admin - property: ADMIN_TOKEN - diff --git a/bitwarden/templates/service.yaml b/bitwarden/templates/service.yaml deleted file mode 100644 index df30857..0000000 --- a/bitwarden/templates/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: bitwarden -spec: - ports: - - name: http - port: 80 - targetPort: 80 - protocol: TCP - selector: - app: bitwarden \ No newline at end of file diff --git a/crossplane/Chart.yaml b/crossplane/Chart.yaml deleted file mode 100644 index c7bf1ab..0000000 --- a/crossplane/Chart.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v2 -name: crossplane -description: A Helm chart for Kubernetes -type: application - -version: 0.1.0 -appVersion: "1.16.0" - -dependencies: -- name: crossplane - repository: https://charts.crossplane.io/stable - version: 1.12.0 diff --git a/crossplane/templates/gitlab.yml b/crossplane/templates/gitlab.yml deleted file mode 100644 index 3a20b9c..0000000 --- a/crossplane/templates/gitlab.yml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: pkg.crossplane.io/v1 -kind: Provider -metadata: - name: provider-gitlab -spec: - package: xpkg.upbound.io/crossplane-contrib/provider-gitlab:v0.5.0 ---- - -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: gitlab-secret -spec: - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: gitlab-secret - data: - - secretKey: accesstoken - remoteRef: - key: secrets/gitlab/token - property: accesstoken - ---- - -#apiVersion: gitlab.crossplane.io/v1beta1 -#kind: ProviderConfig -#metadata: -# name: gitlab-provider -#spec: -# baseURL: https://gitlab.com/ -# credentials: -# source: Secret -# secretRef: -# namespace: crossplane -# name: gitlab-secret -# key: accesstoken -# -#--- -# -#apiVersion: projects.gitlab.crossplane.io/v1alpha1 -#kind: Project -#metadata: -# name: example-project -#spec: -# deletionPolicy: Orphan -# forProvider: -# name: "Example Project" -# description: "example project description" -# providerConfigRef: -# name: gitlab-provider -# policy: -# resolution: Optional -# resolve: Always diff --git a/dashboards/nginx-dashboard.yaml b/dashboards/nginx-dashboard.yaml deleted file mode 100644 index 333a6c5..0000000 --- a/dashboards/nginx-dashboard.yaml +++ /dev/null @@ -1,1506 +0,0 @@ -apiVersion: v1 -data: - nginx-ingress-controller_rev1.json: |- - { - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "enable": true, - "expr": "sum(changes(nginx_ingress_controller_config_last_reload_successful_timestamp_seconds{instance!=\"unknown\",controller_class=~\"$controller_class\",namespace=~\"$namespace\"}[30s])) by (controller_class)", - "hide": false, - "iconColor": "rgba(255, 96, 96, 1)", - "limit": 100, - "name": "Config Reloads", - "showIn": 0, - "step": "30s", - "tagKeys": "controller_class", - "tags": [], - "titleFormat": "Config Reloaded", - "type": "tags" - } - ] - }, - "description": "Ingress-nginx supports a rich collection of prometheus metrics. If you have prometheus and grafana installed on your cluster then prometheus will already be scraping this data due to the scrape annotation on the deployment.", - "editable": true, - "fiscalYearStartMonth": 0, - "gnetId": 9614, - "graphTooltip": 0, - "id": 27, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "ops" - }, - "overrides": [] - }, - "id": 20, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.6", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "round(sum(irate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\"}[2m])), 0.001)", - "format": "time_series", - "intervalFactor": 1, - "refId": "A", - "step": 4 - } - ], - "title": "Controller Request Volume", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 6, - "x": 6, - "y": 0 - }, - "id": 82, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.6", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "sum(avg_over_time(nginx_ingress_controller_nginx_process_connections{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[2m]))", - "format": "time_series", - "instant": false, - "intervalFactor": 1, - "refId": "A", - "step": 4 - } - ], - "title": "Controller Connections", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(245, 54, 54, 0.9)", - "value": null - }, - { - "color": "rgba(237, 129, 40, 0.89)", - "value": 95 - }, - { - "color": "rgba(50, 172, 45, 0.97)", - "value": 99 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 6, - "x": 12, - "y": 0 - }, - "id": 21, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.6", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\",status!~\"[4-5].*\"}[2m])) / sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\"}[2m]))", - "format": "time_series", - "intervalFactor": 1, - "refId": "A", - "step": 4 - } - ], - "title": "Controller Success Rate (non-4|5xx responses)", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "decimals": 0, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 3, - "x": 18, - "y": 0 - }, - "id": 81, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.6", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "avg(nginx_ingress_controller_success{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"})", - "format": "time_series", - "instant": true, - "intervalFactor": 1, - "refId": "A", - "step": 4 - } - ], - "title": "Config Reloads", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "decimals": 0, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 3, - "x": 21, - "y": 0 - }, - "id": 83, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.6", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "count(nginx_ingress_controller_config_last_reload_successful{controller_pod=~\"$controller\",controller_namespace=~\"$namespace\"} == 0)", - "format": "time_series", - "instant": true, - "intervalFactor": 1, - "refId": "A", - "step": 4 - } - ], - "title": "Last Config Failed", - "type": "stat" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "fillGradient": 0, - "grid": {}, - "gridPos": { - "h": 7, - "w": 12, - "x": 0, - "y": 3 - }, - "height": "200px", - "hiddenSeries": false, - "id": 86, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "hideEmpty": false, - "hideZero": true, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "9.1.6", - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeatDirection": "h", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "round(sum(irate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress), 0.001)", - "format": "time_series", - "hide": false, - "instant": false, - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{ ingress }}", - "metric": "network", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeRegions": [], - "title": "Ingress Request Volume", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "reqps", - "logBase": 1, - "show": true - }, - { - "format": "Bps", - "logBase": 1, - "show": false - } - ], - "yaxis": { - "align": false - } - }, - { - "aliasColors": { - "max - istio-proxy": "#890f02", - "max - master": "#bf1b00", - "max - prometheus": "#bf1b00" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "decimals": 2, - "editable": false, - "error": false, - "fill": 0, - "fillGradient": 0, - "grid": {}, - "gridPos": { - "h": 7, - "w": 12, - "x": 12, - "y": 3 - }, - "hiddenSeries": false, - "id": 87, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "hideEmpty": true, - "hideZero": false, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sideWidth": 300, - "sort": "avg", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "9.1.6", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\",ingress=~\"$ingress\",status!~\"[4-5].*\"}[2m])) by (ingress) / sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress)", - "format": "time_series", - "instant": false, - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "{{ ingress }}", - "metric": "container_memory_usage:sort_desc", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeRegions": [], - "title": "Ingress Success Rate (non-4|5xx responses)", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 1, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percentunit", - "logBase": 1, - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": false - } - ], - "yaxis": { - "align": false - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "fillGradient": 0, - "grid": {}, - "gridPos": { - "h": 6, - "w": 8, - "x": 0, - "y": 10 - }, - "height": "200px", - "hiddenSeries": false, - "id": 32, - "isNew": true, - "legend": { - "alignAsTable": false, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": false, - "show": false, - "sideWidth": 200, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "9.1.6", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "sum (irate (nginx_ingress_controller_request_size_sum{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[2m]))", - "format": "time_series", - "instant": false, - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "Received", - "metric": "network", - "refId": "A", - "step": 10 - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "- sum (irate (nginx_ingress_controller_response_size_sum{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[2m]))", - "format": "time_series", - "hide": false, - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "Sent", - "metric": "network", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeRegions": [], - "title": "Network I/O pressure", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "logBase": 1, - "show": true - }, - { - "format": "Bps", - "logBase": 1, - "show": false - } - ], - "yaxis": { - "align": false - } - }, - { - "aliasColors": { - "max - istio-proxy": "#890f02", - "max - master": "#bf1b00", - "max - prometheus": "#bf1b00" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "decimals": 2, - "editable": false, - "error": false, - "fill": 0, - "fillGradient": 0, - "grid": {}, - "gridPos": { - "h": 6, - "w": 8, - "x": 8, - "y": 10 - }, - "hiddenSeries": false, - "id": 77, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": false, - "show": false, - "sideWidth": 200, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "9.1.6", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "avg(nginx_ingress_controller_nginx_process_resident_memory_bytes{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}) ", - "format": "time_series", - "instant": false, - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "nginx", - "metric": "container_memory_usage:sort_desc", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeRegions": [], - "title": "Average Memory Usage", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "logBase": 1, - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": false - } - ], - "yaxis": { - "align": false - } - }, - { - "aliasColors": { - "max - istio-proxy": "#890f02", - "max - master": "#bf1b00" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "decimals": 3, - "editable": false, - "error": false, - "fill": 0, - "fillGradient": 0, - "grid": {}, - "gridPos": { - "h": 6, - "w": 8, - "x": 16, - "y": 10 - }, - "height": "", - "hiddenSeries": false, - "id": 79, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": false, - "show": false, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "9.1.6", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "sum (rate (nginx_ingress_controller_nginx_process_cpu_seconds_total{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[2m])) ", - "format": "time_series", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "nginx", - "metric": "container_cpu", - "refId": "A", - "step": 10 - } - ], - "thresholds": [ - { - "colorMode": "critical", - "fill": true, - "line": true, - "op": "gt" - } - ], - "timeRegions": [], - "title": "Average CPU Usage", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": "cores", - "logBase": 1, - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": true - } - ], - "yaxis": { - "align": false - } - }, - { - "columns": [], - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fontSize": "100%", - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 16 - }, - "hideTimeOverride": false, - "id": 75, - "links": [], - "pageSize": 7, - "repeatDirection": "h", - "scroll": true, - "showHeader": true, - "sort": { - "col": 1, - "desc": true - }, - "styles": [ - { - "alias": "Ingress", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "pattern": "ingress", - "preserveFormat": false, - "sanitize": false, - "thresholds": [], - "type": "string", - "unit": "short" - }, - { - "alias": "Requests", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "pattern": "Value #A", - "thresholds": [ - "" - ], - "type": "number", - "unit": "ops" - }, - { - "alias": "Errors", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "pattern": "Value #B", - "thresholds": [], - "type": "number", - "unit": "ops" - }, - { - "alias": "P50 Latency", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 0, - "link": false, - "pattern": "Value #C", - "thresholds": [], - "type": "number", - "unit": "dtdurations" - }, - { - "alias": "P90 Latency", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 0, - "pattern": "Value #D", - "thresholds": [], - "type": "number", - "unit": "dtdurations" - }, - { - "alias": "P99 Latency", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 0, - "pattern": "Value #E", - "thresholds": [], - "type": "number", - "unit": "dtdurations" - }, - { - "alias": "IN", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "pattern": "Value #F", - "thresholds": [ - "" - ], - "type": "number", - "unit": "Bps" - }, - { - "alias": "", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "pattern": "Time", - "thresholds": [], - "type": "hidden", - "unit": "short" - }, - { - "alias": "OUT", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #G", - "thresholds": [], - "type": "number", - "unit": "Bps" - } - ], - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "histogram_quantile(0.50, sum(rate(nginx_ingress_controller_request_duration_seconds_bucket{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (le, ingress))", - "format": "table", - "hide": false, - "instant": true, - "intervalFactor": 1, - "legendFormat": "{{ ingress }}", - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "histogram_quantile(0.90, sum(rate(nginx_ingress_controller_request_duration_seconds_bucket{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (le, ingress))", - "format": "table", - "hide": false, - "instant": true, - "intervalFactor": 1, - "legendFormat": "{{ ingress }}", - "refId": "D" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "histogram_quantile(0.99, sum(rate(nginx_ingress_controller_request_duration_seconds_bucket{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (le, ingress))", - "format": "table", - "hide": false, - "instant": true, - "intervalFactor": 1, - "legendFormat": "{{ destination_service }}", - "refId": "E" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "sum(irate(nginx_ingress_controller_request_size_sum{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress)", - "format": "table", - "hide": false, - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{ ingress }}", - "refId": "F" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "sum(irate(nginx_ingress_controller_response_size_sum{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "legendFormat": "{{ ingress }}", - "refId": "G" - } - ], - "title": "Ingress Percentile Response Times and Transfer Rates", - "transform": "table", - "type": "table-old" - }, - { - "columns": [ - { - "text": "Current", - "value": "current" - } - ], - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fontSize": "100%", - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 24 - }, - "height": "1024", - "id": 85, - "links": [], - "pageSize": 7, - "scroll": true, - "showHeader": true, - "sort": { - "col": 1, - "desc": false - }, - "styles": [ - { - "alias": "Time", - "align": "auto", - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "pattern": "Time", - "type": "date" - }, - { - "alias": "TTL", - "align": "auto", - "colorMode": "cell", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 0, - "pattern": "Current", - "thresholds": [ - "0", - "691200" - ], - "type": "number", - "unit": "s" - }, - { - "alias": "", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "decimals": 2, - "pattern": "/.*/", - "thresholds": [], - "type": "number", - "unit": "short" - } - ], - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "expr": "avg(nginx_ingress_controller_ssl_expire_time_seconds{kubernetes_pod_name=~\"$controller\",namespace=~\"$namespace\",ingress=~\"$ingress\"}) by (host) - time()", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{ host }}", - "metric": "gke_letsencrypt_cert_expiration", - "refId": "A", - "step": 1 - } - ], - "title": "Ingress Certificate Expiry", - "transform": "timeseries_aggregations", - "type": "table-old" - } - ], - "refresh": "5s", - "schemaVersion": 37, - "style": "dark", - "tags": [ - "nginx" - ], - "templating": { - "list": [ - { - "allValue": ".*", - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "definition": "", - "hide": 0, - "includeAll": true, - "label": "Namespace", - "multi": false, - "name": "namespace", - "options": [], - "query": { - "query": "label_values(nginx_ingress_controller_config_hash, controller_namespace)", - "refId": "Prometheus-namespace-Variable-Query" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "allValue": ".*", - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "definition": "", - "hide": 0, - "includeAll": true, - "label": "Controller Class", - "multi": false, - "name": "controller_class", - "options": [], - "query": { - "query": "label_values(nginx_ingress_controller_config_hash{namespace=~\"$namespace\"}, controller_class) ", - "refId": "Prometheus-controller_class-Variable-Query" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "allValue": ".*", - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "definition": "", - "hide": 0, - "includeAll": true, - "label": "Controller", - "multi": false, - "name": "controller", - "options": [], - "query": { - "query": "label_values(nginx_ingress_controller_config_hash{namespace=~\"$namespace\",controller_class=~\"$controller_class\"}, controller_pod) ", - "refId": "Prometheus-controller-Variable-Query" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "allValue": ".*", - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "definition": "", - "hide": 0, - "includeAll": true, - "label": "Ingress", - "multi": false, - "name": "ingress", - "options": [], - "query": { - "query": "label_values(nginx_ingress_controller_requests{namespace=~\"$namespace\",controller_class=~\"$controller_class\",controller=~\"$controller\"}, ingress) ", - "refId": "Prometheus-ingress-Variable-Query" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 2, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "2m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "browser", - "title": "NGINX Ingress controller", - "uid": "nginx", - "version": 1, - "weekStart": "" - } -kind: ConfigMap -metadata: - labels: - grafana_dashboard: "1" - creationTimestamp: null - name: nginx-dashboard - namespace: kube-prometheus-stack \ No newline at end of file diff --git a/durpapi/Chart.yaml b/durpapi/Chart.yaml deleted file mode 100644 index 23a6be3..0000000 --- a/durpapi/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -type: application -appVersion: 0.1.0 -description: A Helm chart for Kubernetes -name: durpapi -dependencies: -- condition: postgresql.enabled - version: 12.5.* - repository: https://charts.bitnami.com/bitnami - name: postgresql -apiVersion: v2 -version: test diff --git a/durpapi/templates/deployment.yaml b/durpapi/templates/deployment.yaml deleted file mode 100644 index 0f42dfb..0000000 --- a/durpapi/templates/deployment.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Chart.Name }} - labels: - app: {{ .Chart.Name }} -spec: - revisionHistoryLimit: 1 - selector: - matchLabels: - app: {{ .Chart.Name }} - replicas: {{ .Values.deployment.hpa.minReplicas }} - template: - metadata: - labels: - app: {{ .Chart.Name }} - spec: - containers: - - name: api - image: "{{ .Values.deployment.image }}:{{ default .Chart.Version .Values.deployment.tag }}" - imagePullPolicy: {{ .Values.deployment.imagePullPolicy }} - readinessProbe: - {{- toYaml .Values.deployment.probe.readiness | nindent 12 }} - livenessProbe: - {{- toYaml .Values.deployment.probe.liveness | nindent 12 }} - startupProbe: - {{- toYaml .Values.deployment.probe.startup | nindent 12 }} - ports: - - name: http - containerPort: {{ .Values.service.targetport }} - env: - - name: host - value: {{ .Values.swagger.host }} - - name: version - value: {{ default .Chart.Version .Values.deployment.tag }} - envFrom: - - secretRef: - name: {{ .Values.deployment.secretfile }} diff --git a/durpapi/templates/hpa.yaml b/durpapi/templates/hpa.yaml deleted file mode 100644 index 68d484d..0000000 --- a/durpapi/templates/hpa.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: "{{ .Chart.Name }}-hpa" -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: {{ .Chart.Name }} - minReplicas: {{ .Values.deployment.hpa.minReplicas }} - maxReplicas: {{ .Values.deployment.hpa.maxReplicas }} - metrics: - - type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: 80 - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 40 diff --git a/durpapi/templates/ingress.yaml b/durpapi/templates/ingress.yaml deleted file mode 100644 index bd268dd..0000000 --- a/durpapi/templates/ingress.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: "{{ .Chart.Name }}-ingress" -spec: - entryPoints: - - websecure - routes: - - match: Host("api.durp.info") && PathPrefix(`/api`) - kind: Rule - middlewares: - - name: jwt - services: - - name: "durpapi-service" - port: 80 - ---- - -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: "{{ .Chart.Name }}-swagger" -spec: - entryPoints: - - websecure - routes: - - match: Host("api.durp.info") && PathPrefix(`/swagger`) - kind: Rule - services: - - name: "durpapi-service" - port: 80 - ---- - -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: jwt -spec: - plugin: - jwt: - Required: true - Keys: - - https://authentik.durp.info/application/o/api/jwks diff --git a/durpapi/templates/secrets.yaml b/durpapi/templates/secrets.yaml deleted file mode 100644 index 0157b5b..0000000 --- a/durpapi/templates/secrets.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: durpapi-secret -spec: - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: durpapi-secret - data: - - secretKey: db_host - remoteRef: - key: secrets/durpapi/postgres - property: db_host - - secretKey: db_port - remoteRef: - key: secrets/durpapi/postgres - property: db_port - - secretKey: db_pass - remoteRef: - key: secrets/durpapi/postgres - property: db_pass - - secretKey: db_user - remoteRef: - key: secrets/durpapi/postgres - property: db_user - - secretKey: db_sslmode - remoteRef: - key: secrets/durpapi/postgres - property: db_sslmode - - secretKey: db_name - remoteRef: - key: secrets/durpapi/postgres - property: db_name - - secretKey: llamaurl - remoteRef: - key: secrets/durpapi/llamaurl - property: llamaurl \ No newline at end of file diff --git a/durpapi/templates/service.yaml b/durpapi/templates/service.yaml deleted file mode 100644 index 2cab669..0000000 --- a/durpapi/templates/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: "{{ .Chart.Name }}-service" -spec: - ports: - - name: http - port: {{ .Values.service.port }} - targetPort: {{ .Values.service.targetport }} - protocol: TCP - selector: - app: {{ .Chart.Name }} diff --git a/durpapi/values.yaml b/durpapi/values.yaml deleted file mode 100644 index 65f1b4c..0000000 --- a/durpapi/values.yaml +++ /dev/null @@ -1,39 +0,0 @@ -ingress: - enabled: false -deployment: - image: registry.internal.durp.info/developerdurp/durpapi - secretfile: durpapi-secret - imagePullPolicy: Always - hpa: - minReplicas: 3 - maxReplicas: 10 - probe: - readiness: - httpGet: - path: /api/health/gethealth - port: 8080 - liveness: - httpGet: - path: /api/health/gethealth - port: 8080 - startup: - httpGet: - path: /api/health/gethealth - port: 8080 -service: - type: ClusterIP - port: 80 - targetport: 8080 - -swagger: - host: api.durp.info -postgresql: - enabled: true - auth: - existingSecret: durpapi-secret - secretKeys: - adminPasswordKey: db_pass - userPasswordKey: db_pass - replicationPasswordKey: db_pass - database: postgres - username: postgres diff --git a/durpot/Chart.yaml b/durpot/Chart.yaml deleted file mode 100644 index c21a834..0000000 --- a/durpot/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v2 -name: durpapi -description: A Helm chart for Kubernetes -type: application -version: 0.0.1 -appVersion: 0.0.1 - -dependencies: -- name: durpot - repository: https://gitlab.com/api/v4/projects/45025485/packages/helm/stable - version: 0.1.0-dev0038 diff --git a/durpot/templates/secrets.yaml b/durpot/templates/secrets.yaml deleted file mode 100644 index 792f909..0000000 --- a/durpot/templates/secrets.yaml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: durpot-secert -spec: - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: durpot-secret - data: - - secretKey: OPENAI_API_KEY - remoteRef: - key: secrets/durpot/openai - property: OPENAI_API_KEY - - secretKey: BOTPREFIX - remoteRef: - key: secrets/durpot/discord - property: BOTPREFIX - - secretKey: ChannelID - remoteRef: - key: secrets/durpot/discord - property: ChannelID - - secretKey: TOKEN - remoteRef: - key: secrets/durpot/discord - property: TOKEN - - secretKey: ClientID - remoteRef: - key: secrets/durpot/auth - property: ClientID - - secretKey: Password - remoteRef: - key: secrets/durpot/auth - property: Password - - secretKey: TokenURL - remoteRef: - key: secrets/durpot/auth - property: TokenURL - - secretKey: Username - remoteRef: - key: secrets/durpot/auth - property: Username diff --git a/external-dns/Chart.yaml b/external-dns/Chart.yaml deleted file mode 100644 index 24d735c..0000000 --- a/external-dns/Chart.yaml +++ /dev/null @@ -1,12 +0,0 @@ - -apiVersion: v2 -name: external-dns -description: A Helm chart for Kubernetes -type: application -version: 0.0.1 -appVersion: 0.0.1 - -dependencies: -- name: external-dns - repository: https://charts.bitnami.com/bitnami - version: 6.20.3 diff --git a/external-dns/templates/secrets.yaml b/external-dns/templates/secrets.yaml deleted file mode 100644 index 142c03a..0000000 --- a/external-dns/templates/secrets.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: external-dns-secret -spec: - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: external-dns - data: - - secretKey: cloudflare_api_email - remoteRef: - key: secrets/external-dns/cloudflare - property: cloudflare_api_email - - secretKey: cloudflare_api_key - remoteRef: - key: secrets/external-dns/cloudflare - property: cloudflare_api_key - - secretKey: cloudflare_api_token - remoteRef: - key: secrets/external-dns/cloudflare - property: cloudflare_api_token diff --git a/external-dns/values.yaml b/external-dns/values.yaml deleted file mode 100644 index 68abe91..0000000 --- a/external-dns/values.yaml +++ /dev/null @@ -1,16 +0,0 @@ -external-dns: - global: - imageRegistry: "registry.internal.durp.info" - - image: - pullPolicy: Always - - sources: - - service - - provider: cloudflare - cloudflare: - secretName : "external-dns" - proxied: false - - policy: sync diff --git a/external-secrets/Chart.yaml b/external-secrets/Chart.yaml deleted file mode 100644 index 96c39ce..0000000 --- a/external-secrets/Chart.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v2 -name: external-secrets -description: A Helm chart for Kubernetes -type: application -version: 0.0.1 -appVersion: 0.0.1 - -dependencies: -- name: external-secrets - repository: https://charts.external-secrets.io - version: 0.8.1 - diff --git a/external-secrets/values.yaml b/external-secrets/values.yaml deleted file mode 100644 index a720adb..0000000 --- a/external-secrets/values.yaml +++ /dev/null @@ -1,463 +0,0 @@ -external-secrets: - replicaCount: 3 - - # -- Specifies the amount of historic ReplicaSets k8s should keep (see https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy) - revisionHistoryLimit: 10 - - image: - repository: ghcr.io/external-secrets/external-secrets - pullPolicy: Always - # -- The image tag to use. The default is the chart appVersion. - # There are different image flavours available, like distroless and ubi. - # Please see GitHub release notes for image tags for these flavors. - # By default the distroless image is used. - tag: "" - - # -- If set, install and upgrade CRDs through helm chart. - installCRDs: true - - crds: - # -- If true, create CRDs for Cluster External Secret. - createClusterExternalSecret: true - # -- If true, create CRDs for Cluster Secret Store. - createClusterSecretStore: true - # -- If true, create CRDs for Push Secret. - createPushSecret: true - annotations: {} - conversion: - enabled: true - - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - - # -- If true, external-secrets will perform leader election between instances to ensure no more - # than one instance of external-secrets operates at a time. - leaderElect: true - - # -- If set external secrets will filter matching - # Secret Stores with the appropriate controller values. - controllerClass: "" - - # -- If true external secrets will use recommended kubernetes - # annotations as prometheus metric labels. - extendedMetricLabels: false - - # -- If set external secrets are only reconciled in the - # provided namespace - scopedNamespace: "" - - # -- Must be used with scopedNamespace. If true, create scoped RBAC roles under the scoped namespace - # and implicitly disable cluster stores and cluster external secrets - scopedRBAC: false - - # -- if true, the operator will process cluster external secret. Else, it will ignore them. - processClusterExternalSecret: true - - # -- if true, the operator will process cluster store. Else, it will ignore them. - processClusterStore: true - - # -- Specifies whether an external secret operator deployment be created. - createOperator: true - - # -- Specifies the number of concurrent ExternalSecret Reconciles external-secret executes at - # a time. - concurrent: 1 - - serviceAccount: - # -- Specifies whether a service account should be created. - create: true - # -- Automounts the service account token in all containers of the pod - automount: true - # -- Annotations to add to the service account. - annotations: {} - # -- Extra Labels to add to the service account. - extraLabels: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template. - name: "" - - rbac: - # -- Specifies whether role and rolebinding resources should be created. - create: true - - ## -- Extra environment variables to add to container. - extraEnv: [] - - ## -- Map of extra arguments to pass to container. - extraArgs: {} - - ## -- Extra volumes to pass to pod. - extraVolumes: [] - - ## -- Extra volumes to mount to the container. - extraVolumeMounts: [] - - ## -- Extra containers to add to the pod. - extraContainers: [] - - # -- Annotations to add to Deployment - deploymentAnnotations: {} - - # -- Annotations to add to Pod - podAnnotations: {} - - podLabels: {} - - podSecurityContext: {} - # fsGroup: 2000 - - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - - resources: {} - # requests: - # cpu: 10m - # memory: 32Mi - - prometheus: - # -- deprecated. will be removed with 0.7.0, use serviceMonitor instead. - enabled: false - service: - # -- deprecated. will be removed with 0.7.0, use serviceMonitor instead. - port: 8080 - - serviceMonitor: - # -- Specifies whether to create a ServiceMonitor resource for collecting Prometheus metrics - enabled: false - - # -- namespace where you want to install ServiceMonitors - namespace: "" - - # -- Additional labels - additionalLabels: {} - - # -- Interval to scrape metrics - interval: 30s - - # -- Timeout if metrics can't be retrieved in given time interval - scrapeTimeout: 25s - - # -- Let prometheus add an exported_ prefix to conflicting labels - honorLabels: false - - # -- Metric relabel configs to apply to samples before ingestion. [Metric Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) - metricRelabelings: [] - # - action: replace - # regex: (.*) - # replacement: $1 - # sourceLabels: - # - exported_namespace - # targetLabel: namespace - - # -- Relabel configs to apply to samples before ingestion. [Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) - relabelings: [] - # - sourceLabels: [__meta_kubernetes_pod_node_name] - # separator: ; - # regex: ^(.*)$ - # targetLabel: nodename - # replacement: $1 - # action: replace - - metrics: - service: - # -- Enable if you use another monitoring tool than Prometheus to scrape the metrics - enabled: false - - # -- Metrics service port to scrape - port: 8080 - - # -- Additional service annotations - annotations: {} - - nodeSelector: {} - - tolerations: [] - - topologySpreadConstraints: [] - - affinity: {} - - # -- Pod priority class name. - priorityClassName: "" - - # -- Pod disruption budget - for more details see https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ - podDisruptionBudget: - enabled: false - minAvailable: 1 - # maxUnavailable: 1 - - # -- Run the controller on the host network - hostNetwork: false - - webhook: - # -- Specifies whether a webhook deployment be created. - create: true - # -- Specifices the time to check if the cert is valid - certCheckInterval: "5m" - # -- Specifices the lookaheadInterval for certificate validity - lookaheadInterval: "" - replicaCount: 1 - - # -- Specifies the amount of historic ReplicaSets k8s should keep (see https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy) - revisionHistoryLimit: 10 - - certDir: /tmp/certs - # -- Specifies whether validating webhooks should be created with failurePolicy: Fail or Ignore - failurePolicy: Fail - # -- Specifies if webhook pod should use hostNetwork or not. - hostNetwork: false - image: - repository: ghcr.io/external-secrets/external-secrets - pullPolicy: IfNotPresent - # -- The image tag to use. The default is the chart appVersion. - tag: "" - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - # -- The port the webhook will listen to - port: 10250 - rbac: - # -- Specifies whether role and rolebinding resources should be created. - create: true - serviceAccount: - # -- Specifies whether a service account should be created. - create: true - # -- Automounts the service account token in all containers of the pod - automount: true - # -- Annotations to add to the service account. - annotations: {} - # -- Extra Labels to add to the service account. - extraLabels: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template. - name: "" - nodeSelector: {} - - tolerations: [] - - topologySpreadConstraints: [] - - affinity: {} - - # -- Pod priority class name. - priorityClassName: "" - - # -- Pod disruption budget - for more details see https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ - podDisruptionBudget: - enabled: false - minAvailable: 1 - # maxUnavailable: 1 - prometheus: - # -- deprecated. will be removed with 0.7.0, use serviceMonitor instead - enabled: false - service: - # -- deprecated. will be removed with 0.7.0, use serviceMonitor instead - port: 8080 - - serviceMonitor: - # -- Specifies whether to create a ServiceMonitor resource for collecting Prometheus metrics - enabled: false - - # -- Additional labels - additionalLabels: {} - - # -- Interval to scrape metrics - interval: 30s - - # -- Timeout if metrics can't be retrieved in given time interval - scrapeTimeout: 25s - - metrics: - service: - # -- Enable if you use another monitoring tool than Prometheus to scrape the metrics - enabled: false - - # -- Metrics service port to scrape - port: 8080 - - # -- Additional service annotations - annotations: {} - - - readinessProbe: - # -- Address for readiness probe - address: "" - # -- ReadinessProbe port for kubelet - port: 8081 - - - ## -- Extra environment variables to add to container. - extraEnv: [] - - ## -- Map of extra arguments to pass to container. - extraArgs: {} - - ## -- Extra volumes to pass to pod. - extraVolumes: [] - - ## -- Extra volumes to mount to the container. - extraVolumeMounts: [] - - # -- Annotations to add to Secret - secretAnnotations: {} - - # -- Annotations to add to Deployment - deploymentAnnotations: {} - - # -- Annotations to add to Pod - podAnnotations: {} - - podLabels: {} - - podSecurityContext: {} - # fsGroup: 2000 - - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - - resources: {} - # requests: - # cpu: 10m - # memory: 32Mi - - certController: - # -- Specifies whether a certificate controller deployment be created. - create: true - requeueInterval: "5m" - replicaCount: 1 - - # -- Specifies the amount of historic ReplicaSets k8s should keep (see https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy) - revisionHistoryLimit: 10 - - image: - repository: ghcr.io/external-secrets/external-secrets - pullPolicy: Always - tag: "" - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - rbac: - # -- Specifies whether role and rolebinding resources should be created. - create: true - serviceAccount: - # -- Specifies whether a service account should be created. - create: true - # -- Automounts the service account token in all containers of the pod - automount: true - # -- Annotations to add to the service account. - annotations: {} - # -- Extra Labels to add to the service account. - extraLabels: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template. - name: "" - nodeSelector: {} - - tolerations: [] - - topologySpreadConstraints: [] - - affinity: {} - - # -- Run the certController on the host network - hostNetwork: false - - # -- Pod priority class name. - priorityClassName: "" - - # -- Pod disruption budget - for more details see https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ - podDisruptionBudget: - enabled: false - minAvailable: 1 - # maxUnavailable: 1 - - prometheus: - # -- deprecated. will be removed with 0.7.0, use serviceMonitor instead - enabled: false - service: - # -- deprecated. will be removed with 0.7.0, use serviceMonitor instead - port: 8080 - - serviceMonitor: - # -- Specifies whether to create a ServiceMonitor resource for collecting Prometheus metrics - enabled: false - - # -- Additional labels - additionalLabels: {} - - # -- Interval to scrape metrics - interval: 30s - - # -- Timeout if metrics can't be retrieved in given time interval - scrapeTimeout: 25s - - metrics: - service: - # -- Enable if you use another monitoring tool than Prometheus to scrape the metrics - enabled: false - - # -- Metrics service port to scrape - port: 8080 - - # -- Additional service annotations - annotations: {} - - ## -- Extra environment variables to add to container. - extraEnv: [] - - ## -- Map of extra arguments to pass to container. - extraArgs: {} - - - ## -- Extra volumes to pass to pod. - extraVolumes: [] - - ## -- Extra volumes to mount to the container. - extraVolumeMounts: [] - - # -- Annotations to add to Deployment - deploymentAnnotations: {} - - # -- Annotations to add to Pod - podAnnotations: {} - - podLabels: {} - - podSecurityContext: {} - # fsGroup: 2000 - - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - - resources: {} - # requests: - # cpu: 10m - # memory: 32Mi - - # -- Specifies `dnsOptions` to deployment - dnsConfig: {} diff --git a/heimdall/Chart.yaml b/heimdall/Chart.yaml deleted file mode 100644 index 8351778..0000000 --- a/heimdall/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v2 -name: heimdall -description: A Helm chart for Kubernetes -type: application -version: 0.0.1 -appVersion: 0.0.1 - -dependencies: -- name: heimdall - repository: https://djjudas21.github.io/charts/ - version: 8.5.2 diff --git a/heimdall/templates/ingress.yaml b/heimdall/templates/ingress.yaml deleted file mode 100644 index 98b6144..0000000 --- a/heimdall/templates/ingress.yaml +++ /dev/null @@ -1,52 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - annotations: - name: heimdall-ingress -spec: - entryPoints: - - websecure - routes: - - match: Host(`heimdall.durp.info`) && PathPrefix(`/`) - middlewares: - - name: authentik-proxy-provider - namespace: traefik - kind: Rule - services: - - name: heimdall - port: 80 - - match: Host(`heimdall.durp.info`) && PathPrefix(`/outpost.goauthentik.io`) - kind: Rule - services: - - name: ak-outpost-authentik-embedded-outpost - namespace: authentik - port: 9000 - tls: - secretName: heimdall-tls - ---- - -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: heimdall-tls -spec: - secretName: heimdall-tls - issuerRef: - name: letsencrypt-production - kind: ClusterIssuer - commonName: "heimdall.durp.info" - dnsNames: - - "heimdall.durp.info" - ---- - -kind: Service -apiVersion: v1 -metadata: - name: heimdall-external-dns - annotations: - external-dns.alpha.kubernetes.io/hostname: heimdall.durp.info -spec: - type: ExternalName - externalName: durp.info diff --git a/heimdall/values.yaml b/heimdall/values.yaml deleted file mode 100644 index e93ca43..0000000 --- a/heimdall/values.yaml +++ /dev/null @@ -1,28 +0,0 @@ -heimdall: - - image: - registry: - repository: registry.internal.durp.info/linuxserver/heimdall - pullPolicy: Always - - env: - TZ: UTC - PUID: "1000" - PGID: "1000" - - service: - main: - annotations: - external-dns.alpha.kubernetes.io/hostname: heimdall.durp.info - external-dns.alpha.kubernetes.io/target: home.durp.info - ports: - http: - port: 80 - - ingress: - main: - enabled: false - - persistence: - config: - enabled: true diff --git a/krakend/Chart.yaml b/krakend/Chart.yaml deleted file mode 100644 index d998c9f..0000000 --- a/krakend/Chart.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v2 -name: krakend -description: A Helm chart for Kubernetes -type: application - -version: 0.1.0 -appVersion: "1.16.0" \ No newline at end of file diff --git a/krakend/templates/deployments.yaml b/krakend/templates/deployments.yaml deleted file mode 100644 index ce50302..0000000 --- a/krakend/templates/deployments.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - namespace: krakend - name: krakend - labels: - app: krakend -spec: - selector: - matchLabels: - app: krakend - replicas: 1 - template: - metadata: - labels: - app: krakend - spec: - volumes: - - name: krakend-secret - secret: - secretName: krakend-secret - containers: - - name: krakend - image: registry.internal.durp.info/devopsfaith/krakend:2.4.3 - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /__health - port: 8080 - readinessProbe: - httpGet: - path: /__health - port: 8080 - ports: - - name: http - containerPort: 8080 - volumeMounts: - - name: krakend-secret - mountPath: /etc/krakend \ No newline at end of file diff --git a/krakend/templates/ingress.yaml b/krakend/templates/ingress.yaml deleted file mode 100644 index a8c08eb..0000000 --- a/krakend/templates/ingress.yaml +++ /dev/null @@ -1,56 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: api-tls -spec: - secretName: api-tls - issuerRef: - name: letsencrypt-production - kind: ClusterIssuer - commonName: "api.durp.info" - dnsNames: - - "api.durp.info" - ---- - -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: krakend-ingress -spec: - entryPoints: - - websecure - routes: - - match: Host(`api.durp.info`) && PathPrefix(`/`) - kind: Rule - services: - - name: krakend-service - port: 8080 - scheme: http - tls: - secretName: api-tls - ---- - -kind: Service -apiVersion: v1 -metadata: - name: api-external-dns - annotations: - external-dns.alpha.kubernetes.io/hostname: api.durp.info -spec: - type: ExternalName - externalName: durp.info - ---- - -kind: Service -apiVersion: v1 -metadata: - name: api-developer-dns - annotations: - external-dns.alpha.kubernetes.io/hostname: developer.durp.info - external-dns.alpha.kubernetes.io/cloudflare-proxied: "false" -spec: - type: ExternalName - externalName: developerdurp.github.io diff --git a/krakend/templates/secrets.yaml b/krakend/templates/secrets.yaml deleted file mode 100644 index 2eb1a9d..0000000 --- a/krakend/templates/secrets.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: krakend-secret -spec: - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: krakend-secret - data: - - secretKey: krakend.json - remoteRef: - key: secrets/krakend/config - property: config \ No newline at end of file diff --git a/krakend/templates/service.yaml b/krakend/templates/service.yaml deleted file mode 100644 index d5393f3..0000000 --- a/krakend/templates/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: krakend-service -spec: - ports: - - name: http - port: 8080 - targetPort: 8080 - protocol: TCP - selector: - app: krakend \ No newline at end of file diff --git a/littlelink/Chart.yaml b/littlelink/Chart.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/littlelink/templates/deployment.yaml b/littlelink/templates/deployment.yaml deleted file mode 100644 index b713b86..0000000 --- a/littlelink/templates/deployment.yaml +++ /dev/null @@ -1,99 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - namespace: littlelink - name: littlelink - labels: - app: littlelink -spec: - selector: - matchLabels: - app: littlelink - replicas: 1 - template: - metadata: - labels: - app: littlelink - spec: - containers: - - name: littlelink - image: registry.internal.durp.info/techno-tim/littlelink-server:latest - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthcheck - port: 3000 - readinessProbe: - httpGet: - path: /healthcheck - port: 3000 - env: - - name: META_TITLE - value: DeveloperDurp - - name: META_DESCRIPTION - value: The Durpy Developer - - name: META_AUTHOR - value: DeveloperDurp - - name: LANG - value: en - - name: META_INDEX_STATUS - value: all - - name: OG_TITLE - value: DeveloperDurp - - name: OG_DESCRIPTION - value: DeveloperDurp - - name: OG_URL - value: https://gitlab.com/developerdurp - - name: OG_IMAGE - value: https://gitlab.com/uploads/-/system/user/avatar/9987937/avatar.png - - name : OG_IMAGE_WIDTH - value: "400" - - name : OG_IMAGE_HEIGHT - value: "400" - - name : THEME - value: Dark - - name : FAVICON_URL - value: https://gitlab.com/uploads/-/system/user/avatar/9987937/avatar.png - - name : AVATAR_URL - value: https://gitlab.com/uploads/-/system/user/avatar/9987937/avatar.png - - name : AVATAR_2X_URL - value: https://gitlab.com/uploads/-/system/user/avatar/9987937/avatar.png - - name : AVATAR_ALT - value: DeveloperDurp Profile Pic - - name : NAME - value: DeveloperDurp - - name : BIO - value: Sup Nerd, - - name : BUTTON_ORDER - value: GITHUB,GITLAB,YOUTUBE,TWITTER,COFFEE,EMAIL - - name : TWITTER - value: https://twitter.com/developerdurp - - name : GITHUB - value: https://github.com/DeveloperDurp - - name : GITLAB - value: https://gitlab.com/developerdurp - - name: YOUTUBE - value: https://www.youtube.com/channel/UC1rGa6s6kER_gLpIQsxeMVQ - - name : EMAIL - value: DeveloperDurp@durp.info - - name : EMAIL_TEXT - value: DeveloperDurp@durp.info - - name : FOOTER - value: DeveloperDurp © 2022 - - name: CUSTOM_BUTTON_TEXT - value: BuyMeACoffee - - name: CUSTOM_BUTTON_URL - value: https://www.buymeacoffee.com/DeveloperDurp - - name: CUSTOM_BUTTON_COLOR - value: '#ffdd00' - - name: CUSTOM_BUTTON_TEXT_COLOR - value: '#000000' - - name: CUSTOM_BUTTON_ALT_TEXT - value: Support - - name: CUSTOM_BUTTON_NAME - value: COFFEE - - name: CUSTOM_BUTTON_ICON - value: fa-solid fa-cup-togo - ports: - - name: http - containerPort: 3000 diff --git a/littlelink/templates/ingress.yaml b/littlelink/templates/ingress.yaml deleted file mode 100644 index 194f31e..0000000 --- a/littlelink/templates/ingress.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: littlelink-ingress -spec: - entryPoints: - - websecure - routes: - - match: Host(`links.durp.info`) && PathPrefix(`/`) - kind: Rule - services: - - name: littlelink - port: 80 - tls: - secretName: littlelink-tls - ---- - -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: littlelink-tls -spec: - secretName: littlelink-tls - issuerRef: - name: letsencrypt-production - kind: ClusterIssuer - commonName: "links.durp.info" - dnsNames: - - "links.durp.info" - ---- - -kind: Service -apiVersion: v1 -metadata: - name: links-external-dns - annotations: - external-dns.alpha.kubernetes.io/hostname: links.durp.info -spec: - type: ExternalName - externalName: durp.info \ No newline at end of file diff --git a/littlelink/templates/service.yaml b/littlelink/templates/service.yaml deleted file mode 100644 index 445d527..0000000 --- a/littlelink/templates/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: littlelink -spec: - ports: - - name: http - port: 80 - targetPort: 3000 - protocol: TCP - selector: - app: littlelink \ No newline at end of file diff --git a/nfs-client/Chart.yml b/nfs-client/Chart.yml deleted file mode 100644 index 217f2c1..0000000 --- a/nfs-client/Chart.yml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v2 -name: nfs-client -description: A Helm chart for Kubernetes -type: application - -version: 0.1.0 -appVersion: "1.16.0" - diff --git a/nfs-client/templates/cluster-role-binding.yml b/nfs-client/templates/cluster-role-binding.yml deleted file mode 100644 index 427d8c6..0000000 --- a/nfs-client/templates/cluster-role-binding.yml +++ /dev/null @@ -1,12 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: run-nfs-client-provisioner -subjects: - - kind: ServiceAccount - name: nfs-client-provisioner - namespace: nfs-client -roleRef: - kind: ClusterRole - name: nfs-client-provisioner-runner - apiGroup: rbac.authorization.k8s.io diff --git a/nfs-client/templates/cluster-role.yml b/nfs-client/templates/cluster-role.yml deleted file mode 100644 index fa6ed20..0000000 --- a/nfs-client/templates/cluster-role.yml +++ /dev/null @@ -1,20 +0,0 @@ -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: nfs-client-provisioner-runner -rules: - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "create", "delete"] - - apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "update", "patch"] - - apiGroups: [""] - resources: ["endpoints"] - verbs: ["get", "list", "watch", "create", "update", "patch"] diff --git a/nfs-client/templates/provisioner.yml b/nfs-client/templates/provisioner.yml deleted file mode 100644 index c76fe8c..0000000 --- a/nfs-client/templates/provisioner.yml +++ /dev/null @@ -1,42 +0,0 @@ -kind: Deployment -apiVersion: apps/v1 -metadata: - name: nfs-client-provisioner - namespace: nfs-client -spec: - selector: - matchLabels: - app: nfs-client-provisioner - replicas: 1 - strategy: - type: Recreate - template: - metadata: - labels: - app: nfs-client-provisioner - spec: - serviceAccountName: nfs-client-provisioner - containers: - - name: nfs-client-provisioner - image: gcr.io/k8s-staging-sig-storage/nfs-subdir-external-provisioner:v4.0.0 - resources: - requests: - cpu: 500m - memory: 512Mi - limits: - memory: 1Gi - volumeMounts: - - name: nfs-client-ssd - mountPath: /persistentvolumes - env: - - name: PROVISIONER_NAME - value: durp.info/nfs - - name: NFS_SERVER - value: 192.168.20.253 - - name: NFS_PATH - value: /mnt/user/k3s - volumes: - - name: nfs-client-ssd - nfs: - server: 192.168.20.253 - path: /mnt/user/k3s diff --git a/nfs-client/templates/role-binding.yml b/nfs-client/templates/role-binding.yml deleted file mode 100644 index fb0f085..0000000 --- a/nfs-client/templates/role-binding.yml +++ /dev/null @@ -1,13 +0,0 @@ -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: leader-locking-nfs-client-provisioner - namespace: nfs-client -subjects: - - kind: ServiceAccount - name: nfs-client-provisioner - namespace: nfs-client -roleRef: - kind: Role - name: leader-locking-nfs-client-provisioner - apiGroup: rbac.authorization.k8s.io diff --git a/nfs-client/templates/role.yml b/nfs-client/templates/role.yml deleted file mode 100644 index 910346d..0000000 --- a/nfs-client/templates/role.yml +++ /dev/null @@ -1,9 +0,0 @@ -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: leader-locking-nfs-client-provisioner - namespace: nfs-client -rules: - - apiGroups: [""] - resources: ["endpoints"] - verbs: ["get", "list", "watch", "create", "update", "patch"] diff --git a/nfs-client/templates/service-account.yml b/nfs-client/templates/service-account.yml deleted file mode 100644 index ef9b4d7..0000000 --- a/nfs-client/templates/service-account.yml +++ /dev/null @@ -1,5 +0,0 @@ -kind: ServiceAccount -apiVersion: v1 -metadata: - name: nfs-client-provisioner - namespace: nfs-client diff --git a/nfs-client/templates/storage-class.yml b/nfs-client/templates/storage-class.yml deleted file mode 100644 index b615fe1..0000000 --- a/nfs-client/templates/storage-class.yml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: nfs-storage - annotations: - storageclass.kubernetes.io/is-default-class: "false" -provisioner: durp.info/nfs -parameters: - archiveOnDelete: "false" -reclaimPolicy: Retain diff --git a/open-webui/Chart.yaml b/open-webui/Chart.yaml deleted file mode 100644 index 1561d60..0000000 --- a/open-webui/Chart.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v2 -name: open-webui -description: A Helm chart for Kubernetes -type: application - -version: 0.1.0 -appVersion: "1.16.0" diff --git a/open-webui/templates/deployment.yaml b/open-webui/templates/deployment.yaml deleted file mode 100644 index 7a51d0f..0000000 --- a/open-webui/templates/deployment.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - namespace: open-webui - name: open-webui - labels: - app: open-webui -spec: - selector: - matchLabels: - app: open-webui - replicas: 1 - template: - metadata: - labels: - app: open-webui - spec: - containers: - - name: open-webui - image: registry.internal.durp.info/open-webui/open-webui:main - imagePullPolicy: Always - volumeMounts: - - name: open-webui-pvc - mountPath: /app/backend/data - ports: - - name: http - containerPort: 8080 - env: - - name: OLLAMA_BASE_URL - valueFrom: - secretKeyRef: - name: open-webui-secret - key: OLLAMA_BASE_URL - volumes: - - name: open-webui-pvc - persistentVolumeClaim: - claimName: open-webui-pvc diff --git a/open-webui/templates/ingress.yaml b/open-webui/templates/ingress.yaml deleted file mode 100644 index 6331e92..0000000 --- a/open-webui/templates/ingress.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: open-webui-ingress -spec: - entryPoints: - - websecure - routes: - - match: Host(`open-webui.durp.info`) && PathPrefix(`/`) - kind: Rule - services: - - name: open-webui - port: 8080 - tls: - secretName: open-webui-tls - ---- - -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: open-webui-tls -spec: - secretName: open-webui-tls - issuerRef: - name: letsencrypt-production - kind: ClusterIssuer - commonName: "open-webui.durp.info" - dnsNames: - - "open-webui.durp.info" - ---- - -kind: Service -apiVersion: v1 -metadata: - name: open-webui-external-dns - annotations: - external-dns.alpha.kubernetes.io/hostname: open-webui.durp.info -spec: - type: ExternalName - externalName: durp.info diff --git a/open-webui/templates/pvc.yaml b/open-webui/templates/pvc.yaml deleted file mode 100644 index 63a3280..0000000 --- a/open-webui/templates/pvc.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: open-webui-pvc -spec: - storageClassName: longhorn - accessModes: - - ReadWriteMany - resources: - requests: - storage: 10Gi diff --git a/open-webui/templates/secrets.yaml b/open-webui/templates/secrets.yaml deleted file mode 100644 index 1fe6fec..0000000 --- a/open-webui/templates/secrets.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: open-webui-secret -spec: - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: open-webui-secret - data: - - secretKey: OLLAMA_BASE_URL - remoteRef: - key: secrets/open-webui - property: OLLAMA_BASE_URL - diff --git a/open-webui/templates/service.yaml b/open-webui/templates/service.yaml deleted file mode 100644 index cd93455..0000000 --- a/open-webui/templates/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: open-webui -spec: - ports: - - name: http - port: 8080 - targetPort: 8080 - protocol: TCP - selector: - app: open-webui diff --git a/vault/Chart.yaml b/vault/Chart.yaml deleted file mode 100644 index fc08adf..0000000 --- a/vault/Chart.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v2 -name: vault -description: A Helm chart for Kubernetes -type: application -version: 0.0.1 -appVersion: 0.0.1 - -dependencies: -- name: vault - repository: https://helm.releases.hashicorp.com - version: 0.27.0 - diff --git a/vault/templates/ingress.yaml b/vault/templates/ingress.yaml deleted file mode 100644 index 8998087..0000000 --- a/vault/templates/ingress.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: vault-ingress - annotations: - cert-manager.io/cluster-issuer: letsencrypt-production -spec: - entryPoints: - - websecure - routes: - - match: Host(`vault.internal.durp.info`) - middlewares: - - name: whitelist - namespace: traefik - kind: Rule - services: - - name: vault - port: 8200 - scheme: http - tls: - secretName: vault-tls - ---- - -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: vault-tls -spec: - secretName: vault-tls - issuerRef: - name: letsencrypt-production - kind: ClusterIssuer - commonName: "vault.internal.durp.info" - dnsNames: - - "vault.internal.durp.info" - diff --git a/vault/templates/secret-store.yaml b/vault/templates/secret-store.yaml deleted file mode 100644 index e7cca3a..0000000 --- a/vault/templates/secret-store.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ClusterSecretStore -metadata: - name: vault -spec: - provider: - vault: - server: "http://vault.vault.svc.cluster.local:8200" - path: "secrets" - version: "v2" - auth: - kubernetes: - mountPath: "kubernetes" - role: "external-secrets" diff --git a/vault/values.yaml b/vault/values.yaml deleted file mode 100644 index d77a898..0000000 --- a/vault/values.yaml +++ /dev/null @@ -1,66 +0,0 @@ -vault: - - global: - - image: - repository: "registry.internal.durp.info/hashicorp/vault-k8s" - tag: "1.3.1" - pullPolicy: Always - - agentImage: - repository: "registry.internal.durp.info/hashicorp/vault" - tag: "1.15.2" - - injector: - enabled: "-" - - replicas: 3 - leaderElector: - enabled: true - - metrics: - enabled: true - - image: - repository: "registry.internal.durp.info/hashicorp/vault-k8s" - tag: "1.3.1" - pullPolicy: Always - - agentImage: - repository: "registry.internal.durp.info/hashicorp/vault" - tag: "1.15.2" - - server: - enabled: "-" - image: - repository: "registry.internal.durp.info/hashicorp/vault" - tag: "1.15.2" - pullPolicy: Always - ha: - enabled: false - replicas: 3 - resources: {} - # resources: - # requests: - # memory: 256Mi - # cpu: 250m - # limits: - # memory: 256Mi - # cpu: 250m - - dataStorage: - enabled: true - size: 10Gi - storageClass: longhorn - accessMode: ReadWriteOnce - auditStorage: - enabled: false - size: 10Gi - mountPath: "/vault/audit" - storageClass: longhorn - accessMode: ReadWriteOnce - ui: - enabled: false - externalPort: 8200 - targetPort: 8200 -