313 lines
9.2 KiB
YAML
313 lines
9.2 KiB
YAML
rybbit:
|
|
controllers:
|
|
backend:
|
|
type: deployment
|
|
replicas: 1
|
|
strategy: Recreate
|
|
revisionHistoryLimit: 3
|
|
containers:
|
|
main:
|
|
image:
|
|
repository: ghcr.io/rybbit-io/rybbit-backend
|
|
tag: v2.4.0
|
|
pullPolicy: IfNotPresent
|
|
env:
|
|
- name: NODE_ENV
|
|
value: production
|
|
- name: CLICKHOUSE_HOST
|
|
value: http://rybbit-clickhouse.rybbit:8123
|
|
- name: CLICKHOUSE_DB
|
|
value: analytics
|
|
- name: CLICKHOUSE_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rybbit-config-secret
|
|
key: clickhouse-user
|
|
- name: CLICKHOUSE_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rybbit-config-secret
|
|
key: clickhouse-password
|
|
- name: POSTGRES_HOST
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rybbit-postgresql-18-cluster-app
|
|
key: host
|
|
- name: POSTGRES_PORT
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rybbit-postgresql-18-cluster-app
|
|
key: port
|
|
- name: POSTGRES_DB
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rybbit-postgresql-18-cluster-app
|
|
key: dbname
|
|
- name: POSTGRES_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rybbit-postgresql-18-cluster-app
|
|
key: user
|
|
- name: POSTGRES_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rybbit-postgresql-18-cluster-app
|
|
key: password
|
|
- name: BETTER_AUTH_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rybbit-config-secret
|
|
key: better-auth-secret
|
|
- name: BASE_URL
|
|
value: https://rybbit.alexlebens.dev
|
|
- name: DISABLE_SIGNUP
|
|
value: false
|
|
- name: DISABLE_TELEMETRY
|
|
value: true
|
|
- name: MAPBOX_TOKEN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rybbit-config-secret
|
|
key: mapbox-token
|
|
probes:
|
|
liveness:
|
|
enabled: true
|
|
custom: true
|
|
spec:
|
|
exec:
|
|
command:
|
|
- CMD
|
|
- wget
|
|
- --no-verbose
|
|
- --tries=1
|
|
- --spider
|
|
- http://127.0.0.1:3001/api/health
|
|
failureThreshold: 5
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 30
|
|
successThreshold: 1
|
|
timeoutSeconds: 5
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 256Mi
|
|
client:
|
|
type: deployment
|
|
replicas: 1
|
|
strategy: Recreate
|
|
revisionHistoryLimit: 3
|
|
containers:
|
|
main:
|
|
image:
|
|
repository: ghcr.io/rybbit-io/rybbit-client
|
|
tag: v2.4.0
|
|
pullPolicy: IfNotPresent
|
|
env:
|
|
- name: NODE_ENV
|
|
value: production
|
|
- name: NEXT_PUBLIC_BACKEND_URL
|
|
value: https://rybbit.alexlebens.dev
|
|
- name: NEXT_PUBLIC_DISABLE_SIGNUP
|
|
value: false
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 256Mi
|
|
clickhouse:
|
|
type: deployment
|
|
replicas: 1
|
|
strategy: Recreate
|
|
revisionHistoryLimit: 3
|
|
containers:
|
|
main:
|
|
image:
|
|
repository: clickhouse/clickhouse-server
|
|
tag: 26.1.2
|
|
pullPolicy: IfNotPresent
|
|
env:
|
|
- name: CLICKHOUSE_DB
|
|
value: analytics
|
|
- name: CLICKHOUSE_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rybbit-config-secret
|
|
key: clickhouse-user
|
|
- name: CLICKHOUSE_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rybbit-config-secret
|
|
key: clickhouse-password
|
|
probes:
|
|
liveness:
|
|
enabled: true
|
|
custom: true
|
|
spec:
|
|
exec:
|
|
command:
|
|
- CMD
|
|
- wget
|
|
- --no-verbose
|
|
- --tries=1
|
|
- --spider
|
|
- http://localhost:8123/ping
|
|
failureThreshold: 5
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 30
|
|
successThreshold: 1
|
|
timeoutSeconds: 5
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 256Mi
|
|
configMaps:
|
|
config:
|
|
enabled: true
|
|
forceRename: clickhouse-config
|
|
data:
|
|
network.xml: |
|
|
<clickhouse>
|
|
<listen_host>0.0.0.0</listen_host>
|
|
</clickhouse>
|
|
enable_json.xml: |
|
|
<clickhouse>
|
|
<settings>
|
|
<enable_json_type>1</enable_json_type>
|
|
</settings>
|
|
</clickhouse>
|
|
logging_rules.xml: |
|
|
<clickhouse>
|
|
<logger>
|
|
<level>warning</level>
|
|
<console>true</console>
|
|
</logger>
|
|
<query_thread_log remove="remove"/>
|
|
<query_log remove="remove"/>
|
|
<text_log remove="remove"/>
|
|
<trace_log remove="remove"/>
|
|
<metric_log remove="remove"/>
|
|
<asynchronous_metric_log remove="remove"/>
|
|
<session_log remove="remove"/>
|
|
<part_log remove="remove"/>
|
|
<latency_log remove="remove"/>
|
|
<processors_profile_log remove="remove"/>
|
|
</clickhouse>
|
|
user_logging.xml: |
|
|
<clickhouse>
|
|
<profiles>
|
|
<default>
|
|
<log_queries>0</log_queries>
|
|
<log_query_threads>0</log_query_threads>
|
|
<log_processors_profiles>0</log_processors_profiles>
|
|
</default>
|
|
</profiles>
|
|
</clickhouse>
|
|
service:
|
|
backend:
|
|
controller: backend
|
|
ports:
|
|
http:
|
|
port: 3001
|
|
targetPort: 3001
|
|
protocol: HTTP
|
|
client:
|
|
controller: client
|
|
ports:
|
|
http:
|
|
port: 3002
|
|
targetPort: 3002
|
|
protocol: TCP
|
|
clickhouse:
|
|
controller: clickhouse
|
|
ports:
|
|
http:
|
|
port: 8123
|
|
targetPort: 8123
|
|
protocol: TCP
|
|
persistence:
|
|
clickhouse:
|
|
forceRename: clickhouse-data
|
|
storageClass: ceph-block
|
|
accessMode: ReadWriteOnce
|
|
size: 10Gi
|
|
retain: true
|
|
advancedMounts:
|
|
clickhouse:
|
|
main:
|
|
- path: /var/lib/clickhouse
|
|
readOnly: false
|
|
clickhouse-config:
|
|
enabled: true
|
|
type: configMap
|
|
name: clickhouse-config
|
|
advancedMounts:
|
|
clickhouse:
|
|
main:
|
|
- path: /etc/clickhouse-server/config.d/network.xml
|
|
readOnly: true
|
|
mountPropagation: None
|
|
subPath: network.xml
|
|
- path: /etc/clickhouse-server/config.d/enable_json.xml
|
|
readOnly: true
|
|
mountPropagation: None
|
|
subPath: enable_json.xml
|
|
- path: /etc/clickhouse-server/config.d/logging_rules.xml
|
|
readOnly: true
|
|
mountPropagation: None
|
|
subPath: logging_rules.xml
|
|
- path: /etc/clickhouse-server/config.d/user_logging.xml
|
|
readOnly: true
|
|
mountPropagation: None
|
|
subPath: user_logging.xml
|
|
postgres-18-cluster:
|
|
mode: standalone
|
|
recovery:
|
|
method: objectStore
|
|
objectStore:
|
|
index: 1
|
|
backup:
|
|
objectStore:
|
|
- name: garage-local
|
|
index: 1
|
|
destinationBucket: postgres-backups
|
|
externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
|
isWALArchiver: true
|
|
# - name: garage-remote
|
|
# index: 1
|
|
# destinationBucket: postgres-backups
|
|
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
|
# retentionPolicy: "90d"
|
|
# data:
|
|
# compression: bzip2
|
|
# - name: external
|
|
# index: 1
|
|
# endpointURL: https://nyc3.digitaloceanspaces.com
|
|
# destinationBucket: postgres-backups-ce540ddf106d186bbddca68a
|
|
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
|
|
# isWALArchiver: false
|
|
scheduledBackups:
|
|
- name: live-backup
|
|
suspend: true
|
|
immediate: true
|
|
schedule: "0 0 0 * * *"
|
|
backupName: garage-local
|
|
# - name: weekly-backup
|
|
# suspend: true
|
|
# immediate: true
|
|
# schedule: "0 0 4 * * SAT"
|
|
# backupName: garage-remote
|
|
# - name: daily-backup
|
|
# suspend: true
|
|
# immediate: true
|
|
# schedule: "0 0 0 * * *"
|
|
# backupName: external
|
|
volsync-target-clickhouse-data:
|
|
pvcTarget: clickhouse-data
|
|
local:
|
|
enabled: false
|
|
schedule: 38 11 * * *
|
|
remote:
|
|
enabled: false
|
|
external:
|
|
enabled: false
|
|
schedule: 38 12 * * *
|