--- # Source: garage/charts/garage/templates/common.yaml apiVersion: v1 kind: ConfigMap metadata: name: garage labels: app.kubernetes.io/instance: garage app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: garage helm.sh/chart: garage-4.4.0 namespace: garage data: garage.toml: | replication_factor = 1 metadata_dir = "/var/lib/garage/meta" data_dir = "/var/lib/garage/data" metadata_snapshots_dir = "/var/lib/garage/snapshots" db_engine = "lmdb" metadata_auto_snapshot_interval = "6h" compression_level = 3 rpc_bind_addr = "[::]:3901" rpc_public_addr = "127.0.0.1:3901" allow_world_readable_secrets = false [s3_api] s3_region = "us-east-1" api_bind_addr = "[::]:3900" root_domain = ".garage-s3.alexlebens.net" [s3_web] bind_addr = "[::]:3902" root_domain = ".garage-s3.alexlebens.net" [admin] api_bind_addr = "[::]:3903" metrics_require_token = true --- # Source: garage/charts/garage/templates/common.yaml --- kind: PersistentVolumeClaim apiVersion: v1 metadata: name: garage-data labels: app.kubernetes.io/instance: garage app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: garage helm.sh/chart: garage-4.4.0 annotations: helm.sh/resource-policy: keep namespace: garage spec: accessModes: - "ReadWriteOnce" resources: requests: storage: "800Gi" storageClassName: "synology-iscsi-delete" --- # Source: garage/charts/garage/templates/common.yaml kind: PersistentVolumeClaim apiVersion: v1 metadata: name: garage-db labels: app.kubernetes.io/instance: garage app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: garage helm.sh/chart: garage-4.4.0 annotations: helm.sh/resource-policy: keep namespace: garage spec: accessModes: - "ReadWriteOnce" resources: requests: storage: "10Gi" storageClassName: "ceph-block" --- # Source: garage/charts/garage/templates/common.yaml kind: PersistentVolumeClaim apiVersion: v1 metadata: name: garage-snapshots labels: app.kubernetes.io/instance: garage app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: garage helm.sh/chart: garage-4.4.0 annotations: helm.sh/resource-policy: keep namespace: garage spec: accessModes: - "ReadWriteOnce" resources: requests: storage: "50Gi" storageClassName: "synology-iscsi-delete" --- # Source: garage/charts/garage/templates/common.yaml apiVersion: v1 kind: Service metadata: name: garage-main labels: app.kubernetes.io/instance: garage app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: garage app.kubernetes.io/service: garage-main helm.sh/chart: garage-4.4.0 namespace: garage spec: type: ClusterIP ports: - port: 3903 targetPort: 3903 protocol: TCP name: admin - port: 3901 targetPort: 3901 protocol: TCP name: rpc - port: 3900 targetPort: 3900 protocol: TCP name: s3 - port: 3902 targetPort: 3902 protocol: TCP name: web selector: app.kubernetes.io/controller: main app.kubernetes.io/instance: garage app.kubernetes.io/name: garage --- # Source: garage/charts/garage/templates/common.yaml apiVersion: v1 kind: Service metadata: name: garage-webui labels: app.kubernetes.io/instance: garage app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: garage app.kubernetes.io/service: garage-webui helm.sh/chart: garage-4.4.0 namespace: garage spec: type: ClusterIP ports: - port: 3909 targetPort: 3909 protocol: TCP name: webui selector: app.kubernetes.io/controller: webui app.kubernetes.io/instance: garage app.kubernetes.io/name: garage --- # Source: garage/charts/garage/templates/common.yaml apiVersion: apps/v1 kind: Deployment metadata: name: garage-main labels: app.kubernetes.io/controller: main app.kubernetes.io/instance: garage app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: garage helm.sh/chart: garage-4.4.0 namespace: garage spec: revisionHistoryLimit: 3 replicas: 1 strategy: type: Recreate selector: matchLabels: app.kubernetes.io/controller: main app.kubernetes.io/name: garage app.kubernetes.io/instance: garage template: metadata: annotations: checksum/configMaps: aecb65cb46684688a356974d7ecaec4abb2d4fed3f71863780e7f35505c7af02 labels: app.kubernetes.io/controller: main app.kubernetes.io/instance: garage app.kubernetes.io/name: garage spec: enableServiceLinks: false serviceAccountName: default automountServiceAccountToken: true hostIPC: false hostNetwork: false hostPID: false dnsPolicy: ClusterFirst containers: - envFrom: - secretRef: name: garage-token-secret image: dxflrs/garage:v2.1.0 imagePullPolicy: IfNotPresent name: main resources: requests: cpu: 10m memory: 128Mi volumeMounts: - mountPath: /etc/garage.toml mountPropagation: None name: config readOnly: true subPath: garage.toml - mountPath: /var/lib/garage/data name: data - mountPath: /var/lib/garage/meta name: db - mountPath: /var/lib/garage/snapshots name: snapshots volumes: - configMap: name: garage name: config - name: data persistentVolumeClaim: claimName: garage-data - name: db persistentVolumeClaim: claimName: garage-db - name: snapshots persistentVolumeClaim: claimName: garage-snapshots --- # Source: garage/charts/garage/templates/common.yaml apiVersion: apps/v1 kind: Deployment metadata: name: garage-webui labels: app.kubernetes.io/controller: webui app.kubernetes.io/instance: garage app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: garage helm.sh/chart: garage-4.4.0 namespace: garage spec: revisionHistoryLimit: 3 replicas: 1 strategy: type: Recreate selector: matchLabels: app.kubernetes.io/controller: webui app.kubernetes.io/name: garage app.kubernetes.io/instance: garage template: metadata: annotations: checksum/configMaps: aecb65cb46684688a356974d7ecaec4abb2d4fed3f71863780e7f35505c7af02 labels: app.kubernetes.io/controller: webui app.kubernetes.io/instance: garage app.kubernetes.io/name: garage spec: enableServiceLinks: false serviceAccountName: default automountServiceAccountToken: true hostIPC: false hostNetwork: false hostPID: false dnsPolicy: ClusterFirst containers: - env: - name: API_BASE_URL value: http://garage-main.garage:3903 - name: S3_ENDPOINT_URL value: http://garage-main.garage:3900 - name: API_ADMIN_KEY valueFrom: secretKeyRef: key: GARAGE_ADMIN_TOKEN name: garage-token-secret image: khairul169/garage-webui:1.1.0 imagePullPolicy: IfNotPresent name: main resources: requests: cpu: 10m memory: 128Mi volumeMounts: - mountPath: /etc/garage.toml mountPropagation: None name: config readOnly: true subPath: garage.toml volumes: - configMap: name: garage name: config --- # Source: garage/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: garage-token-secret namespace: garage labels: app.kubernetes.io/name: garage-token-secret app.kubernetes.io/instance: garage app.kubernetes.io/part-of: garage spec: secretStoreRef: kind: ClusterSecretStore name: vault data: - secretKey: GARAGE_RPC_SECRET remoteRef: conversionStrategy: Default decodingStrategy: None key: /cl01tl/garage/token metadataPolicy: None property: rpc - secretKey: GARAGE_ADMIN_TOKEN remoteRef: conversionStrategy: Default decodingStrategy: None key: /cl01tl/garage/token metadataPolicy: None property: admin - secretKey: GARAGE_METRICS_TOKEN remoteRef: conversionStrategy: Default decodingStrategy: None key: /cl01tl/garage/token metadataPolicy: None property: metric --- # Source: garage/templates/http-route.yaml apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: name: http-route-garage-webui namespace: garage labels: app.kubernetes.io/name: http-route-garage-webui app.kubernetes.io/instance: garage app.kubernetes.io/part-of: garage spec: parentRefs: - group: gateway.networking.k8s.io kind: Gateway name: traefik-gateway namespace: traefik hostnames: - garage-webui.alexlebens.net rules: - matches: - path: type: PathPrefix value: / backendRefs: - group: '' kind: Service name: garage-webui port: 3909 weight: 100 --- # Source: garage/templates/http-route.yaml apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: name: http-route-garage-s3 namespace: garage labels: app.kubernetes.io/name: http-route-garage-s3 app.kubernetes.io/instance: garage app.kubernetes.io/part-of: garage spec: parentRefs: - group: gateway.networking.k8s.io kind: Gateway name: traefik-gateway namespace: traefik hostnames: - garage-s3.alexlebens.net rules: - matches: - path: type: PathPrefix value: / backendRefs: - group: '' kind: Service name: garage-main port: 3900 weight: 100 --- # Source: garage/templates/service-monitor.yaml apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: garage namespace: garage labels: app.kubernetes.io/name: garage app.kubernetes.io/instance: garage app.kubernetes.io/part-of: garage spec: selector: matchLabels: app.kubernetes.io/name: garage app.kubernetes.io/instance: garage endpoints: - port: admin interval: 1m scrapeTimeout: 30s path: /metrics bearerTokenSecret: name: garage-token-secret key: GARAGE_METRICS_TOKEN