diff --git a/k8s/README.md b/k8s/README.md index 7c20734..7e7aa71 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -38,6 +38,7 @@ done ```sh helm repo add stable https://kubernetes-charts.storage.googleapis.com helm repo add jetstack https://charts.jetstack.io +helm repo add bitnami https://charts.bitnami.com/bitnami helm repo update ``` @@ -82,17 +83,6 @@ helm upgrade --install docker-registry stable/docker-registry -n development -f ##kubectl apply -f development/registry.secret.yaml ``` -## rstudio - -Currently only for one user: - -```sh -kubectl apply -f datalab/rstudio.yaml -``` - - - - ### creating docker-pull-secret Create credentials secret [according to docu](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line): @@ -114,25 +104,37 @@ for i in $( echo $namespaces ) ; do done ``` +## rstudio + +Currently only for one user: + +```sh +kubectl apply -f datalab/rstudio.yaml +``` + ## tt-rss Includes *persistent data* from mariadb table `tt-rss`. ```sh +helm upgrade --install tt-rss-mariadb bitnami/mariadb -n tt-rss -f tt-rss/tt-rss-mariadb.secret.yml +helm upgrade --install tt-rss-phpmyadmin bitnami/phpmyadmin -n tt-rss -f tt-rss/tt-rss-phpmyadmin.yml kubectl apply -f tt-rss/ ``` +## monitoring + +```sh +helm upgrade --install prometheus-operator stable/prometheus-operator -n monitoring -f monitoring/prometheus-operator.secret.yml +``` + ## minio ```sh kubectl apply -f minio ``` -## monitoring -```sh - -``` ## auth diff --git a/k8s/monitoring/prometheus-operator.secret.yml b/k8s/monitoring/prometheus-operator.secret.yml new file mode 100644 index 0000000..fb1f800 --- /dev/null +++ b/k8s/monitoring/prometheus-operator.secret.yml @@ -0,0 +1,31 @@ +# status: implemented + +prometheus: + ingress: + enabled: true + hosts: + - prometheus.haumdaucher.de + tls: + - hosts: + - "prometheus.haumdaucher.de" + secretName: prometheus-haumdaucher-de + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + cert-manager.io/cluster-issuer: "letsencrypt-prod" +alertmanager: + enabled: false +grafana: + adminPassword: kohkohh5sah1Do3ize2x + ingress: + enabled: true + hosts: + - grafana.haumdaucher.de + tls: + - hosts: + - "grafana.haumdaucher.de" + secretName: grafana-haumdaucher-de + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + cert-manager.io/cluster-issuer: "letsencrypt-prod" \ No newline at end of file diff --git a/k8s/tt-rss/tt-rss-mariadb.secret.yaml b/k8s/tt-rss/tt-rss-mariadb.secret.yaml deleted file mode 100644 index 83e142d..0000000 Binary files a/k8s/tt-rss/tt-rss-mariadb.secret.yaml and /dev/null differ diff --git a/k8s/tt-rss/tt-rss-mariadb.secret.yml b/k8s/tt-rss/tt-rss-mariadb.secret.yml new file mode 100644 index 0000000..1a17a9b --- /dev/null +++ b/k8s/tt-rss/tt-rss-mariadb.secret.yml @@ -0,0 +1,10 @@ +rootUser: + password: cah6eepai1Saepho8tho + forcePassword: true +db: + name: tt-rss + user: tt-rss + password: AhS5cai7oph3ahN4Aile + forcePassword: true +replication: + enabled: false \ No newline at end of file diff --git a/k8s/tt-rss/tt-rss-phpmyadmin.yaml b/k8s/tt-rss/tt-rss-phpmyadmin.yaml deleted file mode 100644 index 0607edc..0000000 --- a/k8s/tt-rss/tt-rss-phpmyadmin.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: helm.fluxcd.io/v1 -kind: HelmRelease -metadata: - name: helm-tt-rss-phpmyadmin - namespace: flux -spec: - releaseName: tt-rss-phpmyadmin - targetNamespace: tt-rss - chart: - repository: https://charts.bitnami.com/bitnami - version: 5.0.0 - name: phpmyadmin - values: - db: - host: tt-rss-mariadb - ingress: - enabled: true - hosts: - - path: "/" - tls: true - name: "tt-rss.phpmyadmin.haumdaucher.de" - tlsSecret: "tt-rss-phpmyadmin-haumdaucher-de" - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-prod" - nginx.ingress.kubernetes.io/proxy-body-size: "0" \ No newline at end of file diff --git a/k8s/tt-rss/tt-rss-phpmyadmin.yml b/k8s/tt-rss/tt-rss-phpmyadmin.yml new file mode 100644 index 0000000..d6f6823 --- /dev/null +++ b/k8s/tt-rss/tt-rss-phpmyadmin.yml @@ -0,0 +1,13 @@ +--- +db: + host: tt-rss-mariadb +ingress: + enabled: true + hosts: + - path: "/" + tls: true + name: "tt-rss.phpmyadmin.haumdaucher.de" + tlsSecret: "tt-rss-phpmyadmin-haumdaucher-de" + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-prod" + nginx.ingress.kubernetes.io/proxy-body-size: "0" \ No newline at end of file diff --git a/k8s/tt-rss/tt-rss-pvc.yml b/k8s/tt-rss/tt-rss-pvc.yml new file mode 100644 index 0000000..91ff118 --- /dev/null +++ b/k8s/tt-rss/tt-rss-pvc.yml @@ -0,0 +1,42 @@ +# --- +# apiVersion: v1 +# kind: PersistentVolumeClaim +# metadata: +# labels: +# app: mariadb +# stor: openebs +# name: data-tt-rss-mariadb-openebs +# namespace: tt-rss +# spec: +# accessModes: +# - ReadWriteOnce +# resources: +# requests: +# storage: 8Gi +# storageClassName: openebs-hostpath +# status: +# accessModes: +# - ReadWriteOnce +# capacity: +# storage: 8Gi + +# --- +# apiVersion: v1 +# kind: PersistentVolumeClaim +# metadata: +# labels: +# app: mariadb-backup +# name: data-tt-rss-mariadb-openebs +# namespace: tt-rss +# spec: +# accessModes: +# - ReadWriteOnce +# resources: +# requests: +# storage: 8Gi +# storageClassName: openebs-hostpath +# status: +# accessModes: +# - ReadWriteOnce +# capacity: +# storage: 8Gi \ No newline at end of file diff --git a/k8s/tt-rss/tt-rss.secret.yaml b/k8s/tt-rss/tt-rss.secret.yaml new file mode 100644 index 0000000..01d924c Binary files /dev/null and b/k8s/tt-rss/tt-rss.secret.yaml differ