alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Activity

Automated Manifest Update #5756

Merged
alexlebens merged 1 commits from auto/update-manifests into manifests 2026-04-09 02:10:18 +00:00
Conversation 0 Commits 1 Files Changed 10 +284 -14
10 changed files with 284 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
clusters/cl01tl/manifests/kyoo/Cluster-kyoo-postgresql-18-cluster.yaml
View File

@@ -34,7 +34,7 @@ spec:
primaryUpdateMethod: switchover
primaryUpdateStrategy: unsupervised
logLevel: info
enableSuperuserAccess: false
enableSuperuserAccess: true
enablePDB: true
postgresql:
parameters:
@@ -52,6 +52,15 @@ spec:
barmanObjectName: "kyoo-postgresql-18-backup-garage-local"
serverName: "kyoo-postgresql-18-backup-1"
bootstrap:
initdb:
recovery:
database: app
owner: app
source: kyoo-postgresql-18-backup-1
externalClusters:
- name: kyoo-postgresql-18-backup-1
plugin:
name: barman-cloud.cloudnative-pg.io
enabled: true
isWALArchiver: false
parameters:
barmanObjectName: "kyoo-postgresql-18-recovery"
serverName: kyoo-postgresql-18-backup-1

4
clusters/cl01tl/manifests/kyoo/Deployment-kyoo-api.yaml
View File

@@ -53,12 +53,12 @@ spec:
valueFrom:
secretKeyRef:
key: user
name: kyoo-postgresql-18-cluster-app
name: kyoo-postgresql-18-cluster-superuser
- name: PGPASSWORD
valueFrom:
secretKeyRef:
key: password
name: kyoo-postgresql-18-cluster-app
name: kyoo-postgresql-18-cluster-superuser
- name: PGDATABASE
value: "kyoo_api"
- name: PGHOST

58
clusters/cl01tl/manifests/kyoo/ExternalSecret-kyoo-apimetadata-backup-secret-external.yaml Normal file
View File

@@ -0,0 +1,58 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: kyoo-apimetadata-backup-secret-external
namespace: kyoo
labels:
helm.sh/chart: volsync-target-metadata-0.8.0
app.kubernetes.io/instance: kyoo
app.kubernetes.io/part-of: kyoo
app.kubernetes.io/version: "0.8.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: kyoo-apimetadata-backup-secret-external
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/kyoo/kyoo-apimetadata"
data:
- secretKey: BUCKET_ENDPOINT
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/digital-ocean
metadataPolicy: None
property: BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/digital-ocean
metadataPolicy: None
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None
property: AWS_DEFAULT_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /digital-ocean/home-infra/volsync-backups
metadataPolicy: None
property: AWS_SECRET_ACCESS_KEY

58
clusters/cl01tl/manifests/kyoo/ExternalSecret-kyoo-apimetadata-backup-secret-local.yaml Normal file
View File

@@ -0,0 +1,58 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: kyoo-apimetadata-backup-secret-local
namespace: kyoo
labels:
helm.sh/chart: volsync-target-metadata-0.8.0
app.kubernetes.io/instance: kyoo
app.kubernetes.io/part-of: kyoo
app.kubernetes.io/version: "0.8.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: kyoo-apimetadata-backup-secret-local
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/kyoo/kyoo-apimetadata"
data:
- secretKey: BUCKET_ENDPOINT
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/garage-local
metadataPolicy: None
property: BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/garage-local
metadataPolicy: None
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_SECRET_KEY

58
clusters/cl01tl/manifests/kyoo/ExternalSecret-kyoo-apimetadata-backup-secret-remote.yaml Normal file
View File

@@ -0,0 +1,58 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: kyoo-apimetadata-backup-secret-remote
namespace: kyoo
labels:
helm.sh/chart: volsync-target-metadata-0.8.0
app.kubernetes.io/instance: kyoo
app.kubernetes.io/part-of: kyoo
app.kubernetes.io/version: "0.8.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: kyoo-apimetadata-backup-secret-remote
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/kyoo/kyoo-apimetadata"
data:
- secretKey: BUCKET_ENDPOINT
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/garage-remote
metadataPolicy: None
property: BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /volsync/restic/garage-remote
metadataPolicy: None
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /garage/home-infra/volsync-backups
metadataPolicy: None
property: ACCESS_SECRET_KEY

4
clusters/cl01tl/manifests/kyoo/ExternalSecret-kyoo-oidc-secret.yaml
View File

@@ -12,11 +12,11 @@ spec:
kind: ClusterSecretStore
name: vault
data:
- secretKey: rsa-private
- secretKey: client
remoteRef:
key: /authentik/oidc/kyoo
property: client
- secretKey: scanner-apikey
- secretKey: secret
remoteRef:
key: /authentik/oidc/kyoo
property: secret

14
clusters/cl01tl/manifests/kyoo/HTTPRoute-kyoo.yaml
View File

@@ -23,7 +23,7 @@ spec:
backendRefs:
- group: ''
kind: Service
name: front
name: kyoo-front
port: 8901
weight: 100
- matches:
@@ -33,7 +33,7 @@ spec:
backendRefs:
- group: ''
kind: Service
name: transcoder
name: kyoo-transcoder
port: 7666
weight: 100
- matches:
@@ -43,7 +43,7 @@ spec:
backendRefs:
- group: ''
kind: Service
name: auth
name: kyoo-auth
port: 4568
weight: 100
- matches:
@@ -53,7 +53,7 @@ spec:
backendRefs:
- group: ''
kind: Service
name: auth
name: kyoo-auth
port: 4568
weight: 100
- matches:
@@ -63,7 +63,7 @@ spec:
backendRefs:
- group: ''
kind: Service
name: api
name: kyoo-api
port: 3567
weight: 100
- matches:
@@ -73,7 +73,7 @@ spec:
backendRefs:
- group: ''
kind: Service
name: api
name: kyoo-api
port: 3567
weight: 100
- matches:
@@ -83,6 +83,6 @@ spec:
backendRefs:
- group: ''
kind: Service
name: scanner
name: kyoo-scanner
port: 4389
weight: 100

29
clusters/cl01tl/manifests/kyoo/ReplicationSource-kyoo-apimetadata-backup-source-external.yaml Normal file
View File

@@ -0,0 +1,29 @@
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: kyoo-apimetadata-backup-source-external
namespace: kyoo
labels:
helm.sh/chart: volsync-target-metadata-0.8.0
app.kubernetes.io/instance: kyoo
app.kubernetes.io/part-of: kyoo
app.kubernetes.io/version: "0.8.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: kyoo-apimetadata-backup
spec:
sourcePVC: kyoo-apimetadata
trigger:
schedule: 26 10 * * *
restic:
pruneIntervalDays: 7
repository: kyoo-apimetadata-backup-secret-external
retain:
daily: 7
hourly: 0
monthly: 3
weekly: 4
yearly: 1
copyMethod: Snapshot
storageClassName: ceph-block
volumeSnapshotClassName: ceph-blockpool-snapshot
cacheCapacity: 1Gi

29
clusters/cl01tl/manifests/kyoo/ReplicationSource-kyoo-apimetadata-backup-source-local.yaml Normal file
View File

@@ -0,0 +1,29 @@
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: kyoo-apimetadata-backup-source-local
namespace: kyoo
labels:
helm.sh/chart: volsync-target-metadata-0.8.0
app.kubernetes.io/instance: kyoo
app.kubernetes.io/part-of: kyoo
app.kubernetes.io/version: "0.8.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: kyoo-apimetadata-backup
spec:
sourcePVC: kyoo-apimetadata
trigger:
schedule: 26 8 * * *
restic:
pruneIntervalDays: 7
repository: kyoo-apimetadata-backup-secret-local
retain:
daily: 7
hourly: 0
monthly: 3
weekly: 4
yearly: 1
copyMethod: Snapshot
storageClassName: ceph-block
volumeSnapshotClassName: ceph-blockpool-snapshot
cacheCapacity: 1Gi

29
clusters/cl01tl/manifests/kyoo/ReplicationSource-kyoo-apimetadata-backup-source-remote.yaml Normal file
View File

@@ -0,0 +1,29 @@
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: kyoo-apimetadata-backup-source-remote
namespace: kyoo
labels:
helm.sh/chart: volsync-target-metadata-0.8.0
app.kubernetes.io/instance: kyoo
app.kubernetes.io/part-of: kyoo
app.kubernetes.io/version: "0.8.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: kyoo-apimetadata-backup
spec:
sourcePVC: kyoo-apimetadata
trigger:
schedule: 26 9 * * *
restic:
pruneIntervalDays: 7
repository: kyoo-apimetadata-backup-secret-remote
retain:
daily: 7
hourly: 0
monthly: 3
weekly: 4
yearly: 1
copyMethod: Snapshot
storageClassName: ceph-block
volumeSnapshotClassName: ceph-blockpool-snapshot
cacheCapacity: 1Gi