convert to use app-template

2024-06-01 16:45:20 -05:00
parent b61f128966
commit 8cce524c77
3 changed files with 186 additions and 88 deletions
--- a/clusters/cl01tl/applications/outline/Chart.yaml
+++ b/clusters/cl01tl/applications/outline/Chart.yaml
@@ -1,21 +1,39 @@
 apiVersion: v2
 name: outline
 version: 1.0.0
+description: Outline Wiki
+keywords:
+  - wiki
+  - documentation
 sources:
  - https://github.com/outline/outline
  - https://github.com/minio/operator
-  - https://github.com/alexlebens/helm-charts/charts/outline
+  - https://github.com/bitnami/charts/tree/main/bitnami/redis
+  - https://github.com/cloudflare/cloudflared
+  - https://github.com/alexlebens/helm-charts/charts/cloudflared
  - https://github.com/alexlebens/helm-charts/charts/postgres-cluster
+  - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template
+maintainers:
+  - name: alexlebens
 dependencies:
-  - name: outline
-    version: 0.6.3
-    repository: http://alexlebens.github.io/helm-charts
+  - name: app-template
+    alias: outline
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 3.2.1
  - name: tenant
-    version: 5.0.15
    alias: minio
+    version: 5.0.15
    repository: https://operator.min.io/
+  - name: redis
+    repository: https://charts.bitnami.com/bitnami
+    version: 19.3.4
+  - name: cloudflared
+    alias: cloudflared
+    repository: http://alexlebens.github.io/helm-charts
+    version: 1.2.0
  - name: postgres-cluster
    alias: postgres-16-cluster
    version: 3.1.0
    repository: http://alexlebens.github.io/helm-charts
-appVersion: v0.75.2
+icon: https://avatars.githubusercontent.com/u/1765001?s=48&v=4
+appVersion: v0.76.1
--- a/clusters/cl01tl/applications/outline/templates/external-secret.yaml
+++ b/clusters/cl01tl/applications/outline/templates/external-secret.yaml
@@ -4,7 +4,7 @@ metadata:
  name: outline-key-secret
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubernetes.io/name: {{ .Release.Name }}
+    app.kubernetes.io/name: outline-key-secret
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
@@ -36,7 +36,7 @@ metadata:
  name: outline-oidc-secret
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubernetes.io/name: {{ .Release.Name }}
+    app.kubernetes.io/name: outline-oidc-secret
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: web
@@ -65,10 +65,10 @@ spec:
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret
 metadata:
-  name: outline-bucket-user-secret
+  name: outline-minio-user-secret
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubernetes.io/name: outline-bucket-user-secret
+    app.kubernetes.io/name: outline-minio-user-secret
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: database
@@ -82,14 +82,14 @@ spec:
      remoteRef:
        conversionStrategy: Default
        decodingStrategy: None
-        key: /outline/minio/auth
+        key: /cl01tl/outline/minio/auth
        metadataPolicy: None
        property: AWS_ACCESS_KEY_ID
    - secretKey: AWS_SECRET_ACCESS_KEY
      remoteRef:
        conversionStrategy: Default
        decodingStrategy: None
-        key: /outline/minio/auth
+        key: /cl01tl/outline/minio/auth
        metadataPolicy: None
        property: AWS_SECRET_ACCESS_KEY

@@ -100,7 +100,7 @@ metadata:
  name: outline-minio-root-secret
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubernetes.io/name: outline-bucket-auth-secret
+    app.kubernetes.io/name: outline-minio-root-secret
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: database
@@ -114,9 +114,9 @@ spec:
      remoteRef:
        conversionStrategy: Default
        decodingStrategy: None
-        key: /outline/minio/root
+        key: /cl01tl/outline/minio/config
        metadataPolicy: None
-        property: config.env
+        property: root-config.env

 ---
 apiVersion: external-secrets.io/v1beta1
@@ -125,7 +125,7 @@ metadata:
  name: outline-minio-config-secret
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubernetes.io/name: outline-bucket-auth-secret
+    app.kubernetes.io/name: outline-minio-config-secret
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: database
@@ -139,7 +139,7 @@ spec:
      remoteRef:
        conversionStrategy: Default
        decodingStrategy: None
-        key: /outline/minio/config
+        key: /cl01tl/outline/minio/config
        metadataPolicy: None
        property: config.env

@@ -150,7 +150,7 @@ metadata:
  name: outline-postgresql-16-cluster-backup-secret
  namespace: {{ .Release.Namespace }}
  labels:
-    app.kubernetes.io/name: {{ .Release.Name }}
+    app.kubernetes.io/name: outline-postgresql-16-cluster-backup-secret
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/version: {{ .Chart.AppVersion }}
    app.kubernetes.io/component: database
--- a/clusters/cl01tl/applications/outline/values.yaml
+++ b/clusters/cl01tl/applications/outline/values.yaml
@@ -1,59 +1,148 @@
 outline:
-  ingress:
-    enabled: true
-    className: traefik
-    annotations:
-      traefik.ingress.kubernetes.io/router.entrypoints: websecure
-      traefik.ingress.kubernetes.io/router.tls: "true"
-      cert-manager.io/cluster-issuer: letsencrypt-issuer
-    host: outline.alexlebens.net
-  persistence:
-    type: s3
-    s3:
-      credentialsSecret: outline-bucket-user-secret
-      region: us-east-1
-      bucketName: outline
-      bucketUrl: https://minio-outline-api.alexlebens.net/outline
-      forcePathStyle: false
-  outline:
-    url: https://outline.alexlebens.net
-    secretKey:
-      existingSecretName: outline-key-secret
-      existingSecretKey: secret-key
-    utilsSecret:
-      existingSecretName: outline-key-secret
-      existingSecretKey: utils-key
-    database:
-      usernameSecret:
-        existingSecretName: outline-postgresql-16-cluster-app
-        existingSecretKey: username
-      passwordSecret:
-        existingSecretName: outline-postgresql-16-cluster-app
-        existingSecretKey: password
-      databaseName:
-        existingSecretName: outline-postgresql-16-cluster-app
-        existingSecretKey: dbname
-      databaseHost:
-        existingSecretName: outline-postgresql-16-cluster-app
-        existingSecretKey: host
-      databasePort:
-        existingSecretName: outline-postgresql-16-cluster-app
-        existingSecretKey: port
-    auth:
-      oidc:
-        enabled: true
-        clientId:
-          existingSecretName: outline-oidc-secret
-          existingSecretKey: client
-        clientSecret:
-          existingSecretName: outline-oidc-secret
-          existingSecretKey: secret
-        authUri: https://authentik.alexlebens.net/application/o/authorize/
-        tokenUri: https://authentik.alexlebens.net/application/o/token/
-        userinfoUri: https://authentik.alexlebens.net/application/o/userinfo/
-        usernameClaim: email
-        displayName: Authentik
-        scopes: openid profile email
+  controllers:
+    main:
+      type: deployment
+      replicas: 1
+      strategy: Recreate
+      revisionHistoryLimit: 3
+      containers:
+        main:
+          image:
+            repository: outlinewiki/outline
+            tag: 0.76.1
+            pullPolicy: IfNotPresent
+          env:
+            - name: NODE_ENV
+              value: production
+            - name: URL
+              value: https://wiki.alexlebens.dev
+            - name: PORT
+              value: 3000
+            - name: SECRET_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: outline-key-secret
+                  key: secret-key
+            - name: UTILS_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: outline-key-secret
+                  key: utils-key
+            - name: POSTGRES_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: outline-postgresql-16-cluster-app
+                  key: username
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: outline-postgresql-16-cluster-app
+                  key: password
+            - name: POSTGRES_DATABASE_NAME
+              valueFrom:
+                secretKeyRef:
+                  name: outline-postgresql-16-cluster-app
+                  key: dbname
+            - name: POSTGRES_DATABASE_HOST
+              valueFrom:
+                secretKeyRef:
+                  name: outline-postgresql-16-cluster-app
+                  key: host
+            - name: POSTGRES_DATABASE_PORT
+              valueFrom:
+                secretKeyRef:
+                  name: outline-postgresql-16-cluster-app
+                  key: port
+            - name: DATABASE_URL
+              value: postgres://$(POSTGRES_USERNAME):$(POSTGRES_PASSWORD)@$(POSTGRES_DATABASE_HOST):$(POSTGRES_DATABASE_PORT)/$(POSTGRES_DATABASE_NAME)
+            - name: DATABASE_URL_TEST
+              value: postgres://$(POSTGRES_USERNAME):$(POSTGRES_PASSWORD)@$(POSTGRES_DATABASE_HOST):$(POSTGRES_DATABASE_PORT)/$(POSTGRES_DATABASE_NAME)-test
+            - name: DATABASE_CONNECTION_POOL_MIN
+              value: "2"
+            - name: DATABASE_CONNECTION_POOL_MAX
+              value: "20"
+            - name: PGSSLMODE
+              value: disable
+            - name: REDIS_URL
+              value: redis://outline-redis-master:6379
+            - name: FILE_STORAGE
+              value: s3
+            - name: AWS_ACCESS_KEY_ID
+              valueFrom:
+                secretKeyRef:
+                  name: outline-minio-user-secret
+                  key: AWS_ACCESS_KEY_ID
+            - name: AWS_SECRET_ACCESS_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: outline-minio-user-secret
+                  key: AWS_SECRET_ACCESS_KEY
+            - name: AWS_REGION
+              value: us-east-1
+            - name: AWS_S3_UPLOAD_BUCKET_NAME
+              value: outline
+            - name: AWS_S3_UPLOAD_BUCKET_URL
+              value: http://minio.outline:80/outline
+            - name: AWS_S3_ACCELERATE_URL
+              value: http://minio.outline:80/outline
+            - name: AWS_S3_FORCE_PATH_STYLE
+              value: false
+            - name: AWS_S3_ACL
+              value: private
+            - name: FILE_STORAGE_UPLOAD_MAX_SIZE
+              value: "26214400"
+            - name: FORCE_HTTPS
+              value: false
+            - name: ENABLE_UPDATES
+              value: false
+            - name: WEB_CONCURRENCY
+              value: 1
+            - name: FILE_STORAGE_IMPORT_MAX_SIZE
+              value: 5120000
+            - name: LOG_LEVEL
+              value: info
+            - name: DEFAULT_LANGUAGE
+              value: en_US
+            - name: RATE_LIMITER_ENABLED
+              value: false
+            - name: DEVELOPMENT_UNSAFE_INLINE_CSP
+              value: false
+            - name: OIDC_CLIENT_ID
+              valueFrom:
+                secretKeyRef:
+                  name: outline-oidc-secret
+                  key: client
+            - name: OIDC_CLIENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: outline-oidc-secret
+                  key: secret
+            - name: OIDC_AUTH_URI
+              value: https://auth.alexlebens.dev/application/o/authorize/
+            - name: OIDC_TOKEN_URI
+              value: https://auth.alexlebens.dev/application/o/token/
+            - name: OIDC_USERINFO_URI
+              value: https://auth.alexlebens.dev/application/o/userinfo/
+            - name: OIDC_USERNAME_CLAIM
+              value: email
+            - name: OIDC_DISPLAY_NAME
+              value: Authentik
+            - name: OIDC_SCOPES
+              value: openid profile email
+          resources:
+            requests:
+              cpu: 100m
+              memory: 256Mi
+  serviceAccount:
+    create: true
+  service:
+    main:
+      controller: main
+      ports:
+        http:
+          port: 3000
+          targetPort: 3000
+          protocol: HTTP
 minio:
  existingSecret:
    name: outline-minio-root-secret
@@ -76,20 +165,6 @@ minio:
    certificate:
      requestAutoCert: false
  ingress:
-    api:
-      enabled: true
-      ingressClassName: traefik
-      annotations:
-        traefik.ingress.kubernetes.io/router.entrypoints: websecure
-        traefik.ingress.kubernetes.io/router.tls: "true"
-        cert-manager.io/cluster-issuer: letsencrypt-issuer
-      tls:
-        - secretName: minio-outline-api-secret-tls
-          hosts:
-            - minio-outline-api.alexlebens.net
-      host: minio-outline-api.alexlebens.net
-      path: /
-      pathType: Prefix
    console:
      enabled: true
      ingressClassName: traefik
@@ -104,9 +179,14 @@ minio:
      host: minio-outline.alexlebens.net
      path: /
      pathType: Prefix
+redis:
+  architecture: standalone
+  auth:
+    enabled: false
+cloudflared:
+  existingSecretName: freshrss-cloudflared-secret
 postgres-16-cluster:
  mode: standalone
-  kubernetesClusterName: cl01tl
  cluster:
    walStorage:
      storageClass: local-path