From b5655b428cd9d94108da6cdc04a565b2321b5d35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= Date: Mon, 16 Feb 2026 15:56:58 +0200 Subject: [PATCH] final touch --- templates/deployment.yaml | 4 +- templates/grafana.yaml | 191 -------------------------------------- templates/ingress.yaml | 2 +- 3 files changed, 3 insertions(+), 194 deletions(-) delete mode 100644 templates/grafana.yaml diff --git a/templates/deployment.yaml b/templates/deployment.yaml index dfb74ad..52fca15 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -2,7 +2,7 @@ apiVersion: secretgenerator.mittwald.de/v1alpha1 kind: StringSecret metadata: - name: memelord-secret-key + name: {{ .Release.Name }} spec: fields: - fieldName: secret-key @@ -12,7 +12,7 @@ spec: apiVersion: apps/v1 kind: Deployment metadata: - name: memelord + name: {{ .Release.Name }} spec: replicas: 3 selector: diff --git a/templates/grafana.yaml b/templates/grafana.yaml deleted file mode 100644 index 89e0c3b..0000000 --- a/templates/grafana.yaml +++ /dev/null @@ -1,191 +0,0 @@ ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: grafana - labels: - app: grafana -spec: - serviceName: grafana - replicas: 1 - selector: - matchLabels: - app: grafana - template: - metadata: - labels: - app: grafana - spec: - containers: - - name: grafana - image: grafana/grafana:latest - imagePullPolicy: IfNotPresent - ports: - - containerPort: 3000 - name: http - env: - - name: GF_ANALYTICS_REPORTING_ENABLED - value: "false" - - name: GF_ANALYTICS_CHECK_FOR_UPDATES - value: "false" - - name: GF_SERVER_DOMAIN - value: grafana-laurivosandi.ee-lte-1.codemowers.io - - name: GF_SERVER_ROOT_URL - value: "https://%(domain)s/" - - name: GF_AUTH_OAUTH_ALLOW_INSECURE_EMAIL_LOOKUP - value: "true" - - name: GF_AUTH_BASIC_ENABLED - value: "false" - - name: GF_AUTH_GENERIC_OAUTH_ENABLED - value: "true" - - name: GF_AUTH_GENERIC_OAUTH_NAME - value: OAuth - - name: GF_AUTH_GENERIC_OAUTH_ICON - value: signin - - name: GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP - value: "true" - - name: GF_AUTH_GENERIC_OAUTH_USE_PKCE - value: "true" - - name: GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH - value: "contains(groups[*], 'github.com:codemowers:admins') && 'Admin' || Viewer" - - name: GF_AUTH_GENERIC_OAUTH_ALLOW_ASSIGN_GRAFANA_ADMIN - value: "true" - - name: GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION - value: "true" - - - name: GF_DATABASE_TYPE - value: sqlite3 - - name: GF_DATABASE_PATH - value: /var/lib/grafana/grafana.db - - - name: GF_AUTH_GENERIC_OAUTH_SIGNOUT_REDIRECT_URL - valueFrom: - secretKeyRef: - name: oidc-client-grafana-laurivosandi-owner-secrets - key: OIDC_IDP_URI - - name: GF_AUTH_GENERIC_OAUTH_CLIENT_ID - valueFrom: - secretKeyRef: - name: oidc-client-grafana-laurivosandi-owner-secrets - key: OIDC_CLIENT_ID - - name: GF_AUTH_GENERIC_OAUTH_SECRET - valueFrom: - secretKeyRef: - name: oidc-client-grafana-laurivosandi-owner-secrets - key: OIDC_CLIENT_SECRET - - name: GF_AUTH_GENERIC_OAUTH_SCOPES - valueFrom: - secretKeyRef: - name: oidc-client-grafana-laurivosandi-owner-secrets - key: OIDC_AVAILABLE_SCOPES - - name: GF_AUTH_GENERIC_OAUTH_AUTH_URL - valueFrom: - secretKeyRef: - name: oidc-client-grafana-laurivosandi-owner-secrets - key: OIDC_IDP_AUTH_URI - - name: GF_AUTH_GENERIC_OAUTH_TOKEN_URL - valueFrom: - secretKeyRef: - name: oidc-client-grafana-laurivosandi-owner-secrets - key: OIDC_IDP_TOKEN_URI - - name: GF_AUTH_GENERIC_OAUTH_API_URL - valueFrom: - secretKeyRef: - name: oidc-client-grafana-laurivosandi-owner-secrets - key: OIDC_IDP_USERINFO_URI - volumeMounts: - - name: grafana-storage - mountPath: /var/lib/grafana - readinessProbe: - httpGet: - path: /api/health - port: 3000 - initialDelaySeconds: 10 - periodSeconds: 10 - livenessProbe: - httpGet: - path: /api/health - port: 3000 - initialDelaySeconds: 30 - periodSeconds: 10 - volumeClaimTemplates: - - metadata: - name: grafana-storage - spec: - accessModes: - - ReadWriteOnce - storageClassName: sqlite - resources: - requests: - storage: 5Gi ---- -apiVersion: v1 -kind: Service -metadata: - name: grafana - labels: - app: grafana -spec: - type: ClusterIP - selector: - app: grafana - ports: - - name: http - port: 80 - targetPort: 3000 ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: grafana-laurivosandi - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: websecure -spec: - rules: - - host: grafana-laurivosandi.ee-lte-1.codemowers.io - http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: grafana - port: - number: 80 - tls: - - secretName: grafana-laurivosandi-tls - ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: grafana-laurivosandi -spec: - secretName: grafana-laurivosandi-tls - dnsNames: - - grafana-laurivosandi.ee-lte-1.codemowers.io - issuerRef: - name: letsencrypt - kind: ClusterIssuer ---- -apiVersion: codemowers.cloud/v1beta1 -kind: OIDCClient -metadata: - name: grafana-laurivosandi -spec: - displayName: Granafa laurivosandi - uri: https://grafana-laurivosandi.ee-lte-1.codemowers.io/ - redirectUris: - - https://grafana-laurivosandi.ee-lte-1.codemowers.io/login/generic_oauth - allowedGroups: - - github.com:codemowers:admins - grantTypes: - - authorization_code - - refresh_token - responseTypes: - - code - availableScopes: - - openid - - profile - - groups - tokenEndpointAuthMethod: none diff --git a/templates/ingress.yaml b/templates/ingress.yaml index 273728d..4124385 100644 --- a/templates/ingress.yaml +++ b/templates/ingress.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: - name: memelord + name: {{ .Release.Name }} spec: type: ClusterIP selector: