From 3c37426562525e0f36b9d913bcfa0e0c033617d1 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Tue, 23 Dec 2025 22:49:14 +0000 Subject: [PATCH 1/2] chore: Update manifests after change --- .../argocd/Deployment-argocd-repo-server.yaml | 22 ------------ ...gocd-gitea-repo-infrastructure-secret.yaml | 35 +++++++++++++++++++ .../argocd/HTTPRoute-argocd-server.yaml | 32 +++++++++++++++++ 3 files changed, 67 insertions(+), 22 deletions(-) create mode 100644 clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml create mode 100644 clusters/cl01tl/manifests/argocd/HTTPRoute-argocd-server.yaml diff --git a/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml b/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml index 8b2d227ec..58d12aa23 100644 --- a/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml +++ b/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml @@ -357,23 +357,6 @@ spec: runAsNonRoot: true seccompProfile: type: RuntimeDefault - - command: - - /var/run/argocd/argocd-cmp-server - image: ghcr.io/akuity/cdk8s-cmp-typescript:1.0 - name: cmp-cdk8s - securityContext: - runAsNonRoot: true - runAsUser: 999 - volumeMounts: - - mountPath: /var/run/argocd - name: var-files - - mountPath: /home/argocd/cmp-server/plugins - name: plugins - - mountPath: /home/argocd/cmp-server/config/plugin.yaml - name: argocd-cmp-cm - subPath: cdk8s.yaml - - mountPath: /tmp - name: cmp-tmp initContainers: - command: - /bin/cp @@ -408,11 +391,6 @@ spec: nodeSelector: kubernetes.io/os: linux volumes: - - configMap: - name: argocd-cmp-cm - name: argocd-cmp-cm - - emptyDir: {} - name: cmp-tmp - name: helm-working-dir emptyDir: {} - name: plugins diff --git a/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml b/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml new file mode 100644 index 000000000..bf9ac7044 --- /dev/null +++ b/clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml @@ -0,0 +1,35 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: argocd-gitea-repo-infrastructure-secret + namespace: argocd + labels: + app.kubernetes.io/name: argocd-gitea-repo-infrastructure-secret + app.kubernetes.io/instance: argocd + app.kubernetes.io/part-of: argocd +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: type + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/argocd/credentials/repo/infrastructure + metadataPolicy: None + property: type + - secretKey: url + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/argocd/credentials/repo/infrastructure + metadataPolicy: None + property: url + - secretKey: sshPrivateKey + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/argocd/credentials/repo/infrastructure + metadataPolicy: None + property: sshPrivateKey diff --git a/clusters/cl01tl/manifests/argocd/HTTPRoute-argocd-server.yaml b/clusters/cl01tl/manifests/argocd/HTTPRoute-argocd-server.yaml new file mode 100644 index 000000000..c19a69d4f --- /dev/null +++ b/clusters/cl01tl/manifests/argocd/HTTPRoute-argocd-server.yaml @@ -0,0 +1,32 @@ +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: argocd-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.9 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.2" +spec: + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - argocd.alexlebens.net + rules: + - matches: + - path: + type: PathPrefix + value: / + backendRefs: + - group: '' + kind: Service + name: argocd-server + port: 80 + weight: 1 -- 2.49.1 From 797f31904329b3dfb49daa1a1541ec7a03102fc4 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Tue, 23 Dec 2025 22:52:52 +0000 Subject: [PATCH 2/2] chore: Update manifests after change --- .../argocd/ConfigMap-argocd-cmp-cm.yaml | 33 ---------------- .../argocd/Deployment-argocd-repo-server.yaml | 1 - .../argocd/HTTPRoute-http-route-argocd.yaml | 28 ------------- ...-backrest.yaml => HTTPRoute-backrest.yaml} | 26 +++++++------ ...oute-bazarr.yaml => HTTPRoute-bazarr.yaml} | 26 +++++++------ .../blocky/ServiceMonitor-blocky.yaml | 20 ++++++---- ...-booklore.yaml => HTTPRoute-booklore.yaml} | 26 +++++++------ ...oute-hubble.yaml => HTTPRoute-hubble.yaml} | 4 +- ...server.yaml => HTTPRoute-code-server.yaml} | 26 +++++++------ ...luster-directus-postgresql-18-cluster.yaml | 4 +- ...tgresql-18-backup-garage-local-secret.yaml | 39 +++++++++++++++++++ ...s-postgresql-18-cluster-backup-secret.yaml | 28 ------------- ...rectus-postgresql-18-recovery-secret.yaml} | 22 ++++++----- ...us-postgresql-18-backup-garage-local.yaml} | 15 +++---- ...Store-directus-postgresql-18-recovery.yaml | 12 ++++-- ...le-directus-postgresql-18-alert-rules.yaml | 4 +- ...esql-18-scheduled-backup-live-backup.yaml} | 9 +++-- .../directus/ServiceMonitor-directus.yaml | 25 +++++++----- 18 files changed, 163 insertions(+), 185 deletions(-) delete mode 100644 clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cmp-cm.yaml delete mode 100644 clusters/cl01tl/manifests/argocd/HTTPRoute-http-route-argocd.yaml rename clusters/cl01tl/manifests/backrest/{HTTPRoute-http-route-backrest.yaml => HTTPRoute-backrest.yaml} (64%) rename clusters/cl01tl/manifests/bazarr/{HTTPRoute-http-route-bazarr.yaml => HTTPRoute-bazarr.yaml} (65%) rename clusters/cl01tl/manifests/booklore/{HTTPRoute-http-route-booklore.yaml => HTTPRoute-booklore.yaml} (64%) rename clusters/cl01tl/manifests/cilium/{HTTPRoute-http-route-hubble.yaml => HTTPRoute-hubble.yaml} (88%) rename clusters/cl01tl/manifests/code-server/{HTTPRoute-http-route-code-server.yaml => HTTPRoute-code-server.yaml} (64%) create mode 100644 clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-backup-garage-local-secret.yaml delete mode 100644 clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-cluster-backup-secret.yaml rename clusters/cl01tl/manifests/directus/{ExternalSecret-directus-postgresql-18-cluster-backup-secret-garage.yaml => ExternalSecret-directus-postgresql-18-recovery-secret.yaml} (76%) rename clusters/cl01tl/manifests/directus/{ObjectStore-directus-postgresql-18-garage-local-backup.yaml => ObjectStore-directus-postgresql-18-backup-garage-local.yaml} (58%) rename clusters/cl01tl/manifests/directus/{ScheduledBackup-directus-postgresql-18-live-backup-scheduled-backup.yaml => ScheduledBackup-directus-postgresql-18-scheduled-backup-live-backup.yaml} (63%) diff --git a/clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cmp-cm.yaml b/clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cmp-cm.yaml deleted file mode 100644 index 6b3b2751e..000000000 --- a/clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cmp-cm.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-cmp-cm - namespace: argocd - labels: - helm.sh/chart: argo-cd-9.1.9 - app.kubernetes.io/name: argocd-cmp-cm - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: repo-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v3.2.2" -data: - cdk8s.yaml: | - apiVersion: argoproj.io/v1alpha1 - kind: ConfigManagementPlugin - metadata: - name: cdk8s - spec: - discover: - fileName: '*.go' - generate: - args: - - --stdout - command: - - cdk8s - - synth - init: - args: - - import - command: - - cdk8s diff --git a/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml b/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml index 58d12aa23..13212bcff 100644 --- a/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml +++ b/clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml @@ -23,7 +23,6 @@ spec: annotations: checksum/cmd-params: c69043802966d610c48e170dd0809d9649ae345cf78eca00e1c1f91b7eadc2f1 checksum/cm: 4e7aebdeee6651d618d3a9c09fc012f4fc635a54cd2cf3224dbc85297c67bc62 - checksum/cmp-cm: 3cb5131486ce5f1d65ba54c55b4e730974359abb711eddfeb0f1bdd19a83c56c labels: helm.sh/chart: argo-cd-9.1.9 app.kubernetes.io/name: argocd-repo-server diff --git a/clusters/cl01tl/manifests/argocd/HTTPRoute-http-route-argocd.yaml b/clusters/cl01tl/manifests/argocd/HTTPRoute-http-route-argocd.yaml deleted file mode 100644 index f5dd594aa..000000000 --- a/clusters/cl01tl/manifests/argocd/HTTPRoute-http-route-argocd.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: http-route-argocd - namespace: argocd - labels: - app.kubernetes.io/name: http-route-argocd - app.kubernetes.io/instance: argocd - app.kubernetes.io/part-of: argocd -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - argocd.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: argocd-server - port: 80 - weight: 100 diff --git a/clusters/cl01tl/manifests/backrest/HTTPRoute-http-route-backrest.yaml b/clusters/cl01tl/manifests/backrest/HTTPRoute-backrest.yaml similarity index 64% rename from clusters/cl01tl/manifests/backrest/HTTPRoute-http-route-backrest.yaml rename to clusters/cl01tl/manifests/backrest/HTTPRoute-backrest.yaml index 3fc44499b..26ec5578f 100644 --- a/clusters/cl01tl/manifests/backrest/HTTPRoute-http-route-backrest.yaml +++ b/clusters/cl01tl/manifests/backrest/HTTPRoute-backrest.yaml @@ -1,12 +1,13 @@ apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: - name: http-route-backrest - namespace: backrest + name: backrest labels: - app.kubernetes.io/name: http-route-backrest app.kubernetes.io/instance: backrest - app.kubernetes.io/part-of: backrest + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: backrest + helm.sh/chart: backrest-4.5.0 + namespace: backrest spec: parentRefs: - group: gateway.networking.k8s.io @@ -14,15 +15,16 @@ spec: name: traefik-gateway namespace: traefik hostnames: - - backrest.alexlebens.net + - "backrest.alexlebens.net" rules: - - matches: + - backendRefs: + - group: "" + kind: Service + name: backrest + namespace: backrest + port: 80 + weight: 100 + matches: - path: type: PathPrefix value: / - backendRefs: - - group: '' - kind: Service - name: backrest - port: 80 - weight: 100 diff --git a/clusters/cl01tl/manifests/bazarr/HTTPRoute-http-route-bazarr.yaml b/clusters/cl01tl/manifests/bazarr/HTTPRoute-bazarr.yaml similarity index 65% rename from clusters/cl01tl/manifests/bazarr/HTTPRoute-http-route-bazarr.yaml rename to clusters/cl01tl/manifests/bazarr/HTTPRoute-bazarr.yaml index 6364b922d..9090cafaf 100644 --- a/clusters/cl01tl/manifests/bazarr/HTTPRoute-http-route-bazarr.yaml +++ b/clusters/cl01tl/manifests/bazarr/HTTPRoute-bazarr.yaml @@ -1,12 +1,13 @@ apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: - name: http-route-bazarr - namespace: bazarr + name: bazarr labels: - app.kubernetes.io/name: http-route-bazarr app.kubernetes.io/instance: bazarr - app.kubernetes.io/part-of: bazarr + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: bazarr + helm.sh/chart: bazarr-4.5.0 + namespace: bazarr spec: parentRefs: - group: gateway.networking.k8s.io @@ -14,15 +15,16 @@ spec: name: traefik-gateway namespace: traefik hostnames: - - bazarr.alexlebens.net + - "bazarr.alexlebens.net" rules: - - matches: + - backendRefs: + - group: "" + kind: Service + name: bazarr + namespace: bazarr + port: 80 + weight: 100 + matches: - path: type: PathPrefix value: / - backendRefs: - - group: '' - kind: Service - name: bazarr - port: 80 - weight: 100 diff --git a/clusters/cl01tl/manifests/blocky/ServiceMonitor-blocky.yaml b/clusters/cl01tl/manifests/blocky/ServiceMonitor-blocky.yaml index 4ae9ba9ab..fc27f2d16 100644 --- a/clusters/cl01tl/manifests/blocky/ServiceMonitor-blocky.yaml +++ b/clusters/cl01tl/manifests/blocky/ServiceMonitor-blocky.yaml @@ -2,18 +2,24 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: blocky - namespace: blocky labels: - app.kubernetes.io/name: blocky app.kubernetes.io/instance: blocky - app.kubernetes.io/part-of: blocky + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: blocky + helm.sh/chart: blocky-4.5.0 + namespace: blocky spec: + jobLabel: "blocky" + namespaceSelector: + matchNames: + - blocky selector: matchLabels: - app.kubernetes.io/name: blocky app.kubernetes.io/instance: blocky + app.kubernetes.io/name: blocky endpoints: - - port: metrics - interval: 30s - scrapeTimeout: 10s + - interval: 30s path: /metrics + port: metrics + scheme: http + scrapeTimeout: 10s diff --git a/clusters/cl01tl/manifests/booklore/HTTPRoute-http-route-booklore.yaml b/clusters/cl01tl/manifests/booklore/HTTPRoute-booklore.yaml similarity index 64% rename from clusters/cl01tl/manifests/booklore/HTTPRoute-http-route-booklore.yaml rename to clusters/cl01tl/manifests/booklore/HTTPRoute-booklore.yaml index 84531c28f..d03d6fd69 100644 --- a/clusters/cl01tl/manifests/booklore/HTTPRoute-http-route-booklore.yaml +++ b/clusters/cl01tl/manifests/booklore/HTTPRoute-booklore.yaml @@ -1,12 +1,13 @@ apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: - name: http-route-booklore - namespace: booklore + name: booklore labels: - app.kubernetes.io/name: http-route-booklore app.kubernetes.io/instance: booklore - app.kubernetes.io/part-of: booklore + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: booklore + helm.sh/chart: booklore-4.5.0 + namespace: booklore spec: parentRefs: - group: gateway.networking.k8s.io @@ -14,15 +15,16 @@ spec: name: traefik-gateway namespace: traefik hostnames: - - booklore.alexlebens.net + - "booklore.alexlebens.net" rules: - - matches: + - backendRefs: + - group: "" + kind: Service + name: booklore + namespace: booklore + port: 80 + weight: 100 + matches: - path: type: PathPrefix value: / - backendRefs: - - group: '' - kind: Service - name: booklore - port: 80 - weight: 100 diff --git a/clusters/cl01tl/manifests/cilium/HTTPRoute-http-route-hubble.yaml b/clusters/cl01tl/manifests/cilium/HTTPRoute-hubble.yaml similarity index 88% rename from clusters/cl01tl/manifests/cilium/HTTPRoute-http-route-hubble.yaml rename to clusters/cl01tl/manifests/cilium/HTTPRoute-hubble.yaml index 8d32635c2..b1f64e09b 100644 --- a/clusters/cl01tl/manifests/cilium/HTTPRoute-http-route-hubble.yaml +++ b/clusters/cl01tl/manifests/cilium/HTTPRoute-hubble.yaml @@ -1,10 +1,10 @@ apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: - name: http-route-hubble + name: hubble namespace: kube-system labels: - app.kubernetes.io/name: http-route-hubble + app.kubernetes.io/name: hubble app.kubernetes.io/instance: cilium app.kubernetes.io/part-of: cilium spec: diff --git a/clusters/cl01tl/manifests/code-server/HTTPRoute-http-route-code-server.yaml b/clusters/cl01tl/manifests/code-server/HTTPRoute-code-server.yaml similarity index 64% rename from clusters/cl01tl/manifests/code-server/HTTPRoute-http-route-code-server.yaml rename to clusters/cl01tl/manifests/code-server/HTTPRoute-code-server.yaml index 9f476b541..7b232f274 100644 --- a/clusters/cl01tl/manifests/code-server/HTTPRoute-http-route-code-server.yaml +++ b/clusters/cl01tl/manifests/code-server/HTTPRoute-code-server.yaml @@ -1,12 +1,13 @@ apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: - name: http-route-code-server - namespace: code-server + name: code-server labels: - app.kubernetes.io/name: http-route-code-server app.kubernetes.io/instance: code-server - app.kubernetes.io/part-of: code-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: code-server + helm.sh/chart: code-server-4.5.0 + namespace: code-server spec: parentRefs: - group: gateway.networking.k8s.io @@ -14,15 +15,16 @@ spec: name: traefik-gateway namespace: traefik hostnames: - - code-server.alexlebens.net + - "code-server.alexlebens.net" rules: - - matches: + - backendRefs: + - group: "" + kind: Service + name: code-server + namespace: code-server + port: 8443 + weight: 100 + matches: - path: type: PathPrefix value: / - backendRefs: - - group: '' - kind: Service - name: code-server - port: 8443 - weight: 100 diff --git a/clusters/cl01tl/manifests/directus/Cluster-directus-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/directus/Cluster-directus-postgresql-18-cluster.yaml index babcba1f2..eee72157e 100644 --- a/clusters/cl01tl/manifests/directus/Cluster-directus-postgresql-18-cluster.yaml +++ b/clusters/cl01tl/manifests/directus/Cluster-directus-postgresql-18-cluster.yaml @@ -4,11 +4,11 @@ metadata: name: directus-postgresql-18-cluster namespace: directus labels: - helm.sh/chart: postgres-18-cluster-7.1.4 + helm.sh/chart: postgres-18-cluster-7.4.3 app.kubernetes.io/name: directus-postgresql-18 app.kubernetes.io/instance: directus app.kubernetes.io/part-of: directus - app.kubernetes.io/version: "7.1.4" + app.kubernetes.io/version: "7.4.3" app.kubernetes.io/managed-by: Helm spec: instances: 3 diff --git a/clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-backup-garage-local-secret.yaml new file mode 100644 index 000000000..43477e09c --- /dev/null +++ b/clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-backup-garage-local-secret.yaml @@ -0,0 +1,39 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: directus-postgresql-18-backup-garage-local-secret + namespace: directus + labels: + helm.sh/chart: postgres-18-cluster-7.4.3 + app.kubernetes.io/name: directus-postgresql-18 + app.kubernetes.io/instance: directus + app.kubernetes.io/part-of: directus + app.kubernetes.io/version: "7.4.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: directus-postgresql-18-backup-garage-local-secret +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: ACCESS_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_REGION + - secretKey: ACCESS_KEY_ID + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_KEY_ID + - secretKey: ACCESS_SECRET_KEY + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-cluster-backup-secret.yaml b/clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-cluster-backup-secret.yaml deleted file mode 100644 index 1da22da6d..000000000 --- a/clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-cluster-backup-secret.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: directus-postgresql-18-cluster-backup-secret - namespace: directus - labels: - app.kubernetes.io/name: directus-postgresql-18-cluster-backup-secret - app.kubernetes.io/instance: directus - app.kubernetes.io/part-of: directus -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-cluster-backup-secret-garage.yaml b/clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-recovery-secret.yaml similarity index 76% rename from clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-cluster-backup-secret-garage.yaml rename to clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-recovery-secret.yaml index 255a6c9c1..2d8769d51 100644 --- a/clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-cluster-backup-secret-garage.yaml +++ b/clusters/cl01tl/manifests/directus/ExternalSecret-directus-postgresql-18-recovery-secret.yaml @@ -1,17 +1,28 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: directus-postgresql-18-cluster-backup-secret-garage + name: directus-postgresql-18-recovery-secret namespace: directus labels: - app.kubernetes.io/name: directus-postgresql-18-cluster-backup-secret-garage + helm.sh/chart: postgres-18-cluster-7.4.3 + app.kubernetes.io/name: directus-postgresql-18 app.kubernetes.io/instance: directus app.kubernetes.io/part-of: directus + app.kubernetes.io/version: "7.4.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: directus-postgresql-18-recovery-secret spec: secretStoreRef: kind: ClusterSecretStore name: vault data: + - secretKey: ACCESS_REGION + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /garage/home-infra/postgres-backups + metadataPolicy: None + property: ACCESS_REGION - secretKey: ACCESS_KEY_ID remoteRef: conversionStrategy: Default @@ -26,10 +37,3 @@ spec: key: /garage/home-infra/postgres-backups metadataPolicy: None property: ACCESS_SECRET_KEY - - secretKey: ACCESS_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_REGION diff --git a/clusters/cl01tl/manifests/directus/ObjectStore-directus-postgresql-18-garage-local-backup.yaml b/clusters/cl01tl/manifests/directus/ObjectStore-directus-postgresql-18-backup-garage-local.yaml similarity index 58% rename from clusters/cl01tl/manifests/directus/ObjectStore-directus-postgresql-18-garage-local-backup.yaml rename to clusters/cl01tl/manifests/directus/ObjectStore-directus-postgresql-18-backup-garage-local.yaml index 45ddbb344..85e793a3f 100644 --- a/clusters/cl01tl/manifests/directus/ObjectStore-directus-postgresql-18-garage-local-backup.yaml +++ b/clusters/cl01tl/manifests/directus/ObjectStore-directus-postgresql-18-backup-garage-local.yaml @@ -1,27 +1,28 @@ apiVersion: barmancloud.cnpg.io/v1 kind: ObjectStore metadata: - name: "directus-postgresql-18-garage-local-backup" + name: directus-postgresql-18-backup-garage-local namespace: directus labels: - helm.sh/chart: postgres-18-cluster-7.1.4 + helm.sh/chart: postgres-18-cluster-7.4.3 app.kubernetes.io/name: directus-postgresql-18 app.kubernetes.io/instance: directus app.kubernetes.io/part-of: directus - app.kubernetes.io/version: "7.1.4" + app.kubernetes.io/version: "7.4.3" app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: directus-postgresql-18-backup-garage-local spec: - retentionPolicy: 3d + retentionPolicy: 7d configuration: destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-18-cluster endpointURL: http://garage-main.garage:3900 s3Credentials: accessKeyId: - name: directus-postgresql-18-cluster-backup-secret-garage + name: directus-postgresql-18-backup-garage-local-secret key: ACCESS_KEY_ID secretAccessKey: - name: directus-postgresql-18-cluster-backup-secret-garage + name: directus-postgresql-18-backup-garage-local-secret key: ACCESS_SECRET_KEY region: - name: directus-postgresql-18-cluster-backup-secret-garage + name: directus-postgresql-18-backup-garage-local-secret key: ACCESS_REGION diff --git a/clusters/cl01tl/manifests/directus/ObjectStore-directus-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/directus/ObjectStore-directus-postgresql-18-recovery.yaml index 074a6bea4..b22fe9b3a 100644 --- a/clusters/cl01tl/manifests/directus/ObjectStore-directus-postgresql-18-recovery.yaml +++ b/clusters/cl01tl/manifests/directus/ObjectStore-directus-postgresql-18-recovery.yaml @@ -4,12 +4,13 @@ metadata: name: "directus-postgresql-18-recovery" namespace: directus labels: - helm.sh/chart: postgres-18-cluster-7.1.4 + helm.sh/chart: postgres-18-cluster-7.4.3 app.kubernetes.io/name: directus-postgresql-18 app.kubernetes.io/instance: directus app.kubernetes.io/part-of: directus - app.kubernetes.io/version: "7.1.4" + app.kubernetes.io/version: "7.4.3" app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: "directus-postgresql-18-recovery" spec: configuration: destinationPath: s3://postgres-backups/cl01tl/directus/directus-postgresql-18-cluster @@ -22,8 +23,11 @@ spec: jobs: 1 s3Credentials: accessKeyId: - name: directus-postgresql-18-cluster-backup-secret-garage + name: directus-postgresql-18-recovery-secret key: ACCESS_KEY_ID secretAccessKey: - name: directus-postgresql-18-cluster-backup-secret-garage + name: directus-postgresql-18-recovery-secret key: ACCESS_SECRET_KEY + region: + name: directus-postgresql-18-recovery-secret + key: ACCESS_REGION diff --git a/clusters/cl01tl/manifests/directus/PrometheusRule-directus-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/directus/PrometheusRule-directus-postgresql-18-alert-rules.yaml index 1c02c350d..f373fc266 100644 --- a/clusters/cl01tl/manifests/directus/PrometheusRule-directus-postgresql-18-alert-rules.yaml +++ b/clusters/cl01tl/manifests/directus/PrometheusRule-directus-postgresql-18-alert-rules.yaml @@ -4,11 +4,11 @@ metadata: name: directus-postgresql-18-alert-rules namespace: directus labels: - helm.sh/chart: postgres-18-cluster-7.1.4 + helm.sh/chart: postgres-18-cluster-7.4.3 app.kubernetes.io/name: directus-postgresql-18 app.kubernetes.io/instance: directus app.kubernetes.io/part-of: directus - app.kubernetes.io/version: "7.1.4" + app.kubernetes.io/version: "7.4.3" app.kubernetes.io/managed-by: Helm spec: groups: diff --git a/clusters/cl01tl/manifests/directus/ScheduledBackup-directus-postgresql-18-live-backup-scheduled-backup.yaml b/clusters/cl01tl/manifests/directus/ScheduledBackup-directus-postgresql-18-scheduled-backup-live-backup.yaml similarity index 63% rename from clusters/cl01tl/manifests/directus/ScheduledBackup-directus-postgresql-18-live-backup-scheduled-backup.yaml rename to clusters/cl01tl/manifests/directus/ScheduledBackup-directus-postgresql-18-scheduled-backup-live-backup.yaml index a2b3f999b..d953b8027 100644 --- a/clusters/cl01tl/manifests/directus/ScheduledBackup-directus-postgresql-18-live-backup-scheduled-backup.yaml +++ b/clusters/cl01tl/manifests/directus/ScheduledBackup-directus-postgresql-18-scheduled-backup-live-backup.yaml @@ -1,15 +1,16 @@ apiVersion: postgresql.cnpg.io/v1 kind: ScheduledBackup metadata: - name: "directus-postgresql-18-live-backup-scheduled-backup" + name: "directus-postgresql-18-scheduled-backup-live-backup" namespace: directus labels: - helm.sh/chart: postgres-18-cluster-7.1.4 + helm.sh/chart: postgres-18-cluster-7.4.3 app.kubernetes.io/name: directus-postgresql-18 app.kubernetes.io/instance: directus app.kubernetes.io/part-of: directus - app.kubernetes.io/version: "7.1.4" + app.kubernetes.io/version: "7.4.3" app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: "directus-postgresql-18-scheduled-backup-live-backup" spec: immediate: true suspend: false @@ -21,4 +22,4 @@ spec: pluginConfiguration: name: barman-cloud.cloudnative-pg.io parameters: - barmanObjectName: "directus-postgresql-18-garage-local-backup" + barmanObjectName: "directus-postgresql-18-backup-garage-local" diff --git a/clusters/cl01tl/manifests/directus/ServiceMonitor-directus.yaml b/clusters/cl01tl/manifests/directus/ServiceMonitor-directus.yaml index 6828b967f..bfee40602 100644 --- a/clusters/cl01tl/manifests/directus/ServiceMonitor-directus.yaml +++ b/clusters/cl01tl/manifests/directus/ServiceMonitor-directus.yaml @@ -2,21 +2,26 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: directus - namespace: directus labels: - app.kubernetes.io/name: directus app.kubernetes.io/instance: directus - app.kubernetes.io/part-of: directus + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: directus + helm.sh/chart: directus-4.5.0 + namespace: directus spec: + jobLabel: "directus" + namespaceSelector: + matchNames: + - directus selector: matchLabels: - app.kubernetes.io/name: directus app.kubernetes.io/instance: directus + app.kubernetes.io/name: directus endpoints: - - port: http - interval: 30s - scrapeTimeout: 15s - path: /metrics - bearerTokenSecret: - name: directus-metric-token + - bearerTokenSecret: key: metric-token + name: directus-metric-token + interval: 30s + path: /metrics + port: http + scrapeTimeout: 15s -- 2.49.1