jleechpe/k3s
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

consistency extras to extra/

Browse source
This commit is contained in:
JLP 2025-04-27 20:22:17 -04:00
parent 779bfe169b
commit 08bccadc21
No known key found for this signature in database
GPG key ID: 414E00D1FF7519DC
22 changed files with 30 additions and 224 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
namespaces/cert-manager/cert-manager/extras/cloudflare-token.yaml → namespaces/cert-manager/cert-manager/extra/cloudflare-token.yaml
View file

2
namespaces/cert-manager/cert-manager/kustomization.yaml
View file

@ -13,7 +13,7 @@ transformers:
namePrefix: cert-manager- namePrefix: cert-manager-
resources: resources:
- ../../../kustomize/bases/helmchart-noaddons - ../../../kustomize/bases/helmchart-noaddons
- extras/cloudflare-token.yaml - extra/cloudflare-token.yaml
patches: patches:
- path: patches/chart.yaml - path: patches/chart.yaml

0
namespaces/core/minio/extras/server-route.yaml → namespaces/core/minio/extra/server-route.yaml
View file

0
namespaces/core/minio/extras/server-svc.yaml → namespaces/core/minio/extra/server-svc.yaml
View file

4
namespaces/core/minio/kustomization.yaml
View file

@ -13,8 +13,8 @@ transformers:
namePrefix: minio- namePrefix: minio-
resources: resources:
- ../../../kustomize/bases/deployment/ - ../../../kustomize/bases/deployment/
- extras/server-svc.yaml - extra/server-svc.yaml
- extras/server-route.yaml - extra/server-route.yaml
labels: labels:
- includeSelectors: true - includeSelectors: true

0
namespaces/core/postgres/extras/tcproute.yaml → namespaces/core/postgres/extra/tcproute.yaml
View file

2
namespaces/core/postgres/kustomization.yaml
View file

@ -13,7 +13,7 @@ transformers:
namePrefix: postgres- namePrefix: postgres-
resources: resources:
- ../../../kustomize/bases/statefulset/ - ../../../kustomize/bases/statefulset/
- extras/tcproute.yaml - extra/tcproute.yaml
labels: labels:
- includeSelectors: true - includeSelectors: true

0
namespaces/longhorn/longhorn/extras/longhorn-backupjob.yaml → namespaces/longhorn/longhorn/extra/longhorn-backupjob.yaml
View file

0
namespaces/longhorn/longhorn/extras/longhorn-private-storageclass.yaml → namespaces/longhorn/longhorn/extra/longhorn-private-storageclass.yaml
View file

0
namespaces/longhorn/longhorn/extras/longhorn-public-storageclass.yaml → namespaces/longhorn/longhorn/extra/longhorn-public-storageclass.yaml
View file

0
namespaces/longhorn/longhorn/extras/longhorn-secret.yaml → namespaces/longhorn/longhorn/extra/longhorn-secret.yaml
View file

8
namespaces/longhorn/longhorn/kustomization.yaml
View file

@ -13,10 +13,10 @@ transformers:
namePrefix: longhorn- namePrefix: longhorn-
resources: resources:
- ../../../kustomize/bases/helmchart - ../../../kustomize/bases/helmchart
- extras/longhorn-public-storageclass.yaml - extra/longhorn-public-storageclass.yaml
- extras/longhorn-private-storageclass.yaml - extra/longhorn-private-storageclass.yaml
- extras/longhorn-secret.yaml - extra/longhorn-secret.yaml
- extras/longhorn-backupjob.yaml - extra/longhorn-backupjob.yaml
patches: patches:
- path: patches/chart.yaml - path: patches/chart.yaml

27
namespaces/monitoring/gatus/base-config.yaml
View file

@ -1,24 +1,13 @@
metrics: true config.yaml: |
ui: metrics: true
title: "JLP Homelab Health | Gatus" ui:
skip-invalid-config-update: true title: "JLP Homelab Health | Gatus"
skip-invalid-config-update: true
endpoints: endpoints:
- name: website - name: Gatus
url: https://twin.sh/health url: http://gatus-svc.monitoring.svc.cluster.local:8080/health
interval: 5m group: Internal/Monitoring
conditions:
- "[STATUS] == 200"
- "[BODY].status == UP"
- name: github
url: https://api.github.com/healthz
interval: 5m
conditions:
- "[STATUS] == 200"
- name: self
url: http://localhost:8080/health
interval: 5m interval: 5m
conditions: conditions:
- "[STATUS] == 200" - "[STATUS] == 200"

0
namespaces/monitoring/gatus/extras/sidecar-crb.yaml → namespaces/monitoring/gatus/extra/sidecar-crb.yaml
View file

0
namespaces/monitoring/gatus/extras/sidecar-serviceAccount.yaml → namespaces/monitoring/gatus/extra/sidecar-serviceAccount.yaml
View file

13
namespaces/monitoring/gatus/kustomization.yaml
View file

@ -13,8 +13,8 @@ transformers:
namePrefix: gatus- namePrefix: gatus-
resources: resources:
- ../../../kustomize/bases/deployment/ - ../../../kustomize/bases/deployment/
- extras/sidecar-crb.yaml - extra/sidecar-crb.yaml
- extras/sidecar-serviceAccount.yaml - extra/sidecar-serviceAccount.yaml
patches: patches:
- path: patches/deployment.yaml - path: patches/deployment.yaml
@ -36,10 +36,7 @@ labels:
app.kubernetes.io/routePrefix: status app.kubernetes.io/routePrefix: status
configMapGenerator: configMapGenerator:
- name: gatus-config - name: settings
files:
- base-config.yaml
- name: gatus-settings
literals: literals:
- GATUS_CONFIG_PATH=/config - GATUS_CONFIG_PATH=/config
- name: k8s-sidecar-settings - name: k8s-sidecar-settings
@ -49,6 +46,10 @@ configMapGenerator:
- FOLDER="/config" - FOLDER="/config"
- METHOD="SLEEP" - METHOD="SLEEP"
- SLEEP_TIME=60 - SLEEP_TIME=60
- NAMESPACE="auth,monitoring,apps,core,longhorn"
- name: base-config
files:
- base-config.yaml
replacements: replacements:
# Service # Service

9
namespaces/monitoring/gatus/patches/deployment.yaml
View file

@ -32,7 +32,7 @@ spec:
resources: resources:
limits: limits:
cpu: 250m cpu: 250m
memory: 100M memory: 500M
requests: requests:
cpu: 50m cpu: 50m
memory: 30M memory: 30M
@ -59,17 +59,22 @@ spec:
- mountPath: /config/config.yaml - mountPath: /config/config.yaml
name: gatus-config name: gatus-config
subPath: base-config.yaml subPath: base-config.yaml
- name: collected
mountPath: /config/
- name: config-collector - name: config-collector
image: kiwigrid/k8s-sidecar:1.30.3 image: kiwigrid/k8s-sidecar:1.30.3
volumeMounts: volumeMounts:
- name: collected - name: collected
mountPath: /config/ mountPath: /config/
- mountPath: /config/config.yaml
name: gatus-config
subPath: base-config.yaml
envFrom: envFrom:
- configMapRef: - configMapRef:
name: k8s-sidecar-settings name: k8s-sidecar-settings
volumes: volumes:
- configMap: - configMap:
name: gatus-config name: base-config
name: gatus-config name: gatus-config
- name: collected - name: collected
emptyDir: {} emptyDir: {}

25
namespaces/monitoring/uptime-kuma/extra/middleware-auth.yaml
View file

@ -1,25 +0,0 @@
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: authentik-forward-auth
namespace: monitoring # adjust as needed
spec:
forwardAuth:
address: http://ak-outpost-authentik-embedded-outpost.auth.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik
trustForwardHeader: true
authResponseHeaders:
- X-Authentik-Username
- X-Authentik-Groups
- X-Authentik-Email
authRequestHeaders:
- Accept
- Cookie
- Host
- X-Forwarded-For
- X-Forwarded-Host
- X-Forwarded-Proto
- X-Forwarded-Uri
- X-Forwarded-Port
- X-Forwarded-Method
# Add these to handle redirect
authResponseHeadersRegex: "X-.*"

96
namespaces/monitoring/uptime-kuma/kustomization.yaml
View file

@ -1,96 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
transformers:
- |-
apiVersion: builtin
kind: NamespaceTransformer
metadata:
name: notImportantHere
namespace: monitoring
unsetOnly: true
namePrefix: uptime-kuma-
resources:
- ../../../kustomize/bases/deployment/
# - extra/middleware-auth.yaml
replacements:
- source:
kind: Service
name: svc
targets:
- select:
kind: HTTPRoute
options:
create: true
fieldPaths:
- spec.rules.0.backendRefs.0.name
- source:
kind: Deployment
name: app
fieldPath: metadata.labels.[app.kubernetes.io/appName]
targets:
- select:
kind: InfisicalSecret
options:
delimiter: "-"
index: 0
fieldPaths:
- spec.managedSecretReference.secretName
- select:
kind: InfisicalSecret
options:
delimiter: "/"
index: 2
fieldPaths:
- spec.authentication.universalAuth.secretsScope.secretsPath
- select:
kind: Service
fieldPaths:
- spec.ports.0.name
- spec.ports.0.targetPort
- source:
kind: Deployment
name: app
fieldPath: metadata.labels.[app.kubernetes.io/appNamespace]
targets:
- select:
kind: InfisicalSecret
fieldPaths:
- spec.managedSecretReference.secretNamespace
- source:
kind: Deployment
name: app
fieldPath: metadata.labels.[app.kubernetes.io/routePrefix]
targets:
- select:
kind: HTTPRoute
options:
create: true
delimiter: "."
index: 0
fieldPaths:
- spec.hostnames.0
patches:
- path: patches/deployment.yaml
target:
kind: Deployment
name: app
- path: patches/httproute.yaml
target:
kind: HTTPRoute
- path: patches/pvc.yaml
target:
kind: PersistentVolumeClaim
name: pvc
labels:
- includeSelectors: true
pairs:
app.kubernetes.io/appName: uptime-kuma
- pairs:
app.kubernetes.io/appNamespace: monitoring
- pairs:
app.kubernetes.io/routePrefix: status

48
namespaces/monitoring/uptime-kuma/patches/deployment.yaml
View file

@ -1,48 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: app
spec:
template:
spec:
tolerations:
- key: "public"
operator: "Equal"
value: "true"
effect: "NoSchedule"
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
preference:
matchExpressions:
- key: public
operator: In
values:
- "true"
containers:
- name: uptime-kuma
image: louislam/uptime-kuma:1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3001
name: uptime-kuma
livenessProbe:
tcpSocket:
port: uptime-kuma
initialDelaySeconds: 60
periodSeconds: 10
readinessProbe:
httpGet:
scheme: HTTP
path: /
port: uptime-kuma
initialDelaySeconds: 30
periodSeconds: 10
volumeMounts:
- name: data
mountPath: /app/data
volumes:
- name: data
persistentVolumeClaim:
claimName: uptime-kuma-pvc

14
namespaces/monitoring/uptime-kuma/patches/httproute.yaml
View file

@ -1,14 +0,0 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http
# spec:
# rules:
# - backendRefs:
# - port: 80
# filters:
# - type: ExtensionRef
# extensionRef:
# group: traefik.io
# kind: Middleware
# name: authentik-forward-auth

6
namespaces/monitoring/uptime-kuma/patches/pvc.yaml
View file

@ -1,6 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc
spec:
storageClassName: longhorn-public