mirror of
https://gitlab.com/shouptech/flux.git
synced 2026-02-03 15:59:45 +00:00
Compare commits
17 commits
flux-write
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
| 2815fd2863 | |||
| 379b5c6df8 | |||
| 434e4f6d97 | |||
| 02b0180697 | |||
| d9c1ad8401 | |||
| 6e55ff9aef | |||
| 82170f90e7 | |||
| cb4612f0b1 | |||
| 546a811b2d | |||
| 44102c3d0f | |||
| 8438746344 | |||
| 906f85e025 | |||
| 76669a3538 | |||
| 305def4b71 | |||
| 85893e61a3 | |||
| 1d3ede8f5c | |||
| 5b16c40fb8 |
21 changed files with 35 additions and 1035 deletions
|
|
@ -1,52 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: bankofparents
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: bankofparents
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: bankofparents
|
||||
spec:
|
||||
containers:
|
||||
- image: registry.gitlab.com/shouptech/bankofparents:v0.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: bankofparents
|
||||
env:
|
||||
- name: GUNICORN_CMD_ARGS
|
||||
value: "--access-logfile=-"
|
||||
ports:
|
||||
- containerPort: 8000
|
||||
resources:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "10m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "1000m"
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: 8000
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 30
|
||||
timeoutSeconds: 5
|
||||
successThreshold: 1
|
||||
failureThreshold: 1
|
||||
volumeMounts:
|
||||
- name: bankofparents-app
|
||||
mountPath: /app
|
||||
- name: bankofparents-instance
|
||||
mountPath: /instance
|
||||
volumes:
|
||||
- name: bankofparents-app
|
||||
hostPath:
|
||||
path: /opt/bankofparents/app
|
||||
type: Directory
|
||||
- name: bankofparents-instance
|
||||
hostPath:
|
||||
path: /opt/bankofparents/instance
|
||||
type: Directory
|
||||
|
|
@ -1,25 +0,0 @@
|
|||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: bankofparents
|
||||
spec:
|
||||
selector:
|
||||
app: bankofparents
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 8000
|
||||
targetPort: 8000
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: bankofparents
|
||||
spec:
|
||||
rules:
|
||||
- host: bank.shoup.io
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: bankofparents
|
||||
servicePort: 8000
|
||||
path: /
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: ddclient-conf
|
||||
namespace: default
|
||||
spec:
|
||||
encryptedData:
|
||||
ddclient.conf: AgADUaPiwlkEnRP5oX8ZSwgKkFplGyUXI+bJNcS9MeiAA12t8WjuIAncYmgnqqIJrBaOY5zla9Zs6MV5nh8S9DVuvex2RtcFPiK/9luycmDqCrCIA1bxSJAUb0LSXCCU1lauK2xF+09E9QSyZmoqUYLcFyuELkvoBMM8v69PR0tJr9wVpRah8yd70Ix0XPggXWJcDQKcQiEO4TYC3L0gMeypOEcfUNCQFx5ay9JhLjLZGkFnT2DzX9ij5Iw+lcNFnZH7xkCfyXmYmynF5micEP8TaL1K51BLeWtNKHk+fClXfVewtovrZ5QCsf8dO39U35pmFIatVDyJn0nAvV/AB6jT8Zj4U3SL4tFKYsHOWSRcUbKANRYirn4Mp4f2E6reZ2Bkpf/DmZPtICLY25a7v0caj3K/lNYiXL49NbgcABibbhHn6AZPSv2LMaL8p8p3CmhJZ8/FUDKLWpK7ezKS3bRd3/4xyTuITAcNqIOx2JqPGgG8Cm23nPzVA7YRO8FzL+Ovx/mwewIpJA+eG0uai9DFcc/3UHbgX4zpVQapskI5AjJ1OvKxwmkY9w1rZVeUBoBgvLFu3D/2Au/AjsO/yaoFaZbSUqwTNyHXVchvAzU7YmMWFlAeAH6f5n8HBKVUBaDG3PKohdFdQMapQZFpYdMpGzQGzID2N6xqNUgcWMtTIkudX5xndw6HZkFUqTCQLQy7qcMAGlqmVn8FmIzHlJWpLNdkXDwxYDDMB3xJlnHtogdTyaJc9+Pbvmo1tt6JbyMa+87LQ6bpJ3IV9ckbM/jYXKFdQe1vZQSum5EAHiHfN7TP8RO3LWc9FRwegBYlLC2CZBtVmoOj7C60SIBupDKe5F+d1v0KFgbnmG2RS6z1SDzduA==
|
||||
template:
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: ddclient-conf
|
||||
namespace: default
|
||||
status: {}
|
||||
|
|
@ -1,27 +0,0 @@
|
|||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: ddclient
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: ddclient
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: ddclient
|
||||
spec:
|
||||
containers:
|
||||
- image: linuxserver/ddclient:3.9.0-ls25
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: ddclient
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /config
|
||||
volumes:
|
||||
- name: config
|
||||
secret:
|
||||
secretName: ddclient-conf
|
||||
defaultMode: 511 # Octal: 0777, needed to allow ddclient permissions
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: echoserver
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: echoserver
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: echoserver
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/echoserver:1.4
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: echoserver
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
|
|
@ -1,25 +0,0 @@
|
|||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: echoserver
|
||||
spec:
|
||||
selector:
|
||||
app: echoserver
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 8080
|
||||
targetPort: 8080
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: echoserver
|
||||
spec:
|
||||
rules:
|
||||
- host: echo.home.shoup.io
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: echoserver
|
||||
servicePort: 8080
|
||||
path: /
|
||||
|
|
@ -1,88 +0,0 @@
|
|||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: grafana
|
||||
namespace: grafana
|
||||
spec:
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: grafana
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: grafana
|
||||
spec:
|
||||
containers:
|
||||
- image: grafana/grafana:7.0.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: grafana
|
||||
env:
|
||||
- name: GF_SERVER_ROOT_URL
|
||||
value: https://grafana.shoup.io
|
||||
- name: GF_SERVER_DOMAIN
|
||||
value: grafana.shoup.io
|
||||
- name: GF_DATABASE_TYPE
|
||||
value: postgres
|
||||
- name: GF_DATABASE_HOST
|
||||
value: postgres:5432
|
||||
- name: GF_DATABASE_NAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres
|
||||
key: POSTGRES_USER
|
||||
- name: GF_DATABASE_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres
|
||||
key: POSTGRES_USER
|
||||
- name: GF_DATABASE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres
|
||||
key: POSTGRES_PASSWORD
|
||||
- name: GF_USERS_ALLOW_SIGN_UP
|
||||
value: "false"
|
||||
- name: GF_USERS_AUTO_ASSIGN_ORG
|
||||
value: "true"
|
||||
- name: GF_USERS_AUTO_ASSIGN_ORG_ROLE
|
||||
value: Editor
|
||||
- name: GF_AUTH_PROXY_ENABLED
|
||||
value: "true"
|
||||
- name: GF_AUTH_PROXY_HEADER_NAME
|
||||
value: X-Forwarded-User
|
||||
- name: GF_AUTH_PROXY_HEADER_PROPERTY
|
||||
value: username
|
||||
- name: GF_AUTH_PROXY_AUTO_SIGN_UP
|
||||
value: "true"
|
||||
- name: GF_AUTH_SIGNOUT_REDIRECT_URL
|
||||
value: "https://grafana.shoup.io/oauth2/sign_out"
|
||||
- name: GF_LOG_MODE
|
||||
value: console
|
||||
- name: GF_LOG_CONSOLE_FORMAT
|
||||
value: json
|
||||
resources:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: 3000
|
||||
initialDelaySeconds: 600
|
||||
periodSeconds: 30
|
||||
timeoutSeconds: 5
|
||||
successThreshold: 1
|
||||
failureThreshold: 2
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
volumeMounts:
|
||||
- name: grafana-storage
|
||||
mountPath: /var/lib/grafana
|
||||
volumes:
|
||||
- name: grafana-storage
|
||||
hostPath:
|
||||
path: /opt/grafana/pod
|
||||
type: Directory
|
||||
|
|
@ -1,71 +0,0 @@
|
|||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: grafanaproxy
|
||||
namespace: grafana
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: grafanaproxy
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: grafanaproxy
|
||||
spec:
|
||||
containers:
|
||||
- image: quay.io/oauth2-proxy/oauth2-proxy:v5.1.0
|
||||
args: ["-email-domain=*", "-upstream=http://grafana:3000/"]
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: grafanaproxy
|
||||
env:
|
||||
- name: OAUTH2_PROXY_SKIP_AUTH_REGEX
|
||||
value: "/metrics(.*)"
|
||||
- name: OAUTH2_PROXY_HTTP_ADDRESS
|
||||
value: ":4180"
|
||||
- name: OAUTH2_PROXY_COOKIE_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: grafanaproxy
|
||||
key: cookie_secret
|
||||
- name: OAUTH2_PROXY_PROVIDER
|
||||
value: nextcloud
|
||||
- name: OAUTH2_PROXY_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: grafanaproxy
|
||||
key: client_id
|
||||
- name: OAUTH2_PROXY_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: grafanaproxy
|
||||
key: client_secret
|
||||
- name: OAUTH2_PROXY_LOGIN_URL
|
||||
value: https://cloud.shoup.io/index.php/apps/oauth2/authorize
|
||||
- name: OAUTH2_PROXY_REDEEM_URL
|
||||
value: https://cloud.shoup.io/index.php/apps/oauth2/api/v1/token
|
||||
- name: OAUTH2_PROXY_VALIDATE_URL
|
||||
value: https://cloud.shoup.io/ocs/v2.php/cloud/user?format=json
|
||||
- name: OAUTH2_PROXY_COOKIE_DOMAIN
|
||||
value: .shoup.io
|
||||
- name: OAUTH2_PROXY_COOKIE_SECURE
|
||||
value: "true"
|
||||
- name: "OAUTH2_PROXY_COOKIE_NAME"
|
||||
value: "_oauth2_proxy_grafana"
|
||||
- name: "OAUTH2_PROXY_PASS_BASIC_AUTH"
|
||||
value: "false"
|
||||
- name: "OAUTH2_PROXY_PASS_USER_HEADERS"
|
||||
value: "true"
|
||||
- name: "OAUTH2_PROXY_SET_XAUTHREQUEST"
|
||||
value: "true"
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: 4180
|
||||
initialDelaySeconds: 600
|
||||
periodSeconds: 30
|
||||
timeoutSeconds: 5
|
||||
successThreshold: 1
|
||||
failureThreshold: 2
|
||||
ports:
|
||||
- containerPort: 443
|
||||
|
|
@ -1,40 +0,0 @@
|
|||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: grafana
|
||||
namespace: grafana
|
||||
spec:
|
||||
selector:
|
||||
app: grafana
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 3000
|
||||
targetPort: 3000
|
||||
---
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: grafanaproxy
|
||||
namespace: grafana
|
||||
spec:
|
||||
selector:
|
||||
app: grafanaproxy
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 4180
|
||||
targetPort: 4180
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: grafana
|
||||
namespace: grafana
|
||||
spec:
|
||||
rules:
|
||||
- host: grafana.shoup.io
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: grafanaproxy
|
||||
servicePort: 4180
|
||||
path: /
|
||||
|
|
@ -1,56 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: postgres
|
||||
namespace: grafana
|
||||
spec:
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: postgres
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: postgres
|
||||
spec:
|
||||
containers:
|
||||
- image: postgres:12.2-alpine
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: postgres
|
||||
env:
|
||||
- name: POSTGRES_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres
|
||||
key: POSTGRES_USER
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres
|
||||
key: POSTGRES_PASSWORD
|
||||
resources:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "512Mi"
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: 5432
|
||||
initialDelaySeconds: 15
|
||||
periodSeconds: 30
|
||||
timeoutSeconds: 5
|
||||
successThreshold: 1
|
||||
failureThreshold: 2
|
||||
ports:
|
||||
- containerPort: 5432
|
||||
volumeMounts:
|
||||
- name: postgres-data
|
||||
mountPath: /var/lib/postgresql/data
|
||||
volumes:
|
||||
- name: postgres-data
|
||||
hostPath:
|
||||
path: /opt/grafana/postgres
|
||||
type: Directory
|
||||
|
|
@ -1,16 +0,0 @@
|
|||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: postgres
|
||||
namespace: grafana
|
||||
spec:
|
||||
encryptedData:
|
||||
POSTGRES_PASSWORD: AgAJaiGYVsZ/hn8hHW99/jm0dizfnGSLCp3B1DLb3g0sCkD7wdVf/eZh5htKxDymnOl0FR7ieaI4SQig7MFMj4azqRxV5R7TxIME+aNdytcNNM6iUY/vLDzq+f6/AaFWxJFPNHl/uQM4fq3kgk93P62mn+Zp3u7hIQ9rEeK5rU22LZmtWAePF/HZjIfpBwIZkiAiUEYyIdi9gTmH1a5+vosjWhXnRJ1ZPdEDkvj40FeCTqri5PrD5WzdszCv1CRvTliCr76VJRjy7+28uo2sssWkzRKg7GTseELqI91QQ2/Pf0Ghq38DqDYpvxbRTXs3uVyTqn3aUjOP9sb7vMolTUKiuc9P/T/6lD8gHMLgUJrV9bHZLDXkRetGKicU6cXNkEX+QPyTeBUe3QlA8IwCh6mi8CY1XT4gu58DPXyKIFsp9R2VvBeYw+2MBseS9qzwRvBuOEKDfFoZvcZjHtOIb59GY4tIR3tiUXIQUh9jhjsdZY1GdARRXNjF26MRRtrf06ShQ/QpaMBWq7OpcpilLwTywSx5S4xyYaMt2GmHCtpYOqeEDAUDA3Ko2gJNTvkFj23jl7JH4rg7jUPxu+wEHv66ta8+cl0PMvI0w4SvrraT2pdL5doirSN20moaQjTDa7AW+s0XsJxPA2W3vWGT9KWA4X/gawJA5T+cgL84auoVbtL2IaWXo/LJeKZ9587rkcVzLFgpDom5hqOMNlZv20stAzix4ph3ANA=
|
||||
POSTGRES_USER: AgChL3vTqhcvLAgw9/1fBjKcZ/yTEREwAraNUBxfOT0/IeBkzA5RNCIzzdTabe0xselbQC0jv8nTPzenP1RermpA9ozDN3KANE8W7+T/ERDURsOpPP4fiRQ0Nq49g8l9hNEQVjYCRAI82qlpuGm3gCg0gvGe+l9zxNwJKkDlelDz/hsP3rylbK+3N45f5+NTd/4lBWBzfYwD+6Ub1MU7eFaKNb8JX64rKYX8WVyuAyNvrVyckZzfPa+uVYG/k2K5YLGrAe3W97DxaM56vRCR9fZ+pRXF+Ju9YbWyQ7I4cW4tQoIjimIwKqEoJv/MgREmLtMWnnhlonhR5C2tNDpmudMTQLvq2q4KeAxgEcBbYoguP7XmEH1GhiE5JlAbpxWiMvSrqI88i/5fFERxOGTGLotkA7IDS0KlOcSsYyeQQpqWVw+DgAkHgCdahrVs6NNqtiYiE+MAmYMnLXGelQ3muk6Di0ZFWm8gzN37wd0z5bPY6+M8LyizcUzuNw1teHE6rvm75ihK9lvPs3//Mb186KdSjtTLNHzszN+rSNR2FNZjpupxV5CttT+f/0Rl8PIO0kUQ7WJjO1fFyq+u4+RlOGs5YZpKKKZbKXbaomkxXjLB2QQh/ahhcTiDLTjUx0rVppB1dLZ6kJqW+TRCc3NtRmCX96gT8Xmdz7egB+953KW9+z0s8Z9VFOIxawJeB1Tabi1o43qnlCMh
|
||||
template:
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: postgres
|
||||
namespace: grafana
|
||||
status: {}
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: postgres
|
||||
namespace: grafana
|
||||
spec:
|
||||
selector:
|
||||
app: postgres
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 5432
|
||||
targetPort: 5432
|
||||
|
|
@ -1,19 +0,0 @@
|
|||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: grafanaproxy
|
||||
namespace: grafana
|
||||
spec:
|
||||
encryptedData:
|
||||
client_id: AgBgtwQkFDlVT6z0BYyZ7n+5USVqmuh5eLB4HzZM90UWaFKmqvmHwOZ210oBgatc5uOSaEDbU18GYzpd30gstTZqglr7/tBLV4JfEJ6shRRu1B0nTDTxgjYAjNxF+N4aga7BOeo2tFTfkhJif/eP7kGCFLh3K+ywnI45qvyoeSDOQVFul39bqbwiPBU93qBvek9ohr7fsuBXUZPFM2OQyIWEp9KscRtEHe7mo+Ef9Wa+I542KTA72ScMQ3HPJzQTxQ6S6aha5MQ8aAu2FKCiE0V+E+kZ0esdmCMxn63egmXPE4Haf9gCJyJ4uHYTk9gxqUqQfD9leHcHu6tEnmw4ADl0M6Bj1CVS6LSfPgDPPkaLHZDFfHH7iCvrrXFeRXc5WUB4bNWbKmxd8+Y0V/ste8uzMcVlqsHhlgQnMQlHgMrMFnWMFZrFoke2R+FZ9WrO6eXvooTySG20ppO6NnLPjaPnmomLlWbqypBue4aAIK3KA5l8BDjss+E98z2McmkBiZzub7vRvjodVf3EfeFOlNCVZMztkJugKiIUFQ1XRLyUZYusisEeBfITrexZpu/oEKxzXN/++fIKyqP94VrkSebGUiMCcmEffJjnKlmt6U9z2hce3xNIwWiStBDhnfcOOSxT+6hrqrt1p5glcHwWSVaWF1Z5ITzlmwolY530IEdFEgC/zCJzb4p8dqK3prGTq/fMXjJDQaO0LcGsldv61hOveBNpDxnI5gaN94lKKtbuZPYnY31rNcivxBeCVMJEf0fgikBFu6AeTvZdV+pdpBPM
|
||||
client_secret: AgA3/RPUpvv/qICl1qyA0g/0hqr7ggxImwvmcOLXPYIENWii+Iw+0/aYLSBOzkealY5GM9F0JwvwyvJ66ZQ2DccGhpeF8luFT+QMok1shobw7S3Aka79GNJdtCuYmNZ9+9ui0OMrl/48YQEL9xn4JJ/tvSdi9h/MCE2t5DoJBchrZbJ+2TYH6O4JcFM3JUdJWP9Do9QvLHDtcRhLGUdDIoCytZZo2o61isOeSrI/nyiDqppQKKUMLfMg8Li0RbuTYrzNgp/tTbyA91OyzUTyj4AZfFg7k0P5fDMr+c3mSZQYUGXEKRJ4qse+EVOmzgdVsClu2g86Tx14ZwviGsYSg0dd5E2ZvdzfoQZ3FuHF5nSIaNFRVtOGxxEvKc8y8S3B4CBqMzr0LcJAVeApiDzkMWXxQNdJMsuptICJXHhgw/dqSU+4+pplHKC0OhAuPlM6/hh16fQdcK7MV1VyAaWmaX99Ub2CO8aOnbSM/MyzX0D4sqmK8TBXfdobME2f87a5nWEFnOMnyckPMCRhyh/DKnkjhKfCBjV9mgBODVQaoBEYIlLVMjiatnEXbhHzi6i8Kx2dLYKuWE6bDHrRP55v9E33yAgfaa5fP7sFTra+euanpQcZYdWlDIM+s81g1Isfno/mJ0DZ6e50IvPMWDTLtFSKBBYy8L/m6xXwhdu1qbjKZVGIQV32UEjy7M+vimUBCxTIgN2s3jzub399ttnMzv+UnQjvte5Aw/2daHw1HaHa7B+JTtCOJpUiNyHtFB1l+F6kjDkntoip0cDfPCtxNJX7
|
||||
cookie_secret: AgDOOwNi5tZI4EpMP4trTUlCiEdJpFGNUeD2IE3xuKmpdu8WAQOUYu4HCL0HV667x4ZHBcXPf0cohibgYT6ZyqUmpGC9SiCMpnDrf3R0NyKOjLtOkfJ+jBscNlr/KSNIhx351O/y09guGebRqagrWGdfRUWNWTY9OY6zzU+OYVqRKeW4mSh3ut3BWqb+PppHSyMXJ+hGJ8var+VwIMOAOA8FfpaiKtRK+K/wipEJe0uz70dzel7Be2+cBYuVmNTxI9IQyaVNw1NED3OwJDbMdJAHa6uaf626wHdENySgakUc1GNHgPtXEfM+1Xe+BvEtTqCooxy/EvsYemXILw+jOi8exOX1WGtM3C22/HRbSp44MOBrkyh9n2gmXP5LPj5LewmYUe2bPl1V2lj5JcylH7VWAli+JXvGRLooLmimKYmqF1nycJDz3Mq99jKLMstv5yQitGh/ih+FQu2NwC9JJNLyZNb1O7tWh5hjOt0Itl6yzVP8Vn1+naPaqX/xheLAFTCcL7wU5R/QUzk1EzpFCEEs9ivggiMciV/HDJNfozg1yJdLxTU0Pp94EkNECwUEDMKY6bVivY5BWEp28IA8AmshKMr6sAeGgwIKsGWBolRVqcLZucavu5Y1r/NR16NQIVF2vwMTlaCdKk3AAacNeaRxJFqjdpV926c5fMfWw8YhQpyFnoUBHX62+uAPoAFbTyp1WAC5ZyqhMZRhObp6+Uj/SbrDomHQEkP6vehqBiOJMZVeqURJzHOdwSVKYuNcnvbOgysombDOvLMu+1AGfYDl
|
||||
template:
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: grafanaproxy
|
||||
namespace: grafana
|
||||
type: Opaque
|
||||
status: {}
|
||||
|
||||
|
|
@ -1,363 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: fluentd-logging
|
||||
name: fluentd-logging
|
||||
namespace: kube-system
|
||||
data:
|
||||
fluent.conf: |
|
||||
@include "#{ENV['FLUENTD_SYSTEMD_CONF'] || 'systemd'}.conf"
|
||||
@include "#{ENV['FLUENTD_PROMETHEUS_CONF'] || 'prometheus'}.conf"
|
||||
@include kubernetes.conf
|
||||
@include nextcloud.conf
|
||||
@include conf.d/*.conf
|
||||
@include filters.conf
|
||||
|
||||
<match **>
|
||||
@type elasticsearch
|
||||
@id out_es
|
||||
@log_level info
|
||||
include_tag_key true
|
||||
host "#{ENV['FLUENT_ELASTICSEARCH_HOST']}"
|
||||
port "#{ENV['FLUENT_ELASTICSEARCH_PORT']}"
|
||||
path "#{ENV['FLUENT_ELASTICSEARCH_PATH']}"
|
||||
scheme "#{ENV['FLUENT_ELASTICSEARCH_SCHEME'] || 'http'}"
|
||||
ssl_verify "#{ENV['FLUENT_ELASTICSEARCH_SSL_VERIFY'] || 'true'}"
|
||||
ssl_version "#{ENV['FLUENT_ELASTICSEARCH_SSL_VERSION'] || 'TLSv1_2'}"
|
||||
user "#{ENV['FLUENT_ELASTICSEARCH_USER'] || use_default}"
|
||||
password "#{ENV['FLUENT_ELASTICSEARCH_PASSWORD'] || use_default}"
|
||||
reload_connections "#{ENV['FLUENT_ELASTICSEARCH_RELOAD_CONNECTIONS'] || 'false'}"
|
||||
reconnect_on_error "#{ENV['FLUENT_ELASTICSEARCH_RECONNECT_ON_ERROR'] || 'true'}"
|
||||
reload_on_failure "#{ENV['FLUENT_ELASTICSEARCH_RELOAD_ON_FAILURE'] || 'true'}"
|
||||
log_es_400_reason "#{ENV['FLUENT_ELASTICSEARCH_LOG_ES_400_REASON'] || 'false'}"
|
||||
logstash_prefix "#{ENV['FLUENT_ELASTICSEARCH_LOGSTASH_PREFIX'] || 'logstash'}"
|
||||
logstash_dateformat "#{ENV['FLUENT_ELASTICSEARCH_LOGSTASH_DATEFORMAT'] || '%Y.%m.%d'}"
|
||||
logstash_format "#{ENV['FLUENT_ELASTICSEARCH_LOGSTASH_FORMAT'] || 'true'}"
|
||||
index_name "#{ENV['FLUENT_ELASTICSEARCH_LOGSTASH_INDEX_NAME'] || 'logstash'}"
|
||||
type_name "#{ENV['FLUENT_ELASTICSEARCH_LOGSTASH_TYPE_NAME'] || 'fluentd'}"
|
||||
include_timestamp "#{ENV['FLUENT_ELASTICSEARCH_INCLUDE_TIMESTAMP'] || 'false'}"
|
||||
template_name "#{ENV['FLUENT_ELASTICSEARCH_TEMPLATE_NAME'] || use_nil}"
|
||||
template_file "#{ENV['FLUENT_ELASTICSEARCH_TEMPLATE_FILE'] || use_nil}"
|
||||
template_overwrite "#{ENV['FLUENT_ELASTICSEARCH_TEMPLATE_OVERWRITE'] || use_default}"
|
||||
sniffer_class_name "#{ENV['FLUENT_SNIFFER_CLASS_NAME'] || 'Fluent::Plugin::ElasticsearchSimpleSniffer'}"
|
||||
request_timeout "#{ENV['FLUENT_ELASTICSEARCH_REQUEST_TIMEOUT'] || '5s'}"
|
||||
<buffer>
|
||||
flush_thread_count "#{ENV['FLUENT_ELASTICSEARCH_BUFFER_FLUSH_THREAD_COUNT'] || '8'}"
|
||||
flush_interval "#{ENV['FLUENT_ELASTICSEARCH_BUFFER_FLUSH_INTERVAL'] || '5s'}"
|
||||
chunk_limit_size "#{ENV['FLUENT_ELASTICSEARCH_BUFFER_CHUNK_LIMIT_SIZE'] || '2M'}"
|
||||
queue_limit_length "#{ENV['FLUENT_ELASTICSEARCH_BUFFER_QUEUE_LIMIT_LENGTH'] || '32'}"
|
||||
retry_max_interval "#{ENV['FLUENT_ELASTICSEARCH_BUFFER_RETRY_MAX_INTERVAL'] || '30'}"
|
||||
retry_forever true
|
||||
</buffer>
|
||||
</match>
|
||||
|
||||
disable.conf: ""
|
||||
|
||||
filters.conf: |
|
||||
<filter kubernetes.var.log.containers.nextcloud-** kubernetes.var.log.containers.echoserver-**>
|
||||
@type parser
|
||||
key_name log
|
||||
reserve_data true
|
||||
<parse>
|
||||
@type apache2
|
||||
</parse>
|
||||
</filter>
|
||||
|
||||
<filter kubernetes.var.log.containers.hass-**>
|
||||
@type parser
|
||||
key_name log
|
||||
reserve_data true
|
||||
<parse>
|
||||
@type regexp
|
||||
expression /^(?<logtime>.*) (?<level>.*) \((?<thread>.*)\) \[(?<source>.*)\] (?<message>.*)$/
|
||||
</parse>
|
||||
</filter>
|
||||
|
||||
<filter kubernetes.var.log.containers.flux-** kubernetes.var.log.containers.grafana-**>
|
||||
@type parser
|
||||
key_name log
|
||||
reserve_data true
|
||||
<parse>
|
||||
@type json
|
||||
</parse>
|
||||
</filter>
|
||||
|
||||
nextcloud.conf: |
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_nextcloud_log
|
||||
path /opt/nextcloud/nextcloud.log
|
||||
pos_file /var/log/nextcloud.log.pos
|
||||
tag nextcloud.log
|
||||
read_from_head true
|
||||
reserve_data true
|
||||
<parse>
|
||||
@type json
|
||||
time_key time
|
||||
time_format %Y-%m-%dT%H:%M:%S%z
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
kubernetes.conf: |
|
||||
<label @FLUENT_LOG>
|
||||
<match fluent.**>
|
||||
@type null
|
||||
</match>
|
||||
</label>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_container_logs
|
||||
path /var/log/containers/*.log
|
||||
pos_file /var/log/fluentd-containers.log.pos
|
||||
tag "#{ENV['FLUENT_CONTAINER_TAIL_TAG'] || 'kubernetes.*'}"
|
||||
exclude_path "#{ENV['FLUENT_CONTAINER_TAIL_EXCLUDE_PATH'] || use_default}"
|
||||
read_from_head true
|
||||
<parse>
|
||||
@type regexp
|
||||
expression /^(?<time>.+) (?<stream>stdout|stderr)( (?<logtag>.))? (?<log>.*)$/
|
||||
# 2020-04-18T18:05:32.568345742-04:00
|
||||
time_format %Y-%m-%dT%H:%M:%S.%N%z
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_minion
|
||||
path /var/log/salt/minion
|
||||
pos_file /var/log/fluentd-salt.pos
|
||||
tag salt
|
||||
<parse>
|
||||
@type regexp
|
||||
expression /^(?<time>[^ ]* [^ ,]*)[^\[]*\[[^\]]*\]\[(?<severity>[^ \]]*) *\] (?<message>.*)$/
|
||||
time_format %Y-%m-%d %H:%M:%S
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_startupscript
|
||||
path /var/log/startupscript.log
|
||||
pos_file /var/log/fluentd-startupscript.log.pos
|
||||
tag startupscript
|
||||
<parse>
|
||||
@type syslog
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_docker
|
||||
path /var/log/docker.log
|
||||
pos_file /var/log/fluentd-docker.log.pos
|
||||
tag docker
|
||||
<parse>
|
||||
@type regexp
|
||||
expression /^time="(?<time>[^)]*)" level=(?<severity>[^ ]*) msg="(?<message>[^"]*)"( err="(?<error>[^"]*)")?( statusCode=($<status_code>\d+))?/
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_etcd
|
||||
path /var/log/etcd.log
|
||||
pos_file /var/log/fluentd-etcd.log.pos
|
||||
tag etcd
|
||||
<parse>
|
||||
@type none
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_kubelet
|
||||
multiline_flush_interval 5s
|
||||
path /var/log/kubelet.log
|
||||
pos_file /var/log/fluentd-kubelet.log.pos
|
||||
tag kubelet
|
||||
<parse>
|
||||
@type kubernetes
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_kube_proxy
|
||||
multiline_flush_interval 5s
|
||||
path /var/log/kube-proxy.log
|
||||
pos_file /var/log/fluentd-kube-proxy.log.pos
|
||||
tag kube-proxy
|
||||
<parse>
|
||||
@type kubernetes
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_kube_apiserver
|
||||
multiline_flush_interval 5s
|
||||
path /var/log/kube-apiserver.log
|
||||
pos_file /var/log/fluentd-kube-apiserver.log.pos
|
||||
tag kube-apiserver
|
||||
<parse>
|
||||
@type kubernetes
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_kube_controller_manager
|
||||
multiline_flush_interval 5s
|
||||
path /var/log/kube-controller-manager.log
|
||||
pos_file /var/log/fluentd-kube-controller-manager.log.pos
|
||||
tag kube-controller-manager
|
||||
<parse>
|
||||
@type kubernetes
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_kube_scheduler
|
||||
multiline_flush_interval 5s
|
||||
path /var/log/kube-scheduler.log
|
||||
pos_file /var/log/fluentd-kube-scheduler.log.pos
|
||||
tag kube-scheduler
|
||||
<parse>
|
||||
@type kubernetes
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_rescheduler
|
||||
multiline_flush_interval 5s
|
||||
path /var/log/rescheduler.log
|
||||
pos_file /var/log/fluentd-rescheduler.log.pos
|
||||
tag rescheduler
|
||||
<parse>
|
||||
@type kubernetes
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_glbc
|
||||
multiline_flush_interval 5s
|
||||
path /var/log/glbc.log
|
||||
pos_file /var/log/fluentd-glbc.log.pos
|
||||
tag glbc
|
||||
<parse>
|
||||
@type kubernetes
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_cluster_autoscaler
|
||||
multiline_flush_interval 5s
|
||||
path /var/log/cluster-autoscaler.log
|
||||
pos_file /var/log/fluentd-cluster-autoscaler.log.pos
|
||||
tag cluster-autoscaler
|
||||
<parse>
|
||||
@type kubernetes
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
# Example:
|
||||
# 2017-02-09T00:15:57.992775796Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" ip="104.132.1.72" method="GET" user="kubecfg" as="<self>" asgroups="<lookup>" namespace="default" uri="/api/v1/namespaces/default/pods"
|
||||
# 2017-02-09T00:15:57.993528822Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" response="200"
|
||||
<source>
|
||||
@type tail
|
||||
@id in_tail_kube_apiserver_audit
|
||||
multiline_flush_interval 5s
|
||||
path /var/log/kubernetes/kube-apiserver-audit.log
|
||||
pos_file /var/log/kube-apiserver-audit.log.pos
|
||||
tag kube-apiserver-audit
|
||||
<parse>
|
||||
@type multiline
|
||||
format_firstline /^\S+\s+AUDIT:/
|
||||
# Fields must be explicitly captured by name to be parsed into the record.
|
||||
# Fields may not always be present, and order may change, so this just looks
|
||||
# for a list of key="\"quoted\" value" pairs separated by spaces.
|
||||
# Unknown fields are ignored.
|
||||
# Note: We can't separate query/response lines as format1/format2 because
|
||||
# they don't always come one after the other for a given query.
|
||||
format1 /^(?<time>\S+) AUDIT:(?: (?:id="(?<id>(?:[^"\\]|\\.)*)"|ip="(?<ip>(?:[^"\\]|\\.)*)"|method="(?<method>(?:[^"\\]|\\.)*)"|user="(?<user>(?:[^"\\]|\\.)*)"|groups="(?<groups>(?:[^"\\]|\\.)*)"|as="(?<as>(?:[^"\\]|\\.)*)"|asgroups="(?<asgroups>(?:[^"\\]|\\.)*)"|namespace="(?<namespace>(?:[^"\\]|\\.)*)"|uri="(?<uri>(?:[^"\\]|\\.)*)"|response="(?<response>(?:[^"\\]|\\.)*)"|\w+="(?:[^"\\]|\\.)*"))*/
|
||||
time_format %Y-%m-%dT%T.%L%Z
|
||||
</parse>
|
||||
</source>
|
||||
|
||||
<filter kubernetes.**>
|
||||
@type kubernetes_metadata
|
||||
@id filter_kube_metadata
|
||||
kubernetes_url "#{ENV['FLUENT_FILTER_KUBERNETES_URL'] || 'https://' + ENV.fetch('KUBERNETES_SERVICE_HOST') + ':' + ENV.fetch('KUBERNETES_SERVICE_PORT') + '/api'}"
|
||||
verify_ssl "#{ENV['KUBERNETES_VERIFY_SSL'] || true}"
|
||||
ca_file "#{ENV['KUBERNETES_CA_FILE']}"
|
||||
</filter>
|
||||
|
||||
prometheus.conf: |
|
||||
# Prometheus metric exposed on 0.0.0.0:24231/metrics
|
||||
<source>
|
||||
@type prometheus
|
||||
bind "#{ENV['FLUENTD_PROMETHEUS_BIND'] || '0.0.0.0'}"
|
||||
port "#{ENV['FLUENTD_PROMETHEUS_PORT'] || '24231'}"
|
||||
metrics_path "#{ENV['FLUENTD_PROMETHEUS_PATH'] || '/metrics'}"
|
||||
</source>
|
||||
|
||||
<source>
|
||||
@type prometheus_output_monitor
|
||||
</source>
|
||||
|
||||
systemd.conf: |
|
||||
# Logs from systemd-journal for interesting services.
|
||||
<source>
|
||||
@type systemd
|
||||
@id in_systemd_kubelet
|
||||
matches [{ "_SYSTEMD_UNIT": "kubelet.service" }]
|
||||
<storage>
|
||||
@type local
|
||||
persistent true
|
||||
path /var/log/fluentd-journald-kubelet-cursor.json
|
||||
</storage>
|
||||
<entry>
|
||||
fields_strip_underscores true
|
||||
</entry>
|
||||
read_from_head true
|
||||
tag kubelet
|
||||
</source>
|
||||
|
||||
# Logs from docker-systemd
|
||||
<source>
|
||||
@type systemd
|
||||
@id in_systemd_docker
|
||||
matches [{ "_SYSTEMD_UNIT": "docker.service" }]
|
||||
<storage>
|
||||
@type local
|
||||
persistent true
|
||||
path /var/log/fluentd-journald-docker-cursor.json
|
||||
</storage>
|
||||
<entry>
|
||||
fields_strip_underscores true
|
||||
</entry>
|
||||
read_from_head true
|
||||
tag docker.systemd
|
||||
</source>
|
||||
|
||||
# Logs from systemd-journal for interesting services.
|
||||
<source>
|
||||
@type systemd
|
||||
@id in_systemd_bootkube
|
||||
matches [{ "_SYSTEMD_UNIT": "bootkube.service" }]
|
||||
<storage>
|
||||
@type local
|
||||
persistent true
|
||||
path /var/log/fluentd-journald-bootkube-cursor.json
|
||||
</storage>
|
||||
<entry>
|
||||
fields_strip_underscores true
|
||||
</entry>
|
||||
read_from_head true
|
||||
tag bootkube
|
||||
</source>
|
||||
|
|
@ -1,125 +0,0 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: fluentd
|
||||
namespace: kube-system
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: fluentd
|
||||
namespace: kube-system
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- pods
|
||||
- namespaces
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
|
||||
---
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
metadata:
|
||||
name: fluentd
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: fluentd
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: fluentd
|
||||
namespace: kube-system
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: fluentd
|
||||
namespace: kube-system
|
||||
labels:
|
||||
k8s-app: fluentd-logging
|
||||
version: v1
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
k8s-app: fluentd-logging
|
||||
version: v1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: fluentd-logging
|
||||
version: v1
|
||||
spec:
|
||||
serviceAccount: fluentd
|
||||
serviceAccountName: fluentd
|
||||
tolerations:
|
||||
- key: node-role.kubernetes.io/master
|
||||
effect: NoSchedule
|
||||
containers:
|
||||
- name: fluentd
|
||||
image: fluent/fluentd-kubernetes-daemonset:v1-debian-elasticsearch
|
||||
env:
|
||||
- name: FLUENT_ELASTICSEARCH_HOST
|
||||
value: "es01.home.shoup.io"
|
||||
- name: FLUENT_ELASTICSEARCH_PORT
|
||||
value: "9200"
|
||||
- name: FLUENT_ELASTICSEARCH_SCHEME
|
||||
value: "http"
|
||||
# Option to configure elasticsearch plugin with self signed certs
|
||||
# ================================================================
|
||||
# - name: FLUENT_ELASTICSEARCH_SSL_VERIFY
|
||||
# value: "true"
|
||||
# Option to configure elasticsearch plugin with tls
|
||||
# ================================================================
|
||||
# - name: FLUENT_ELASTICSEARCH_SSL_VERSION
|
||||
# value: "TLSv1_2"
|
||||
# X-Pack Authentication
|
||||
# =====================
|
||||
# - name: FLUENT_ELASTICSEARCH_USER
|
||||
# value: "elastic"
|
||||
# - name: FLUENT_ELASTICSEARCH_PASSWORD
|
||||
# value: "changeme"
|
||||
|
||||
# Disable SystemD input
|
||||
- name: FLUENTD_SYSTEMD_CONF
|
||||
value: "disable"
|
||||
# Don't parse own logs
|
||||
- name: FLUENT_CONTAINER_TAIL_EXCLUDE_PATH
|
||||
value: '["/var/log/containers/fluentd*"]'
|
||||
resources:
|
||||
limits:
|
||||
memory: 200Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 200Mi
|
||||
volumeMounts:
|
||||
- name: varlog
|
||||
mountPath: /var/log
|
||||
- name: varlogcontainers
|
||||
mountPath: /var/log/containers
|
||||
readOnly: true
|
||||
- name: config-volume
|
||||
mountPath: /fluentd/etc
|
||||
- name: nextcloud-data
|
||||
mountPath: /opt/nextcloud/nextcloud.log
|
||||
subPath: data/nextcloud.log
|
||||
terminationGracePeriodSeconds: 30
|
||||
volumes:
|
||||
- name: varlog
|
||||
hostPath:
|
||||
path: /var/log
|
||||
- name: varlogcontainers
|
||||
hostPath:
|
||||
path: /var/log/containers
|
||||
- name: config-volume
|
||||
configMap:
|
||||
name: fluentd-logging
|
||||
- name: nextcloud-data
|
||||
hostPath:
|
||||
path: /opt/nextcloud/pod
|
||||
type: Directory
|
||||
18
workloads/nextcloud/ncbackup-secret.yml
Normal file
18
workloads/nextcloud/ncbackup-secret.yml
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: ncbackup
|
||||
namespace: nextcloud
|
||||
spec:
|
||||
encryptedData:
|
||||
host: AgAX+qFQTYLfNw3IBT0yq20+LrW6hcESwQOLy8zLVpEsDNPo6fe/VpWleqi2k0NEAp0cDACcIEAt4zexLlurbHQElWpbzsjA6NP0FAgaa+Luby1XFyX6OhjgItFPAzxZMDEkLXh10bdumX25IKVMe2avHxNwpqBbNoCAMOT8D2ynWeFr3ckguzqjjAJyl1KFNI3MRqa7XzhZITdufRkAyun/3Wvv/s7m2IQeh1p3ryJnR3V/VYkeisTq47sC2TNlB60Ja3dWWKyZjMTFCEgxo0DIaySC4ma/+R2WyTODncq3b0IzNfG2QHl2tSKpNCH8ROejEyVD8L2YI+g1wY3RM6+2slntUy1/if+/gdcuVyVLOl/ncHEAEkh/b2WEeeccHg7MX2aRLaGJiyNXRNQkoORSXIVWmFHezlpmmqutwktJIX+j2i8Q2l/yOgwMe+tSDjF8aWXyTP3nbRa22ZPywn9L23Ioj1O6kATDcYJRjtfMidevtDrOeCskYOj8x2vxg9ftHG8Wyg9uX29EFSN3JFlL11/iPrhBSrqjYEUp3BGbQRmpDyqw6emKS2rgB6OQDQ1Tv9NyhyE1PwdEnwcZ4UgxVh9wlc4hOUsxZxaQ3p+XQQHwIj3LwqGs0yLpTMgWtuQ5Ub8znT4v9CFELKMBMaJip/DiqGsv0U0Jte4up5bc/zV0DszWLSgD4DZoNxsqQ30NcXVG6DIldJ/vExCwQZlJJC0=
|
||||
sshkey: AgBjW5j6BUAWX+zaQWnaXnXKNB70stbV7iHDX60+22m3GLTKR2z2Me5qDsnNzF/QTTKtb7M3Yoed8NA2Oo4j/GAGkIA15+w4hJeyOfMDCrgcLP2/j6E2aweGQHfoOR3SztoAEF0NCB4QO3bozBuUu9/LwXN8ug/vsV4HAmlxG1crPpWNDdy9z34tNwnrumkGvuhqxInQt1WxNgsrpLoda76p37ds0hWWb+jIEaQET3bXLckjeRo630CJaRiawbibVZYGyMOZa18sFSYEAKweOvDhzTdjuXHQ73+/joBthF3oPh9rVQ3Exu96BmP8kKa15jQs5WWCHlQXhN5MabSs5feJIj19QiUTna7/cQYPU3Moxze0lhdIFZ+gMchrvmMMi5SBEdHNa2z1h6TQb0DXwpCwbJ6puceWXGMwRMH94LYAHzoQFwh3V0M3rslXWy7RAz7J1iwzVTVytOaGvGgZd1uRk0kyaz5fdlJNm4BpChlUGnpttaFfF7X8+ISrZf3iNRWcKhkEJR3mB/jCdC4PRikz2B8zahMtEiHNeltymEWXMyriByoksI+vkTx1Kbbj72vmJnj5suoSdvD5of1xr7hi/uY8UJSxd8yhdpldFE6BxYSrvUzenmr5wa4XvkGDPXblfh7TwqlTOhbFeWGMz2nxLH7YVzGkEzlPQmtyC3hvh2D+G7h5s2YeoCUzmHI6Q5POdLdBY2zrbinr8mkS7T4/rqtH1YSF0sA8pC3q+8QQBseo1yvDd8rIHwMT3VyGBv04aE+6YGZJ4i/Ws5shIPhiMrDC5q+JFJEHpoy6syqrtBV41hBgdPDvIDBMMc2wOncIuG0Bl68ztCMIAP5zbmeHtjJ7zqyI7BuMr4sCS6I5vpB9QWiyGubuGtVWegy/bTjCiuKRJMHEE/tQ6u1KOTMEW3D76HAQ1vXvGIKKFKscbEwubwFIBET6r8T6vipeWtgRXEsMXgSOJE1Vy/VLxZcvROoVznYcmxhOKF8oH9wa3SIYbvGWKSieU7TX/upgAwnoX8mlwIc/d4YRIkA+c8psdmVbep3YvSFJnVoJHMs0WCQb1zY3Csp3daXnwxJv839JWT7vOkOpY4MgZjZ9RnzaSdjhQeKAd9zfdb2EiMZS/85VFAdRUaMpS+telsUtl0UNXdVNH3IzIHauXc5FB+hMwcTwuA8oUjlqf5nCv+iV3OMwurxpy3wD0C6DiGsY+BJheLwmC1E+Shg86xiL6Bk1SlGlRxWTLR1eO2M=
|
||||
user: AgBdWvLQQepIp2PQcV86EVsWBQ8ZtHgChgH7fotr2LbMHfaVbJv2W+qKtjpBmj8Nza8nw1albaKlikdt6e5fiO7qhg4TW+fddVRXX1vUNeELBw/pElEeDCpT2mpaZG4yD080i+MtMiJOFI3M13S0s5pUxcca06qDH2XUGP2yRzsPs3IP2tWnozyxQ+L6h184wlbQN9G3CWSyct6ExkDNvUT4lOWqhvt+8MMP6R6QbnxHOHDrTZHq+BZs+Kcl+ehnyNrGqF8hOesPfqPhkaRqrmaUHR0ZPnxBLvNvnlUjju/D5Ceb5XSp7PMOZUOmzdwGVrEAUUjAOPOq20VGh80QXNhS3WU/5LPE0yj+RbxknBvF0zu5dw+eLnrEBBu++lonFaYJc2R6rlyvLDmQv+BEKh8QzK9X3emwF9M9bQIh2t6g+UKi3FZrgVndSwAolXpMykD6XWvNE3x6gx1LPRUjZkTEKgPieOzaXEFtW0sUAhW9i5MPImDIXX5M18VcQv9fOHUfSC9XIC2KEYKCRA95JZX9vdnh9AbKMF0ial0YpAyTyyLEyro8CdACBSIrVzSEOqlxmcS9L7WV0VmegJir3CgnhjHZX9f+dddsiCgy6BMYxmzvs/hLnKHcghv560lYJAaFt5LxMIOXHaCU+I06KvPapn+BYuYZs5SAkkvwZUHWa9KrEDMhP5l8h0uMDnZvRVcHxlzp
|
||||
template:
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: ncbackup
|
||||
namespace: nextcloud
|
||||
type: Opaque
|
||||
|
||||
|
|
@ -81,15 +81,13 @@ spec:
|
|||
- name: gitlab-regcred
|
||||
containers:
|
||||
- name: ncbackup
|
||||
image: registry.gitlab.com/shouptech/ncbackup:454955999
|
||||
image: registry.gitlab.com/shouptech/ncbackup:628155982
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: NC_CONFIG_FILE
|
||||
value: /var/www/html/config/config.php
|
||||
- name: NC_DATA_PATH
|
||||
value: /var/www/html/
|
||||
- name: NC_DATA_DEST
|
||||
value: /bkup/data/
|
||||
- name: POSTGRES_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
|
|
@ -106,19 +104,27 @@ spec:
|
|||
value: "5432"
|
||||
- name: POSTGRES_DB
|
||||
value: nextcloud
|
||||
- name: POSTGRES_DEST
|
||||
value: /bkup/db/
|
||||
- name: SSH_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ncbackup
|
||||
key: user
|
||||
- name: SSH_HOST
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ncbackup
|
||||
key: host
|
||||
volumeMounts:
|
||||
- name: nextcloud-data
|
||||
mountPath: /var/www/html
|
||||
- name: nextcloud-backup
|
||||
mountPath: /bkup
|
||||
- name: app
|
||||
mountPath: /app
|
||||
restartPolicy: Never
|
||||
volumes:
|
||||
- name: nextcloud-data
|
||||
hostPath:
|
||||
path: /opt/nextcloud/pod
|
||||
type: Directory
|
||||
- name: nextcloud-backup
|
||||
hostPath:
|
||||
path: /net/hv01/opt/backup/nextcloud
|
||||
- name: app
|
||||
secret:
|
||||
secretName: ncbackup
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ spec:
|
|||
app: nextcloud
|
||||
spec:
|
||||
containers:
|
||||
- image: nextcloud:18.0.6-apache
|
||||
- image: nextcloud:19.0.2-apache
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: nextcloud
|
||||
env:
|
||||
|
|
|
|||
|
|
@ -1,18 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: nip-io
|
||||
data:
|
||||
backend.conf: |
|
||||
[main]
|
||||
domain=lcl.home.shoup.io
|
||||
ttl=432000
|
||||
ipaddress=127.0.0.1
|
||||
[soa]
|
||||
id=1
|
||||
hostmaster=hostmaster@lcl.home.shoup.io
|
||||
ns=ns1.lcl.home.shoup.io
|
||||
[nameservers]
|
||||
ns1.lcl.home.shoup.io=127.0.0.1
|
||||
ns2.lcl.home.shoup.io=127.0.0.1
|
||||
[blacklist]
|
||||
|
|
@ -1,33 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: nip-io
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: nip-io
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: nip-io
|
||||
spec:
|
||||
containers:
|
||||
- image: shouptech/nip.io:2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: nip-io
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /usr/local/bin/backend.conf
|
||||
subPath: backend.conf
|
||||
ports:
|
||||
- containerPort: 53
|
||||
name: dns-tcp
|
||||
protocol: TCP
|
||||
- containerPort: 53
|
||||
name: dns-udp
|
||||
protocol: UDP
|
||||
volumes:
|
||||
- name: config
|
||||
configMap:
|
||||
name: nip-io
|
||||
|
|
@ -1,19 +0,0 @@
|
|||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: nip-io
|
||||
spec:
|
||||
type: NodePort
|
||||
selector:
|
||||
app: nip-io
|
||||
ports:
|
||||
- name: dns-tcp
|
||||
protocol: TCP
|
||||
port: 53
|
||||
nodePort: 31053
|
||||
targetPort: dns-tcp
|
||||
- name: dns-udp
|
||||
protocol: UDP
|
||||
port: 53
|
||||
nodePort: 31053
|
||||
targetPort: dns-udp
|
||||
Loading…
Add table
Reference in a new issue