kryptonian.dev / k8s-cluster
this repo has no description
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Move things around as it got yeeted anyway.

Skyler Mäntysaari ea4d1fdd 95458ac9

+168 -213
+1 -1
k8s/nebula/apps/comms/matrix-synapse/ks.yaml
··· 7 7 component.skylab.fi/part-of: definitions 8 8 spec: 9 9 dependsOn: 10 - - name: databases-cloudnative-pg-cluster 10 + - name: cnpg-cluster 11 11 - name: security-authentik 12 12 path: ./k8s/nebula/apps/comms/matrix-synapse/app 13 13 prune: true
+19 -19
k8s/nebula/apps/databases/cloudnative-pg/cluster-vectors/cluster16-vector.yaml
··· 14 14 superuserSecret: 15 15 name: cloudnative-pg-secret 16 16 enableSuperuserAccess: true 17 - #bootstrap: 18 - # initdb: 19 - # import: 20 - # type: monolith 21 - # databases: ["immich"] 22 - # roles: ["immich"] 23 - # source: 24 - # externalCluster: postgres16-v1 17 + bootstrap: 18 + recovery: 19 + source: &previousCluster postgres-vector-v1 25 20 affinity: 26 21 enablePodAntiAffinity: true 27 22 topologyKey: kubernetes.io/hostname ··· 48 43 compression: bzip2 49 44 destinationPath: s3://cnpg-main/ 50 45 endpointURL: https://s3.skym.fi 51 - serverName: &currentCluster postgres-vector-v1 46 + serverName: &currentCluster postgres-vector-v2 52 47 s3Credentials: 53 48 accessKeyId: 54 49 name: cloudnative-pg-secret ··· 56 51 secretAccessKey: 57 52 name: cloudnative-pg-secret 58 53 key: aws-secret-access-key 59 - #externalClusters: 60 - # - name: postgres16-v1 61 - # connectionParameters: 62 - # host: postgres16-rw.databases.svc.cluster.local 63 - # user: postgres 64 - # dbname: postgres 65 - # sslmode: require 66 - # password: 67 - # name: cloudnative-pg-secret 68 - # key: password 54 + externalClusters: 55 + - name: *previousCluster 56 + barmanObjectStore: 57 + wal: 58 + compression: bzip2 59 + maxParallel: 8 60 + destinationPath: s3://cnpg-main/ 61 + endpointURL: https://s3.skym.fi 62 + s3Credentials: 63 + accessKeyId: 64 + name: cloudnative-pg-secret 65 + key: aws-access-key-id 66 + secretAccessKey: 67 + name: cloudnative-pg-secret 68 + key: aws-secret-access-key
+19 -19
k8s/nebula/apps/databases/cloudnative-pg/cluster/cluster16.yaml
··· 14 14 superuserSecret: 15 15 name: cloudnative-pg-secret 16 16 enableSuperuserAccess: true 17 - #bootstrap: 18 - # initdb: 19 - # import: 20 - # type: monolith 21 - # databases: ["*"] 22 - # roles: ["*"] 23 - # source: 24 - # externalCluster: postgres-v5 17 + bootstrap: 18 + recovery: 19 + source: &previousCluster postgres16-v1 25 20 affinity: 26 21 enablePodAntiAffinity: true 27 22 topologyKey: kubernetes.io/hostname ··· 46 41 compression: bzip2 47 42 destinationPath: s3://cnpg-main/ 48 43 endpointURL: https://s3.skym.fi 49 - serverName: &currentCluster postgres16-v1 44 + serverName: &currentCluster postgres16-v2 50 45 s3Credentials: 51 46 accessKeyId: 52 47 name: cloudnative-pg-secret ··· 54 49 secretAccessKey: 55 50 name: cloudnative-pg-secret 56 51 key: aws-secret-access-key 57 - #externalClusters: 58 - # - name: postgres-v5 59 - # connectionParameters: 60 - # host: postgres16-rw.databases.svc.cluster.local 61 - # user: postgres 62 - # dbname: postgres 63 - # sslmode: require 64 - # password: 65 - # name: cloudnative-pg-secret 66 - # key: password 52 + externalClusters: 53 + - name: *previousCluster 54 + barmanObjectStore: 55 + wal: 56 + compression: bzip2 57 + maxParallel: 8 58 + destinationPath: s3://cnpg-main/ 59 + endpointURL: https://s3.skym.fi 60 + s3Credentials: 61 + accessKeyId: 62 + name: cloudnative-pg-secret 63 + key: aws-access-key-id 64 + secretAccessKey: 65 + name: cloudnative-pg-secret 66 + key: aws-secret-access-key
+1 -1
k8s/nebula/apps/databases/cloudnative-pg/ks-cluster-vector.yaml
··· 5 5 namespace: flux-system 6 6 spec: 7 7 dependsOn: 8 - - name: cluster-apps-cnpg-operator 8 + - name: cnpg-operator 9 9 path: ./k8s/nebula/apps/databases/cloudnative-pg/cluster-vectors 10 10 prune: true 11 11 sourceRef:
+1 -1
k8s/nebula/apps/databases/cloudnative-pg/ks-cluster.yaml
··· 1 1 apiVersion: kustomize.toolkit.fluxcd.io/v1 2 2 kind: Kustomization 3 3 metadata: 4 - name: databases-cloudnative-pg-cluster 4 + name: cnpg-cluster 5 5 namespace: flux-system 6 6 spec: 7 7 dependsOn:
+2 -2
k8s/nebula/apps/databases/cloudnative-pg/ks.yaml
··· 1 1 apiVersion: kustomize.toolkit.fluxcd.io/v1 2 2 kind: Kustomization 3 3 metadata: 4 - name: cluster-apps-cnpg-operator 4 + name: cnpg-operator 5 5 namespace: flux-system 6 6 spec: 7 7 path: ./k8s/nebula/apps/databases/cloudnative-pg/operator 8 - prune: true 8 + prune: false 9 9 sourceRef: 10 10 kind: GitRepository 11 11 name: flux-system
+1 -1
k8s/nebula/apps/databases/kustomization.yaml
··· 2 2 kind: Kustomization 3 3 resources: 4 4 - ns.yaml 5 - - mariadb/ks.yaml 5 + # - mariadb/ks.yaml 6 6 - redis/ks.yaml 7 7 - cloudnative-pg/ks.yaml 8 8 - cloudnative-pg/ks-cluster.yaml
+1 -1
k8s/nebula/apps/databases/pgadmin/ks.yaml
··· 1 1 apiVersion: kustomize.toolkit.fluxcd.io/v1 2 2 kind: Kustomization 3 3 metadata: 4 - name: cluster-apps-pgadmin 4 + name: pgadmin 5 5 namespace: flux-system 6 6 labels: 7 7 component.skylab.fi/part-of: definitions
+1 -1
k8s/nebula/apps/databases/redis/ks.yaml
··· 1 1 apiVersion: kustomize.toolkit.fluxcd.io/v1 2 2 kind: Kustomization 3 3 metadata: 4 - name: cluster-apps-redis 4 + name: redis 5 5 namespace: flux-system 6 6 spec: 7 7 path: ./k8s/nebula/apps/databases/redis/app
+1 -1
k8s/nebula/apps/default/immich/ks.yaml
··· 9 9 component.skylab.fi/part-of: definitions 10 10 spec: 11 11 dependsOn: 12 - - name: databases-cloudnative-pg-cluster 12 + - name: cnpg-cluster 13 13 path: ./k8s/nebula/apps/default/immich/app 14 14 prune: true 15 15 sourceRef:
+1 -1
k8s/nebula/apps/default/smtp-relay/ks.yaml
··· 1 1 apiVersion: kustomize.toolkit.fluxcd.io/v1 2 2 kind: Kustomization 3 3 metadata: 4 - name: cluster-apps-smtp-relay 4 + name: smtp-relay 5 5 namespace: flux-system 6 6 spec: 7 7 path: ./k8s/nebula/apps/default/smtp-relay/app
+1 -1
k8s/nebula/apps/default/theme-park/ks.yaml
··· 1 1 apiVersion: kustomize.toolkit.fluxcd.io/v1 2 2 kind: Kustomization 3 3 metadata: 4 - name: cluster-apps-theme-park 4 + name: theme-park 5 5 namespace: flux-system 6 6 spec: 7 7 path: ./k8s/nebula/apps/default/theme-park/app
+2 -2
k8s/nebula/apps/default/zipline/ks.yaml
··· 1 1 apiVersion: kustomize.toolkit.fluxcd.io/v1 2 2 kind: Kustomization 3 3 metadata: 4 - name: cluster-apps-zipline 4 + name: zipline 5 5 namespace: flux-system 6 6 spec: 7 7 dependsOn: 8 - - name: databases-cloudnative-pg-cluster 8 + - name: cnpg-cluster 9 9 path: ./k8s/nebula/apps/default/zipline/app 10 10 prune: true 11 11 sourceRef:
+1 -1
k8s/nebula/apps/dev/coder/ks.yaml
··· 6 6 namespace: flux-system 7 7 spec: 8 8 dependsOn: 9 - - name: databases-cloudnative-pg-cluster 9 + - name: cnpg-cluster 10 10 path: ./k8s/nebula/apps/dev/coder/app 11 11 prune: true 12 12 sourceRef:
+14 -14
k8s/nebula/apps/kustomization.yaml
··· 1 1 apiVersion: kustomize.config.k8s.io/v1beta1 2 2 kind: Kustomization 3 3 resources: 4 - - ci 5 - - dev 6 - - collab 7 - - security 8 - - monitoring 9 - - networking 10 - - system 4 + # - ci 5 + # - dev 6 + # - collab 7 + # - security 8 + # - monitoring 9 + # - networking 10 + # - system 11 11 - storage 12 - - home 13 - - databases 12 + # - home 13 + # - databases 14 14 - kube-system 15 - - media 16 - - vpn 17 - - default 15 + # - media 16 + # - vpn 17 + # - default 18 18 - volsync 19 - - finance 20 - - comms 19 + # - finance 20 + # - comms
+1 -1
k8s/nebula/apps/media/prowlarr/ks.yaml
··· 7 7 component.skylab.fi/part-of: definitions 8 8 spec: 9 9 dependsOn: 10 - - name: databases-cloudnative-pg-cluster 10 + - name: cnpg-cluster 11 11 path: ./k8s/nebula/apps/media/prowlarr/app 12 12 prune: true 13 13 sourceRef:
+2 -2
k8s/nebula/apps/security/authentik/ks.yaml
··· 1 1 apiVersion: kustomize.toolkit.fluxcd.io/v1 2 2 kind: Kustomization 3 3 metadata: 4 - name: security-authentik 4 + name: authentik 5 5 namespace: flux-system 6 6 labels: 7 7 component.skylab.fi/part-of: definitions 8 8 spec: 9 9 dependsOn: 10 - - name: databases-cloudnative-pg-cluster 10 + - name: cnpg-cluster 11 11 path: ./k8s/nebula/apps/security/authentik/app 12 12 prune: true 13 13 sourceRef:
+2 -2
k8s/nebula/apps/storage/rook-ceph/rook/ks-cluster.yaml
··· 3 3 apiVersion: kustomize.toolkit.fluxcd.io/v1 4 4 kind: Kustomization 5 5 metadata: 6 - name: cluster-apps-rook-ceph-cluster 6 + name: rook-ceph-cluster 7 7 namespace: flux-system 8 8 labels: 9 9 component.skylab.fi/part-of: definitions 10 10 spec: 11 11 path: ./k8s/nebula/apps/storage/rook-ceph/rook/cluster 12 - prune: true 12 + prune: false 13 13 sourceRef: 14 14 kind: GitRepository 15 15 name: flux-system
+2 -2
k8s/nebula/apps/storage/rook-ceph/rook/ks-operator.yaml
··· 3 3 apiVersion: kustomize.toolkit.fluxcd.io/v1 4 4 kind: Kustomization 5 5 metadata: 6 - name: cluster-apps-rook-ceph-operator 6 + name: rook-ceph-operator 7 7 namespace: flux-system 8 8 labels: 9 9 component.skylab.fi/part-of: definitions 10 10 spec: 11 11 path: ./k8s/nebula/apps/storage/rook-ceph/rook/operator 12 - prune: true 12 + prune: false 13 13 sourceRef: 14 14 kind: GitRepository 15 15 name: flux-system
+19
k8s/nebula/flux/config/cluster.yaml
··· 1 + --- 2 + apiVersion: source.toolkit.fluxcd.io/v1 3 + kind: GitRepository 4 + metadata: 5 + name: flux-system 6 + namespace: flux-system 7 + spec: 8 + interval: 1m0s 9 + ref: 10 + branch: main 11 + url: https://github.com/samip5/k8s-cluster 12 + ignore: | 13 + # exclude all 14 + /* 15 + # include gitops dirs 16 + !/k8s/nebula 17 + !/k8s/base 18 + !/k8s/rbac 19 + !/k8s/templates
+76
k8s/nebula/flux/config/flux.yaml
··· 1 + --- 2 + apiVersion: source.toolkit.fluxcd.io/v1beta2 3 + kind: OCIRepository 4 + metadata: 5 + name: flux-manifests 6 + namespace: flux-system 7 + spec: 8 + interval: 10m 9 + url: oci://ghcr.io/fluxcd/flux-manifests 10 + ref: 11 + tag: v2.2.2 12 + --- 13 + apiVersion: kustomize.toolkit.fluxcd.io/v1 14 + kind: Kustomization 15 + metadata: 16 + name: flux 17 + namespace: flux-system 18 + spec: 19 + interval: 10m0s 20 + path: ./ 21 + prune: true 22 + wait: true 23 + sourceRef: 24 + kind: OCIRepository 25 + name: flux-manifests 26 + patches: 27 + # Increase the number of reconciliations that can be performed in parallel and bump the resources limits 28 + # https://fluxcd.io/flux/cheatsheets/bootstrap/#increase-the-number-of-workers 29 + - patch: | 30 + - op: add 31 + path: /spec/template/spec/containers/0/args/- 32 + value: --concurrent=50 33 + - op: add 34 + path: /spec/template/spec/containers/0/args/- 35 + value: --kube-api-qps=5000 36 + - op: add 37 + path: /spec/template/spec/containers/0/args/- 38 + value: --kube-api-burst=10000 39 + - op: add 40 + path: /spec/template/spec/containers/0/args/- 41 + value: --requeue-dependency=5s 42 + target: 43 + kind: Deployment 44 + name: "(kustomize-controller|helm-controller|source-controller)" 45 + - patch: | 46 + apiVersion: apps/v1 47 + kind: Deployment 48 + metadata: 49 + name: not-used 50 + spec: 51 + template: 52 + spec: 53 + containers: 54 + - name: manager 55 + resources: 56 + limits: 57 + cpu: 2000m 58 + memory: 2Gi 59 + target: 60 + kind: Deployment 61 + name: "(kustomize-controller|helm-controller|source-controller)" 62 + # Enable Helm near OOM detection 63 + # https://fluxcd.io/flux/cheatsheets/bootstrap/#enable-helm-near-oom-detection 64 + - patch: | 65 + - op: add 66 + path: /spec/template/spec/containers/0/args/- 67 + value: --feature-gates=OOMWatch=true 68 + - op: add 69 + path: /spec/template/spec/containers/0/args/- 70 + value: --oom-watch-memory-threshold=95 71 + - op: add 72 + path: /spec/template/spec/containers/0/args/- 73 + value: --oom-watch-interval=500ms 74 + target: 75 + kind: Deployment 76 + name: helm-controller
-10
k8s/nebula/flux/flux.yaml
··· 1 - apiVersion: source.toolkit.fluxcd.io/v1beta2 2 - kind: OCIRepository 3 - metadata: 4 - name: flux-manifests 5 - namespace: flux-system 6 - spec: 7 - interval: 10m 8 - url: oci://ghcr.io/fluxcd/flux-manifests 9 - ref: 10 - tag: v2.2.2
-130
k8s/nebula/flux/gotk-sync.yaml k8s/nebula/flux/config/shared.yaml
··· 1 - --- 2 - apiVersion: source.toolkit.fluxcd.io/v1 3 - kind: GitRepository 4 - metadata: 5 - name: flux-system 6 - namespace: flux-system 7 - spec: 8 - interval: 1m0s 9 - ref: 10 - branch: main 11 - url: https://github.com/samip5/k8s-cluster 12 - ignore: | 13 - # exclude all 14 - /* 15 - # include gitops dirs 16 - !/k8s/nebula 17 - !/k8s/base 18 - !/k8s/rbac 19 - !/k8s/templates 20 - --- 21 - apiVersion: kustomize.toolkit.fluxcd.io/v1 22 - kind: Kustomization 23 - metadata: 24 - name: flux-deploy 25 - namespace: flux-system 26 - spec: 27 - interval: 10m0s 28 - path: ./ 29 - prune: true 30 - wait: true 31 - sourceRef: 32 - kind: OCIRepository 33 - name: flux-manifests 34 - patches: 35 - # Increase the number of reconciliations that can be performed in parallel and bump the resources limits 36 - # https://fluxcd.io/flux/cheatsheets/bootstrap/#increase-the-number-of-workers 37 - - patch: | 38 - - op: add 39 - path: /spec/template/spec/containers/0/args/- 40 - value: --concurrent=50 41 - - op: add 42 - path: /spec/template/spec/containers/0/args/- 43 - value: --kube-api-qps=5000 44 - - op: add 45 - path: /spec/template/spec/containers/0/args/- 46 - value: --kube-api-burst=10000 47 - - op: add 48 - path: /spec/template/spec/containers/0/args/- 49 - value: --requeue-dependency=5s 50 - target: 51 - kind: Deployment 52 - name: "(kustomize-controller|helm-controller|source-controller)" 53 - - patch: | 54 - apiVersion: apps/v1 55 - kind: Deployment 56 - metadata: 57 - name: not-used 58 - spec: 59 - template: 60 - spec: 61 - containers: 62 - - name: manager 63 - resources: 64 - limits: 65 - cpu: 2000m 66 - memory: 2Gi 67 - target: 68 - kind: Deployment 69 - name: "(kustomize-controller|helm-controller|source-controller)" 70 - # Enable Helm near OOM detection 71 - # https://fluxcd.io/flux/cheatsheets/bootstrap/#enable-helm-near-oom-detection 72 - - patch: | 73 - - op: add 74 - path: /spec/template/spec/containers/0/args/- 75 - value: --feature-gates=OOMWatch=true 76 - - op: add 77 - path: /spec/template/spec/containers/0/args/- 78 - value: --oom-watch-memory-threshold=95 79 - - op: add 80 - path: /spec/template/spec/containers/0/args/- 81 - value: --oom-watch-interval=500ms 82 - target: 83 - kind: Deployment 84 - name: helm-controller 85 1 --- 86 2 apiVersion: kustomize.toolkit.fluxcd.io/v1 87 3 kind: Kustomization ··· 114 30 provider: sops 115 31 secretRef: 116 32 name: sops-gpg 117 - --- 118 - #apiVersion: kustomize.toolkit.fluxcd.io/v1 119 - #kind: Kustomization 120 - #metadata: 121 - # name: private-flux 122 - # namespace: flux-system 123 - #spec: 124 - # interval: 10m0s 125 - # path: ./k8s/nebula/private-flux 126 - # prune: true 127 - # wait: true 128 - # sourceRef: 129 - # kind: GitRepository 130 - # name: flux-system 131 - # decryption: 132 - # provider: sops 133 - # secretRef: 134 - # name: sops-gpg 135 33 --- 136 34 apiVersion: kustomize.toolkit.fluxcd.io/v1 137 35 kind: Kustomization ··· 312 210 group: kustomize.toolkit.fluxcd.io 313 211 version: v1 314 212 labelSelector: "component.skylab.fi/part-of=definitions" 315 - --- 316 - #apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 317 - #kind: Kustomization 318 - #metadata: 319 - # name: private-cluster-apps 320 - # namespace: flux-system 321 - #spec: 322 - # interval: 30m 323 - # path: ./cluster/apps 324 - # prune: true 325 - # wait: false 326 - # sourceRef: 327 - # kind: GitRepository 328 - # name: private-cluster 329 - # decryption: 330 - # provider: sops 331 - # secretRef: 332 - # name: sops-gpg 333 - # postBuild: 334 - # substituteFrom: 335 - # - kind: ConfigMap 336 - # name: global-cluster-config 337 - # - kind: Secret 338 - # name: global-cluster-secrets 339 - # - kind: ConfigMap 340 - # name: cluster-config 341 - # - kind: Secret 342 - # name: cluster-secrets