feat: update authentik chart to 2024.2

2024-02-21 21:54:07 +01:00 · 2024-02-21 21:54:07 +01:00 · 5fa78a2cb0
commit 5fa78a2cb0
parent e479cedfed
8 changed files with 76 additions and 76 deletions
--- a/k8s/argo-apps/authentik.yaml
+++ b/k8s/argo-apps/authentik.yaml
@ -11,7 +11,7 @@ spec:
  sources:
    - chart: authentik
      repoURL: https://charts.goauthentik.io/
-      targetRevision: 2023.10.*
+      targetRevision: 2024.2.*
      helm:
        valuesObject:
          authentik:
@ -26,7 +26,8 @@ spec:
                timeout: 30
                from: auth@fukurokuju.dev
              postgresql:
-                host: 192.168.1.13
+                host: 192.168.1.3
+                port: 55432
                name: auth
                user: file:///authentik-creds/pg_username
                password: file:///authentik-creds/pg_password
@ -34,49 +35,55 @@ spec:
                host: 192.168.1.3
                port: 30036
                password: file:///authentik-creds/redis_password
-          volumeMounts:
-            - name: authentik-creds
-              mountPath: /authentik-creds
-            - name: media
-              mountPath: /media
-          volumes:
-            - name: authentik-creds
-              secret:
-                secretName: secrets-authentik
-            - name: media
-              persistentVolumeClaim:
-                claimName: pvc-authentik-media
-          autoscaling:
-            server:
+              error_reporting:
+                enabled: true
+          global:
+            volumeMounts:
+              - name: authentik-creds
+                mountPath: /authentik-creds
+              - name: media
+                mountPath: /media
+            volumes:
+              - name: authentik-creds
+                secret:
+                  secretName: secrets-authentik
+              - name: media
+                persistentVolumeClaim:
+                  claimName: pvc-authentik-media
+          server:
+            autoscaling:
              enabled: true
-              maxScaling: 3
-            worker:
+              minReplicas: 1
+              maxReplicas: 3
+            pdb:
              enabled: true
-          pdb:
-            server:
+              minAvailable: 1
+            service:
+              type: LoadBalancer
+              servicePortHttp: 9000
+              servicePortHttps: 9443
+            metrics:
              enabled: true
-              maxUnavailable: 2
-            worker:
-              enabled:
-                maxUnavailable: 4
-          service:
-            type: LoadBalancer
-            port: 9000
-            name: http
-          ingress:
-            enabled: true
-            ingressClassName: traefik
-            hosts:
-              - host: auth.fukurokuju.dev
-                paths:
-                  - path: "/"
-                    pathType: Prefix
-                    backend:
-                      service:
-                        name: http
-                        port:
-                          number: 9000
-                tls: []
+              service:
+                type: LoadBalancer
+              serviceMonitor:
+                enabled: true
+            ingress:
+              enabled: true
+              ingressClassName: traefik
+              hosts:
+                - auth.fukurokuju.dev
+              tls: []
+              https: true
+          worker:
+            autoscaling:
+              enabled: true
+              minReplicas: 2
+              maxReplicas: 6
+            pdb:
+              enabled: true
+              minAvailable: 2
+
    - repoURL: https://git.roboces.dev/catalin/fukuops.git
      path: k8s/services/authentik
      targetRevision: main
--- a/k8s/argo-apps/loki.yaml
+++ b/k8s/argo-apps/loki.yaml
@ -68,28 +68,32 @@ spec:
                enabled: true
            extraScrapeConfigs: |
              - job_name: 'argocd-metrics'
-                static_configs: 
+                static_configs:
                  - targets: ["argocd-metrics.argocd:8082"]
-              
+
              - job_name: 'argocd-server-metrics'
-                static_configs: 
+                static_configs:
                  - targets: ["argocd-server-metrics.argocd:8083"]
-              
+
              - job_name: 'argocd-repo-server-metrics'
-                static_configs: 
+                static_configs:
                  - targets: ["argocd-server.argocd:8084"]
-              
+
              - job_name: 'argocd-applicationset-controller-metrics'
-                static_configs: 
+                static_configs:
                  - targets: ["argocd-applicationset-controller-metrics.argocd:8080"]
-              
+
              - job_name: 'argocd-dex-server'
                static_configs:
                  - targets: ["argocd-dex-server.argocd:5558"]
-              
+
              - job_name: 'argocd-notifications-controller-metrics'
-                static_configs: 
+                static_configs:
                  - targets: ["argocd-notifications-controller-metrics.argocd:9001"]
+              
+              - job_name: 'miniflux'
+                static_configs:
+                  - targets: ["miniflux-service.apps-roboces:8888"]
            alertmanager:
              persistence:
                enabled: true
--- a/k8s/services/argo/project-fuku.yaml
+++ b/k8s/services/argo/project-fuku.yaml
@ -21,4 +21,4 @@ spec:
    - https://kubereboot.github.io/charts
    - https://sqljames.github.io/factorio-server-charts/
    - https://portainer.github.io/k8s/
-    - https://charts.bitnami.com/bitnami
+    - https://charts.bitnami.com/bitnami
--- a/k8s/services/argo/project-management.yaml
+++ b/k8s/services/argo/project-management.yaml
@ -26,3 +26,4 @@ spec:
    - https://grafana.github.io/helm-charts
    - https://kubernetes-sigs.github.io/descheduler/
    - https://github.com/rancher/system-upgrade-controller.git
+    - https://charts.bitnami.com/bitnami
--- a/k8s/services/miniflux/deployment.yaml
+++ b/k8s/services/miniflux/deployment.yaml
@ -90,5 +90,7 @@ spec:
              value: "25"
            - name: METRICS_COLLECTOR
              value: "1"
+            - name: METRICS_ALLOWED_NETWORKS
+              value: 10.42.1.0/16
      restartPolicy: Always
-      automountServiceAccountToken: false
+      automountServiceAccountToken: false
--- a/k8s/services/miniflux/ingressroute.yaml
+++ b/k8s/services/miniflux/ingressroute.yaml
@ -29,4 +29,4 @@ spec:
      match: Host(`feeds.fuku`)
      services:
        - name: miniflux-service
-          port: 8888
+          port: 8888
--- a/tofu/adguard/main.tf
+++ b/tofu/adguard/main.tf
@ -86,17 +86,3 @@ resource "adguard_rewrite" "feeds_local_3" {
  answer = "192.168.1.33"
 }

-resource "adguard_rewrite" "feeds_local_1" {
-  domain = "feeds.fuku"
-  answer = "192.168.1.31"
-}
-
-resource "adguard_rewrite" "feeds_local_2" {
-  domain = "feeds.fuku"
-  answer = "192.168.1.32"
-}
-
-resource "adguard_rewrite" "feeds_local_3" {
-  domain = "feeds.fuku"
-  answer = "192.168.1.33"
-}
--- a/tofu/proxmox/main.tf
+++ b/tofu/proxmox/main.tf
@ -17,14 +17,14 @@ provider "proxmox" {
 }

 module "master1" {
-  source     = "../modules/proxmox-vm"
-  vm_id      = 3001
-  vm_name    = "master1.ramiel.fuku"
-  node_name  = "ramiel"
-  ipconfig0  = "ip=192.168.1.31/24,gw=192.168.1.1"
-  memory     = 5120
+  source            = "../modules/proxmox-vm"
+  vm_id             = 3001
+  vm_name           = "master1.ramiel.fuku"
+  node_name         = "ramiel"
+  ipconfig0         = "ip=192.168.1.31/24,gw=192.168.1.1"
+  memory            = 5120
  disk_storage_name = "storage"
-  core_count = 2
+  core_count        = 2
 }

 module "master2" {