Compare commits
51 Commits
35af177b45
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| a536911c7f | |||
| ca6d8ece07 | |||
| 403e0adc4a | |||
| ded8953892 | |||
| 5701c2fffe | |||
| 23b96db049 | |||
| e9f8b65f79 | |||
| fdc23b9b66 | |||
| c0fbef2afa | |||
| f055fd498b | |||
| d3d2852c4c | |||
| 7a9a87169a | |||
| 44142581ec | |||
| 2c05411617 | |||
| 30a08f1b41 | |||
| b3811f31cd | |||
| 4973a38623 | |||
| 5dd8427336 | |||
| 0a393b19c8 | |||
| c33107f0d8 | |||
| 27cbf5b35f | |||
| f014334375 | |||
| 19d75c5179 | |||
| 9a1c192d66 | |||
| 5d210d7c31 | |||
| 20f384f59d | |||
| 1a296f6630 | |||
| aa7db1d91a | |||
| 35dd82d3fa | |||
| c2303473b5 | |||
| a5a6194ef5 | |||
| 60fdb7794b | |||
| 647c088918 | |||
| c35754b4ef | |||
| 04df9f7d56 | |||
| 0370e5fb11 | |||
| 09f8a52a4a | |||
| 4a0a54eb6d | |||
| 0493c177af | |||
| a2455e4b5b | |||
| cfd2a59b62 | |||
| d21f192a65 | |||
| eb53c0e663 | |||
| 12f7343c3b | |||
| 1e8af651a1 | |||
| dbe81b336a | |||
| 4eb385d134 | |||
| 30a460fbc5 | |||
| 406a470489 | |||
| 86d9b89769 | |||
| d1fd69888a |
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@@ -0,0 +1 @@
|
|||||||
|
**/secret.yaml
|
||||||
@@ -13,9 +13,16 @@ spec:
|
|||||||
labels:
|
labels:
|
||||||
app: deluge
|
app: deluge
|
||||||
spec:
|
spec:
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 0
|
||||||
containers:
|
containers:
|
||||||
- name: deluge
|
- name: deluge
|
||||||
image: lscr.io/linuxserver/deluge:latest
|
image: bottledpills/deluge-openvpn:v1.7
|
||||||
|
securityContext:
|
||||||
|
privileged: true # Often required for TUN/TAP devices
|
||||||
|
capabilities:
|
||||||
|
add:
|
||||||
|
- NET_ADMIN
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8112
|
- containerPort: 8112
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
@@ -26,19 +33,31 @@ spec:
|
|||||||
- containerPort: 58846
|
- containerPort: 58846
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
env:
|
env:
|
||||||
- name: PUID
|
|
||||||
value: "1000"
|
|
||||||
- name: PGID
|
|
||||||
value: "1000"
|
|
||||||
- name: TZ
|
- name: TZ
|
||||||
value: Etc/UTC
|
value: Etc/UTC
|
||||||
- name: DELUGE_LOGLEVEL
|
- name: DELUGE_LOGLEVEL
|
||||||
value: "error"
|
value: "error"
|
||||||
|
- name: OPENVPN_PROVIDER
|
||||||
|
value: "nordvpn"
|
||||||
|
- name: OPENVPN_USERNAME
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: nordvpn-credentials
|
||||||
|
key: username
|
||||||
|
- name: OPENVPN_PASSWORD
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: nordvpn-credentials
|
||||||
|
key: password
|
||||||
|
- name: LOCAL_NETWORK
|
||||||
|
value: "10.10.10.0/24,10.244.0.0/24"
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: config
|
- name: config
|
||||||
mountPath: /config
|
mountPath: /config
|
||||||
- name: downloads
|
- name: downloads
|
||||||
mountPath: /downloads
|
mountPath: /download
|
||||||
|
- name: dev-net-tun
|
||||||
|
mountPath: /dev/net/tun
|
||||||
volumes:
|
volumes:
|
||||||
- name: config
|
- name: config
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
@@ -46,3 +65,7 @@ spec:
|
|||||||
- name: downloads
|
- name: downloads
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
claimName: deluge-downloads
|
claimName: deluge-downloads
|
||||||
|
- name: dev-net-tun
|
||||||
|
hostPath:
|
||||||
|
path: /dev/net/tun
|
||||||
|
type: CharDevice
|
||||||
26
deploy/drone/drone-rbac.yaml
Normal file
26
deploy/drone/drone-rbac.yaml
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
kind: Role
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
namespace: drone
|
||||||
|
name: drone
|
||||||
|
rules:
|
||||||
|
- apiGroups: [""]
|
||||||
|
resources: ["secrets"]
|
||||||
|
verbs: ["create", "delete"]
|
||||||
|
- apiGroups: [""]
|
||||||
|
resources: ["pods", "pods/log"]
|
||||||
|
verbs: ["get", "create", "delete", "list", "watch", "update"]
|
||||||
|
---
|
||||||
|
kind: RoleBinding
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
name: drone
|
||||||
|
namespace: drone
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: default
|
||||||
|
namespace: drone
|
||||||
|
roleRef:
|
||||||
|
kind: Role
|
||||||
|
name: drone
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
36
deploy/drone/drone-runner-amd64.yaml
Normal file
36
deploy/drone/drone-runner-amd64.yaml
Normal file
@@ -0,0 +1,36 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: drone-runner-amd64
|
||||||
|
namespace: drone
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: drone-runner-amd64
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: drone-runner-amd64
|
||||||
|
spec:
|
||||||
|
nodeSelector:
|
||||||
|
kubernetes.io/arch: "amd64"
|
||||||
|
containers:
|
||||||
|
- name: drone-runner-amd64
|
||||||
|
image: drone/drone-runner-kube:latest
|
||||||
|
imagePullPolicy: Always
|
||||||
|
env:
|
||||||
|
- name: DRONE_RPC_HOST
|
||||||
|
value: "drone.beatrice.wtf"
|
||||||
|
- name: DRONE_RPC_PROTO
|
||||||
|
value: "https"
|
||||||
|
- name: DRONE_RPC_SECRET
|
||||||
|
value: "26a2221fd8090ea38720fc445eca6a45a39a63fcce3ba30712e7153b855f8"
|
||||||
|
- name: DRONE_RUNNER_CAPACITY
|
||||||
|
value: "3"
|
||||||
|
- name: DRONE_DEBUG
|
||||||
|
value: "true"
|
||||||
|
- name: DRONE_NAMESPACE_DEFAULT
|
||||||
|
value: "drone"
|
||||||
|
- name: DRONE_NODE_SELECTOR_DEFAULT
|
||||||
|
value: "kubernetes.io/arch:amd64"
|
||||||
36
deploy/drone/drone-runner-arm64.yaml
Normal file
36
deploy/drone/drone-runner-arm64.yaml
Normal file
@@ -0,0 +1,36 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: drone-runner-arm64
|
||||||
|
namespace: drone
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: drone-runner-arm64
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: drone-runner-arm64
|
||||||
|
spec:
|
||||||
|
nodeSelector:
|
||||||
|
kubernetes.io/arch: "arm64"
|
||||||
|
containers:
|
||||||
|
- name: drone-runner-arm64
|
||||||
|
image: drone/drone-runner-kube:latest
|
||||||
|
imagePullPolicy: Always
|
||||||
|
env:
|
||||||
|
- name: DRONE_RPC_HOST
|
||||||
|
value: "drone.beatrice.wtf"
|
||||||
|
- name: DRONE_RPC_PROTO
|
||||||
|
value: "https"
|
||||||
|
- name: DRONE_RPC_SECRET
|
||||||
|
value: "26a2221fd8090ea38720fc445eca6a45a39a63fcce3ba30712e7153b855f8"
|
||||||
|
- name: DRONE_RUNNER_CAPACITY
|
||||||
|
value: "3"
|
||||||
|
- name: DRONE_DEBUG
|
||||||
|
value: "true"
|
||||||
|
- name: DRONE_NAMESPACE_DEFAULT
|
||||||
|
value: "drone"
|
||||||
|
- name: DRONE_NODE_SELECTOR_DEFAULT
|
||||||
|
value: "kubernetes.io/arch:arm64"
|
||||||
@@ -1,46 +0,0 @@
|
|||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: drone-runner
|
|
||||||
namespace: drone
|
|
||||||
spec:
|
|
||||||
replicas: 1
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
name: drone-runner
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
name: drone-runner
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: drone-runner
|
|
||||||
image: drone/drone-runner-kube:latest
|
|
||||||
imagePullPolicy: Always
|
|
||||||
ports:
|
|
||||||
- containerPort: 3000
|
|
||||||
env:
|
|
||||||
- name: "DRONE_RPC_HOST"
|
|
||||||
value: "drone.beatrice.wtf"
|
|
||||||
- name: "DRONE_RPC_PROTO"
|
|
||||||
value: "https"
|
|
||||||
- name: "DRONE_RPC_SECRET"
|
|
||||||
value: "26a2221fd8090ea38720fc445eca6a45a39a63fcce3ba30712e7153b855f8"
|
|
||||||
- name: "DRONE_RUNNER_CAPACITY"
|
|
||||||
value: "5"
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: drone-runner
|
|
||||||
namespace: drone
|
|
||||||
labels:
|
|
||||||
name: drone-runner
|
|
||||||
spec:
|
|
||||||
type: ClusterIP
|
|
||||||
ports:
|
|
||||||
- protocol: TCP
|
|
||||||
port: 3000
|
|
||||||
targetPort: 3000
|
|
||||||
selector:
|
|
||||||
name: drone-runner
|
|
||||||
@@ -19,23 +19,29 @@ spec:
|
|||||||
imagePullPolicy: Always
|
imagePullPolicy: Always
|
||||||
env:
|
env:
|
||||||
- name: "DRONE_GITEA_CLIENT_ID"
|
- name: "DRONE_GITEA_CLIENT_ID"
|
||||||
value: e6a4fb3b-e6b1-43dd-8f45-4def94742609
|
value: "e6a4fb3b-e6b1-43dd-8f45-4def94742609"
|
||||||
- name: "DRONE_GITEA_CLIENT_SECRET"
|
- name: "DRONE_GITEA_CLIENT_SECRET"
|
||||||
value: gto_4ggtzkrukdzsmheoa2b4wz5cza2jif6gpf7wunbrtxa74senlykq
|
value: "gto_4ggtzkrukdzsmheoa2b4wz5cza2jif6gpf7wunbrtxa74senlykq"
|
||||||
- name: "DRONE_GITEA_SERVER"
|
- name: "DRONE_GITEA_SERVER"
|
||||||
value: https://git.beatrice.wtf
|
value: "https://git.beatrice.wtf"
|
||||||
- name: "DRONE_GIT_ALWAYS_AUTH"
|
- name: "DRONE_GIT_ALWAYS_AUTH"
|
||||||
value: "false"
|
value: "false"
|
||||||
- name: "DRONE_RPC_SECRET"
|
- name: "DRONE_RPC_SECRET"
|
||||||
value: 26a2221fd8090ea38720fc445eca6a45a39a63fcce3ba30712e7153b855f8
|
value: "26a2221fd8090ea38720fc445eca6a45a39a63fcce3ba30712e7153b855f8"
|
||||||
- name: "DRONE_WEBHOOK_SECRET"
|
- name: "DRONE_WEBHOOK_SECRET"
|
||||||
value: 9329e50de8f250dc3c997571f395d09e
|
value: "9329e50de8f250dc3c997571f395d09e"
|
||||||
- name: "DRONE_SERVER_HOST"
|
- name: "DRONE_SERVER_HOST"
|
||||||
value: drone.beatrice.wtf
|
value: "drone.beatrice.wtf"
|
||||||
- name: "DRONE_SERVER_PROTO"
|
- name: "DRONE_SERVER_PROTO"
|
||||||
value: https
|
value: "https"
|
||||||
- name: "DRONE_SERVER_PORT"
|
- name: "DRONE_SERVER_PORT"
|
||||||
value: :80
|
value: ":80"
|
||||||
|
- name: "DRONE_SERVER_BUILD_LIMIT"
|
||||||
|
value: "9"
|
||||||
|
- name: "DRONE_ALLOW_PRIVILEGED"
|
||||||
|
value: "true"
|
||||||
|
- name: "DRONE_LOGS_DEBUG"
|
||||||
|
value: "true"
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /var/lib/drone
|
- mountPath: /var/lib/drone
|
||||||
name: drone-lib
|
name: drone-lib
|
||||||
|
|||||||
@@ -1,5 +1,7 @@
|
|||||||
resources:
|
resources:
|
||||||
|
- drone-rbac.yaml
|
||||||
- drone-server.yaml
|
- drone-server.yaml
|
||||||
- drone-runner.yaml
|
- drone-runner-arm64.yaml
|
||||||
|
- drone-runner-amd64.yaml
|
||||||
- drone-ingress.yaml
|
- drone-ingress.yaml
|
||||||
- drone-pvc.yaml
|
- drone-pvc.yaml
|
||||||
|
|||||||
@@ -24,4 +24,4 @@ spec:
|
|||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 500Gi
|
storage: 1050Gi
|
||||||
|
|||||||
@@ -1,7 +0,0 @@
|
|||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
||||||
kind: Kustomization
|
|
||||||
|
|
||||||
resources:
|
|
||||||
- longhorn-ingress.yaml
|
|
||||||
- oauth2-proxy-longhorn-svc.yaml
|
|
||||||
- oauth2-proxy-longhorn.yaml
|
|
||||||
27
deploy/longhorn/longhorn-dashboard.yaml
Normal file
27
deploy/longhorn/longhorn-dashboard.yaml
Normal file
@@ -0,0 +1,27 @@
|
|||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: longhorn-dashboard
|
||||||
|
namespace: longhorn-system
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/ingress.class: nginx
|
||||||
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||||
|
nginx.ingress.kubernetes.io/auth-signin: https://$host/oauth2/start?rd=$escaped_request_uri
|
||||||
|
nginx.ingress.kubernetes.io/auth-url: https://$host/oauth2/auth
|
||||||
|
spec:
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- longhorn.panic.haus
|
||||||
|
secretName: longhorn-tls
|
||||||
|
rules:
|
||||||
|
- host: longhorn.panic.haus
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: longhorn-frontend
|
||||||
|
port:
|
||||||
|
number: 80
|
||||||
|
|
||||||
@@ -6,8 +6,8 @@ metadata:
|
|||||||
annotations:
|
annotations:
|
||||||
kubernetes.io/ingress.class: "nginx"
|
kubernetes.io/ingress.class: "nginx"
|
||||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||||
nginx.ingress.kubernetes.io/auth-url: "https://longhorn.panic.haus/oauth2/auth"
|
nginx.ingress.kubernetes.io/auth-url: "http://oauth2-proxy-service.longhorn-system.svc.cluster.local:4180/oauth2/auth"
|
||||||
nginx.ingress.kubernetes.io/auth-signin: "https://longhorn.panic.haus/oauth2/start?rd=$scheme://$host$request_uri"
|
nginx.ingress.kubernetes.io/auth-signin: "https://longhorn.panic.haus/oauth2/start?rd=$escaped_request_uri"
|
||||||
spec:
|
spec:
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
@@ -21,7 +21,7 @@ spec:
|
|||||||
pathType: Prefix
|
pathType: Prefix
|
||||||
backend:
|
backend:
|
||||||
service:
|
service:
|
||||||
name: oauth2-proxy
|
name: oauth2-proxy-longhorn-service
|
||||||
port:
|
port:
|
||||||
number: 4180
|
number: 4180
|
||||||
- path: /
|
- path: /
|
||||||
|
|||||||
19
deploy/longhorn/oauth2-proxy-longhorn-ingress.yaml
Normal file
19
deploy/longhorn/oauth2-proxy-longhorn-ingress.yaml
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: oauth2-proxy-longhorn-ingress
|
||||||
|
namespace: longhorn-system
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/ingress.class: nginx
|
||||||
|
spec:
|
||||||
|
rules:
|
||||||
|
- host: longhorn.panic.haus
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /oauth2
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: oauth2-proxy-longhorn-service
|
||||||
|
port:
|
||||||
|
number: 4180
|
||||||
@@ -1,7 +1,7 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: oauth2-proxy-longhorn
|
name: oauth2-proxy-longhorn-service
|
||||||
namespace: longhorn-system
|
namespace: longhorn-system
|
||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
|
|||||||
@@ -14,23 +14,23 @@ spec:
|
|||||||
app: oauth2-proxy-longhorn
|
app: oauth2-proxy-longhorn
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: oauth2-proxy
|
- name: oauth2-proxy-longhorn
|
||||||
image: quay.io/oauth2-proxy/oauth2-proxy:v7.8.1
|
image: quay.io/oauth2-proxy/oauth2-proxy:v7.8.1
|
||||||
args:
|
args:
|
||||||
- --provider=keycloak
|
- --provider=keycloak
|
||||||
- --client-id=longhorn
|
- --client-id=longhorn
|
||||||
- --client-secret=0U2QuP1QMAXln8bzwJ3aJMIvaH9t2QvJ
|
- --client-secret=0U2QuP1QMAXln8bzwJ3aJMIvaH9t2QvJ
|
||||||
- --cookie-secret=lDE7du7SlDuG1UySIZUhcHfuk5HlgFlgDWdHD_PQ9UI=
|
- --cookie-secret=lDE7du7SlDuG1UySIZUhcHfuk5HlgFlgDWdHD_PQ9UI=
|
||||||
- --oidc-issuer-url=https://sso.beatrice.wtf/realms/panic-haus
|
- --oidc-issuer-url=https://sso.beatrice.wtf/auth/realms/panic-haus
|
||||||
- --cookie-domain=longhorn.panic.haus
|
- --cookie-domain=longhorn.panic.haus
|
||||||
- --email-domain=*
|
- --email-domain=*
|
||||||
- --http-address=0.0.0.0:4180
|
- --http-address=0.0.0.0:4180
|
||||||
- --redirect-url=https://longhorn.panic.haus/oauth2/callback
|
- --redirect-url=https://longhorn.panic.haus/oauth2/callback
|
||||||
- --upstream=http://longhorn-frontend.longhorn-system.svc.cluster.local:80
|
- --upstream=http://longhorn-frontend.longhorn-system.svc.cluster.local:80
|
||||||
- --scope=openid
|
- --scope=openid
|
||||||
- --login-url=https://sso.beatrice.wtf/realms/panic-haus/protocol/openid-connect/auth
|
- --login-url=https://sso.beatrice.wtf/auth/realms/panic-haus/protocol/openid-connect/auth
|
||||||
- --validate-url=https://sso.beatrice.wtf/realms/panic-haus/protocol/openid-connect/userinfo
|
- --validate-url=https://sso.beatrice.wtf/auth/realms/panic-haus/protocol/openid-connect/userinfo
|
||||||
- --redeem-url=https://sso.beatrice.wtf/realms/panic-haus/protocol/openid-connect/token
|
- --redeem-url=https://sso.beatrice.wtf/auth/realms/panic-haus/protocol/openid-connect/token
|
||||||
- --skip-auth-regex=^(?:https?:\/\/)?longhorn\.panic\.haus\/(favicon\.ico|.*\.(?:js|css)(\.map)?)$|^\/(favicon\.ico|.*\.(?:js|css)(\.map)?)$
|
- --skip-auth-regex=^(?:https?:\/\/)?longhorn\.panic\.haus\/(favicon\.ico|.*\.(?:js|css)(\.map)?)$|^\/(favicon\.ico|.*\.(?:js|css)(\.map)?)$
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
|
|||||||
24
deploy/plane-ce/kustomization.yaml
Normal file
24
deploy/plane-ce/kustomization.yaml
Normal file
@@ -0,0 +1,24 @@
|
|||||||
|
namespace: plane-ce
|
||||||
|
|
||||||
|
helmCharts:
|
||||||
|
- name: plane-ce
|
||||||
|
repo: https://helm.plane.so/
|
||||||
|
version: 1.1.0
|
||||||
|
releaseName: plane-app
|
||||||
|
valuesInline:
|
||||||
|
planeVersion: stable
|
||||||
|
postgres:
|
||||||
|
local_setup: false
|
||||||
|
servicePort: 5432
|
||||||
|
env:
|
||||||
|
pgdb_remote_url: postgresql://plane:w20t4g8h244ivjz0kef1hi10@postgres-base-rw.postgres.svc.cluster.local:5432/plane_db
|
||||||
|
certManager: true
|
||||||
|
ingress:
|
||||||
|
ingressClass: nginx
|
||||||
|
tls: true
|
||||||
|
appHost: plane.panic.haus
|
||||||
|
minioHost: minio.plane.panic.haus
|
||||||
|
rabbitmqHost: plane-app-rabbitmq
|
||||||
|
annotations:
|
||||||
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||||
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||||
23
deploy/renovate/cronjob.yaml
Normal file
23
deploy/renovate/cronjob.yaml
Normal file
@@ -0,0 +1,23 @@
|
|||||||
|
apiVersion: batch/v1
|
||||||
|
kind: CronJob
|
||||||
|
metadata:
|
||||||
|
name: renovate
|
||||||
|
namespace: renovate
|
||||||
|
spec:
|
||||||
|
schedule: '@hourly'
|
||||||
|
concurrencyPolicy: Forbid
|
||||||
|
jobTemplate:
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: renovate
|
||||||
|
# Update the image if needed
|
||||||
|
image: renovate/renovate:39.211
|
||||||
|
env:
|
||||||
|
- name: LOG_LEVEL
|
||||||
|
value: debug
|
||||||
|
envFrom:
|
||||||
|
- secretRef:
|
||||||
|
name: renovate-env
|
||||||
|
restartPolicy: Never
|
||||||
5
deploy/renovate/kustomization.yaml
Normal file
5
deploy/renovate/kustomization.yaml
Normal file
@@ -0,0 +1,5 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- cronjob.yaml
|
||||||
3
renovate.json
Normal file
3
renovate.json
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
{
|
||||||
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json"
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user