diff --git a/clusters/cl01tl/applications/ghost/Chart.yaml b/clusters/cl01tl/applications/ghost/Chart.yaml deleted file mode 100644 index 3130864da..000000000 --- a/clusters/cl01tl/applications/ghost/Chart.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: v2 -name: ghost -version: 1.0.0 -description: Ghost -keywords: - - ghost - - cms - - blog -home: https://wiki.alexlebens.dev/doc/ghost-seATqp9RfU -sources: - - https://github.com/TryGhost/Ghost - - https://github.com/cloudflare/cloudflared - - https://github.com/percona/percona-xtradb-cluster-operator - - https://hub.docker.com/r/bitnami/ghost - - https://github.com/bitnami/charts/tree/main/bitnami/ghost - - https://github.com/alexlebens/helm-charts/tree/main/charts/cloudflared - - https://github.com/percona/percona-helm-charts/tree/main/charts/pxc-db -dependencies: - - name: ghost - repository: oci://registry-1.docker.io/bitnamicharts - version: 21.1.27 - - name: cloudflared - alias: cloudflared - repository: http://alexlebens.github.io/helm-charts - version: 1.4.1 - - name: pxc-db - version: 1.14.3 - repository: https://percona.github.io/percona-helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/ghost.png -appVersion: 5.86.2 diff --git a/clusters/cl01tl/applications/ghost/templates/external-secret.yaml b/clusters/cl01tl/applications/ghost/templates/external-secret.yaml deleted file mode 100644 index 7517d59a2..000000000 --- a/clusters/cl01tl/applications/ghost/templates/external-secret.yaml +++ /dev/null @@ -1,227 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ghost-credentials-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ghost-credentials-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ghost-password - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ghost/config/credentials - metadataPolicy: None - property: ghost-password - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ghost-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ghost-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/ghost - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ghost-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ghost-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/ghost/ghost" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: S3_BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/volsync/restic/config - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /aws/keys/cl01tl-volsync-backups - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /aws/keys/cl01tl-volsync-backups - metadataPolicy: None - property: secret_key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ghost-mysql-credentials-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ghost-mysql-credentials-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: root - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ghost/mysql/credentials - metadataPolicy: None - property: root - - secretKey: xtrabackup - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ghost/mysql/credentials - metadataPolicy: None - property: xtrabackup - - secretKey: monitor - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ghost/mysql/credentials - metadataPolicy: None - property: monitor - - secretKey: clustercheck - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ghost/mysql/credentials - metadataPolicy: None - property: clustercheck - - secretKey: proxyadmin - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ghost/mysql/credentials - metadataPolicy: None - property: proxyadmin - - secretKey: pmmserverkey - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ghost/mysql/credentials - metadataPolicy: None - property: pmmserverkey - - secretKey: pmmserver - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ghost/mysql/credentials - metadataPolicy: None - property: pmmserver - - secretKey: operator - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ghost/mysql/credentials - metadataPolicy: None - property: operator - - secretKey: replication - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ghost/mysql/credentials - metadataPolicy: None - property: replication - - secretKey: mysql-password - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/ghost/mysql/credentials - metadataPolicy: None - property: ghost-password - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: ghost-mysql-backup-credentials-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ghost-mysql-backup-credentials-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /aws/keys/cl01tl-ghost-mysql - metadataPolicy: None - property: access_key - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /aws/keys/cl01tl-ghost-mysql - metadataPolicy: None - property: secret_key diff --git a/clusters/cl01tl/applications/ghost/templates/replication-source.yaml b/clusters/cl01tl/applications/ghost/templates/replication-source.yaml deleted file mode 100644 index ab2851570..000000000 --- a/clusters/cl01tl/applications/ghost/templates/replication-source.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: ghost-backup-source - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: ghost-backup-source - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - sourcePVC: ghost - trigger: - schedule: 0 0 * * * - restic: - pruneIntervalDays: 7 - repository: ghost-backup-secret - retain: - hourly: 1 - daily: 1 - weekly: 3 - monthly: 2 - yearly: 4 - copyMethod: Snapshot - storageClassName: ceph-block-delete - volumeSnapshotClassName: ceph-blockpool-snapshot diff --git a/clusters/cl01tl/applications/ghost/values.yaml b/clusters/cl01tl/applications/ghost/values.yaml deleted file mode 100644 index a4ea655d5..000000000 --- a/clusters/cl01tl/applications/ghost/values.yaml +++ /dev/null @@ -1,134 +0,0 @@ -ghost: - updateStrategy: - type: Recreate - ghostUsername: user - existingSecret: ghost-credentials-secret - ghostEmail: alexanderlebens@gmail.com - ghostBlogTitle: Alex Lebens - ghostHost: blog.alexlebens.dev - ghostPath: / - ghostSkipInstall: false - replicaCount: 1 - resourcesPreset: small - service: - type: ClusterIP - persistence: - enabled: true - storageClass: ceph-block - accessModes: - - ReadWriteOnce - size: 10Gi - mysql: - enabled: false - externalDatabase: - host: ghost-pxc-db-haproxy.ghost.svc.cluster.local - port: 3306 - user: ghost - database: ghost - existingSecret: ghost-mysql-credentials-secret -cloudflared: - existingSecretName: ghost-cloudflared-secret -pxc-db: - updateStrategy: SmartUpdate - upgradeOptions: - versionServiceEndpoint: https://check.percona.com - apply: disabled - schedule: "0 4 * * *" - pxc: - size: 3 - image: - repository: percona/percona-xtradb-cluster - tag: 8.0.36-28.1 - autoRecovery: true - expose: - enabled: false - resources: - requests: - memory: 512Mi - cpu: 100m - persistence: - enabled: true - storageClass: local-path - accessMode: ReadWriteOnce - size: 10Gi - disableTLS: false - certManager: true - clusterSecretName: ghost-mysql-credentials-secret - haproxy: - enabled: true - size: 3 - resources: - requests: - memory: 256Mi - cpu: 100m - exposePrimary: - enabled: true - type: ClusterIP - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - exposeReplicas: - enabled: false - logcollector: - enabled: true - resources: - requests: - memory: 128M - cpu: 100m - backup: - enabled: true - allowParallel: true - image: - repository: percona/percona-xtradb-cluster-operator - tag: 1.15.0-pxc8.0-backup-pxb8.0.35 - pitr: - enabled: false - storageName: s3-binlogs - timeBetweenUploads: 600 - timeoutSeconds: 60 - resources: - requests: - memory: 256Mi - cpu: 100m - storages: - s3-binlogs: - type: s3 - resources: - requests: - memory: 256Mi - cpu: 100m - s3: - bucket: cl01tl-mysql-backups/ghost/binlogs - credentialsSecret: ghost-mysql-backup-credentials-secret - region: us-east-2 - endpointUrl: https://s3.us-east-2.amazonaws.com - s3-daily: - type: s3 - resources: - requests: - memory: 256Mi - cpu: 100m - s3: - bucket: cl01tl-mysql-backups/ghost/daily - credentialsSecret: ghost-mysql-backup-credentials-secret - region: us-east-2 - endpointUrl: https://s3.us-east-2.amazonaws.com - s3-weekly: - type: s3 - resources: - requests: - memory: 256Mi - cpu: 100m - s3: - bucket: cl01tl-mysql-backups/ghost/weekly - credentialsSecret: ghost-mysql-backup-credentials-secret - region: us-east-2 - endpointUrl: https://s3.us-east-2.amazonaws.com - schedule: - - name: daily-backup - schedule: "0 0 * * *" - keep: 5 - storageName: s3-daily - - name: weekly-backup - schedule: "0 0 * * 6" - keep: 4 - storageName: s3-weekly