From 5fa78a2cb0124502df281a43fc15a9d221847e30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Wed, 21 Feb 2024 21:54:07 +0100 Subject: [PATCH] feat: update authentik chart to 2024.2 --- k8s/argo-apps/authentik.yaml | 91 ++++++++++++----------- k8s/argo-apps/loki.yaml | 24 +++--- k8s/services/argo/project-fuku.yaml | 2 +- k8s/services/argo/project-management.yaml | 1 + k8s/services/miniflux/deployment.yaml | 4 +- k8s/services/miniflux/ingressroute.yaml | 2 +- tofu/adguard/main.tf | 14 ---- tofu/proxmox/main.tf | 14 ++-- 8 files changed, 76 insertions(+), 76 deletions(-) diff --git a/k8s/argo-apps/authentik.yaml b/k8s/argo-apps/authentik.yaml index 147d91c..3b7ea11 100644 --- a/k8s/argo-apps/authentik.yaml +++ b/k8s/argo-apps/authentik.yaml @@ -11,7 +11,7 @@ spec: sources: - chart: authentik repoURL: https://charts.goauthentik.io/ - targetRevision: 2023.10.* + targetRevision: 2024.2.* helm: valuesObject: authentik: @@ -26,7 +26,8 @@ spec: timeout: 30 from: auth@fukurokuju.dev postgresql: - host: 192.168.1.13 + host: 192.168.1.3 + port: 55432 name: auth user: file:///authentik-creds/pg_username password: file:///authentik-creds/pg_password @@ -34,49 +35,55 @@ spec: host: 192.168.1.3 port: 30036 password: file:///authentik-creds/redis_password - volumeMounts: - - name: authentik-creds - mountPath: /authentik-creds - - name: media - mountPath: /media - volumes: - - name: authentik-creds - secret: - secretName: secrets-authentik - - name: media - persistentVolumeClaim: - claimName: pvc-authentik-media - autoscaling: - server: + error_reporting: + enabled: true + global: + volumeMounts: + - name: authentik-creds + mountPath: /authentik-creds + - name: media + mountPath: /media + volumes: + - name: authentik-creds + secret: + secretName: secrets-authentik + - name: media + persistentVolumeClaim: + claimName: pvc-authentik-media + server: + autoscaling: enabled: true - maxScaling: 3 - worker: + minReplicas: 1 + maxReplicas: 3 + pdb: enabled: true - pdb: - server: + minAvailable: 1 + service: + type: LoadBalancer + servicePortHttp: 9000 + servicePortHttps: 9443 + metrics: enabled: true - maxUnavailable: 2 - worker: - enabled: - maxUnavailable: 4 - service: - type: LoadBalancer - port: 9000 - name: http - ingress: - enabled: true - ingressClassName: traefik - hosts: - - host: auth.fukurokuju.dev - paths: - - path: "/" - pathType: Prefix - backend: - service: - name: http - port: - number: 9000 - tls: [] + service: + type: LoadBalancer + serviceMonitor: + enabled: true + ingress: + enabled: true + ingressClassName: traefik + hosts: + - auth.fukurokuju.dev + tls: [] + https: true + worker: + autoscaling: + enabled: true + minReplicas: 2 + maxReplicas: 6 + pdb: + enabled: true + minAvailable: 2 + - repoURL: https://git.roboces.dev/catalin/fukuops.git path: k8s/services/authentik targetRevision: main diff --git a/k8s/argo-apps/loki.yaml b/k8s/argo-apps/loki.yaml index b5e8294..e4ec836 100644 --- a/k8s/argo-apps/loki.yaml +++ b/k8s/argo-apps/loki.yaml @@ -68,28 +68,32 @@ spec: enabled: true extraScrapeConfigs: | - job_name: 'argocd-metrics' - static_configs: + static_configs: - targets: ["argocd-metrics.argocd:8082"] - + - job_name: 'argocd-server-metrics' - static_configs: + static_configs: - targets: ["argocd-server-metrics.argocd:8083"] - + - job_name: 'argocd-repo-server-metrics' - static_configs: + static_configs: - targets: ["argocd-server.argocd:8084"] - + - job_name: 'argocd-applicationset-controller-metrics' - static_configs: + static_configs: - targets: ["argocd-applicationset-controller-metrics.argocd:8080"] - + - job_name: 'argocd-dex-server' static_configs: - targets: ["argocd-dex-server.argocd:5558"] - + - job_name: 'argocd-notifications-controller-metrics' - static_configs: + static_configs: - targets: ["argocd-notifications-controller-metrics.argocd:9001"] + + - job_name: 'miniflux' + static_configs: + - targets: ["miniflux-service.apps-roboces:8888"] alertmanager: persistence: enabled: true diff --git a/k8s/services/argo/project-fuku.yaml b/k8s/services/argo/project-fuku.yaml index cf22ca5..5f8882c 100644 --- a/k8s/services/argo/project-fuku.yaml +++ b/k8s/services/argo/project-fuku.yaml @@ -21,4 +21,4 @@ spec: - https://kubereboot.github.io/charts - https://sqljames.github.io/factorio-server-charts/ - https://portainer.github.io/k8s/ - - https://charts.bitnami.com/bitnami \ No newline at end of file + - https://charts.bitnami.com/bitnami diff --git a/k8s/services/argo/project-management.yaml b/k8s/services/argo/project-management.yaml index e3a171f..00de4f0 100644 --- a/k8s/services/argo/project-management.yaml +++ b/k8s/services/argo/project-management.yaml @@ -26,3 +26,4 @@ spec: - https://grafana.github.io/helm-charts - https://kubernetes-sigs.github.io/descheduler/ - https://github.com/rancher/system-upgrade-controller.git + - https://charts.bitnami.com/bitnami diff --git a/k8s/services/miniflux/deployment.yaml b/k8s/services/miniflux/deployment.yaml index 062d2cc..d7aff88 100644 --- a/k8s/services/miniflux/deployment.yaml +++ b/k8s/services/miniflux/deployment.yaml @@ -90,5 +90,7 @@ spec: value: "25" - name: METRICS_COLLECTOR value: "1" + - name: METRICS_ALLOWED_NETWORKS + value: 10.42.1.0/16 restartPolicy: Always - automountServiceAccountToken: false \ No newline at end of file + automountServiceAccountToken: false diff --git a/k8s/services/miniflux/ingressroute.yaml b/k8s/services/miniflux/ingressroute.yaml index a800be3..3b30307 100644 --- a/k8s/services/miniflux/ingressroute.yaml +++ b/k8s/services/miniflux/ingressroute.yaml @@ -29,4 +29,4 @@ spec: match: Host(`feeds.fuku`) services: - name: miniflux-service - port: 8888 \ No newline at end of file + port: 8888 diff --git a/tofu/adguard/main.tf b/tofu/adguard/main.tf index 30581bc..560c7d3 100644 --- a/tofu/adguard/main.tf +++ b/tofu/adguard/main.tf @@ -86,17 +86,3 @@ resource "adguard_rewrite" "feeds_local_3" { answer = "192.168.1.33" } -resource "adguard_rewrite" "feeds_local_1" { - domain = "feeds.fuku" - answer = "192.168.1.31" -} - -resource "adguard_rewrite" "feeds_local_2" { - domain = "feeds.fuku" - answer = "192.168.1.32" -} - -resource "adguard_rewrite" "feeds_local_3" { - domain = "feeds.fuku" - answer = "192.168.1.33" -} diff --git a/tofu/proxmox/main.tf b/tofu/proxmox/main.tf index 55e8760..2a8f1d6 100644 --- a/tofu/proxmox/main.tf +++ b/tofu/proxmox/main.tf @@ -17,14 +17,14 @@ provider "proxmox" { } module "master1" { - source = "../modules/proxmox-vm" - vm_id = 3001 - vm_name = "master1.ramiel.fuku" - node_name = "ramiel" - ipconfig0 = "ip=192.168.1.31/24,gw=192.168.1.1" - memory = 5120 + source = "../modules/proxmox-vm" + vm_id = 3001 + vm_name = "master1.ramiel.fuku" + node_name = "ramiel" + ipconfig0 = "ip=192.168.1.31/24,gw=192.168.1.1" + memory = 5120 disk_storage_name = "storage" - core_count = 2 + core_count = 2 } module "master2" {