diff --git a/.values.yaml.kate-swp b/.values.yaml.kate-swp new file mode 100644 index 0000000..dbca08e Binary files /dev/null and b/.values.yaml.kate-swp differ diff --git a/Chart.yaml b/Chart.yaml index d0034e1..9c51dd4 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,2 +1,3 @@ name: memelord +apiVersion: v2 version: 1.0.0 diff --git a/memelord-laurivosandi b/memelord-laurivosandi new file mode 160000 index 0000000..0d36059 --- /dev/null +++ b/memelord-laurivosandi @@ -0,0 +1 @@ +Subproject commit 0d36059c39440325fe01b4501777a4e76d2d2e13 diff --git a/templates/app.yaml b/templates/app.yaml index 7f67360..211ed16 100644 --- a/templates/app.yaml +++ b/templates/app.yaml @@ -1,17 +1,16 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: memelord - namespace: memelord-raiko + name: {{ .Release.Name }} spec: replicas: 1 selector: matchLabels: - app: memelord + app: {{ .Release.Name }} template: metadata: labels: - app: memelord + app: {{ .Release.Name }} spec: containers: - name: memelord @@ -24,38 +23,38 @@ spec: env: - name: DOMAIN - value: "memelord-raiko.ee-lte-1.codemowers.io" + value: {{ .Values.hostname | quote }} - name: DB_ENGINE value: "postgres" - name: POSTGRES_USER valueFrom: secretKeyRef: - name: memelord-raiko-database + name: {{ .Release.Name }}-database key: username - name: POSTGRES_HOST - value: "memelord-raiko-database-rw" + value: {{ .Release.Name }}-database-rw - name: POSTGRES_PORT value: "5432" - name: POSTGRES_DB - value: "memelord-raiko" + value: {{ .Release.Name }} - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - name: memelord-raiko-database + name: {{ .Release.Name }}-database key: password - name: REDIS_HOST - value: "memelord-raiko-redis" + value: {{ .Release.Name }}-redis - name: REDIS_PORT value: "6379" - name: REDIS_PASSWORD valueFrom: secretKeyRef: - name: memelord-raiko-redis + name: {{ .Release.Name }}-redis key: redis-password - name: STORAGE_BACKEND value: "s3" - name: AWS_STORAGE_BUCKET_NAME - value: "memelord-raiko" + value: {{ .Release.Name }} - name: AWS_S3_ENDPOINT_URL value: "https://minio.ee-lte-1.codemowers.io/" - name: AWS_S3_REGION_NAME @@ -63,12 +62,12 @@ spec: - name: AWS_ACCESS_KEY_ID valueFrom: secretKeyRef: - name: memelord-raiko-bucket + name: {{ .Release.Name }}-bucket key: accessKey - name: AWS_SECRET_ACCESS_KEY valueFrom: secretKeyRef: - name: memelord-raiko-bucket + name: {{ .Release.Name }}-bucket key: secretKey - name: OIDC_ENABLED value: "True" @@ -77,12 +76,12 @@ spec: - name: OIDC_RP_CLIENT_ID valueFrom: secretKeyRef: - name: oidc-client-memelord-raiko-owner-secrets + name: oidc-client-{{ .Release.Name }}-owner-secrets key: OIDC_CLIENT_ID - name: OIDC_RP_CLIENT_SECRET valueFrom: secretKeyRef: - name: oidc-client-memelord-raiko-owner-secrets + name: oidc-client-{{ .Release.Name }}-owner-secrets key: OIDC_CLIENT_SECRET - name: OIDC_OP_AUTHORIZATION_ENDPOINT value: "https://auth.ee-lte-1.codemowers.io/auth" diff --git a/templates/deployment.yaml b/templates/deployment.yaml index 9a2245d..6c2d790 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -2,7 +2,7 @@ apiVersion: secretgenerator.mittwald.de/v1alpha1 kind: StringSecret metadata: - name: memelord-raiko-redis + name: {{ .Release.Name }}-redis spec: fields: - fieldName: redis-password @@ -12,11 +12,11 @@ spec: apiVersion: dragonflydb.io/v1alpha1 kind: Dragonfly metadata: - name: memelord-raiko-redis + name: {{ .Release.Name }}-redis spec: authentication: passwordFromSecret: - name: memelord-raiko-redis + name: {{ .Release.Name }}-redis key: redis-password replicas: 1 resources: @@ -30,12 +30,12 @@ spec: apiVersion: secretgenerator.mittwald.de/v1alpha1 kind: StringSecret metadata: - name: memelord-raiko-database + name: {{ .Release.Name }}-database labels: cnpg.io/reload: "true" spec: data: - username: memelord-raiko + username: {{ .Release.Name }} fields: - fieldName: password length: "32" @@ -44,7 +44,7 @@ spec: apiVersion: postgresql.cnpg.io/v1 kind: Cluster metadata: - name: memelord-raiko-database + name: {{ .Release.Name }}-database spec: instances: 1 imageName: ghcr.io/cloudnative-pg/postgresql:17 @@ -69,28 +69,28 @@ spec: effective_cache_size: "2GB" managed: roles: - - name: memelord-raiko + - name: {{ .Release.Name }} ensure: present login: true passwordSecret: - name: memelord-raiko-database + name: {{ .Release.Name }}-database --- apiVersion: postgresql.cnpg.io/v1 kind: Database metadata: - name: memelord-raiko + name: {{ .Release.Name }} spec: - name: memelord-raiko - owner: memelord-raiko + name: {{ .Release.Name }} + owner: {{ .Release.Name }} cluster: - name: memelord-raiko-database + name: {{ .Release.Name }}-database --- apiVersion: s3.onyxia.sh/v1alpha1 kind: Policy metadata: - name: memelord-raiko-policy + name: {{ .Release.Name }}-policy spec: - name: memelord-raiko-policy + name: {{ .Release.Name }}-policy s3InstanceRef: minio/default policyContent: >- { @@ -102,8 +102,8 @@ spec: "s3:*" ], "Resource": [ - "arn:aws:s3:::memelord-raiko", - "arn:aws:s3:::memelord-raiko/*" + "arn:aws:s3:::{{ .Release.Name }}", + "arn:aws:s3:::{{ .Release.Name }}/*" ] } ] @@ -112,19 +112,19 @@ spec: apiVersion: s3.onyxia.sh/v1alpha1 kind: S3User metadata: - name: memelord-raiko-bucket + name: {{ .Release.Name }}-bucket spec: - accessKey: memelord-raiko-bucket + accessKey: {{ .Release.Name }}-bucket policies: - - memelord-raiko-policy + - {{ .Release.Name }}-policy s3InstanceRef: minio/default --- apiVersion: s3.onyxia.sh/v1alpha1 kind: Bucket metadata: - name: memelord-raiko + name: {{ .Release.Name }} spec: - name: memelord-raiko + name: {{ .Release.Name }} s3InstanceRef: minio/default quota: default: 100000000 @@ -132,11 +132,11 @@ spec: apiVersion: v1 kind: Service metadata: - name: memelord + name: {{ .Release.Name }} spec: type: ClusterIP selector: - app: memelord + app: {{ .Release.Name }} ports: - name: http port: 80 @@ -145,11 +145,11 @@ spec: apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: memelord-raiko + name: {{ .Release.Name }} spec: - secretName: memelord-raiko-tls + secretName: {{ .Release.Name }}-tls dnsNames: - - memelord-raiko.ee-lte-1.codemowers.io + - {{ .Values.hostname }} issuerRef: name: letsencrypt kind: ClusterIssuer @@ -157,21 +157,21 @@ spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: memelord-raiko + name: {{ .Release.Name }} annotations: traefik.ingress.kubernetes.io/router.entrypoints: websecure spec: ingressClassName: traefik rules: - - host: memelord-raiko.ee-lte-1.codemowers.io + - host: {{ .Values.hostname }} http: paths: - pathType: Prefix path: "/" backend: service: - name: memelord + name: {{ .Release.Name }} port: number: 80 tls: - - secretName: memelord-raiko-tls + - secretName: {{ .Release.Name }}-tls diff --git a/templates/grafana.yaml b/templates/grafana.yaml index 43a6e4d..52d519e 100644 --- a/templates/grafana.yaml +++ b/templates/grafana.yaml @@ -2,8 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: grafana-datasources - namespace: memelord-raiko + name: {{ .Release.Name }}-grafana-datasources data: datasources.yaml: | apiVersion: 1 @@ -24,20 +23,19 @@ data: apiVersion: apps/v1 kind: StatefulSet metadata: - name: grafana - namespace: memelord-raiko + name: {{ .Release.Name }}-grafana labels: - app: grafana + app: {{ .Release.Name }}-grafana spec: - serviceName: grafana + serviceName: {{ .Release.Name }}-grafana replicas: 1 selector: matchLabels: - app: grafana + app: {{ .Release.Name }}-grafana template: metadata: labels: - app: grafana + app: {{ .Release.Name }}-grafana spec: containers: - name: grafana @@ -53,7 +51,7 @@ spec: value: /var/lib/grafana/grafana.db - name: GF_SERVER_ROOT_URL - value: https://grafana-raiko.ee-lte-1.codemowers.io + value: https://{{ .Values.grafanaHostname }} - name: GF_AUTH_GENERIC_OAUTH_ENABLED value: "true" @@ -64,12 +62,12 @@ spec: - name: GF_AUTH_GENERIC_OAUTH_CLIENT_ID valueFrom: secretKeyRef: - name: oidc-client-grafana-raiko-owner-secrets + name: oidc-client-grafana-{{ .Release.Name }}-owner-secrets key: OIDC_CLIENT_ID - name: GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET valueFrom: secretKeyRef: - name: oidc-client-grafana-raiko-owner-secrets + name: oidc-client-grafana-{{ .Release.Name }}-owner-secrets key: OIDC_CLIENT_SECRET - name: GF_AUTH_GENERIC_OAUTH_SCOPES value: "openid profile groups" @@ -79,8 +77,6 @@ spec: value: "http://passmower.passmower.svc.cluster.local/token" - name: GF_AUTH_GENERIC_OAUTH_API_URL value: "http://passmower.passmower.svc.cluster.local/me" - # - name: GF_AUTH_GENERIC_OAUTH_SIGNOUT_REDIRECT_URL - # value: "https://auth.ee-lte-1.codemowers.io//openid/session/end" - name: GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH value: "contains(groups[*], 'github.com:codemowers:admins') && 'Admin' || Viewer" @@ -94,11 +90,10 @@ spec: - name: datasources mountPath: /etc/grafana/provisioning/datasources - volumes: - name: datasources configMap: - name: grafana-datasources + name: {{ .Release.Name }}-grafana-datasources volumeClaimTemplates: - metadata: @@ -114,14 +109,13 @@ spec: apiVersion: v1 kind: Service metadata: - name: grafana - namespace: memelord-raiko + name: {{ .Release.Name }}-grafana labels: - app: grafana + app: {{ .Release.Name }}-grafana spec: type: ClusterIP selector: - app: grafana + app: {{ .Release.Name }}-grafana ports: - name: http port: 80 @@ -130,12 +124,11 @@ spec: apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: grafana-raiko - namespace: memelord-raiko + name: grafana-{{ .Release.Name }} spec: - secretName: grafana-raiko-tls + secretName: grafana-{{ .Release.Name }}-tls dnsNames: - - grafana-raiko.ee-lte-1.codemowers.io + - {{ .Values.grafanaHostname }} issuerRef: name: letsencrypt kind: ClusterIssuer @@ -143,35 +136,33 @@ spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: grafana-raiko - namespace: memelord-raiko + name: grafana-{{ .Release.Name }} annotations: traefik.ingress.kubernetes.io/router.entrypoints: websecure spec: rules: - - host: grafana-raiko.ee-lte-1.codemowers.io + - host: {{ .Values.grafanaHostname }} http: paths: - pathType: Prefix path: "/" backend: service: - name: grafana + name: {{ .Release.Name }}-grafana port: number: 80 tls: - - secretName: grafana-raiko-tls + - secretName: grafana-{{ .Release.Name }}-tls --- apiVersion: codemowers.cloud/v1beta1 kind: OIDCClient metadata: - name: grafana-raiko - namespace: memelord-raiko + name: grafana-{{ .Release.Name }} spec: - displayName: Grafana Raiko - uri: https://grafana-raiko.ee-lte-1.codemowers.io/ + displayName: Grafana {{ .Release.Name }} + uri: https://{{ .Values.grafanaHostname }}/ redirectUris: - - https://grafana-raiko.ee-lte-1.codemowers.io/login/generic_oauth + - https://{{ .Values.grafanaHostname }}/login/generic_oauth grantTypes: - authorization_code - refresh_token diff --git a/templates/http-probe.yaml b/templates/http-probe.yaml index 7bd67ff..1ef9fe2 100644 --- a/templates/http-probe.yaml +++ b/templates/http-probe.yaml @@ -2,7 +2,7 @@ apiVersion: monitoring.coreos.com/v1 kind: Probe metadata: - name: reddit-probe + name: {{ .Release.Name }}-reddit-probe spec: module: http_2xx prober: diff --git a/values.yaml b/values.yaml index 9ef296e..c1b1c7c 100644 --- a/values.yaml +++ b/values.yaml @@ -1 +1,2 @@ hostname: memelord-raiko.ee-lte-1.codemowers.io +grafanaHostname: grafana-raiko.ee-lte-1.codemowers.io