alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 8 Actions Activity

stage for rebuilt

Browse Source
This commit is contained in:
Alex Lebens
2025-02-14 22:05:52 -06:00
parent 91c1b3931d
commit 8b4eee804f
329 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
clusters/cl01tl/management/komodo/Chart.yaml
View File

@@ -1,27 +0,0 @@
apiVersion: v2
name: komodo
version: 1.0.0
description: Komodo
keywords:
- komodo
- deployment
- dashboard
- docker-compose
home: https://wiki.alexlebens.dev/doc/komodo-j032vhVXlX
sources:
- https://github.com/mbecker20/komodo
- https://github.com/mbecker20/komodo/pkgs/container/komodo
- https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: komodo
repository: https://bjw-s.github.io/helm-charts/
version: 3.6.1
- name: postgres-cluster
alias: postgres-17-cluster
version: 4.1.4
repository: http://alexlebens.github.io/helm-charts
icon: https://raw.githubusercontent.com/mbecker20/komodo/refs/heads/main/frontend/public/logo192.png
appVersion: v1.16.12

83
clusters/cl01tl/management/komodo/templates/external-secret.yaml
View File

@@ -1,83 +0,0 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: komodo-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: komodo-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: passkey
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/komodo/config
metadataPolicy: None
property: passkey
- secretKey: jwt
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/komodo/config
metadataPolicy: None
property: jwt
- secretKey: webhook
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/komodo/config
metadataPolicy: None
property: webhook
- secretKey: oidc-client-id
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/komodo
metadataPolicy: None
property: client
- secretKey: oidc-client-secret
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/komodo
metadataPolicy: None
property: secret
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: komodo-postgresql-17-cluster-backup-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: komodo-postgresql-17-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: database
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/postgres-backups
metadataPolicy: None
property: access
- secretKey: ACCESS_SECRET_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/postgres-backups
metadataPolicy: None
property: secret

21
clusters/cl01tl/management/komodo/templates/service-monitor.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: komodo
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: komodo
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: metrics
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
selector:
matchLabels:
app.kubernetes.io/name: komodo
app.kubernetes.io/instance: {{ .Release.Name }}
endpoints:
- port: http
interval: 30s
scrapeTimeout: 10s
path: /metrics

16
clusters/cl01tl/management/komodo/templates/service.yaml
View File

@@ -1,16 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: komodo-periphery-ps10rp
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: komodo-periphery-ps10rp
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: network
app.kubernetes.io/part-of: {{ .Release.Name }}
annotations:
tailscale.com/tailnet-fqdn: komodo-periphery-ps10rp.boreal-beaufort.ts.net
spec:
externalName: placeholder
type: ExternalName

164
clusters/cl01tl/management/komodo/values.yaml
View File

@@ -1,164 +0,0 @@
komodo:
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: ghcr.io/mbecker20/komodo
tag: 1.16.12
pullPolicy: IfNotPresent
env:
- name: COMPOSE_KOMODO_IMAGE_TAG
value: 1.16.12
- name: COMPOSE_LOGGING_DRIVER
value: local
- name: KOMODO_HOST
value: https://komodo-cl01tl.boreal-beaufort.ts.net
- name: KOMODO_TITLE
value: Komodo
- name: PASSKEY
valueFrom:
secretKeyRef:
name: komodo-secret
key: passkey
- name: KOMODO_MONITORING_INTERVAL
value: 15-sec
- name: KOMODO_RESOURCE_POLL_INTERVAL
value: 5-min
- name: KOMODO_PASSKEY
valueFrom:
secretKeyRef:
name: komodo-secret
key: passkey
- name: KOMODO_WEBHOOK_SECRET
valueFrom:
secretKeyRef:
name: komodo-secret
key: webhook
- name: KOMODO_JWT_SECRET
valueFrom:
secretKeyRef:
name: komodo-secret
key: jwt
- name: KOMODO_LOCAL_AUTH
value: true
- name: KOMODO_ENABLE_NEW_USERS
value: true
- name: KOMODO_DISABLE_NON_ADMIN_CREATE
value: true
- name: KOMODO_TRANSPARENT_MODE
value: false
- name: DB_USERNAME
valueFrom:
secretKeyRef:
name: komodo-postgresql-17-cluster-app
key: user
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: komodo-postgresql-17-cluster-app
key: password
- name: KOMODO_DATABASE_URI
value: mongodb://$(DB_USERNAME):$(DB_PASSWORD)@localhost:27017/komodo?authMechanism=PLAIN
- name: KOMODO_OIDC_ENABLED
value: true
- name: KOMODO_OIDC_PROVIDER
value: http://authentik-server.authentik/application/o/komodo/
- name: KOMODO_OIDC_REDIRECT_HOST
value: https://auth-cl01tl.boreal-beaufort.ts.net
- name: KOMODO_OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: komodo-secret
key: oidc-client-id
- name: KOMODO_OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: komodo-secret
key: oidc-client-secret
- name: KOMODO_OIDC_USE_FULL_EMAIL
value: true
resources:
requests:
cpu: 10m
memory: 128Mi
ferretdb:
image:
repository: ghcr.io/ferretdb/ferretdb
tag: 1.24.0
pullPolicy: IfNotPresent
env:
- name: FERRETDB_POSTGRESQL_URL
valueFrom:
secretKeyRef:
name: komodo-postgresql-17-cluster-app
key: uri
resources:
requests:
cpu: 10m
memory: 128Mi
serviceAccount:
create: true
service:
main:
controller: main
ports:
http:
port: 80
targetPort: 9120
protocol: HTTP
ingress:
tailscale:
enabled: true
className: tailscale
hosts:
- host: komodo-cl01tl
paths:
- path: /
pathType: Prefix
service:
name: komodo
port: 80
tls:
- hosts:
- komodo-cl01tl
persistence:
cache:
storageClass: ceph-block-delete
accessMode: ReadWriteOnce
size: 2Gi
retain: true
advancedMounts:
main:
main:
- path: /repo-cache
readOnly: false
syncs:
storageClass: ceph-block-delete
accessMode: ReadWriteOnce
size: 2Gi
retain: true
advancedMounts:
main:
main:
- path: /syncs
readOnly: false
postgres-17-cluster:
mode: standalone
cluster:
walStorage:
storageClass: local-path
storage:
storageClass: local-path
monitoring:
enabled: true
backup:
enabled: false
endpointURL: https://nyc3.digitaloceanspaces.com
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/komodo/komodo-postgresql-17-cluster
endpointCredentials: komodo-postgresql-17-cluster-backup-secret
backupIndex: 1