Skip to content

Catchup #2352

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Dec 16, 2024
Merged

Catchup #2352

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
251b735
feat: prometheus v3
rodent1 Dec 16, 2024
ba1266e
feat: create gatus ep for emqx
rodent1 Dec 16, 2024
b5b495a
feat(rook-ceph): enable discovery daemon, insights module, rook mgr m…
rodent1 Dec 16, 2024
f2fd1a2
chore: update cronjobs
rodent1 Dec 16, 2024
a01262a
feat(ingress-nginx): remove need for individual ingress annotations
rodent1 Dec 16, 2024
615c320
feat(cilium): enable netkit
rodent1 Dec 16, 2024
f693473
fix(plex): add annotations for HTTPS backend protocol in ingress
rodent1 Dec 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 21 additions & 0 deletions kubernetes/main/apps/database/emqx/cluster/gatus.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: emqx-gatus-ep
labels:
gatus.io/enabled: "true"
data:
config.yaml: |
endpoints:
- name: emqx
group: infrastructure
url: tcp://emqx-listeners.database.svc.cluster.local:1883
interval: 1m
ui:
hide-url: true
hide-hostname: true
conditions:
- "[CONNECTED] == true"
alerts:
- type: pushover
2 changes: 0 additions & 2 deletions kubernetes/main/apps/database/emqx/cluster/ingress.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,6 @@ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: emqx-dashboard
annotations:
external-dns.alpha.kubernetes.io/target: internal.rodent.cc
spec:
ingressClassName: internal
rules:
Expand Down
1 change: 1 addition & 0 deletions kubernetes/main/apps/database/emqx/cluster/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./cluster.yaml
- ./gatus.yaml
- ./ingress.yaml
- ./podmonitor.yaml
2 changes: 0 additions & 2 deletions kubernetes/main/apps/dev/coder/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,4 @@ spec:
ingress:
enable: true
className: external
annotations:
external-dns.alpha.kubernetes.io/target: external.rodent.cc
host: "coder.rodent.cc"
2 changes: 0 additions & 2 deletions kubernetes/main/apps/flux-system/addons/app/webhooks/github/ingress.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,6 @@ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: webhook-receiver
annotations:
external-dns.alpha.kubernetes.io/target: "external.rodent.cc"
spec:
ingressClassName: external
rules:
Expand Down
2 changes: 2 additions & 0 deletions kubernetes/main/apps/kube-system/cilium/app/helm-values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ bandwidthManager:
enabled: true
bbr: true
bpf:
datapathMode: netkit
masquerade: true
tproxy: true
bgpControlPlane:
Expand Down Expand Up @@ -36,6 +37,7 @@ kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
l2announcements:
enabled: true
loadBalancer:
acceleration: best-effort
algorithm: maglev
mode: dsr
localRedirectPolicy: true
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/media/audiobookshelf/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,8 +78,6 @@ spec:
app:
enabled: true
className: external
annotations:
external-dns.alpha.kubernetes.io/target: "external.rodent.cc"
hosts:
- host: &host "{{ .Release.Name }}.rodent.cc"
paths:
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/media/bazarr/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,8 +94,6 @@ spec:
port: *port
ingress:
app:
annotations:
external-dns.alpha.kubernetes.io/target: internal.rodent.cc
className: internal
hosts:
- host: bazarr.rodent.cc
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/media/jellyfin/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,8 +86,6 @@ spec:
ingress:
app:
className: external
annotations:
external-dns.alpha.kubernetes.io/target: external.rodent.cc
hosts:
- host: &host "{{ .Release.Name }}.rodent.cc"
paths:
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/media/overseerr/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,8 +77,6 @@ spec:
ingress:
app:
className: external
annotations:
external-dns.alpha.kubernetes.io/target: external.rodent.cc
hosts:
- host: &host requests.rodent.cc
paths:
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/media/pinepods/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,8 +59,6 @@ spec:
app:
enabled: true
className: external
annotations:
external-dns.alpha.kubernetes.io/target: "external.rodent.cc"
hosts:
- host: &host "{{ .Release.Name }}.rodent.cc"
paths:
Expand Down
1 change: 0 additions & 1 deletion kubernetes/main/apps/media/plex/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,6 @@ spec:
app:
className: external
annotations:
external-dns.alpha.kubernetes.io/target: external.rodent.cc
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
hosts:
- host: &host "{{ .Release.Name }}.rodent.cc"
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/media/prowlarr/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,8 +89,6 @@ spec:
port: *port
ingress:
app:
annotations:
external-dns.alpha.kubernetes.io/target: internal.rodent.cc
className: internal
hosts:
- host: "{{ .Release.Name }}.rodent.cc"
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/media/qbittorrent/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,8 +91,6 @@ spec:
protocol: TCP
ingress:
app:
annotations:
external-dns.alpha.kubernetes.io/target: internal.rodent.cc
className: internal
hosts:
- host: qb.rodent.cc
Expand Down
115 changes: 62 additions & 53 deletions kubernetes/main/apps/media/qbittorrent/tools/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,92 +29,101 @@ spec:
controllers:
tagging:
type: cronjob
cronjob: &cronjob
schedule: "@hourly"
timeZone: &timeZone Europe/Oslo
cronjob: &cronJobSpec
schedule: 0 * * * *
backoffLimit: 0
concurrencyPolicy: Forbid
successfulJobsHistory: 1
failedJobsHistory: 1
ttlSecondsAfterFinished: 3600
initContainers:
tagging: &container
tag: &container
image:
repository: ghcr.io/buroa/qbtools
tag: v0.19.11@sha256:a133bd7f02ecb9ea0111a4016724f33404136c41295217f163991910e1d2784c
args:
- tagging
- --added-on
- --expired
- --last-activity
- --sites
- --unregistered
tag: v0.19.10@sha256:fc9c2fd65a454d39084d3b7ea802c92dba4032fb0b4eaadf6a684fdf740b8c17
env:
QBITTORRENT_HOST: qbittorrent.media.svc.cluster.local
QBITTORRENT_PORT: 80
TZ: *timeZone
args: [
"tagging",
"--added-on",
"--expired",
"--last-activity",
"--sites",
"--unregistered"
]
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities: { drop: ["ALL"] }
resources:
requests:
cpu: 25m
limits:
memory: 256Mi
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
memory: 256M
containers:
unregistered:
<<: *container
args:
- prune
- --exclude-tag=expired
- --exclude-tag=added:1d
- --include-tag=unregistered
args: [
"prune",
"--exclude-tag", "added:1d",
"--include-tag", "unregistered",
"--with-data"
]
expired:
<<: *container
args:
- prune
- --exclude-category=manual
- --exclude-tag=activity:1d
- --include-tag=expired
args: [
"prune",
"--exclude-tag", "added:1d",
"--include-tag", "expired",
"--with-data"
]
pod:
restartPolicy: OnFailure
securityContext: &podSecurityContext
runAsNonRoot: true
runAsUser: 568
runAsGroup: 568
restartPolicy: Never
orphaned:
type: cronjob
cronjob:
<<: *cronjob
schedule: "@weekly"
<<: *cronJobSpec
schedule: 0 0 * * 0
suspend: true
containers:
app:
<<: *container
args:
- orphaned
- --exclude-pattern="*_unpackerred"
- --exclude-pattern="*/manual/*"
args: [
"orphaned",
"--exclude-pattern", "*_unpackerred*",
]
pod:
restartPolicy: OnFailure
securityContext:
<<: *podSecurityContext
fsGroup: 568
fsGroupChangePolicy: OnRootMismatch
supplementalGroups:
- 65536
restartPolicy: Never
reannounce:
containers:
app:
<<: *container
args:
- reannounce
pod:
securityContext: *podSecurityContext
args: [
"reannounce",
"--process-seeding"
]
limiter:
containers:
app:
<<: *container
args: [
"limiter",
"--max-line-speed-mbps", "800",
"--max-percent", "0.8",
"--limit-percent", "0.4",
"--interval", "5"
]
defaultPodOptions:
securityContext:
runAsNonRoot: true
runAsUser: 568
runAsGroup: 568
seccompProfile: { type: RuntimeDefault }
persistence:
secret-file:
type: secret
name: qbtools-secret
name: qbtools-config-secret
globalMounts:
- path: /config/config.yaml
subPath: config.yaml
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/media/radarr/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -93,8 +93,6 @@ spec:
port: *port
ingress:
app:
annotations:
external-dns.alpha.kubernetes.io/target: internal.rodent.cc
className: internal
hosts:
- host: "{{ .Release.Name }}.rodent.cc"
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/media/readarr/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,8 +75,6 @@ spec:
port: *port
ingress:
app:
annotations:
external-dns.alpha.kubernetes.io/target: internal.rodent.cc
className: internal
hosts:
- host: "{{ .Release.Name }}.rodent.cc"
Expand Down
4 changes: 1 addition & 3 deletions kubernetes/main/apps/media/recyclarr/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ spec:
recyclarr:
type: cronjob
cronjob:
schedule: "@daily"
schedule: 0 0 * * *
backoffLimit: 0
concurrencyPolicy: Forbid
successfulJobsHistory: 1
Expand All @@ -41,8 +41,6 @@ spec:
image:
repository: ghcr.io/recyclarr/recyclarr
tag: 7.4.0@sha256:619c3b8920a179f2c578acd0f54e9a068f57c049aff840469eed66e93a4be2cf
env:
TZ: Europe/Oslo
envFrom:
- secretRef:
name: recyclarr-secret
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/media/sonarr/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -93,8 +93,6 @@ spec:
port: *port
ingress:
app:
annotations:
external-dns.alpha.kubernetes.io/target: internal.rodent.cc
className: internal
hosts:
- host: "{{ .Release.Name }}.rodent.cc"
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/media/tautulli/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -100,8 +100,6 @@ spec:
port: *port
ingress:
app:
annotations:
external-dns.alpha.kubernetes.io/target: internal.rodent.cc
className: internal
hosts:
- host: "{{ .Release.Name }}.rodent.cc"
Expand Down
5 changes: 4 additions & 1 deletion kubernetes/main/apps/network/nginx/external/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ spec:
replicaCount: 2
service:
annotations:
external-dns.alpha.kubernetes.io/hostname: external.rodent.cc
external-dns.alpha.kubernetes.io/hostname: &hostname external.rodent.cc
lbipam.cilium.io/ips: 10.1.1.101
ingressClassResource:
name: external
Expand Down Expand Up @@ -79,7 +79,10 @@ spec:
any: true
extraArgs:
default-ssl-certificate: network/rodent-cc-tls
publish-status-address: *hostname
terminationGracePeriodSeconds: 120
publishService:
enabled: false
resources:
requests:
cpu: 100m
Expand Down
5 changes: 4 additions & 1 deletion kubernetes/main/apps/network/nginx/internal/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ spec:
replicaCount: 2
service:
annotations:
external-dns.alpha.kubernetes.io/hostname: internal.rodent.cc
external-dns.alpha.kubernetes.io/hostname: &hostname internal.rodent.cc
lbipam.cilium.io/ips: 10.1.1.102
ingressClassResource:
name: internal
Expand Down Expand Up @@ -73,7 +73,10 @@ spec:
any: true
extraArgs:
default-ssl-certificate: network/rodent-cc-tls
publish-status-address: *hostname
terminationGracePeriodSeconds: 120
publishService:
enabled: false
resources:
requests:
cpu: 100m
Expand Down
2 changes: 0 additions & 2 deletions kubernetes/main/apps/observability/gatus/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,8 +110,6 @@ spec:
scrapeTimeout: 10s
ingress:
app:
annotations:
external-dns.alpha.kubernetes.io/target: external.rodent.cc
className: external
hosts:
- host: status.rodent.cc
Expand Down
Loading
Loading