From 8cce524c77e4248990c3a900956d6dd2e63975ef Mon Sep 17 00:00:00 2001 From: alexlebens Date: Sat, 1 Jun 2024 16:45:20 -0500 Subject: [PATCH] convert to use app-template --- .../cl01tl/applications/outline/Chart.yaml | 30 ++- .../outline/templates/external-secret.yaml | 24 +- .../cl01tl/applications/outline/values.yaml | 220 ++++++++++++------ 3 files changed, 186 insertions(+), 88 deletions(-) diff --git a/clusters/cl01tl/applications/outline/Chart.yaml b/clusters/cl01tl/applications/outline/Chart.yaml index c6c289dc1..2c6cb1198 100644 --- a/clusters/cl01tl/applications/outline/Chart.yaml +++ b/clusters/cl01tl/applications/outline/Chart.yaml @@ -1,21 +1,39 @@ apiVersion: v2 name: outline version: 1.0.0 +description: Outline Wiki +keywords: + - wiki + - documentation sources: - https://github.com/outline/outline - https://github.com/minio/operator - - https://github.com/alexlebens/helm-charts/charts/outline + - https://github.com/bitnami/charts/tree/main/bitnami/redis + - https://github.com/cloudflare/cloudflared + - https://github.com/alexlebens/helm-charts/charts/cloudflared - https://github.com/alexlebens/helm-charts/charts/postgres-cluster + - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template +maintainers: + - name: alexlebens dependencies: - - name: outline - version: 0.6.3 - repository: http://alexlebens.github.io/helm-charts + - name: app-template + alias: outline + repository: https://bjw-s.github.io/helm-charts/ + version: 3.2.1 - name: tenant - version: 5.0.15 alias: minio + version: 5.0.15 repository: https://operator.min.io/ + - name: redis + repository: https://charts.bitnami.com/bitnami + version: 19.3.4 + - name: cloudflared + alias: cloudflared + repository: http://alexlebens.github.io/helm-charts + version: 1.2.0 - name: postgres-cluster alias: postgres-16-cluster version: 3.1.0 repository: http://alexlebens.github.io/helm-charts -appVersion: v0.75.2 +icon: https://avatars.githubusercontent.com/u/1765001?s=48&v=4 +appVersion: v0.76.1 diff --git a/clusters/cl01tl/applications/outline/templates/external-secret.yaml b/clusters/cl01tl/applications/outline/templates/external-secret.yaml index 282989b7e..f432e7969 100644 --- a/clusters/cl01tl/applications/outline/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/outline/templates/external-secret.yaml @@ -4,7 +4,7 @@ metadata: name: outline-key-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ .Release.Name }} + app.kubernetes.io/name: outline-key-secret app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion }} app.kubernetes.io/component: web @@ -36,7 +36,7 @@ metadata: name: outline-oidc-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ .Release.Name }} + app.kubernetes.io/name: outline-oidc-secret app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion }} app.kubernetes.io/component: web @@ -65,10 +65,10 @@ spec: apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: - name: outline-bucket-user-secret + name: outline-minio-user-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: outline-bucket-user-secret + app.kubernetes.io/name: outline-minio-user-secret app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion }} app.kubernetes.io/component: database @@ -82,14 +82,14 @@ spec: remoteRef: conversionStrategy: Default decodingStrategy: None - key: /outline/minio/auth + key: /cl01tl/outline/minio/auth metadataPolicy: None property: AWS_ACCESS_KEY_ID - secretKey: AWS_SECRET_ACCESS_KEY remoteRef: conversionStrategy: Default decodingStrategy: None - key: /outline/minio/auth + key: /cl01tl/outline/minio/auth metadataPolicy: None property: AWS_SECRET_ACCESS_KEY @@ -100,7 +100,7 @@ metadata: name: outline-minio-root-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: outline-bucket-auth-secret + app.kubernetes.io/name: outline-minio-root-secret app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion }} app.kubernetes.io/component: database @@ -114,9 +114,9 @@ spec: remoteRef: conversionStrategy: Default decodingStrategy: None - key: /outline/minio/root + key: /cl01tl/outline/minio/config metadataPolicy: None - property: config.env + property: root-config.env --- apiVersion: external-secrets.io/v1beta1 @@ -125,7 +125,7 @@ metadata: name: outline-minio-config-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: outline-bucket-auth-secret + app.kubernetes.io/name: outline-minio-config-secret app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion }} app.kubernetes.io/component: database @@ -139,7 +139,7 @@ spec: remoteRef: conversionStrategy: Default decodingStrategy: None - key: /outline/minio/config + key: /cl01tl/outline/minio/config metadataPolicy: None property: config.env @@ -150,7 +150,7 @@ metadata: name: outline-postgresql-16-cluster-backup-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ .Release.Name }} + app.kubernetes.io/name: outline-postgresql-16-cluster-backup-secret app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion }} app.kubernetes.io/component: database diff --git a/clusters/cl01tl/applications/outline/values.yaml b/clusters/cl01tl/applications/outline/values.yaml index de178250e..df2fd5170 100644 --- a/clusters/cl01tl/applications/outline/values.yaml +++ b/clusters/cl01tl/applications/outline/values.yaml @@ -1,59 +1,148 @@ outline: - ingress: - enabled: true - className: traefik - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" - cert-manager.io/cluster-issuer: letsencrypt-issuer - host: outline.alexlebens.net - persistence: - type: s3 - s3: - credentialsSecret: outline-bucket-user-secret - region: us-east-1 - bucketName: outline - bucketUrl: https://minio-outline-api.alexlebens.net/outline - forcePathStyle: false - outline: - url: https://outline.alexlebens.net - secretKey: - existingSecretName: outline-key-secret - existingSecretKey: secret-key - utilsSecret: - existingSecretName: outline-key-secret - existingSecretKey: utils-key - database: - usernameSecret: - existingSecretName: outline-postgresql-16-cluster-app - existingSecretKey: username - passwordSecret: - existingSecretName: outline-postgresql-16-cluster-app - existingSecretKey: password - databaseName: - existingSecretName: outline-postgresql-16-cluster-app - existingSecretKey: dbname - databaseHost: - existingSecretName: outline-postgresql-16-cluster-app - existingSecretKey: host - databasePort: - existingSecretName: outline-postgresql-16-cluster-app - existingSecretKey: port - auth: - oidc: - enabled: true - clientId: - existingSecretName: outline-oidc-secret - existingSecretKey: client - clientSecret: - existingSecretName: outline-oidc-secret - existingSecretKey: secret - authUri: https://authentik.alexlebens.net/application/o/authorize/ - tokenUri: https://authentik.alexlebens.net/application/o/token/ - userinfoUri: https://authentik.alexlebens.net/application/o/userinfo/ - usernameClaim: email - displayName: Authentik - scopes: openid profile email + controllers: + main: + type: deployment + replicas: 1 + strategy: Recreate + revisionHistoryLimit: 3 + containers: + main: + image: + repository: outlinewiki/outline + tag: 0.76.1 + pullPolicy: IfNotPresent + env: + - name: NODE_ENV + value: production + - name: URL + value: https://wiki.alexlebens.dev + - name: PORT + value: 3000 + - name: SECRET_KEY + valueFrom: + secretKeyRef: + name: outline-key-secret + key: secret-key + - name: UTILS_SECRET + valueFrom: + secretKeyRef: + name: outline-key-secret + key: utils-key + - name: POSTGRES_USERNAME + valueFrom: + secretKeyRef: + name: outline-postgresql-16-cluster-app + key: username + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: outline-postgresql-16-cluster-app + key: password + - name: POSTGRES_DATABASE_NAME + valueFrom: + secretKeyRef: + name: outline-postgresql-16-cluster-app + key: dbname + - name: POSTGRES_DATABASE_HOST + valueFrom: + secretKeyRef: + name: outline-postgresql-16-cluster-app + key: host + - name: POSTGRES_DATABASE_PORT + valueFrom: + secretKeyRef: + name: outline-postgresql-16-cluster-app + key: port + - name: DATABASE_URL + value: postgres://$(POSTGRES_USERNAME):$(POSTGRES_PASSWORD)@$(POSTGRES_DATABASE_HOST):$(POSTGRES_DATABASE_PORT)/$(POSTGRES_DATABASE_NAME) + - name: DATABASE_URL_TEST + value: postgres://$(POSTGRES_USERNAME):$(POSTGRES_PASSWORD)@$(POSTGRES_DATABASE_HOST):$(POSTGRES_DATABASE_PORT)/$(POSTGRES_DATABASE_NAME)-test + - name: DATABASE_CONNECTION_POOL_MIN + value: "2" + - name: DATABASE_CONNECTION_POOL_MAX + value: "20" + - name: PGSSLMODE + value: disable + - name: REDIS_URL + value: redis://outline-redis-master:6379 + - name: FILE_STORAGE + value: s3 + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: outline-minio-user-secret + key: AWS_ACCESS_KEY_ID + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: outline-minio-user-secret + key: AWS_SECRET_ACCESS_KEY + - name: AWS_REGION + value: us-east-1 + - name: AWS_S3_UPLOAD_BUCKET_NAME + value: outline + - name: AWS_S3_UPLOAD_BUCKET_URL + value: http://minio.outline:80/outline + - name: AWS_S3_ACCELERATE_URL + value: http://minio.outline:80/outline + - name: AWS_S3_FORCE_PATH_STYLE + value: false + - name: AWS_S3_ACL + value: private + - name: FILE_STORAGE_UPLOAD_MAX_SIZE + value: "26214400" + - name: FORCE_HTTPS + value: false + - name: ENABLE_UPDATES + value: false + - name: WEB_CONCURRENCY + value: 1 + - name: FILE_STORAGE_IMPORT_MAX_SIZE + value: 5120000 + - name: LOG_LEVEL + value: info + - name: DEFAULT_LANGUAGE + value: en_US + - name: RATE_LIMITER_ENABLED + value: false + - name: DEVELOPMENT_UNSAFE_INLINE_CSP + value: false + - name: OIDC_CLIENT_ID + valueFrom: + secretKeyRef: + name: outline-oidc-secret + key: client + - name: OIDC_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: outline-oidc-secret + key: secret + - name: OIDC_AUTH_URI + value: https://auth.alexlebens.dev/application/o/authorize/ + - name: OIDC_TOKEN_URI + value: https://auth.alexlebens.dev/application/o/token/ + - name: OIDC_USERINFO_URI + value: https://auth.alexlebens.dev/application/o/userinfo/ + - name: OIDC_USERNAME_CLAIM + value: email + - name: OIDC_DISPLAY_NAME + value: Authentik + - name: OIDC_SCOPES + value: openid profile email + resources: + requests: + cpu: 100m + memory: 256Mi + serviceAccount: + create: true + service: + main: + controller: main + ports: + http: + port: 3000 + targetPort: 3000 + protocol: HTTP minio: existingSecret: name: outline-minio-root-secret @@ -76,20 +165,6 @@ minio: certificate: requestAutoCert: false ingress: - api: - enabled: true - ingressClassName: traefik - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" - cert-manager.io/cluster-issuer: letsencrypt-issuer - tls: - - secretName: minio-outline-api-secret-tls - hosts: - - minio-outline-api.alexlebens.net - host: minio-outline-api.alexlebens.net - path: / - pathType: Prefix console: enabled: true ingressClassName: traefik @@ -104,9 +179,14 @@ minio: host: minio-outline.alexlebens.net path: / pathType: Prefix +redis: + architecture: standalone + auth: + enabled: false +cloudflared: + existingSecretName: freshrss-cloudflared-secret postgres-16-cluster: mode: standalone - kubernetesClusterName: cl01tl cluster: walStorage: storageClass: local-path