remove taiga

clusters/cl01tl/applications/homepage/values.yaml

@@ -239,12 +239,6 @@ homepage:
                   href: https://mail-cl01tl.boreal-beaufort.ts.net
                   siteMonitor: http://roundcube.roundcube:80
                   statusStyle: dot
-              - Project Planning:
-                  icon: taiga.png
-                  description: Taiga
-                  href: https://taiga-cl01tl.boreal-beaufort.ts.net/discover
-                  siteMonitor: http://taiga-front.taiga:80
-                  statusStyle: dot
               - Web Design:
                   icon: https://raw.githubusercontent.com/penpot/penpot/362d4ea47f06d169dd6e0a34cb9d141200e646e6/frontend/resources/images/icons/penpot-logo-icon.svg
                   description: Penpot

clusters/cl01tl/applications/taiga/Chart.yaml

@@ -1,38 +0,0 @@
-apiVersion: v2
-name: taiga
-version: 1.0.0
-description: Taiga
-keywords:
-  - taiga
-  - kanban
-  - project management
-home: https://wiki.alexlebens.dev/doc/taiga-Jw0Q08PKQ5
-sources:
-  - https://github.com/taigaio
-  - https://github.com/rabbitmq/rabbitmq-server
-  - https://github.com/cloudnative-pg/cloudnative-pg
-  - https://github.com/alexlebens/taiga-front-docker-oidc/pkgs/container/taiga-front-docker-oidc
-  - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template
-  - https://github.com/bitnami/charts/tree/main/bitnami/rabbitmq
-  - https://github.com/alexlebens/helm-charts/charts/postgres-cluster
-maintainers:
-  - name: alexlebens
-dependencies:
-  - name: app-template
-    alias: taiga
-    repository: https://bjw-s.github.io/helm-charts/
-    version: 3.4.0
-  - name: rabbitmq
-    version: 14.7.0
-    repository: https://charts.bitnami.com/bitnami
-    alias: async-rabbitmq
-  - name: rabbitmq
-    version: 14.7.0
-    repository: https://charts.bitnami.com/bitnami
-    alias: events-rabbitmq
-  - name: postgres-cluster
-    alias: postgres-16-cluster
-    version: 3.9.0
-    repository: http://alexlebens.github.io/helm-charts
-icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/taiga.png
-appVersion: 6.8.1

clusters/cl01tl/applications/taiga/templates/external-secret.yaml

@@ -1,151 +0,0 @@
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: taiga-key-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: taiga-key-secret
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: key
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/taiga/key
-        metadataPolicy: None
-        property: key
-
----
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: taiga-oidc-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: taiga-oidc-secret
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: auth
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: client
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /authentik/oidc/taiga
-        metadataPolicy: None
-        property: client
-    - secretKey: secret
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /authentik/oidc/taiga
-        metadataPolicy: None
-        property: secret
-
----
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: taiga-async-rabbitmq-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: taiga-async-rabbitmq-secret
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: password
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/taiga/rabbitmq/async
-        metadataPolicy: None
-        property: password
-    - secretKey: erlang
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/taiga/rabbitmq/async
-        metadataPolicy: None
-        property: erlang
-
----
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: taiga-events-rabbitmq-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: taiga-events-rabbitmq-secret
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: password
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/taiga/rabbitmq/events
-        metadataPolicy: None
-        property: password
-    - secretKey: erlang
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /cl01tl/taiga/rabbitmq/events
-        metadataPolicy: None
-        property: erlang
-
----
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: taiga-postgresql-16-cluster-backup-secret
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: taiga-postgresql-16-cluster-backup-secret
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: database
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: ACCESS_KEY_ID
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /aws/keys/cl01tl-taiga-postgresql
-        metadataPolicy: None
-        property: access_key
-    - secretKey: ACCESS_SECRET_KEY
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /aws/keys/cl01tl-taiga-postgresql
-        metadataPolicy: None
-        property: secret_key

clusters/cl01tl/applications/taiga/templates/persistent-volume-claim.yaml

@@ -1,40 +0,0 @@
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
-  name: taiga-static
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: taiga-static
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: storage
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  volumeMode: Filesystem
-  storageClassName: nfs-client
-  accessModes:
-    - ReadWriteMany
-  resources:
-    requests:
-      storage: 1Gi
-
----
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
-  name: taiga-media
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: taiga-media
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: storage
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  volumeMode: Filesystem
-  storageClassName: nfs-client
-  accessModes:
-    - ReadWriteMany
-  resources:
-    requests:
-      storage: 1Gi

clusters/cl01tl/applications/taiga/values.yaml

@@ -1,422 +0,0 @@
-taiga:
-  controllers:
-    front:
-      type: deployment
-      replicas: 1
-      strategy: Recreate
-      revisionHistoryLimit: 3
-      containers:
-        front:
-          image:
-            repository: ghcr.io/alexlebens/taiga-front-docker-oidc
-            tag: 6.8.1
-            pullPolicy: IfNotPresent
-          env:
-            - name: TAIGA_URL
-              value: https://taiga-cl01tl.boreal-beaufort.ts.net
-            - name: PUBLIC_REGISTER_ENABLED
-              value: false
-            - name: ENABLE_GITHUB_AUTH
-              value: false
-            - name: ENABLE_GITLAB_AUTH
-              value: false
-            - name: ENABLE_OIDC
-              value: true
-            - name: ENABLE_SLACK
-              value: false
-            - name: ENABLE_GITHUB_IMPORTER
-              value: false
-            - name: ENABLE_JIRA_IMPORTER
-              value: false
-            - name: ENABLE_TRELLO_IMPORTER
-              value: false
-          resources:
-            requests:
-              cpu: 100m
-              memory: 128Mi
-    back:
-      type: deployment
-      replicas: 1
-      strategy: Recreate
-      revisionHistoryLimit: 3
-      containers:
-        back:
-          image:
-            repository: ghcr.io/alexlebens/taiga-back-docker-oidc
-            tag: 6.8.1
-            pullPolicy: IfNotPresent
-          env:
-            - name: TAIGA_SECRET_KEY
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-key-secret
-                  key: key
-            - name: ENABLE_TELEMETRY
-              value: false
-            - name: PUBLIC_REGISTER_ENABLED
-              value: false
-            - name: POSTGRES_USER
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-postgresql-16-cluster-app
-                  key: username
-            - name: POSTGRES_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-postgresql-16-cluster-app
-                  key: password
-            - name: POSTGRES_DB
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-postgresql-16-cluster-app
-                  key: dbname
-            - name: POSTGRES_HOST
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-postgresql-16-cluster-app
-                  key: host
-            - name: OIDC_ENABLED
-              value: "True"
-            - name: OIDC_CLIENT_ID
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-oidc-secret
-                  key: client
-            - name: OIDC_CLIENT_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-oidc-secret
-                  key: secret
-            - name: OIDC_SCOPES
-              value: openid profile email
-            - name: OIDC_SIGN_ALGO
-              value: RS256
-            - name: OIDC_BASE_URL
-              value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/
-            - name: OIDC_JWKS_ENDPOINT
-              value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/taiga/jwks/
-            - name: OIDC_AUTHORIZATION_ENDPOINT
-              value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/authorize/
-            - name: OIDC_TOKEN_ENDPOINT
-              value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/token/
-            - name: OIDC_USER_ENDPOINT
-              value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/userinfo/
-            - name: ENABLE_GITHUB_AUTH
-              value: "false"
-            - name: ENABLE_GITLAB_AUTH
-              value: "false"
-            - name: ENABLE_SLACK
-              value: "false"
-            - name: ENABLE_GITHUB_IMPORTER
-              value: "False"
-            - name: ENABLE_JIRA_IMPORTER
-              value: "False"
-            - name: RABBITMQ_USER
-              value: taiga
-            - name: RABBITMQ_PASS
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-async-rabbitmq-secret
-                  key: password
-            - name: TAIGA_SITES_DOMAIN
-              value: taiga-cl01tl.boreal-beaufort.ts.net
-            - name: TAIGA_SITES_SCHEME
-              value: https
-            - name: SESSION_COOKIE_SECURE
-              value: "True"
-            - name: CSRF_COOKIE_SECURE
-              value: "True"
-          resources:
-            requests:
-              cpu: 100m
-              memory: 512Mi
-        async:
-          image:
-            repository: ghcr.io/alexlebens/taiga-back-docker-oidc
-            tag: 6.8.1
-            pullPolicy: IfNotPresent
-          command:
-            - /taiga-back/docker/async_entrypoint.sh
-          env:
-            - name: TAIGA_SECRET_KEY
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-key-secret
-                  key: key
-            - name: ENABLE_TELEMETRY
-              value: false
-            - name: PUBLIC_REGISTER_ENABLED
-              value: false
-            - name: POSTGRES_USER
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-postgresql-16-cluster-app
-                  key: username
-            - name: POSTGRES_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-postgresql-16-cluster-app
-                  key: password
-            - name: POSTGRES_DB
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-postgresql-16-cluster-app
-                  key: dbname
-            - name: POSTGRES_HOST
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-postgresql-16-cluster-app
-                  key: host
-            - name: OIDC_ENABLED
-              value: "True"
-            - name: OIDC_CLIENT_ID
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-oidc-secret
-                  key: client
-            - name: OIDC_CLIENT_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-oidc-secret
-                  key: secret
-            - name: OIDC_SCOPES
-              value: openid profile email
-            - name: OIDC_SIGN_ALGO
-              value: RS256
-            - name: OIDC_BASE_URL
-              value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/
-            - name: OIDC_JWKS_ENDPOINT
-              value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/taiga/jwks/
-            - name: OIDC_AUTHORIZATION_ENDPOINT
-              value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/authorize/
-            - name: OIDC_TOKEN_ENDPOINT
-              value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/token/
-            - name: OIDC_USER_ENDPOINT
-              value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/userinfo/
-            - name: ENABLE_GITHUB_AUTH
-              value: "false"
-            - name: ENABLE_GITLAB_AUTH
-              value: "false"
-            - name: ENABLE_SLACK
-              value: "false"
-            - name: ENABLE_GITHUB_IMPORTER
-              value: "False"
-            - name: ENABLE_JIRA_IMPORTER
-              value: "False"
-            - name: RABBITMQ_USER
-              value: taiga
-            - name: RABBITMQ_PASS
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-async-rabbitmq-secret
-                  key: password
-            - name: TAIGA_SITES_DOMAIN
-              value: taiga-cl01tl.boreal-beaufort.ts.net
-            - name: TAIGA_SITES_SCHEME
-              value: https
-            - name: SESSION_COOKIE_SECURE
-              value: "True"
-            - name: CSRF_COOKIE_SECURE
-              value: "True"
-          resources:
-            requests:
-              cpu: 100m
-              memory: 512Mi
-    events:
-      type: deployment
-      replicas: 1
-      strategy: Recreate
-      revisionHistoryLimit: 3
-      containers:
-        events:
-          image:
-            repository: taigaio/taiga-events
-            tag: 6.7.0
-            pullPolicy: IfNotPresent
-          env:
-            - name: TAIGA_SECRET_KEY
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-key-secret
-                  key: key
-            - name: RABBITMQ_USER
-              value: taiga
-            - name: RABBITMQ_PASS
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-events-rabbitmq-secret
-                  key: password
-            - name: APP_PORT
-              value: 3023
-          resources:
-            requests:
-              cpu: 100m
-              memory: 128Mi
-    protected:
-      type: deployment
-      replicas: 1
-      strategy: Recreate
-      revisionHistoryLimit: 3
-      containers:
-        main:
-          image:
-            repository: taigaio/taiga-protected
-            tag: 6.8.1
-            pullPolicy: IfNotPresent
-          env:
-            - name: SECRET_KEY
-              valueFrom:
-                secretKeyRef:
-                  name: taiga-key-secret
-                  key: key
-            - name: MAX_AGE
-              value: 360
-          resources:
-            requests:
-              cpu: 100m
-              memory: 256Mi
-  serviceAccount:
-    create: true
-  service:
-    front:
-      controller: front
-      ports:
-        front:
-          port: 80
-          targetPort: 80
-          protocol: HTTP
-    back:
-      controller: back
-      ports:
-        back:
-          port: 8000
-          targetPort: 8000
-          protocol: HTTP
-    events:
-      controller: events
-      ports:
-        events:
-          port: 8888
-          targetPort: 8888
-          protocol: HTTP
-        app:
-          port: 3023
-          targetPort: 3023
-          protocol: HTTP
-    protected:
-      controller: protected
-      ports:
-        protected:
-          port: 8003
-          targetPort: 8003
-          protocol: HTTP
-  ingress:
-    tailscale:
-      enabled: true
-      className: tailscale
-      hosts:
-        - host: taiga-cl01tl
-          paths:
-            - path: /
-              pathType: Prefix
-              service:
-                name: taiga-front
-                port: 80
-            - path: /api
-              pathType: Prefix
-              service:
-                  name: taiga-back
-                  port: 8000
-              pathType: ImplementationSpecific
-            - path: /admin
-              pathType: Prefix
-              service:
-                  name: taiga-back
-                  port: 8000
-              pathType: ImplementationSpecific
-            - path: /oidc
-              pathType: Prefix
-              service:
-                  name: taiga-back
-                  port: 8000
-              pathType: ImplementationSpecific
-            - path: /events
-              pathType: Prefix
-              service:
-                  name: taiga-events
-                  port: 8888
-              pathType: ImplementationSpecific
-            - path: /media
-              pathType: Prefix
-              service:
-                  name: taiga-protected
-                  port: 8003
-              pathType: ImplementationSpecific
-      tls:
-        - hosts:
-            - taiga-cl01tl
-  persistence:
-    static:
-      existingClaim: taiga-static
-      advancedMounts:
-        back:
-          back:
-            - path: /taiga-back/static
-              readOnly: false
-        back:
-          async:
-            - path: /taiga-back/static
-              readOnly: false
-    media:
-      existingClaim: taiga-media
-      advancedMounts:
-        back:
-          back:
-            - path: /taiga-back/media
-              readOnly: false
-        back:
-          async:
-            - path: /taiga-back/media
-              readOnly: false
-async-rabbitmq:
-  auth:
-    username: taiga
-    existingPasswordSecret: taiga-async-rabbitmq-secret
-    existingSecretPasswordKey: password
-    existingErlangSecret: taiga-async-rabbitmq-secret
-    existingSecretErlangKey: erlang
-  extraConfiguration: |-
-    default_vhost = taiga
-    default_permissions.configure = .*
-    default_permissions.read = .*
-    default_permissions.write = .*
-events-rabbitmq:
-  auth:
-    username: taiga
-    existingPasswordSecret: taiga-events-rabbitmq-secret
-    existingSecretPasswordKey: password
-    existingErlangSecret: taiga-events-rabbitmq-secret
-    existingSecretErlangKey: erlang
-  extraConfiguration: |-
-    default_vhost = taiga
-    default_permissions.configure = .*
-    default_permissions.read = .*
-    default_permissions.write = .*
-postgres-16-cluster:
-  mode: standalone
-  cluster:
-    walStorage:
-      storageClass: local-path
-    storage:
-      storageClass: local-path
-    monitoring:
-      enabled: true
-      prometheusRule:
-        enabled: false
-  backup:
-    enabled: true
-    endpointURL: https://s3.us-east-2.amazonaws.com
-    destinationPath: s3://cl01tl-postgresql-backups/taiga
-    endpointCredentials: taiga-postgresql-16-cluster-backup-secret
-    backupIndex: 1
-    retentionPolicy: 14d