mirror of
https://github.com/auricom/home-cluster.git
synced 2025-09-17 18:24:14 +02:00
feat: webhook
This commit is contained in:
auricom
@@ -7,7 +7,7 @@ metadata:
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: onepassword
|
||||
name: onepassword-connect
|
||||
target:
|
||||
name: github-status-token-secret
|
||||
template:
|
||||
|
||||
@@ -6,6 +6,6 @@ metadata:
|
||||
name: github-status
|
||||
spec:
|
||||
type: github
|
||||
address: https://github.com/onedr0p/home-ops
|
||||
address: https://github.com/auricom/home-ops
|
||||
secretRef:
|
||||
name: github-status-token-secret
|
||||
|
||||
11
kubernetes/components/gatus/external/config.yaml
vendored
Normal file
11
kubernetes/components/gatus/external/config.yaml
vendored
Normal file
@@ -0,0 +1,11 @@
|
||||
endpoints:
|
||||
- name: "${APP}"
|
||||
group: external
|
||||
url: "https://${GATUS_SUBDOMAIN:-${APP}}.${SECRET_EXTERNAL_DOMAIN}${GATUS_PATH:-/}"
|
||||
interval: 1m
|
||||
client:
|
||||
dns-resolver: tcp://192.168.8.1:53
|
||||
conditions:
|
||||
- "[STATUS] == ${GATUS_STATUS:-200}"
|
||||
alerts:
|
||||
- type: pushover
|
||||
@@ -1,20 +0,0 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: "${APP}-gatus-ep"
|
||||
labels:
|
||||
gatus.io/enabled: "true"
|
||||
data:
|
||||
config.yaml: |
|
||||
endpoints:
|
||||
- name: "${APP}"
|
||||
group: external
|
||||
url: "https://${GATUS_SUBDOMAIN:-${APP}}.${SECRET_EXTERNAL_DOMAIN}${GATUS_PATH:-/}"
|
||||
interval: 1m
|
||||
client:
|
||||
dns-resolver: tcp://192.168.8.1:53
|
||||
conditions:
|
||||
- "[STATUS] == ${GATUS_STATUS:-200}"
|
||||
alerts:
|
||||
- type: pushover
|
||||
@@ -1,6 +1,13 @@
|
||||
---
|
||||
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./configmap.yaml
|
||||
apiVersion: kustomize.config.k8s.io/v1alpha1
|
||||
kind: Component
|
||||
configMapGenerator:
|
||||
- name: ${APP}-gatus-ep
|
||||
files:
|
||||
- config.yaml=./config.yaml
|
||||
options:
|
||||
labels:
|
||||
gatus.io/enabled: "true"
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
||||
|
||||
12
kubernetes/components/gatus/guarded/config.yaml
Normal file
12
kubernetes/components/gatus/guarded/config.yaml
Normal file
@@ -0,0 +1,12 @@
|
||||
endpoints:
|
||||
- name: "${APP}"
|
||||
group: guarded
|
||||
url: "https://${GATUS_SUBDOMAIN:-${APP}}.${GATUS_DOMAIN:-${SECRET_EXTERNAL_DOMAIN}}${GATUS_PATH:-/}"
|
||||
interval: 1m
|
||||
ui:
|
||||
hide-hostname: true
|
||||
hide-url: true
|
||||
conditions:
|
||||
- "[STATUS] == ${GATUS_STATUS:-200}"
|
||||
alerts:
|
||||
- type: pushover
|
||||
@@ -1,21 +0,0 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: "${APP}-gatus-ep"
|
||||
labels:
|
||||
gatus.io/enabled: "true"
|
||||
data:
|
||||
config.yaml: |
|
||||
endpoints:
|
||||
- name: "${APP}"
|
||||
group: guarded
|
||||
url: "https://${GATUS_SUBDOMAIN:-${APP}}.${GATUS_DOMAIN:-${SECRET_EXTERNAL_DOMAIN}}${GATUS_PATH:-/}"
|
||||
interval: 1m
|
||||
ui:
|
||||
hide-hostname: true
|
||||
hide-url: true
|
||||
conditions:
|
||||
- "[STATUS] == ${GATUS_STATUS:-200}"
|
||||
alerts:
|
||||
- type: pushover
|
||||
@@ -1,6 +1,13 @@
|
||||
---
|
||||
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./configmap.yaml
|
||||
apiVersion: kustomize.config.k8s.io/v1alpha1
|
||||
kind: Component
|
||||
configMapGenerator:
|
||||
- name: ${APP}-gatus-ep
|
||||
files:
|
||||
- config.yaml=./config.yaml
|
||||
options:
|
||||
labels:
|
||||
gatus.io/enabled: "true"
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
apiVersion: kustomize.config.k8s.io/v1alpha1
|
||||
kind: Component
|
||||
resources:
|
||||
- ./claim.yaml
|
||||
- ./minio.yaml
|
||||
- ./minio
|
||||
- ./pvc.yaml
|
||||
|
||||
@@ -1,73 +0,0 @@
|
||||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1.json
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: "${APP}-volsync"
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: onepassword-connect
|
||||
target:
|
||||
name: "${APP}-volsync-secret"
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: s3:https://s3.${SECRET_INTERNAL_DOMAIN}/volsync/${APP}
|
||||
RESTIC_PASSWORD: "{{ .RESTIC_PASSWORD }}"
|
||||
AWS_ACCESS_KEY_ID: "{{ .AWS_ACCESS_KEY_ID }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ .AWS_SECRET_ACCESS_KEY }}"
|
||||
dataFrom:
|
||||
- extract:
|
||||
key: volsync-restic-template
|
||||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationsource_v1alpha1.json
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: "${APP}"
|
||||
spec:
|
||||
sourcePVC: "${APP}"
|
||||
trigger:
|
||||
schedule: 0 7 * * *
|
||||
restic:
|
||||
copyMethod: "${VOLSYNC_COPYMETHOD:-Snapshot}"
|
||||
pruneIntervalDays: 7
|
||||
repository: "${APP}-volsync-secret"
|
||||
volumeSnapshotClassName: "${VOLSYNC_SNAPSHOTCLASS:-csi-ceph-blockpool}"
|
||||
cacheCapacity: "${VOLSYNC_CACHE_CAPACITY:-8Gi}"
|
||||
cacheStorageClassName: "${VOLSYNC_CACHE_SNAPSHOTCLASS:-rook-ceph-block}"
|
||||
cacheAccessModes: ["${VOLSYNC_CACHE_ACCESSMODES:-ReadWriteOnce}"]
|
||||
storageClassName: "${VOLSYNC_STORAGECLASS:-rook-ceph-block}"
|
||||
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
|
||||
moverSecurityContext:
|
||||
runAsUser: ${VOLSYNC_UID:-568}
|
||||
runAsGroup: ${VOLSYNC_GID:-568}
|
||||
fsGroup: ${VOLSYNC_GID:-568}
|
||||
retain:
|
||||
hourly: 24
|
||||
daily: 7
|
||||
weekly: 5
|
||||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationdestination_v1alpha1.json
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationDestination
|
||||
metadata:
|
||||
name: "${APP}-dst"
|
||||
spec:
|
||||
trigger:
|
||||
manual: restore-once
|
||||
restic:
|
||||
repository: "${APP}-volsync-secret"
|
||||
copyMethod: Snapshot # must be Snapshot
|
||||
volumeSnapshotClassName: "${VOLSYNC_SNAPSHOTCLASS:-csi-ceph-blockpool}"
|
||||
cacheStorageClassName: "${VOLSYNC_CACHE_SNAPSHOTCLASS:-rook-ceph-block}"
|
||||
cacheAccessModes: ["${VOLSYNC_CACHE_ACCESSMODES:-ReadWriteOnce}"]
|
||||
cacheCapacity: "${VOLSYNC_CACHE_CAPACITY:-8Gi}"
|
||||
storageClassName: "${VOLSYNC_STORAGECLASS:-rook-ceph-block}"
|
||||
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
|
||||
capacity: "${VOLSYNC_CAPACITY}"
|
||||
moverSecurityContext:
|
||||
runAsUser: ${VOLSYNC_UID:-568}
|
||||
runAsGroup: ${VOLSYNC_GID:-568}
|
||||
fsGroup: ${VOLSYNC_GID:-568}
|
||||
22
kubernetes/components/volsync/minio/externalsecret.yaml
Normal file
22
kubernetes/components/volsync/minio/externalsecret.yaml
Normal file
@@ -0,0 +1,22 @@
|
||||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1.json
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: "${APP}-volsync"
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: onepassword-connect
|
||||
target:
|
||||
name: "${APP}-volsync-secret"
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
RESTIC_REPOSITORY: s3:https://s3.${SECRET_INTERNAL_DOMAIN}/volsync/${APP}
|
||||
RESTIC_PASSWORD: "{{ .RESTIC_PASSWORD }}"
|
||||
AWS_ACCESS_KEY_ID: "{{ .AWS_ACCESS_KEY_ID }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ .AWS_SECRET_ACCESS_KEY }}"
|
||||
dataFrom:
|
||||
- extract:
|
||||
key: volsync-restic-template
|
||||
8
kubernetes/components/volsync/minio/kustomization.yaml
Normal file
8
kubernetes/components/volsync/minio/kustomization.yaml
Normal file
@@ -0,0 +1,8 @@
|
||||
---
|
||||
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./externalsecret.yaml
|
||||
- ./replicationsource.yaml
|
||||
- ./replicationdestination.yaml
|
||||
@@ -0,0 +1,23 @@
|
||||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationdestination_v1alpha1.json
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationDestination
|
||||
metadata:
|
||||
name: "${APP}-dst"
|
||||
spec:
|
||||
trigger:
|
||||
manual: restore-once
|
||||
restic:
|
||||
repository: "${APP}-volsync-secret"
|
||||
copyMethod: Snapshot # must be Snapshot
|
||||
volumeSnapshotClassName: "${VOLSYNC_SNAPSHOTCLASS:-csi-ceph-blockpool}"
|
||||
cacheStorageClassName: "${VOLSYNC_CACHE_SNAPSHOTCLASS:-rook-ceph-block}"
|
||||
cacheAccessModes: ["${VOLSYNC_CACHE_ACCESSMODES:-ReadWriteOnce}"]
|
||||
cacheCapacity: "${VOLSYNC_CACHE_CAPACITY:-8Gi}"
|
||||
storageClassName: "${VOLSYNC_STORAGECLASS:-rook-ceph-block}"
|
||||
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
|
||||
capacity: "${VOLSYNC_CAPACITY}"
|
||||
moverSecurityContext:
|
||||
runAsUser: ${VOLSYNC_UID:-568}
|
||||
runAsGroup: ${VOLSYNC_GID:-568}
|
||||
fsGroup: ${VOLSYNC_GID:-568}
|
||||
28
kubernetes/components/volsync/minio/replicationsource.yaml
Normal file
28
kubernetes/components/volsync/minio/replicationsource.yaml
Normal file
@@ -0,0 +1,28 @@
|
||||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationsource_v1alpha1.json
|
||||
apiVersion: volsync.backube/v1alpha1
|
||||
kind: ReplicationSource
|
||||
metadata:
|
||||
name: "${APP}"
|
||||
spec:
|
||||
sourcePVC: "${APP}"
|
||||
trigger:
|
||||
schedule: 0 7 * * *
|
||||
restic:
|
||||
copyMethod: "${VOLSYNC_COPYMETHOD:-Snapshot}"
|
||||
pruneIntervalDays: 7
|
||||
repository: "${APP}-volsync-secret"
|
||||
volumeSnapshotClassName: "${VOLSYNC_SNAPSHOTCLASS:-csi-ceph-blockpool}"
|
||||
cacheCapacity: "${VOLSYNC_CACHE_CAPACITY:-8Gi}"
|
||||
cacheStorageClassName: "${VOLSYNC_CACHE_SNAPSHOTCLASS:-rook-ceph-block}"
|
||||
cacheAccessModes: ["${VOLSYNC_CACHE_ACCESSMODES:-ReadWriteOnce}"]
|
||||
storageClassName: "${VOLSYNC_STORAGECLASS:-rook-ceph-block}"
|
||||
accessModes: ["${VOLSYNC_ACCESSMODES:-ReadWriteOnce}"]
|
||||
moverSecurityContext:
|
||||
runAsUser: ${VOLSYNC_UID:-568}
|
||||
runAsGroup: ${VOLSYNC_GID:-568}
|
||||
fsGroup: ${VOLSYNC_GID:-568}
|
||||
retain:
|
||||
hourly: 24
|
||||
daily: 7
|
||||
weekly: 5
|
||||
Reference in New Issue
Block a user