jleechpe/k3s
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add uptime kuma

Browse source
This commit is contained in:
JLP 2025-02-03 16:40:16 -05:00
parent a0154fd8f6
commit 481448448f
No known key found for this signature in database
GPG key ID: 414E00D1FF7519DC
5 changed files with 171 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
namespaces/monitoring/namespace.yaml Normal file
View file

@ -0,0 +1,7 @@
---
apiVersion: v1
kind: Namespace
metadata:
labels:
homelab-access: "true"
name: monitoring

25
namespaces/monitoring/uptime-kuma/extra/middleware-auth.yaml Normal file
View file

@ -0,0 +1,25 @@
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: authentik-forward-auth
namespace: monitoring # adjust as needed
spec:
forwardAuth:
address: http://ak-outpost-authentik-embedded-outpost.auth.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik
trustForwardHeader: true
authResponseHeaders:
- X-Authentik-Username
- X-Authentik-Groups
- X-Authentik-Email
authRequestHeaders:
- Accept
- Cookie
- Host
- X-Forwarded-For
- X-Forwarded-Host
- X-Forwarded-Proto
- X-Forwarded-Uri
- X-Forwarded-Port
- X-Forwarded-Method
# Add these to handle redirect
authResponseHeadersRegex: "X-.*"

92
namespaces/monitoring/uptime-kuma/kustomization.yaml Normal file
View file

@ -0,0 +1,92 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
transformers:
- |-
apiVersion: builtin
kind: NamespaceTransformer
metadata:
name: notImportantHere
namespace: monitoring
unsetOnly: true
namePrefix: uptime-kuma-
resources:
- ../../../kustomize/deployment/
- extra/middleware-auth.yaml
replacements:
- source:
kind: Service
name: svc
targets:
- select:
kind: HTTPRoute
options:
create: true
fieldPaths:
- spec.rules.0.backendRefs.0.name
- source:
kind: Deployment
name: app
fieldPath: metadata.labels.[app.kubernetes.io/appName]
targets:
- select:
kind: InfisicalSecret
options:
delimiter: "-"
index: 0
fieldPaths:
- spec.managedSecretReference.secretName
- select:
kind: InfisicalSecret
options:
delimiter: "/"
index: 2
fieldPaths:
- spec.authentication.universalAuth.secretsScope.secretsPath
- select:
kind: Service
fieldPaths:
- spec.ports.0.name
- spec.ports.0.targetPort
- source:
kind: Deployment
name: app
fieldPath: metadata.labels.[app.kubernetes.io/appNamespace]
targets:
- select:
kind: InfisicalSecret
fieldPaths:
- spec.managedSecretReference.secretNamespace
- source:
kind: Deployment
name: app
fieldPath: metadata.labels.[app.kubernetes.io/routePrefix]
targets:
- select:
kind: HTTPRoute
options:
create: true
delimiter: "."
index: 0
fieldPaths:
- spec.hostnames.0
patches:
- path: patches/deployment.yaml
target:
kind: Deployment
name: app
- path: patches/httproute.yaml
target:
kind: HTTPRoute
labels:
- includeSelectors: true
pairs:
app.kubernetes.io/appName: uptime-kuma
- pairs:
app.kubernetes.io/appNamespace: monitoring
- pairs:
app.kubernetes.io/routePrefix: status

33
namespaces/monitoring/uptime-kuma/patches/deployment.yaml Normal file
View file

@ -0,0 +1,33 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: app
spec:
template:
spec:
containers:
- name: uptime-kuma
image: louislam/uptime-kuma:1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3001
name: uptime-kuma
livenessProbe:
tcpSocket:
port: uptime-kuma
initialDelaySeconds: 60
periodSeconds: 10
readinessProbe:
httpGet:
scheme: HTTP
path: /
port: uptime-kuma
initialDelaySeconds: 30
periodSeconds: 10
volumeMounts:
- name: data
mountPath: /app/data
volumes:
- name: data
persistentVolumeClaim:
claimName: uptime-kuma-pvc

14
namespaces/monitoring/uptime-kuma/patches/httproute.yaml Normal file
View file

@ -0,0 +1,14 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http
spec:
rules:
- backendRefs:
- port: 80
filters:
- type: ExtensionRef
extensionRef:
group: traefik.io
kind: Middleware
name: authentik-forward-auth