mirror of
https://github.com/auricom/home-cluster.git
synced 2025-09-17 18:24:14 +02:00
🗑️ healthchecks
This commit is contained in:
auricom
@@ -10,4 +10,4 @@
|
||||
name: "daily backup"
|
||||
minute: "14"
|
||||
hour: "4"
|
||||
job: "/storage/backup.bash && curl -fsS -m 10 --retry 5 -o /dev/null https://healthchecks.{{ secret_cluster_domain }}/ping/aae30879-cfdf-4b90-889f-d4ff69dd8aad"
|
||||
job: "/storage/backup.bash && curl -fsS -m 10 --retry 5 -o /dev/null https://uptime-kuma.{{ secret_cluster_domain }}api/push/peJYY3K5sH?status=up&msg=OK&ping="
|
||||
|
||||
@@ -17,7 +17,6 @@ stringData:
|
||||
SECRET_GITEA_API_TOKEN: ENC[AES256_GCM,data:A5zJGhQdlWUAagcPIvCIzvpeyzVaV5uDGegjvW4zl6X9kYDxG7JDUA==,iv:kogD/wl3KTlVE4by96vyEwTCMEmzbmEKmcAVK+8OjnI=,tag:PLbEaJQI7fWKz0tQSO35iA==,type:str]
|
||||
SECRET_GITEA_OAUTH_CLIENT_SECRET: ENC[AES256_GCM,data:VWetZHP8haXPy1r20RMJvECxEWw=,iv:B3+rjPXWSbyCdi4KAy/FeMbtNUv40UIWN462OWfv9Ww=,tag:5wK7nUGu7HmdC90d2jllwQ==,type:str]
|
||||
SECRET_GRAFANA_OAUTH_CLIENT_SECRET: ENC[AES256_GCM,data:3igfeqGHygjnmJXnoiKV7W8Tm2M=,iv:Hrjh38GuRvzS4Hi69QftBhaAJ02is5B0E5h23XICpUc=,tag:O4JFVSaoTQDhf3QZPLbn1Q==,type:str]
|
||||
SECRET_HEALTHCHECKS_PING_KEY: ENC[AES256_GCM,data:ik/lEfCHBKcgnc+zRDrkhw3ykbITSw==,iv:XYqxF9yuRbR+WECjC+0xaT8V4qKYpdsWoNCzfzr33cc=,tag:AZBATumRJMbsLBw2XttV/w==,type:str]
|
||||
SECRET_INVIDIOUS_DB_USER: ENC[AES256_GCM,data:snjA33syqy4X,iv:OF8LJSTdcIGgwAJPmS0HdCz0adsTuTwZ5zfuvJrA7fs=,tag:E4EnsKWITN4l6qnuxZ3A5g==,type:str]
|
||||
SECRET_INVIDIOUS_DB_PASSWORD: ENC[AES256_GCM,data:jmHWk/hXAb9E97CEa4w=,iv:RYnGwoCy+RyVDdKVOXWFWPB/dqF2vPlx7ofRApEAsMg=,tag:nEydKLEw6mHJetEVa+NFzQ==,type:str]
|
||||
SECRET_K10_HTPASSWD: ENC[AES256_GCM,data:u89AKCM/FSXn6Czo6KnG1rqkxclczczcE+wz7GMWU2HIoC9qUzqHvFKe7w==,iv:ZjE1p2P65TbSeVk0oXiWd4nH+7zNWonTjWYNmb3NFg0=,tag:UJn01B6MdJDHv1fN8mV21g==,type:str]
|
||||
@@ -50,8 +49,8 @@ sops:
|
||||
WG82VkdBMlNnRzBySFQzMk41cEtXSlEKBqOmq9UpO61C85+pj0ibdT31y4pmFsbm
|
||||
pTi4N0vv81kcf4ilqBU5h1gudNCb42Q2iL0eGNR4e3JzH4iaNsvnEg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-11-19T03:54:00Z"
|
||||
mac: ENC[AES256_GCM,data:OTGwsnmD9ZMe3WJ+g2OOtd9wV2U8VC/HAew9uQ3WGv/I8lChcYl+2Q8JOH3GNQXghnME5OVuXCXK2Ax75p1DO1eXcR3NfTT2/uEeu3Ttdc0PRKynxEkmVQSZE8LrBzBHl+uiNhjOqHeMnw7JTAyRBwBoXJqpbWVAvkpsZ1PQbDY=,iv:nOoyPOesi+/NEywQF25smTgisS+b9vFnfPL71P785hU=,tag:zbhrHCwFs3F77oXcyYXA9A==,type:str]
|
||||
lastmodified: "2022-11-20T23:46:49Z"
|
||||
mac: ENC[AES256_GCM,data:ehlZ+IbEfOhDQYxKgLKhzleIYV3uVGVuRfeRd408aV3Zejaq5zEb3l3kmD/r0zn3HCge5g3zUWQpUdaJsnQwJ+pDZcItxaiDG76PFjjFAykfv/tl/R3lPsGuo0kOJ6UXheH/v2BHc6UKFsC70e/WYstAAeR13NU0kVPuZZ2UgVM=,iv:a9MMQAG7Xmsa8/+OAiY4VFCrTbkfVHl0S5DCnzmyKKE=,tag:92ZIqLEiAnCeaxKc4RwdlQ==,type:str]
|
||||
pgp: []
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.7.3
|
||||
|
||||
@@ -47,7 +47,7 @@ spec:
|
||||
- name: POSTGRES_HOST
|
||||
value: postgres-rw.default.svc.cluster.local.
|
||||
- name: POSTGRES_DB
|
||||
value: "drone,freshrss,gitea,healthchecks,invidious,joplin,lychee,recipes,sharry,outline,vaultwarden,vikunja,wallabag"
|
||||
value: "drone,freshrss,gitea,invidious,joplin,lychee,recipes,sharry,outline,vaultwarden,vikunja,wallabag"
|
||||
- name: POSTGRES_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
@@ -69,8 +69,7 @@ spec:
|
||||
- name: HEALTHCHECK_PORT
|
||||
value: "8080"
|
||||
- name: WEBHOOK_URL
|
||||
value: http://healthchecks.default.svc.cluster.local.:/ping/${SECRET_HEALTHCHECKS_PING_KEY}/postgresql-backup
|
||||
|
||||
value: https://uptime-kuma.${SECRET_CLUSTER_DOMAIN}/api/push/45cHKtahUg?status=up&msg=OK&ping=
|
||||
command:
|
||||
- "/backup.sh"
|
||||
volumeMounts:
|
||||
|
||||
@@ -102,7 +102,7 @@ spec:
|
||||
done
|
||||
done
|
||||
echo "INFO: Backup done"
|
||||
curl -m 10 --retry 5 https://healthchecks.${SECRET_CLUSTER_DOMAIN}/ping/${SECRET_HEALTHCHECKS_PING_KEY}/k3s-gitea-repositories-backup
|
||||
curl -m 10 --retry 5 https://uptime-kuma.${SECRET_CLUSTER_DOMAIN}/api/push/Xk21W4T5mC?status=up&msg=OK&ping=
|
||||
EOF
|
||||
volumeMounts:
|
||||
- name: secret
|
||||
|
||||
@@ -60,7 +60,7 @@ spec:
|
||||
echo $QBITTORRENT_POD | grep qbittorrent
|
||||
if [[ $(echo $QBITTORRENT_POD | grep qbittorrent) ]]; then
|
||||
kubectl cp /tmp/ipfilter.dat default/$QBITTORRENT_POD:/config/ipfilter.dat
|
||||
kubectl rollout restart deployment qbittorrent --namespace default && curl -m 10 --retry 5 http://healthchecks.default.svc.cluster.local.:/ping/${SECRET_HEALTHCHECKS_PING_KEY}/k3s-qbittorrent-p2pblocklist
|
||||
kubectl rollout restart deployment qbittorrent --namespace default && curl -m 10 --retry 5 https://uptime-kuma.${SECRET_CLUSTER_DOMAIN}/api/push/6RUDha9bDp?status=up&msg=OK&ping=
|
||||
else
|
||||
echo "qbittorrent deployment not found"
|
||||
exit 1
|
||||
|
||||
@@ -70,7 +70,7 @@ spec:
|
||||
- |
|
||||
#!/bin/bash
|
||||
|
||||
/app/recyclarr sonarr --config /config/recyclarr.yaml && curl -fsS -m 10 --retry 5 -o /dev/null http://healthchecks.default.svc.cluster.local./ping/${SECRET_HEALTHCHECKS_PING_KEY}/k3s-recyclarr-sonarr
|
||||
/app/recyclarr sonarr --config /config/recyclarr.yaml && curl -fsS -m 10 --retry 5 -o /dev/null https://uptime-kuma.${SECRET_CLUSTER_DOMAIN}/api/push/eaNLvqhfn2?status=up&msg=OK&ping=
|
||||
volumeMounts:
|
||||
- name: shared
|
||||
mountPath: /config/recyclarr.yaml
|
||||
@@ -87,7 +87,7 @@ spec:
|
||||
- |
|
||||
#!/bin/bash
|
||||
|
||||
/app/recyclarr radarr --config /config/recyclarr.yaml && curl -fsS -m 10 --retry 5 -o /dev/null http://healthchecks.default.svc.cluster.local./ping/${SECRET_HEALTHCHECKS_PING_KEY}/k3s-recyclarr-radarr
|
||||
/app/recyclarr radarr --config /config/recyclarr.yaml && curl -fsS -m 10 --retry 5 -o /dev/null https://uptime-kuma.${SECRET_CLUSTER_DOMAIN}/api/push/N7OJBSgxD7?status=up&msg=OK&ping=
|
||||
volumeMounts:
|
||||
- name: shared
|
||||
mountPath: /config/recyclarr.yaml
|
||||
|
||||
@@ -1,66 +0,0 @@
|
||||
---
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: &app healthchecks
|
||||
namespace: default
|
||||
spec:
|
||||
interval: 15m
|
||||
chart:
|
||||
spec:
|
||||
chart: app-template
|
||||
version: 1.0.1
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bjw-s
|
||||
namespace: flux-system
|
||||
install:
|
||||
createNamespace: true
|
||||
remediation:
|
||||
retries: 5
|
||||
upgrade:
|
||||
remediation:
|
||||
retries: 5
|
||||
dependsOn:
|
||||
- name: postgres-cluster
|
||||
namespace: default
|
||||
values:
|
||||
image:
|
||||
repository: ghcr.io/auricom/healthchecks
|
||||
tag: v2.3@sha256:69e31f3bc5fb7e46e851922f83055e201ee41458d9fa8089225ef616106f5d32
|
||||
pullPolicy: IfNotPresent
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: *app
|
||||
podSecurityContext:
|
||||
runAsUser: 568
|
||||
runAsGroup: 568
|
||||
fsGroup: 568
|
||||
fsGroupChangePolicy: "OnRootMismatch"
|
||||
service:
|
||||
main:
|
||||
ports:
|
||||
http:
|
||||
port: 80
|
||||
ingress:
|
||||
main:
|
||||
enabled: true
|
||||
ingressClassName: "nginx"
|
||||
annotations:
|
||||
external-dns.home.arpa/enabled: "true"
|
||||
hosts:
|
||||
- host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}"
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- hosts:
|
||||
- *host
|
||||
podAnnotations:
|
||||
secret.reloader.stakater.com/reload: *app
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 250Mi
|
||||
limits:
|
||||
memory: 500Mi
|
||||
@@ -1,9 +0,0 @@
|
||||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- secret.sops.yaml
|
||||
- helm-release.yaml
|
||||
patchesStrategicMerge:
|
||||
- patches/env.yaml
|
||||
- patches/postgres.yaml
|
||||
@@ -1,20 +0,0 @@
|
||||
---
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: healthchecks
|
||||
namespace: default
|
||||
spec:
|
||||
values:
|
||||
env:
|
||||
REGENERATE_SETTINGS: "True"
|
||||
EMAIL_USE_TLS: "True"
|
||||
ALLOWED_HOSTS: "*"
|
||||
DEBUG: "False"
|
||||
DB: postgres
|
||||
DB_HOST: postgres-rw.default.svc.cluster.local.
|
||||
DB_PORT: 5432
|
||||
DB_NAME: healthchecks
|
||||
SITE_ROOT: "https://healthchecks.${SECRET_CLUSTER_DOMAIN}"
|
||||
SITE_NAME: "HealthChecks"
|
||||
SITE_LOGO_URL: "https://healthchecks.io/static/img/logo-rounded-ua.svg"
|
||||
@@ -1,31 +0,0 @@
|
||||
---
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: healthchecks
|
||||
namespace: default
|
||||
spec:
|
||||
values:
|
||||
initContainers:
|
||||
init-db:
|
||||
image: ghcr.io/onedr0p/postgres-initdb:14.5
|
||||
env:
|
||||
- name: POSTGRES_HOST
|
||||
value: postgres-rw.default.svc.cluster.local.
|
||||
- name: POSTGRES_DB
|
||||
value: healthchecks
|
||||
- name: POSTGRES_SUPER_PASS
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres-superuser
|
||||
key: password
|
||||
- name: POSTGRES_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: healthchecks
|
||||
key: DB_USER
|
||||
- name: POSTGRES_PASS
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: healthchecks
|
||||
key: DB_PASSWORD
|
||||
@@ -1,35 +0,0 @@
|
||||
# yamllint disable
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: healthchecks
|
||||
namespace: default
|
||||
type: Opaque
|
||||
stringData:
|
||||
DB_USER: ENC[AES256_GCM,data:mfYKYmHZhc+s8N6m,iv:0umKcprp+zVwfbwp5jxpsJ9quv7lzn+mvi9jWNTW0gI=,tag:Kk8aBOTqh5A64VvmKqjbzA==,type:str]
|
||||
DB_PASSWORD: ENC[AES256_GCM,data:QSGTKKeaBy6NuZdoED+p4g==,iv:W0i0JijdhsUiInfgjSBXjvqH2+s0GNO4AlDdNN8sGkE=,tag:TYIzK///ogBQw3XOpYQyPg==,type:str]
|
||||
SECRET_KEY: ENC[AES256_GCM,data:7YXTBXl5iqxvPdNDIYl5dAVqn4kVhasWZwl+1PvgGvo=,iv:5xUrrZg3pZUNHoXM8Bt7ngxrVwZq4pMmrOFx8e7LPYo=,tag:DvdhKRtclrXM633quMxsvg==,type:str]
|
||||
SUPERUSER_EMAIL: ENC[AES256_GCM,data:VQ6SYPzfMCVCH+TtayFT5kKjjMjOYVgyXCPK,iv:RK+Pg4BGE6qQXbkquxaXwkNvR3tJRmZ35rND+29ls48=,tag:wLtaGVwHGmGsn25ftUaT+w==,type:str]
|
||||
SUPERUSER_PASSWORD: ENC[AES256_GCM,data:7EeA7/y7iEB6WURvrQFuUg==,iv:tcB4cjqJqle8IaNOWJ5TtETMn4BOTToqkw3CStX3D8M=,tag:TClUavZxYSfhp526h98NWg==,type:str]
|
||||
PUSHOVER_API_TOKEN: ENC[AES256_GCM,data:b6JP2FoXz8QSC/+AQKiZIpaU1NWwyOV/PL6chtU1,iv:mf6aSEXXw+78XAOQqti02zIFUc6GlZvxJb3kZ5+UpQE=,tag:mfB5LLSgdvrYXXxir+4jzA==,type:str]
|
||||
PUSHOVER_SUBSCRIPTION_URL: ENC[AES256_GCM,data:oXfI2LOf1nwze5httLjpG8/oQxIeRyLDthvAn6NQBfNwazXYpEv8i/FaPYSALP4oosLCoIma3PNYhuo=,iv:WG7o2AeC0GMBCVcDeO38Vnz5kCoVuOPKbR+/968DZpQ=,tag:rSvm4mywMIWS0LHZW2GN5Q==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2V0hmQWNHL0EvYnRUVnNF
|
||||
Qk0xUU12ajAvUWh3clVJRDg1T2ZLd0lJdkQwCjh2OUpWMG5jZXRaeHdBTkJTajdZ
|
||||
QnFQbW0zcm5lWVo3TTh0SVVHdmRPYjgKLS0tIFRsVTJCa2Znb0I4dnlYQzJkZ1hp
|
||||
dEhUSi9lckpDdjQ0V1had1NXbloybWMKfIQ1YXsdylckxfJCAUxodAUPwRkkAUoH
|
||||
1Crcyha4iZFjqIQ6QfiGdA1PWScj3p13OGKL80bISJ50Ccupv0vl8Q==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-09-15T13:56:57Z"
|
||||
mac: ENC[AES256_GCM,data:rNzSeMPySMFt3brM3cH0dwYeZ1RUkymNcfq1AulLxK/LERHXj8KJxwRrdKed+SP/CF3ZBDs1NqhLNeFx4/EUzSsXafLI1G4zkx7sGyi16ECyWsu1Eu7aeqS6VgjId9jPcVNBjlhX836zXMSgsPyeSap6CJET6omZKZH81vXruUk=,iv:F7ucOGglLmXzo33T2gfOJ6NtOAHF9MzY3KiSV1VH4f8=,tag:6qghF9mBqZzosRf30YKFEA==,type:str]
|
||||
pgp: []
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.7.3
|
||||
@@ -2,7 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- grafana
|
||||
- healthchecks
|
||||
- kube-prometheus-stack
|
||||
- thanos
|
||||
- uptime-kuma
|
||||
|
||||
Reference in New Issue
Block a user