catalin/fukuops
1
0
Fork 1
Code Issues Pull requests 1 Releases Packages 1 Activity

chore: add and apply yamllint

Browse source
This commit is contained in:
cătălin 2024-03-26 09:04:30 +01:00
commit f65b92fe69
No known key found for this signature in database
50 changed files with 722 additions and 701 deletions
Download patch file Download diff file Expand all files Collapse all files

7
k8s/argo-apps/argo-workflows.yaml
View file

@ -1,3 +1,4 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
@ -6,11 +7,11 @@ metadata:
spec:
destination:
name: ''
namespace: 'argo-workflows'
server: "https://kubernetes.default.svc"
namespace: argo-workflows
server: https://kubernetes.default.svc
project: management
syncPolicy:
automated: { }
automated: {}
sources:
- chart: argo-workflows
repoURL: https://argoproj.github.io/argo-helm

27
k8s/argo-apps/argo.yaml
View file

@ -1,17 +1,18 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: argo
namespace: argocd
name: argo
namespace: argocd
spec:
destination:
name: ''
namespace: 'argocd'
server: 'https://kubernetes.default.svc'
sources:
- repoURL: https://git.roboces.dev/catalin/fukuops.git
path: k8s/services/argo
targetRevision: main
project: management
syncPolicy:
automated: { }
destination:
name: ''
namespace: argocd
server: https://kubernetes.default.svc
sources:
- repoURL: https://git.roboces.dev/catalin/fukuops.git
path: k8s/services/argo
targetRevision: main
project: management
syncPolicy:
automated: {}

51
k8s/argo-apps/authentik.yaml
View file

@ -1,3 +1,4 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
@ -6,8 +7,8 @@ metadata:
spec:
destination:
name: ''
namespace: 'apps-fuku'
server: "https://kubernetes.default.svc"
namespace: apps-fuku
server: https://kubernetes.default.svc
sources:
- chart: authentik
repoURL: https://charts.goauthentik.io/
@ -15,27 +16,27 @@ spec:
helm:
valuesObject:
authentik:
secret_key: file:///authentik-creds/secret_key
email:
host: mail.fukurokuju.dev
port: 465
password: file:///authentik-creds/email_password
username: auth@fukurokuju.dev
use_ssl: true
timeout: 30
from: auth@fukurokuju.dev
postgresql:
host: 192.168.1.3
port: 55432
name: auth
user: file:///authentik-creds/pg_username
password: file:///authentik-creds/pg_password
redis:
host: 192.168.1.3
port: 30036
password: file:///authentik-creds/redis_password
error_reporting:
enabled: true
secret_key: file:///authentik-creds/secret_key
email:
host: mail.fukurokuju.dev
port: 465
password: file:///authentik-creds/email_password
username: auth@fukurokuju.dev
use_ssl: true
timeout: 30
from: auth@fukurokuju.dev
postgresql:
host: 192.168.1.3
port: 55432
name: auth
user: file:///authentik-creds/pg_username
password: file:///authentik-creds/pg_password
redis:
host: 192.168.1.3
port: 30036
password: file:///authentik-creds/redis_password
error_reporting:
enabled: true
global:
volumeMounts:
- name: authentik-creds
@ -63,7 +64,7 @@ spec:
servicePortHttps: 9443
annotations:
traefik.ingress.kubernetes.io/service.serversscheme: https
traefik.ingress.kubernetes.io/service.serverstransport: apps-fuku-skipverify-authentik@kubernetescrd
traefik.ingress.kubernetes.io/service.serverstransport: apps-fuku-skipverify-authentik@kubernetescrd # yamllint disable rule:line-length
metrics:
enabled: true
service:
@ -91,4 +92,4 @@ spec:
targetRevision: main
project: fuku
syncPolicy:
automated: { }
automated: {}

51
k8s/argo-apps/dcsi.yaml
View file

@ -1,29 +1,30 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: democratic-csi
namespace: argocd
name: democratic-csi
namespace: argocd
spec:
destination:
name: ''
namespace: 'democratic-csi'
server: 'https://kubernetes.default.svc'
sources:
- chart: democratic-csi
repoURL: https://democratic-csi.github.io/charts/
targetRevision: 0.14.*
helm:
releaseName: zfs-nfs
valuesObject:
csiDriver:
name: "org.dcsi.nfs"
driver:
existingConfigSecret: secrets-dcsi
config:
driver: freenas-api-nfs
- repoURL: https://git.roboces.dev/catalin/fukuops.git
path: k8s/services/dcsi
targetRevision: main
project: management
syncPolicy:
automated: { }
destination:
name: ''
namespace: democratic-csi
server: https://kubernetes.default.svc
sources:
- chart: democratic-csi
repoURL: https://democratic-csi.github.io/charts/
targetRevision: 0.14.*
helm:
releaseName: zfs-nfs
valuesObject:
csiDriver:
name: org.dcsi.nfs
driver:
existingConfigSecret: secrets-dcsi
config:
driver: freenas-api-nfs
- repoURL: https://git.roboces.dev/catalin/fukuops.git
path: k8s/services/dcsi
targetRevision: main
project: management
syncPolicy:
automated: {}

79
k8s/argo-apps/factorio.yaml
View file

@ -1,44 +1,45 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: factorio
namespace: argocd
name: factorio
namespace: argocd
spec:
destination:
name: ''
namespace: 'apps-fuku'
server: 'https://kubernetes.default.svc'
sources:
- chart: factorio-server-charts
repoURL: https://sqljames.github.io/factorio-server-charts/
targetRevision: 1.2.*
helm:
valuesObject:
rcon:
passwordSecret: secrets-factorio
nodeSelector:
kubernetes.io/hostname: agent1
image:
tag: 1.1.101
factorioServer:
save_name: fukurokuju
admin_list:
- Phireh
account:
accountSecret: secrets-factorio
server_settings:
name: factorio-fukurokuju
visibility:
public: false
require_user_verification: false
persistence:
storageClassName: truenas-nfs-csi
serverPassword:
passwordSecret: secrets-factorio
destination:
name: ''
namespace: apps-fuku
server: https://kubernetes.default.svc
sources:
- chart: factorio-server-charts
repoURL: https://sqljames.github.io/factorio-server-charts/
targetRevision: 1.2.*
helm:
valuesObject:
rcon:
passwordSecret: secrets-factorio
nodeSelector:
kubernetes.io/hostname: agent1
image:
tag: 1.1.101
factorioServer:
save_name: fukurokuju
admin_list:
- Phireh
account:
accountSecret: secrets-factorio
server_settings:
name: factorio-fukurokuju
visibility:
public: false
require_user_verification: false
persistence:
storageClassName: truenas-nfs-csi
serverPassword:
passwordSecret: secrets-factorio
- repoURL: https://git.roboces.dev/catalin/fukuops.git
path: k8s/services/factorio
targetRevision: main
project: fuku
syncPolicy:
automated: {}
- repoURL: https://git.roboces.dev/catalin/fukuops.git
path: k8s/services/factorio
targetRevision: main
project: fuku
syncPolicy:
automated: {}

27
k8s/argo-apps/fireflyiii.yaml
View file

@ -1,27 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: firefly
namespace: argocd
spec:
destination:
name: ''
namespace: 'apps-roboces'
server: "https://kubernetes.default.svc"
project: roboces
sources:
- chart: firefly-iii-stack
repoURL: https://firefly-iii.github.io/kubernetes
targetRevision: 0.7.2
helm:
valuesObject:
firefly-db:
enabled: false
config:
existingSecret: firefly
env:
TZ: Europe/Madrid
APP_URL: https://moneis.roboces.dev
service:
type: LoadBalancer
port: 8889

45
k8s/argo-apps/kured.yaml
View file

@ -1,26 +1,27 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: kured
namespace: argocd
name: kured
namespace: argocd
spec:
destination:
name: ''
namespace: 'apps-fuku'
server: "https://kubernetes.default.svc"
project: fuku
source:
chart: kured
repoURL: https://kubereboot.github.io/charts
targetRevision: 5.3.*
helm:
valuesObject:
configuration.rebootDays:
- mon
- wed
- fri
configuration.startTime: 4am
configuration.endTime: 9am
configuration.timeZone: Europe/Madrid
syncPolicy:
automated: { }
destination:
name: ''
namespace: apps-fuku
server: https://kubernetes.default.svc
project: fuku
source:
chart: kured
repoURL: https://kubereboot.github.io/charts
targetRevision: 5.3.*
helm:
valuesObject:
configuration.rebootDays:
- mon
- wed
- fri
configuration.startTime: 4am
configuration.endTime: 9am
configuration.timeZone: Europe/Madrid
syncPolicy:
automated: {}

211
k8s/argo-apps/loki.yaml
View file

@ -1,116 +1,117 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: loki
namespace: argocd
name: loki
namespace: argocd
spec:
destination:
name: ''
namespace: 'monitoring'
server: "https://kubernetes.default.svc"
project: management
syncPolicy:
automated: { }
syncOptions:
- ServerSideApply=true
sources:
- chart: loki-stack
repoURL: https://grafana.github.io/helm-charts
targetRevision: 2.10.*
helm:
valuesObject:
grafana:
enabled: true
persistence:
type: pvc
enabled: true
size: 10Gi
accessModes:
- ReadWriteMany
ingress:
enabled: true
hosts:
- grafana.fuku
ingressClassName: traefik
grafana.ini:
smtp:
enabled: true
host: mail.fukurokuju.dev:465
from_address: status@fukurokuju.dev
smtp:
existingSecret: secret-grafana-smtp
resources:
limits:
cpu: 512m
memory: 512Mi
requests:
cpu: 256m
memory: 256Mi
loki:
storage:
type: filesystem
ingress:
enabled: true
ingressClassName: traefik
annotations:
traefik.ingress.kubernetes.io/router.middlewares: monitoring-loki-auth-middleware@kubernetescrd
hosts:
- host: loki.fuku
paths:
- /
prometheus:
enabled: true
isDefault: true
server:
persistentVolume:
accessModes:
- ReadWriteMany
enabled: true
extraScrapeConfigs: |
- job_name: 'argocd-metrics'
static_configs:
- targets: ["argocd-metrics.argocd:8082"]
destination:
name: ''
namespace: monitoring
server: https://kubernetes.default.svc
project: management
syncPolicy:
automated: {}
syncOptions:
- ServerSideApply=true
sources:
- chart: loki-stack
repoURL: https://grafana.github.io/helm-charts
targetRevision: 2.10.*
helm:
valuesObject:
grafana:
enabled: true
persistence:
type: pvc
enabled: true
size: 10Gi
accessModes:
- ReadWriteMany
ingress:
enabled: true
hosts:
- grafana.fuku
ingressClassName: traefik
grafana.ini:
smtp:
enabled: true
host: mail.fukurokuju.dev:465
from_address: status@fukurokuju.dev
smtp:
existingSecret: secret-grafana-smtp
resources:
limits:
cpu: 512m
memory: 512Mi
requests:
cpu: 256m
memory: 256Mi
loki:
storage:
type: filesystem
ingress:
enabled: true
ingressClassName: traefik
annotations:
traefik.ingress.kubernetes.io/router.middlewares: monitoring-loki-auth-middleware@kubernetescrd # yamllint disable rule:line-length
hosts:
- host: loki.fuku
paths:
- /
prometheus:
enabled: true
isDefault: true
server:
persistentVolume:
accessModes:
- ReadWriteMany
enabled: true
extraScrapeConfigs: |
- job_name: 'argocd-metrics'
static_configs:
- targets: ["argocd-metrics.argocd:8082"]
- job_name: 'argocd-server-metrics'
static_configs:
- targets: ["argocd-server-metrics.argocd:8083"]
- job_name: 'argocd-server-metrics'
static_configs:
- targets: ["argocd-server-metrics.argocd:8083"]
- job_name: 'argocd-repo-server-metrics'
static_configs:
- targets: ["argocd-server.argocd:8084"]
- job_name: 'argocd-repo-server-metrics'
static_configs:
- targets: ["argocd-server.argocd:8084"]
- job_name: 'argocd-applicationset-controller-metrics'
static_configs:
- targets: ["argocd-applicationset-controller-metrics.argocd:8080"]
- job_name: 'argocd-applicationset-controller-metrics'
static_configs:
- targets: ["argocd-applicationset-controller-metrics.argocd:8080"]
- job_name: 'argocd-dex-server'
static_configs:
- targets: ["argocd-dex-server.argocd:5558"]
- job_name: 'argocd-dex-server'
static_configs:
- targets: ["argocd-dex-server.argocd:5558"]
- job_name: 'argocd-notifications-controller-metrics'
static_configs:
- targets: ["argocd-notifications-controller-metrics.argocd:9001"]
- job_name: 'argocd-notifications-controller-metrics'
static_configs:
- targets: ["argocd-notifications-controller-metrics.argocd:9001"]
- job_name: 'miniflux'
static_configs:
- targets: ["miniflux-service.apps-roboces:8888"]
- job_name: 'miniflux'
static_configs:
- targets: ["miniflux-service.apps-roboces:8888"]
- job_name: 'authentik'
static_configs:
- targets: ["authentik-server-metrics.apps-fuku:9300"]
alertmanager:
persistence:
enabled: true
accessModes:
- ReadWriteMany
singleBinary:
replicas: 1
persistence:
enabled: true
storageClass: default
size: 25Gi
accessModes:
- ReadWriteMany
- repoURL: https://git.roboces.dev/catalin/fukuops.git
path: k8s/services/loki
targetRevision: main
- job_name: 'authentik'
static_configs:
- targets: ["authentik-server-metrics.apps-fuku:9300"]
alertmanager:
persistence:
enabled: true
accessModes:
- ReadWriteMany
singleBinary:
replicas: 1
persistence:
enabled: true
storageClass: default
size: 25Gi
accessModes:
- ReadWriteMany
- repoURL: https://git.roboces.dev/catalin/fukuops.git
path: k8s/services/loki
targetRevision: main

29
k8s/argo-apps/miniflux.yaml
View file

@ -1,18 +1,19 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: miniflux
namespace: argocd
name: miniflux
namespace: argocd
spec:
destination:
name: ''
namespace: 'apps-roboces'
server: 'https://kubernetes.default.svc'
source:
path: k8s/services/miniflux
repoURL: 'https://git.roboces.dev/catalin/fukuops.git'
targetRevision: main
sources: []
project: roboces
syncPolicy:
automated: {}
destination:
name: ''
namespace: apps-roboces
server: https://kubernetes.default.svc
source:
path: k8s/services/miniflux
repoURL: https://git.roboces.dev/catalin/fukuops.git
targetRevision: main
sources: []
project: roboces
syncPolicy:
automated: {}

37
k8s/argo-apps/sealed-secrets.yaml
View file

@ -1,22 +1,23 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: sealed-secrets
namespace: argocd
name: sealed-secrets
namespace: argocd
spec:
destination:
name: ''
namespace: 'kube-system'
server: "https://kubernetes.default.svc"
source:
chart: sealed-secrets
repoURL: https://bitnami-labs.github.io/sealed-secrets
targetRevision: 2.14.*
helm:
releaseName: sealed-secrets
valuesObject:
fullnameOverride: sealed-secrets-controller
project: management
sources: []
syncPolicy:
automated: { }
destination:
name: ''
namespace: kube-system
server: https://kubernetes.default.svc
source:
chart: sealed-secrets
repoURL: https://bitnami-labs.github.io/sealed-secrets
targetRevision: 2.14.*
helm:
releaseName: sealed-secrets
valuesObject:
fullnameOverride: sealed-secrets-controller
project: management
sources: []
syncPolicy:
automated: {}