diff --git a/clusters/cl01tl/helm/backrest/templates/http-route.yaml b/clusters/cl01tl/helm/backrest/templates/http-route.yaml deleted file mode 100644 index 767030b4f..000000000 --- a/clusters/cl01tl/helm/backrest/templates/http-route.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: http-route-backrest - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: http-route-backrest - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - backrest.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: backrest - port: 80 - weight: 100 diff --git a/clusters/cl01tl/helm/backrest/values.yaml b/clusters/cl01tl/helm/backrest/values.yaml index 81dc7828e..2a83a247c 100644 --- a/clusters/cl01tl/helm/backrest/values.yaml +++ b/clusters/cl01tl/helm/backrest/values.yaml @@ -33,6 +33,27 @@ backrest: port: 80 targetPort: 9898 protocol: TCP + route: + main: + kind: HTTPRoute + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - backrest.alexlebens.net + rules: + - backendRefs: + - group: '' + kind: Service + name: backrest + port: 80 + weight: 100 + matches: + - path: + type: PathPrefix + value: / persistence: data: forceRename: backrest-data diff --git a/clusters/cl01tl/helm/bazarr/templates/http-route.yaml b/clusters/cl01tl/helm/bazarr/templates/http-route.yaml deleted file mode 100644 index 3e5439d60..000000000 --- a/clusters/cl01tl/helm/bazarr/templates/http-route.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: http-route-bazarr - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: http-route-bazarr - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - bazarr.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: bazarr - port: 80 - weight: 100 diff --git a/clusters/cl01tl/helm/bazarr/values.yaml b/clusters/cl01tl/helm/bazarr/values.yaml index 2e3f36a1a..0f27a9ca1 100644 --- a/clusters/cl01tl/helm/bazarr/values.yaml +++ b/clusters/cl01tl/helm/bazarr/values.yaml @@ -36,6 +36,27 @@ bazarr: port: 80 targetPort: 6767 protocol: HTTP + route: + main: + kind: HTTPRoute + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - bazarr.alexlebens.net + rules: + - backendRefs: + - group: '' + kind: Service + name: bazarr + port: 80 + weight: 100 + matches: + - path: + type: PathPrefix + value: / persistence: config: forceRename: bazarr-config diff --git a/clusters/cl01tl/helm/blocky/templates/service-monitor.yaml b/clusters/cl01tl/helm/blocky/templates/service-monitor.yaml deleted file mode 100644 index f7ca70e99..000000000 --- a/clusters/cl01tl/helm/blocky/templates/service-monitor.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: blocky - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: blocky - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: blocky - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: metrics - interval: 30s - scrapeTimeout: 10s - path: /metrics diff --git a/clusters/cl01tl/helm/blocky/values.yaml b/clusters/cl01tl/helm/blocky/values.yaml index b84d2ad27..88714d78e 100644 --- a/clusters/cl01tl/helm/blocky/values.yaml +++ b/clusters/cl01tl/helm/blocky/values.yaml @@ -288,6 +288,19 @@ blocky: port: 4000 targetPort: 4000 protocol: TCP + serviceMonitor: + main: + selector: + matchLabels: + app.kubernetes.io/name: blocky + app.kubernetes.io/instance: blocky + serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}' + endpoints: + - port: metrics + scheme: http + path: /metrics + interval: 30s + scrapeTimeout: 10s persistence: config: enabled: true diff --git a/clusters/cl01tl/helm/booklore/templates/http-route.yaml b/clusters/cl01tl/helm/booklore/templates/http-route.yaml deleted file mode 100644 index a6156305e..000000000 --- a/clusters/cl01tl/helm/booklore/templates/http-route.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: http-route-booklore - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: http-route-booklore - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - booklore.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: booklore - port: 80 - weight: 100 diff --git a/clusters/cl01tl/helm/booklore/values.yaml b/clusters/cl01tl/helm/booklore/values.yaml index a23343276..c33dc742a 100644 --- a/clusters/cl01tl/helm/booklore/values.yaml +++ b/clusters/cl01tl/helm/booklore/values.yaml @@ -39,6 +39,27 @@ booklore: port: 80 targetPort: 6060 protocol: HTTP + route: + main: + kind: HTTPRoute + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - booklore.alexlebens.net + rules: + - backendRefs: + - group: '' + kind: Service + name: booklore + port: 80 + weight: 100 + matches: + - path: + type: PathPrefix + value: / persistence: config: forceRename: booklore-config diff --git a/clusters/cl01tl/helm/cilium/templates/http-route.yaml b/clusters/cl01tl/helm/cilium/templates/http-route.yaml index 603a5e574..d6a2df802 100644 --- a/clusters/cl01tl/helm/cilium/templates/http-route.yaml +++ b/clusters/cl01tl/helm/cilium/templates/http-route.yaml @@ -1,10 +1,10 @@ apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: - name: http-route-hubble + name: hubble namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: http-route-hubble + app.kubernetes.io/name: hubble app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/part-of: {{ .Release.Name }} spec: diff --git a/clusters/cl01tl/helm/cilium/values.yaml b/clusters/cl01tl/helm/cilium/values.yaml index 3dc885e0f..ed3f6e572 100644 --- a/clusters/cl01tl/helm/cilium/values.yaml +++ b/clusters/cl01tl/helm/cilium/values.yaml @@ -60,7 +60,7 @@ cilium: method: cronJob relay: enabled: true - metrics: + prometheus: serviceMonitor: enabled: true ui: diff --git a/clusters/cl01tl/helm/code-server/templates/http-route.yaml b/clusters/cl01tl/helm/code-server/templates/http-route.yaml deleted file mode 100644 index 0bd454572..000000000 --- a/clusters/cl01tl/helm/code-server/templates/http-route.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: http-route-code-server - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: http-route-code-server - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - code-server.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: code-server - port: 8443 - weight: 100 diff --git a/clusters/cl01tl/helm/code-server/values.yaml b/clusters/cl01tl/helm/code-server/values.yaml index 1e6e5d2c0..527209375 100644 --- a/clusters/cl01tl/helm/code-server/values.yaml +++ b/clusters/cl01tl/helm/code-server/values.yaml @@ -35,6 +35,27 @@ code-server: port: 8443 targetPort: 8443 protocol: HTTP + route: + main: + kind: HTTPRoute + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - code-server.alexlebens.net + rules: + - backendRefs: + - group: '' + kind: Service + name: code-server + port: 8443 + weight: 100 + matches: + - path: + type: PathPrefix + value: / persistence: config: forceRename: code-server-config diff --git a/clusters/cl01tl/helm/directus/Chart.lock b/clusters/cl01tl/helm/directus/Chart.lock index 5925b8a60..488f310a9 100644 --- a/clusters/cl01tl/helm/directus/Chart.lock +++ b/clusters/cl01tl/helm/directus/Chart.lock @@ -7,9 +7,9 @@ dependencies: version: 2.1.4 - name: postgres-cluster repository: oci://harbor.alexlebens.net/helm-charts - version: 7.1.4 + version: 7.4.3 - name: redis-replication repository: oci://harbor.alexlebens.net/helm-charts version: 0.5.0 -digest: sha256:291cc8a8dc77d554ee24c641c38322217f8540a8c7c41ff00704adb0cbcc6dfd -generated: "2025-12-21T19:02:03.688822042Z" +digest: sha256:d9c95b9a697ebe9fb98ebb2a5e2f7058c26b9207742eadcd56f278ff36d00855 +generated: "2025-12-23T16:47:50.269275-06:00" diff --git a/clusters/cl01tl/helm/directus/Chart.yaml b/clusters/cl01tl/helm/directus/Chart.yaml index 1990fca72..022f57a57 100644 --- a/clusters/cl01tl/helm/directus/Chart.yaml +++ b/clusters/cl01tl/helm/directus/Chart.yaml @@ -26,7 +26,7 @@ dependencies: version: 2.1.4 - name: postgres-cluster alias: postgres-18-cluster - version: 7.1.4 + version: 7.4.3 repository: oci://harbor.alexlebens.net/helm-charts - name: redis-replication version: 0.5.0 diff --git a/clusters/cl01tl/helm/directus/templates/external-secret.yaml b/clusters/cl01tl/helm/directus/templates/external-secret.yaml index 0393c87f6..0b94caaa3 100644 --- a/clusters/cl01tl/helm/directus/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/directus/templates/external-secret.yaml @@ -123,70 +123,3 @@ spec: key: /cl01tl/directus/redis metadataPolicy: None property: password - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: directus-postgresql-18-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-postgresql-18-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret - ---- -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: directus-postgresql-18-cluster-backup-secret-garage - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus-postgresql-18-cluster-backup-secret-garage - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY - - secretKey: ACCESS_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_REGION diff --git a/clusters/cl01tl/helm/directus/templates/service-monitor.yaml b/clusters/cl01tl/helm/directus/templates/service-monitor.yaml deleted file mode 100644 index 8d26b2857..000000000 --- a/clusters/cl01tl/helm/directus/templates/service-monitor.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: directus - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: directus - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: directus - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: http - interval: 30s - scrapeTimeout: 15s - path: /metrics - bearerTokenSecret: - name: directus-metric-token - key: metric-token diff --git a/clusters/cl01tl/helm/directus/values.yaml b/clusters/cl01tl/helm/directus/values.yaml index 30eb2b869..9d456ed87 100644 --- a/clusters/cl01tl/helm/directus/values.yaml +++ b/clusters/cl01tl/helm/directus/values.yaml @@ -153,60 +153,63 @@ directus: port: 80 targetPort: 8055 protocol: TCP + serviceMonitor: + main: + selector: + matchLabels: + app.kubernetes.io/name: directus + app.kubernetes.io/instance: directus + serviceName: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}' + endpoints: + - port: http + interval: 30s + scrapeTimeout: 15s + path: /metrics + bearerTokenSecret: + name: directus-metric-token + key: metric-token postgres-18-cluster: mode: recovery - cluster: - storage: - storageClass: local-path - walStorage: - storageClass: local-path recovery: method: objectStore objectStore: - destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-18-cluster - endpointURL: http://garage-main.garage:3900 index: 1 - endpointCredentials: directus-postgresql-18-cluster-backup-secret-garage backup: objectStore: - name: garage-local - destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-18-cluster index: 1 - endpointURL: http://garage-main.garage:3900 - endpointCredentials: directus-postgresql-18-cluster-backup-secret-garage - endpointCredentialsIncludeRegion: true - retentionPolicy: "3d" + destinationBucket: postgres-backups + externalSecretCredentialPath: /garage/home-infra/postgres-backups isWALArchiver: true - # - name: external - # destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-18-cluster - # index: 1 - # retentionPolicy: "30d" - # isWALArchiver: false # - name: garage-remote - # destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-18-cluster # index: 1 - # endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - # endpointCredentials: directus-postgresql-18-cluster-backup-secret-garage - # retentionPolicy: "30d" + # destinationBucket: postgres-backups + # externalSecretCredentialPath: /garage/home-infra/postgres-backups + # retentionPolicy: "90d" # data: # compression: bzip2 - # jobs: 2 + # - name: external + # index: 1 + # endpointURL: https://nyc3.digitaloceanspaces.com + # destinationBucket: postgres-backups-ce540ddf106d186bbddca68a + # externalSecretCredentialPath: /garage/home-infra/postgres-backups + # isWALArchiver: false scheduledBackups: - name: live-backup suspend: false immediate: true schedule: "0 0 0 * * *" backupName: garage-local - # - name: daily-backup - # suspend: false - # immediate: true - # schedule: "0 0 0 * * *" - # backupName: external # - name: weekly-backup - # suspend: false + # suspend: true # immediate: true # schedule: "0 0 4 * * SAT" # backupName: garage-remote + # - name: daily-backup + # suspend: true + # immediate: true + # schedule: "0 0 0 * * *" + # backupName: external redis-replication: existingSecret: enabled: true