From 4d58538504061c8c3db0a9f98ae2db14f7a28e55 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Sat, 28 Mar 2026 02:36:08 +0000 Subject: [PATCH] feat: refactor apps (#5227) Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/5227 --- .../cl01tl/helm/grafana-operator/Chart.yaml | 7 +- .../templates/external-secret.yaml | 27 ---- .../templates/grafana-dashboard.yaml | 136 +++++++++--------- .../grafana-operator/templates/grafana.yaml | 16 ++- .../templates/http-route.yaml | 28 ---- .../cl01tl/helm/grafana-operator/values.yaml | 33 +---- renovate.json | 10 ++ 7 files changed, 96 insertions(+), 161 deletions(-) delete mode 100644 clusters/cl01tl/helm/grafana-operator/templates/http-route.yaml diff --git a/clusters/cl01tl/helm/grafana-operator/Chart.yaml b/clusters/cl01tl/helm/grafana-operator/Chart.yaml index b5fbf1b33..f27879d1c 100644 --- a/clusters/cl01tl/helm/grafana-operator/Chart.yaml +++ b/clusters/cl01tl/helm/grafana-operator/Chart.yaml @@ -5,14 +5,13 @@ description: Grafana Operator keywords: - grafana-operator - dashboard - - metrics - - logs -home: https://wiki.alexlebens.dev/s/3e5723e1-2ab7-45ab-b496-b8854907fa39 +home: https://docs.alexlebens.dev/applications/grafana-operator/ sources: - https://github.com/grafana/grafana-operator - - https://github.com/cloudnative-pg/cloudnative-pg + - https://github.com/grafana/grafana/pkgs/container/grafana%2Fgrafana - https://github.com/grafana/grafana-operator/tree/master/deploy/helm/grafana-operator - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster + - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/valkey maintainers: - name: alexlebens dependencies: diff --git a/clusters/cl01tl/helm/grafana-operator/templates/external-secret.yaml b/clusters/cl01tl/helm/grafana-operator/templates/external-secret.yaml index 449d8ea0b..a5d05c0b9 100644 --- a/clusters/cl01tl/helm/grafana-operator/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/grafana-operator/templates/external-secret.yaml @@ -14,17 +14,11 @@ spec: data: - secretKey: admin-user remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cl01tl/grafana/auth - metadataPolicy: None property: admin-user - secretKey: admin-password remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /cl01tl/grafana/auth - metadataPolicy: None property: admin-password --- @@ -44,17 +38,11 @@ spec: data: - secretKey: AUTH_CLIENT_ID remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /authentik/oidc/grafana - metadataPolicy: None property: client - secretKey: AUTH_CLIENT_SECRET remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /authentik/oidc/grafana - metadataPolicy: None property: secret --- @@ -74,17 +62,11 @@ spec: data: - secretKey: ACCESS_KEY_ID remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None property: access - secretKey: ACCESS_SECRET_KEY remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None property: secret --- @@ -104,22 +86,13 @@ spec: data: - secretKey: ACCESS_KEY_ID remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /garage/home-infra/postgres-backups - metadataPolicy: None property: ACCESS_KEY_ID - secretKey: ACCESS_SECRET_KEY remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /garage/home-infra/postgres-backups - metadataPolicy: None property: ACCESS_SECRET_KEY - secretKey: ACCESS_REGION remoteRef: - conversionStrategy: Default - decodingStrategy: None key: /garage/home-infra/postgres-backups - metadataPolicy: None property: ACCESS_REGION diff --git a/clusters/cl01tl/helm/grafana-operator/templates/grafana-dashboard.yaml b/clusters/cl01tl/helm/grafana-operator/templates/grafana-dashboard.yaml index 1f2c3ca09..4b00ba40d 100644 --- a/clusters/cl01tl/helm/grafana-operator/templates/grafana-dashboard.yaml +++ b/clusters/cl01tl/helm/grafana-operator/templates/grafana-dashboard.yaml @@ -11,9 +11,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-system - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/ceph.json --- @@ -30,9 +30,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-system - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/coredns.json --- @@ -49,9 +49,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-system - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/etcd.json --- @@ -68,9 +68,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-system - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/garage.json --- @@ -87,9 +87,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-system - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/loki.json --- @@ -106,9 +106,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-system - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/node-full.json --- @@ -125,9 +125,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-system - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/node-short.json --- @@ -144,9 +144,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-system - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/system/pods.json --- @@ -163,9 +163,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/argocd.json --- @@ -182,9 +182,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/blocky.json --- @@ -201,9 +201,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/cert-manager.json --- @@ -220,9 +220,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/cloudnative-pg.json --- @@ -239,9 +239,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/descheduler.json --- @@ -258,9 +258,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/gatus.json --- @@ -277,9 +277,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/grafana-operator.json --- @@ -296,9 +296,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/harbor.json --- @@ -315,9 +315,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/speedtest-exporter.json --- @@ -334,9 +334,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/spegel.json --- @@ -353,9 +353,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/traefik.json --- @@ -372,9 +372,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/tdarr.json --- @@ -391,9 +391,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/unpoller.json --- @@ -410,9 +410,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-service - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/volsync.json --- @@ -429,9 +429,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-platform - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/s3.json --- @@ -448,9 +448,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-platform - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/authentik.json --- @@ -467,9 +467,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-platform - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/gitea.json --- @@ -486,9 +486,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-platform - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/ntfy.json --- @@ -505,9 +505,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-platform - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/qbittorrent.json --- @@ -524,9 +524,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-platform - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/platform/vault.json --- @@ -543,9 +543,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-iot - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/iot/airgradient.json --- @@ -562,9 +562,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-iot - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/iot/server-power-consumption.json --- @@ -581,9 +581,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-application - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/immich.json --- @@ -600,9 +600,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-application - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/jellyfin.json --- @@ -619,9 +619,9 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-application - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/radarr.json --- @@ -638,7 +638,7 @@ spec: instanceSelector: matchLabels: app: grafana-main - contentCacheDuration: 1h + contentCacheDuration: 6h folderUID: grafana-folder-application - resyncPeriod: 1h + resyncPeriod: 6h url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/application/sonarr.json diff --git a/clusters/cl01tl/helm/grafana-operator/templates/grafana.yaml b/clusters/cl01tl/helm/grafana-operator/templates/grafana.yaml index c1f411029..8c523348d 100644 --- a/clusters/cl01tl/helm/grafana-operator/templates/grafana.yaml +++ b/clusters/cl01tl/helm/grafana-operator/templates/grafana.yaml @@ -56,11 +56,12 @@ spec: spec: containers: - name: grafana - image: grafana/grafana:12.0.0 + # renovate: datasource=docker depName=grafana/grafana + image: grafana/grafana:12.4.2@sha256:83749231c3835e390a3144e5e940203e42b9589761f20ef3169c716e734ad505 resources: requests: - cpu: 100m - memory: 128Mi + cpu: 20m + memory: 120Mi env: - name: AUTH_CLIENT_ID valueFrom: @@ -107,3 +108,12 @@ spec: secretKeyRef: name: grafana-operator-postgresql-18-cluster-app key: password + httpRoute: + spec: + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - grafana.alexlebens.net diff --git a/clusters/cl01tl/helm/grafana-operator/templates/http-route.yaml b/clusters/cl01tl/helm/grafana-operator/templates/http-route.yaml deleted file mode 100644 index 038c3d3da..000000000 --- a/clusters/cl01tl/helm/grafana-operator/templates/http-route.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: grafana - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: grafana - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - grafana.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: grafana-main-service - port: 3000 - weight: 100 diff --git a/clusters/cl01tl/helm/grafana-operator/values.yaml b/clusters/cl01tl/helm/grafana-operator/values.yaml index 7a7007b08..7e240ce5d 100644 --- a/clusters/cl01tl/helm/grafana-operator/values.yaml +++ b/clusters/cl01tl/helm/grafana-operator/values.yaml @@ -1,17 +1,11 @@ grafana-operator: replicas: 2 - serviceAccount: - create: true - rbac: - create: true resources: requests: - cpu: 10m - memory: 64Mi + cpu: 1m + memory: 50Mi serviceMonitor: enabled: true - dashboard: - enabled: false postgres-18-cluster: mode: recovery recovery: @@ -25,35 +19,12 @@ postgres-18-cluster: destinationBucket: postgres-backups externalSecretCredentialPath: /garage/home-infra/postgres-backups isWALArchiver: true - # - name: garage-remote - # index: 1 - # destinationBucket: postgres-backups - # externalSecretCredentialPath: /garage/home-infra/postgres-backups - # retentionPolicy: "90d" - # data: - # compression: bzip2 - # - name: external - # index: 1 - # endpointURL: https://nyc3.digitaloceanspaces.com - # destinationBucket: postgres-backups-ce540ddf106d186bbddca68a - # externalSecretCredentialPath: /garage/home-infra/postgres-backups - # isWALArchiver: false scheduledBackups: - name: live-backup suspend: false immediate: true schedule: "0 30 14 * * *" backupName: garage-local - # - name: weekly-backup - # suspend: true - # immediate: true - # schedule: "0 0 4 * * SAT" - # backupName: garage-remote - # - name: daily-backup - # suspend: true - # immediate: true - # schedule: "0 0 0 * * *" - # backupName: external valkey-unified-alerting: valkey: nameOverride: valkey-unified-alerting diff --git a/renovate.json b/renovate.json index 9f3612b9b..223b680d4 100644 --- a/renovate.json +++ b/renovate.json @@ -16,6 +16,16 @@ "baseBranchPatterns": [ "main" ], + "regexManagers": [ + { + "fileMatch": ["(^|/)values\\.yaml$", "(^|/)values-.*\\.yaml$"], + "matchStrings": [ + "# renovate: datasource=(?.*?) depName=(?.*?)\\s+tag:\\s+(?.*)" + ], + "datasourceTemplate": "{{{datasource}}}", + "depNameTemplate": "{{{depName}}}" + } + ], "customManagers": [ { "description": "Update appVersion in Chart.yaml",