alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 5 Actions Activity

feat: refactor apps (#5227)
All checks were successful
lint-test-helm / lint-helm (push) Successful in 17s
Details
lint-test-helm / validate-kubeconform (push) Has been skipped
Details
renovate / renovate (push) Successful in 2m31s
Details

Browse Source 
Reviewed-on: #5227
This commit was merged in pull request #5227.
This commit is contained in:
Alex Lebens
2026-03-28 02:36:08 +00:00
parent d156c5b9da
commit 4d58538504
7 changed files with 96 additions and 161 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
clusters/cl01tl/helm/grafana-operator/Chart.yaml
View File

@@ -5,14 +5,13 @@ description: Grafana Operator
keywords:
- grafana-operator
- dashboard
- metrics
- logs
home: https://wiki.alexlebens.dev/s/3e5723e1-2ab7-45ab-b496-b8854907fa39
home: https://docs.alexlebens.dev/applications/grafana-operator/
sources:
- https://github.com/grafana/grafana-operator
- https://github.com/cloudnative-pg/cloudnative-pg
- https://github.com/grafana/grafana/pkgs/container/grafana%2Fgrafana
- https://github.com/grafana/grafana-operator/tree/master/deploy/helm/grafana-operator
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/valkey
maintainers:
- name: alexlebens
dependencies:

27
clusters/cl01tl/helm/grafana-operator/templates/external-secret.yaml
View File

@@ -14,17 +14,11 @@ spec:
data:
- secretKey: admin-user
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/grafana/auth
metadataPolicy: None
property: admin-user
- secretKey: admin-password
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/grafana/auth
metadataPolicy: None
property: admin-password
---
@@ -44,17 +38,11 @@ spec:
data:
- secretKey: AUTH_CLIENT_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/grafana
metadataPolicy: None
property: client
- secretKey: AUTH_CLIENT_SECRET
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/grafana
metadataPolicy: None
property: secret
---
@@ -74,17 +62,11 @@ spec:
data:
- secretKey: ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/postgres-backups
metadataPolicy: None
property: access
- secretKey: ACCESS_SECRET_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/postgres-backups
metadataPolicy: None
property: secret
---
@@ -104,22 +86,13 @@ spec:
data:
- secretKey: ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/postgres-backups
metadataPolicy: None
property: ACCESS_KEY_ID
- secretKey: ACCESS_SECRET_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/postgres-backups
metadataPolicy: None
property: ACCESS_SECRET_KEY
- secretKey: ACCESS_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/postgres-backups
metadataPolicy: None
property: ACCESS_REGION

136
clusters/cl01tl/helm/grafana-operator/templates/grafana-dashboard.yaml
View File

@@ -11,9 +11,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-system
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/ceph.json
---
@@ -30,9 +30,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-system
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/coredns.json
---
@@ -49,9 +49,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-system
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/etcd.json
---
@@ -68,9 +68,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-system
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/garage.json
---
@@ -87,9 +87,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-system
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/loki.json
---
@@ -106,9 +106,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-system
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/node-full.json
---
@@ -125,9 +125,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-system
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/node-short.json
---
@@ -144,9 +144,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-system
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/pods.json
---
@@ -163,9 +163,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/argocd.json
---
@@ -182,9 +182,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/blocky.json
---
@@ -201,9 +201,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/cert-manager.json
---
@@ -220,9 +220,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/cloudnative-pg.json
---
@@ -239,9 +239,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/descheduler.json
---
@@ -258,9 +258,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/gatus.json
---
@@ -277,9 +277,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/grafana-operator.json
---
@@ -296,9 +296,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/harbor.json
---
@@ -315,9 +315,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/speedtest-exporter.json
---
@@ -334,9 +334,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/spegel.json
---
@@ -353,9 +353,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/traefik.json
---
@@ -372,9 +372,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/tdarr.json
---
@@ -391,9 +391,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/unpoller.json
---
@@ -410,9 +410,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-service
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/volsync.json
---
@@ -429,9 +429,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-platform
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/s3.json
---
@@ -448,9 +448,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-platform
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/authentik.json
---
@@ -467,9 +467,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-platform
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/gitea.json
---
@@ -486,9 +486,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-platform
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/ntfy.json
---
@@ -505,9 +505,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-platform
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/qbittorrent.json
---
@@ -524,9 +524,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-platform
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/vault.json
---
@@ -543,9 +543,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-iot
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/iot/airgradient.json
---
@@ -562,9 +562,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-iot
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/iot/server-power-consumption.json
---
@@ -581,9 +581,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-application
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/immich.json
---
@@ -600,9 +600,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-application
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/jellyfin.json
---
@@ -619,9 +619,9 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-application
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/radarr.json
---
@@ -638,7 +638,7 @@ spec:
instanceSelector:
matchLabels:
app: grafana-main
contentCacheDuration: 1h
contentCacheDuration: 6h
folderUID: grafana-folder-application
resyncPeriod: 1h
resyncPeriod: 6h
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/sonarr.json

16
clusters/cl01tl/helm/grafana-operator/templates/grafana.yaml
View File

@@ -56,11 +56,12 @@ spec:
spec:
containers:
- name: grafana
image: grafana/grafana:12.0.0
# renovate: datasource=docker depName=grafana/grafana
image: grafana/grafana:12.4.2@sha256:83749231c3835e390a3144e5e940203e42b9589761f20ef3169c716e734ad505
resources:
requests:
cpu: 100m
memory: 128Mi
cpu: 20m
memory: 120Mi
env:
- name: AUTH_CLIENT_ID
valueFrom:
@@ -107,3 +108,12 @@ spec:
secretKeyRef:
name: grafana-operator-postgresql-18-cluster-app
key: password
httpRoute:
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- grafana.alexlebens.net

28
clusters/cl01tl/helm/grafana-operator/templates/http-route.yaml
View File

@@ -1,28 +0,0 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: grafana
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: grafana
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- grafana.alexlebens.net
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- group: ''
kind: Service
name: grafana-main-service
port: 3000
weight: 100

33
clusters/cl01tl/helm/grafana-operator/values.yaml
View File

@@ -1,17 +1,11 @@
grafana-operator:
replicas: 2
serviceAccount:
create: true
rbac:
create: true
resources:
requests:
cpu: 10m
memory: 64Mi
cpu: 1m
memory: 50Mi
serviceMonitor:
enabled: true
dashboard:
enabled: false
postgres-18-cluster:
mode: recovery
recovery:
@@ -25,35 +19,12 @@ postgres-18-cluster:
destinationBucket: postgres-backups
externalSecretCredentialPath: /garage/home-infra/postgres-backups
isWALArchiver: true
# - name: garage-remote
# index: 1
# destinationBucket: postgres-backups
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
# retentionPolicy: "90d"
# data:
# compression: bzip2
# - name: external
# index: 1
# endpointURL: https://nyc3.digitaloceanspaces.com
# destinationBucket: postgres-backups-ce540ddf106d186bbddca68a
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
# isWALArchiver: false
scheduledBackups:
- name: live-backup
suspend: false
immediate: true
schedule: "0 30 14 * * *"
backupName: garage-local
# - name: weekly-backup
# suspend: true
# immediate: true
# schedule: "0 0 4 * * SAT"
# backupName: garage-remote
# - name: daily-backup
# suspend: true
# immediate: true
# schedule: "0 0 0 * * *"
# backupName: external
valkey-unified-alerting:
valkey:
nameOverride: valkey-unified-alerting

10
renovate.json
View File

@@ -16,6 +16,16 @@
"baseBranchPatterns": [
"main"
],
"regexManagers": [
{
"fileMatch": ["(^|/)values\\.yaml$", "(^|/)values-.*\\.yaml$"],
"matchStrings": [
"# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+tag:\\s+(?<currentValue>.*)"
],
"datasourceTemplate": "{{{datasource}}}",
"depNameTemplate": "{{{depName}}}"
}
],
"customManagers": [
{
"description": "Update appVersion in Chart.yaml",