change storage to minio
This commit is contained in:
@@ -4,14 +4,17 @@ version: 1.0.0
|
||||
description: Directus
|
||||
keywords:
|
||||
- directus
|
||||
- cms
|
||||
home: https://wiki.alexlebens.dev/doc/directus-EvV9wese9H
|
||||
sources:
|
||||
- https://github.com/directus/directus
|
||||
- https://github.com/minio/operator
|
||||
- https://github.com/valkey-io/valkey
|
||||
- https://github.com/cloudflare/cloudflared
|
||||
- https://github.com/cloudnative-pg/cloudnative-pg
|
||||
- https://hub.docker.com/r/directus/directus
|
||||
- https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template
|
||||
- https://github.com/minio/operator/tree/master/helm/tenant
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/valkey
|
||||
- https://github.com/alexlebens/helm-charts/charts/cloudflared
|
||||
- https://github.com/alexlebens/helm-charts/charts/postgres-cluster
|
||||
@@ -22,6 +25,10 @@ dependencies:
|
||||
alias: directus
|
||||
repository: https://bjw-s.github.io/helm-charts/
|
||||
version: 3.3.2
|
||||
- name: tenant
|
||||
alias: minio
|
||||
version: 6.0.1
|
||||
repository: https://operator.min.io/
|
||||
- name: valkey
|
||||
version: 0.3.13
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
@@ -29,6 +36,10 @@ dependencies:
|
||||
alias: cloudflared-directus
|
||||
repository: http://alexlebens.github.io/helm-charts
|
||||
version: 1.6.0
|
||||
- name: cloudflared
|
||||
alias: cloudflared-minio
|
||||
repository: http://alexlebens.github.io/helm-charts
|
||||
version: 1.6.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-16-cluster
|
||||
version: 3.9.0
|
||||
|
||||
@@ -18,28 +18,28 @@ spec:
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/site-profile/directus/config
|
||||
key: /cl01tl/directus/config
|
||||
metadataPolicy: None
|
||||
property: admin-email
|
||||
- secretKey: admin-password
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/site-profile/directus/config
|
||||
key: /cl01tl/directus/config
|
||||
metadataPolicy: None
|
||||
property: admin-password
|
||||
- secretKey: secret
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/site-profile/directus/config
|
||||
key: /cl01tl/directus/config
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
- secretKey: key
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/site-profile/directus/config
|
||||
key: /cl01tl/directus/config
|
||||
metadataPolicy: None
|
||||
property: key
|
||||
|
||||
@@ -64,14 +64,14 @@ spec:
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/site-profile/directus/valkey
|
||||
key: /cl01tl/directus/valkey
|
||||
metadataPolicy: None
|
||||
property: user
|
||||
- secretKey: password
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/site-profile/directus/valkey
|
||||
key: /cl01tl/directus/valkey
|
||||
metadataPolicy: None
|
||||
property: password
|
||||
|
||||
@@ -111,35 +111,92 @@ spec:
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: site-profile-cloudflared-api-secret
|
||||
name: directus-minio-user-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: site-profile-cloudflared-api-secret
|
||||
app.kubernetes.io/name: directus-minio-user-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/component: database
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: cf-tunnel-token
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cloudflare/tunnels/site-profile
|
||||
key: /cl01tl/directus/minio/auth
|
||||
metadataPolicy: None
|
||||
property: token
|
||||
property: AWS_ACCESS_KEY_ID
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/minio/auth
|
||||
metadataPolicy: None
|
||||
property: AWS_SECRET_ACCESS_KEY
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-cloudflared-api-secret
|
||||
name: directus-minio-root-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-cloudflared-api-secret
|
||||
app.kubernetes.io/name: directus-minio-root-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: database
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: config.env
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/outline/minio/config
|
||||
metadataPolicy: None
|
||||
property: root-config.env
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-minio-config-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-minio-config-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: database
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: config.env
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/directus/minio/config
|
||||
metadataPolicy: None
|
||||
property: config.env
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
@@ -161,60 +218,26 @@ spec:
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: directus-config-backup-secret
|
||||
name: directus-minio-cloudflared-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-config-backup-secret
|
||||
app.kubernetes.io/name: directus-minio-cloudflared-secret
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
target:
|
||||
template:
|
||||
mergePolicy: Merge
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/directus/directus-data"
|
||||
data:
|
||||
- secretKey: BUCKET_ENDPOINT
|
||||
- secretKey: cf-tunnel-token
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
key: /cloudflare/tunnels/directus-minio
|
||||
metadataPolicy: None
|
||||
property: S3_BUCKET_ENDPOINT
|
||||
- secretKey: RESTIC_PASSWORD
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: RESTIC_PASSWORD
|
||||
- secretKey: AWS_DEFAULT_REGION
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /cl01tl/volsync/restic/config
|
||||
metadataPolicy: None
|
||||
property: AWS_DEFAULT_REGION
|
||||
- secretKey: AWS_ACCESS_KEY_ID
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /aws/keys/cl01tl-volsync-backups
|
||||
metadataPolicy: None
|
||||
property: access_key
|
||||
- secretKey: AWS_SECRET_ACCESS_KEY
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /aws/keys/cl01tl-volsync-backups
|
||||
metadataPolicy: None
|
||||
property: secret_key
|
||||
property: token
|
||||
|
||||
---
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
|
||||
@@ -1,27 +0,0 @@
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: directus-data-backup-source
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: directus-data-backup-source
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: backup
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
sourcePVC: directus-data
|
||||
trigger:
|
||||
schedule: 0 0 * * *
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: directus-data-backup-secret
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 1
|
||||
weekly: 3
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block-delete
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
@@ -5,23 +5,6 @@ directus:
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
revisionHistoryLimit: 3
|
||||
initContainers:
|
||||
init-chmod-data:
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
image:
|
||||
repository: busybox
|
||||
tag: 1.36.1
|
||||
pullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
- -ec
|
||||
- |
|
||||
/bin/chown -R 1000:1000 /directus/data
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
@@ -97,11 +80,25 @@ directus:
|
||||
name: directus-valkey-config
|
||||
key: password
|
||||
- name: STORAGE_LOCATIONS
|
||||
value: LOCAL
|
||||
- name: STORAGE_LOCAL_DRIVER
|
||||
value: local
|
||||
- name: STORAGE_LOCAL_ROOT
|
||||
value: /directus/data
|
||||
value: s3
|
||||
- name: STORAGE_S3_DRIVER
|
||||
value: s3
|
||||
- name: STORAGE_S3_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: directus-minio-user-secret
|
||||
key: AWS_ACCESS_KEY_ID
|
||||
- name: STORAGE_S3_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: directus-minio-user-secret
|
||||
key: AWS_SECRET_ACCESS_KEY
|
||||
- name: STORAGE_S3_BUCKET
|
||||
value: directus
|
||||
- name: STORAGE_S3_ENDPOINT
|
||||
value: http://minio:9000
|
||||
- name: STORAGE_S3_S3_FORCE_PATH_STYLE
|
||||
value: "true"
|
||||
- name: AUTH_PROVIDERS
|
||||
value: AUTHENTIK
|
||||
- name: AUTH_AUTHENTIK_DRIVER
|
||||
@@ -142,20 +139,38 @@ directus:
|
||||
port: 80
|
||||
targetPort: 8055
|
||||
protocol: TCP
|
||||
persistence:
|
||||
data:
|
||||
storageClass: ceph-block
|
||||
accessMode: ReadWriteOnce
|
||||
size: 10Gi
|
||||
retain: true
|
||||
advancedMounts:
|
||||
main:
|
||||
init-chmod-data:
|
||||
- path: /directus/data
|
||||
readOnly: false
|
||||
main:
|
||||
- path: /directus/data
|
||||
readOnly: false
|
||||
minio:
|
||||
existingSecret:
|
||||
name: directus-minio-root-secret
|
||||
tenant:
|
||||
name: minio-directus
|
||||
configuration:
|
||||
name: directus-minio-config-secret
|
||||
pools:
|
||||
- servers: 3
|
||||
name: pool
|
||||
volumesPerServer: 2
|
||||
size: 10Gi
|
||||
storageClassName: ceph-block
|
||||
mountPath: /export
|
||||
subPath: /data
|
||||
metrics:
|
||||
enabled: true
|
||||
port: 9000
|
||||
protocol: http
|
||||
certificate:
|
||||
requestAutoCert: false
|
||||
ingress:
|
||||
console:
|
||||
enabled: true
|
||||
ingressClassName: tailscale
|
||||
tls:
|
||||
- secretName: minio-directus-cl01tl
|
||||
hosts:
|
||||
- minio-directus-cl01tl
|
||||
host: minio-directus-cl01tl
|
||||
path: /
|
||||
pathType: Prefix
|
||||
valkey:
|
||||
architecture: standalone
|
||||
auth:
|
||||
@@ -164,7 +179,10 @@ valkey:
|
||||
existingSecretPasswordKey: password
|
||||
cloudflared-directus:
|
||||
name: cloudflared-directus
|
||||
existingSecretName: directus-cloudflared-api-secret
|
||||
existingSecretName: directus-cloudflared-secret
|
||||
cloudflared-minio:
|
||||
name: cloudflared-directus-minio
|
||||
existingSecretName: directus-minio-cloudflared-secret
|
||||
postgres-16-cluster:
|
||||
mode: standalone
|
||||
cluster:
|
||||
|
||||
@@ -464,6 +464,12 @@ homepage:
|
||||
href: https://minio-penpot-cl01tl.boreal-beaufort.ts.net
|
||||
siteMonitor: http://minio-penpot-console.penpot:9090
|
||||
statusStyle: dot
|
||||
- Object Storage (Directus):
|
||||
icon: minio.png
|
||||
description: Minio Tenant
|
||||
href: https://minio-directus-cl01tl.boreal-beaufort.ts.net
|
||||
siteMonitor: http://minio-directus-console.directus:9090
|
||||
statusStyle: dot
|
||||
- Sonarr:
|
||||
- Sonarr:
|
||||
icon: sonarr.png
|
||||
|
||||
@@ -87,6 +87,7 @@ kube-prometheus-stack:
|
||||
- cert-manager
|
||||
- cloudnative-pg
|
||||
- descheduler
|
||||
- directus
|
||||
- external-dns
|
||||
- freshrss
|
||||
- ghost
|
||||
|
||||
Reference in New Issue
Block a user