From 35ff2a1a06bcc24f37d49909cb067f6e6872d40a Mon Sep 17 00:00:00 2001 From: auricom <27022259+auricom@users.noreply.github.com> Date: Tue, 22 Nov 2022 23:32:01 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7=20change=20minio=20port?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../postgres/cluster/helm-release.yaml | 4 +- .../apps/development/gitea/helm-release.yaml | 4 +- .../documentation/outline/patches/env.yaml | 2 +- .../apps/monitoring/thanos/secret.sops.yaml | 6 +- .../apps/storage/borgserver/helm-release.yaml | 84 ------------------- .../storage/borgserver/kustomization.yaml | 7 -- .../borgserver/secret-clients.sops.yaml | 30 ------- .../apps/web-tools/sharry/config/sharry.conf | 2 +- 8 files changed, 9 insertions(+), 130 deletions(-) delete mode 100644 kubernetes/cluster-0/apps/storage/borgserver/helm-release.yaml delete mode 100644 kubernetes/cluster-0/apps/storage/borgserver/kustomization.yaml delete mode 100644 kubernetes/cluster-0/apps/storage/borgserver/secret-clients.sops.yaml diff --git a/kubernetes/cluster-0/apps/databases/postgres/cluster/helm-release.yaml b/kubernetes/cluster-0/apps/databases/postgres/cluster/helm-release.yaml index a8b04f1d0..3abde4f0b 100644 --- a/kubernetes/cluster-0/apps/databases/postgres/cluster/helm-release.yaml +++ b/kubernetes/cluster-0/apps/databases/postgres/cluster/helm-release.yaml @@ -52,7 +52,7 @@ spec: compression: bzip2 maxParallel: 8 destinationPath: s3://postgresql/ - endpointURL: https://truenas.${SECRET_DOMAIN}:9000 + endpointURL: https://truenas.${SECRET_DOMAIN}:51515 serverName: postgres-v3 s3Credentials: accessKeyId: @@ -68,7 +68,7 @@ spec: # - name: postgres # barmanObjectStore: # destinationPath: s3://postgresql/ - # endpointURL: https://truenas.${SECRET_DOMAIN}:9000 + # endpointURL: https://truenas.${SECRET_DOMAIN}:51515 # s3Credentials: # accessKeyId: # name: postgres-minio diff --git a/kubernetes/cluster-0/apps/development/gitea/helm-release.yaml b/kubernetes/cluster-0/apps/development/gitea/helm-release.yaml index bc822317e..acb9f08b6 100644 --- a/kubernetes/cluster-0/apps/development/gitea/helm-release.yaml +++ b/kubernetes/cluster-0/apps/development/gitea/helm-release.yaml @@ -66,12 +66,12 @@ spec: ENABLED: true attachment: STORAGE_TYPE: minio - MINIO_ENDPOINT: truenas.${SECRET_DOMAIN}:9000 + MINIO_ENDPOINT: truenas.${SECRET_DOMAIN}:51515 MINIO_BUCKET: gitea MINIO_USE_SSL: true storage: STORAGE_TYPE: minio - MINIO_ENDPOINT: truenas.${SECRET_DOMAIN}:9000 + MINIO_ENDPOINT: truenas.${SECRET_DOMAIN}:51515 MINIO_BUCKET: gitea MINIO_USE_SSL: true mailer: diff --git a/kubernetes/cluster-0/apps/documentation/outline/patches/env.yaml b/kubernetes/cluster-0/apps/documentation/outline/patches/env.yaml index 7937375e9..2e4f674bb 100644 --- a/kubernetes/cluster-0/apps/documentation/outline/patches/env.yaml +++ b/kubernetes/cluster-0/apps/documentation/outline/patches/env.yaml @@ -11,7 +11,7 @@ spec: AWS_S3_ACL: private AWS_S3_FORCE_PATH_STYLE: "true" AWS_S3_UPLOAD_BUCKET_NAME: outline - AWS_S3_UPLOAD_BUCKET_URL: "https://truenas.${SECRET_DOMAIN}:9000" + AWS_S3_UPLOAD_BUCKET_URL: "https://truenas.${SECRET_DOMAIN}:51515" AWS_S3_UPLOAD_MAX_SIZE: "26214400" ENABLE_UPDATES: "false" OIDC_AUTH_URI: "https://auth.${SECRET_CLUSTER_DOMAIN}/api/oidc/authorization" diff --git a/kubernetes/cluster-0/apps/monitoring/thanos/secret.sops.yaml b/kubernetes/cluster-0/apps/monitoring/thanos/secret.sops.yaml index 8a2056547..ada0ac633 100644 --- a/kubernetes/cluster-0/apps/monitoring/thanos/secret.sops.yaml +++ b/kubernetes/cluster-0/apps/monitoring/thanos/secret.sops.yaml @@ -6,7 +6,7 @@ metadata: namespace: monitoring stringData: S3_BUCKET_NAME: ENC[AES256_GCM,data:0q5tjzGN,iv:RYjlKFAJpR6NSjimSAf8JrS2t1mUGSCAjusrYhTyiuw=,tag:AAIwBbmYoflm5M1EVbHM4A==,type:str] - S3_BUCKET_HOST: ENC[AES256_GCM,data:1foL7G96e5Tl76fLQ2tAl27achvc9nvB,iv:wwW3T28eKx478OFMP4a3otf4ao/pKjp2DwXMsYl1TKA=,tag:stskcPwQ7ojSIjYSWwru+A==,type:str] + S3_BUCKET_HOST: ENC[AES256_GCM,data:/9U/cHXmbGnbDCNm37zy0PzRbt5RI2LN7g==,iv:LLCrwkc6k3mXbJVWa2FivgEsbQKa9OyJWpe47BwExB8=,tag:qji0SWdaSgp8tNANSSB9Hg==,type:str] S3_BUCKET_REGION: "" S3_ACCESS_KEY: ENC[AES256_GCM,data:zTvAiBiukR1RP5eACMfgBsoTbwI=,iv:IIMUgN5SO+0i9/8w8QHpRgiTzQsOELqgMZAsARvcZJQ=,tag:lIvDTJ8i5UiOkZRMLrgV7g==,type:str] S3_SECRET_KEY: ENC[AES256_GCM,data:mUHk2N4tcbh3si26uZx3J/gkXWH4gqk4/vJfJ3J03mreNsD8VlNePw==,iv:+wS4yLwKrFALFF51BLxXFpP0ROlR7qdBTVpFCJ/tizM=,tag:VJr9s444GB5GPft/8897mw==,type:str] @@ -25,8 +25,8 @@ sops: L3c2WElEOU4rS0hrU1NPQ1NPZitDVDgKaN3P5xK1O1i9lTSAGJU+GIxbIoTb5OMO if3medB2nPLEt5BUY2datTbswXiT3E9rFyka/Maq6afZjFiixK5mFQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2022-11-11T23:17:47Z" - mac: ENC[AES256_GCM,data:rZvSwE5R8AIFdbLVP0+MfN9vdUJpOZGuxnmtAQE8EJnE6qv5lesM8atA/6o8AsyuX/2quydQBz3j/pw9tk7bSB9E29Nv/dvnp5JIcq3Im+s2gGercuN1cTABMZ67Sa/ZN6lHCU7xY0u+3Wlv1tXOYgXuGnssQ+y7qdNSaAJpbwA=,iv:56AoYRPby+ZV9SdjXMwJWk8XpdDhIzrw6FMtBBCQLsU=,tag:zzCWi+tUhUEjuGgHENU0hQ==,type:str] + lastmodified: "2022-11-22T22:26:04Z" + mac: ENC[AES256_GCM,data:ANDShRftczGroCYNFKa/WdF22PgZ9yA6xhxdfe7/HHs0vQU48Q8nOrOT66P+8HDRV63I5ddodOurVtztFyGc8I0YdU2Bg1P2rnEmStfJsGGidTIqNloopCArsAH2UJj/fxwUA3dxswFURvgIagpjfdWHYGT2vzma44CORrk5vpU=,iv:KiFlpjLy+hj6V2dUoZeBdr3eq22So4G2oAA2QutF3UU=,tag:fkpjbQFU0Habj3d+6mNZLQ==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.7.3 diff --git a/kubernetes/cluster-0/apps/storage/borgserver/helm-release.yaml b/kubernetes/cluster-0/apps/storage/borgserver/helm-release.yaml deleted file mode 100644 index f1a8f06d3..000000000 --- a/kubernetes/cluster-0/apps/storage/borgserver/helm-release.yaml +++ /dev/null @@ -1,84 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: &app borgserver - namespace: default -spec: - interval: 15m - chart: - spec: - chart: app-template - version: 1.1.3 - sourceRef: - kind: HelmRepository - name: bjw-s - namespace: flux-system - install: - createNamespace: true - remediation: - retries: 5 - upgrade: - remediation: - retries: 5 - values: - image: - repository: ghcr.io/auricom/borgserver - tag: 1.2.2@sha256:98b2c7251ecddf41a56211bc878be256d49d77774cef9f9f8213af2cae023c7f - env: - TZ: "${TIMEZONE}" - service: - main: - enabled: false - ssh: - enabled: true - type: LoadBalancer - loadBalancerIP: "${CLUSTER_LB_BORGSERVER}" - ports: - bittorrent: - enabled: true - port: 22 - protocol: TCP - targetPort: 22222 - externalTrafficPolicy: Local - probes: - liveness: &probe - enabled: true - custom: true - spec: - tcpSocket: - path: /health - port: 22222 - initialDelaySeconds: 10 - periodSeconds: 60 - timeoutSeconds: 2 - failureThreshold: 3 - readiness: *probe - startup: *probe - persistence: - keys-clients: - enabled: true - type: secret - name: borgserver-clients - mountPath: /config/clients - readOnly: true - keys-host: - enabled: true - type: secret - name: borgserver-host - mountPath: /config/host - readOnly: true - borgrepo: - enabled: true - type: nfs - server: "${LOCAL_LAN_TRUENAS}" - path: /mnt/storage/backups/borgserver - mountPath: /app - podAnnotations: - configmap.reloader.stakater.com/reload: *app - resources: - requests: - cpu: 50m - memory: 200Mi - limits: - memory: 2Gi diff --git a/kubernetes/cluster-0/apps/storage/borgserver/kustomization.yaml b/kubernetes/cluster-0/apps/storage/borgserver/kustomization.yaml deleted file mode 100644 index ad358bd1e..000000000 --- a/kubernetes/cluster-0/apps/storage/borgserver/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - helm-release.yaml - - secret-clients.sops.yaml - - secret-host.sops.yaml diff --git a/kubernetes/cluster-0/apps/storage/borgserver/secret-clients.sops.yaml b/kubernetes/cluster-0/apps/storage/borgserver/secret-clients.sops.yaml deleted file mode 100644 index 38b916930..000000000 --- a/kubernetes/cluster-0/apps/storage/borgserver/secret-clients.sops.yaml +++ /dev/null @@ -1,30 +0,0 @@ -kind: Secret -apiVersion: v1 -type: Opaque -metadata: - name: borgserver-clients - namespace: default -stringData: - claude-fixe-fedora: ENC[AES256_GCM,data:o3xhEfxuZvFQhMglcUx+4lLDu0PpKQ+glpdmPavBKOL4BnoeiZHpdKc1Ef9TVXoydwy+8bcGLoSKVcGClus68sD3GbTlEFnZKPmkaQ8Gc3QJ8Fb0a1S7ROBHSwq7XKIDCy6PQv9+rqPUMK0=,iv:GcAM6uIkJuYNZaDGwhTzWqTnFOl74/ztF7fyKfzr+Fc=,tag:cA54SNGb1FRUmpoAQPsJdg==,type:str] - claude-thinkpad-fedora: ENC[AES256_GCM,data:15O6nkrLPiugZm10I4Wd2A3sEEJNU3kHVK5QjGDoc7ibOdcALv2phPpChPMFqt85hRXhLZ1bknZfVlYT83XyyvA6d84nUaZAEsPqTlyvF4ux10qlm1XD/5PXE4+M/9G9NzTKzskxk677YIem20ny,iv:kh8uuwWGdA99iVW+BfufPStkITWNEfC4Ym/w0M6IGRc=,tag:fgt/WuKgcos7r6ZyyypTkQ==,type:str] - work-ledger: ENC[AES256_GCM,data:gvIO7BGIiqPBjgjRxyFQd6tMgYY7vAbVNPjb7uB262pcWRFOwU5Twt81Nk4/Ehe8M75i2NC569MQoxJU8cmBFbhkyQ2y/uSExeGf/q3dgpasbZGBeKrgjJKliEyHiiUoX/E=,iv:9sD4YcQVMlA9+LHxkD0pokqVpfQKu/Xtmd7UF5Z7d1w=,tag:v5rZZwDqRz7D9qw1vsV4Sw==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSd2h2N2RELzkvODM0WE1p - c1M3bEQxdDZkZ3Zlcm9uKzFWYklLWWpUYXhvCkN1bXU3YmNrY255RmkwSXFDWmt1 - dHExaGZRODhKdm1NR2xYV29CeE5vbk0KLS0tIHpBUGVaNUhKaE5UOU1hM3c0akxX - ZWRhWnBrY1FBNVQyOU0yVGFXb0QrVnMK26Nc5Bw/jOzuxXcufHcxnugG1bzqO9T8 - LNIau17zdWX5bfWGDj++ipnm8x1sPswEULal4U2Muc2Iy7GuZPhVyg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2022-11-20T18:09:33Z" - mac: ENC[AES256_GCM,data:sV/hzCjbPOzIb7tz++UFRYC6sSXFIGAYVrSUMSQEj662E/vSYIct/6YsL2736cJlNm1OuCSaqPAYWN+wDc8nJeoj/sV6jbmtG2S6v9y12XpCStGFtdC551Jf73PKAO3T0xQrqDggX5TVO0aveI9iFfusOxNDosXU+YgiMylU3vw=,iv:ygU2bXZvAPesWe7O+1FboU9DL5JeN6G/eFDT4YHW0ng=,tag:3B0MohH+EW2MUFChFj8ssg==,type:str] - pgp: [] - encrypted_regex: ^(data|stringData)$ - version: 3.7.3 diff --git a/kubernetes/cluster-0/apps/web-tools/sharry/config/sharry.conf b/kubernetes/cluster-0/apps/web-tools/sharry/config/sharry.conf index 3af588271..b7b1a0e19 100644 --- a/kubernetes/cluster-0/apps/web-tools/sharry/config/sharry.conf +++ b/kubernetes/cluster-0/apps/web-tools/sharry/config/sharry.conf @@ -33,7 +33,7 @@ sharry.restserver { minio = { enabled = true type = "s3" - endpoint = "https://truenas.${SECRET_DOMAIN}:9000" + endpoint = "https://truenas.${SECRET_DOMAIN}:51515" access-key = "${SECRET_SHARRY_MINIO_S3_ACCESS_KEY}" secret-key = "${SECRET_SHARRY_MINIO_S3_SECRET_KEY}" bucket = "sharry"