apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
transformers:
- |-
apiVersion: builtin
kind: NamespaceTransformer
metadata:
name: notImportantHere
namespace: monitoring
unsetOnly: true
namePrefix: diun-
resources:
- ../../../kustomize/bases/noservice/
- extra/serviceaccount.yaml
- extra/clusterrole.yaml
- extra/clusterrolebinding.yaml
replacements:
- source:
kind: Deployment
name: app
fieldPath: metadata.labels.[app.kubernetes.io/appName]
targets:
- select:
kind: InfisicalSecret
options:
delimiter: "-"
index: 0
fieldPaths:
- spec.managedSecretReference.secretName
- select:
kind: InfisicalSecret
options:
delimiter: "/"
index: 2
fieldPaths:
- spec.authentication.universalAuth.secretsScope.secretsPath
- source:
kind: Deployment
name: app
fieldPath: metadata.labels.[app.kubernetes.io/appNamespace]
targets:
- select:
kind: InfisicalSecret
fieldPaths:
- spec.managedSecretReference.secretNamespace
- select:
kind: InfisicalSecret
options:
delimiter: "/"
index: 1
fieldPaths:
- spec.authentication.universalAuth.secretsScope.secretsPath
patches:
- path: patches/deployment.yaml
target:
kind: Deployment
name: app
- path: patches/pvc.yaml
target:
kind: PersistentVolumeClaim
name: pvc
labels:
- includeSelectors: true
pairs:
app.kubernetes.io/appName: diun
- pairs:
app.kubernetes.io/appNamespace: monitoring
configMapGenerator:
- name: config
literals:
- TZ=America/New_York
- DIUN_DEFAULTS_MAXTAGS=10
# Watch setup
- DIUN_WATCH_WORKERS=10
- DIUN_WATCH_JITTER=30s
- DIUN_WATCH_SCHEDULE=0 9,17 * * 1-5
- DIUN_WATCH_FIRSTCHECKNOTIF=true
# Diun k8s provider
- DIUN_PROVIDERS_KUBERNETES=true
- DIUN_PROVIDERS_KUBERNETES_NAMESPACES=ai,apps,auth,core,homelab,monitoring
- DIUN_PROVIDERS_KUBERNETES_WATCHBYDEFAULT=true
# # Notifications to self-hosted healthcheck.io
# - DIUN_WATCH_HEALTHCHECKS_BASEURL=https://health.leechpepin.com
# - DIUN_WATCH_HEALTHCHECKS_UUID=<UUID>
# Ntfy
- DIUN_NOTIF_NTFY_ENDPOINT=https://ntfy.leechpepin.com