From 6b3eb79f88001c35fe914bfae8d0b56ec6b4688d Mon Sep 17 00:00:00 2001 From: Grant Hunter <5445379+grantdhunter@users.noreply.github.com> Date: Sun, 7 Dec 2025 13:16:22 -0700 Subject: [PATCH] remove old values.yaml --- 53ll/values.yaml | 53 --------- gitea/values.yaml | 89 -------------- grafana/alloy_values.yaml | 199 -------------------------------- grafana/values.yaml | 19 --- incngrnt-web/values.yaml | 14 --- k8up/values.yaml | 4 - kgnot/values.yaml | 54 --------- mariadb/values.yaml | 14 --- matrix-registration/values.yaml | 5 - metallb/values.yaml | 0 postgres/operator-values.yaml | 2 - postgres/values.yaml | 45 -------- rook-ceph-cluster/values.yaml | 82 ------------- rook-ceph/values.yaml | 4 - synapse/values.yaml | 84 -------------- tailscale/values.yaml | 4 - traefik/values.yaml | 102 ---------------- 17 files changed, 774 deletions(-) delete mode 100644 53ll/values.yaml delete mode 100644 gitea/values.yaml delete mode 100644 grafana/alloy_values.yaml delete mode 100644 grafana/values.yaml delete mode 100644 incngrnt-web/values.yaml delete mode 100644 k8up/values.yaml delete mode 100644 kgnot/values.yaml delete mode 100644 mariadb/values.yaml delete mode 100644 matrix-registration/values.yaml delete mode 100644 metallb/values.yaml delete mode 100644 postgres/operator-values.yaml delete mode 100644 postgres/values.yaml delete mode 100644 rook-ceph-cluster/values.yaml delete mode 100644 rook-ceph/values.yaml delete mode 100644 synapse/values.yaml delete mode 100644 tailscale/values.yaml delete mode 100644 traefik/values.yaml diff --git a/53ll/values.yaml b/53ll/values.yaml deleted file mode 100644 index a620bca..0000000 --- a/53ll/values.yaml +++ /dev/null @@ -1,53 +0,0 @@ -image: - debug: true - -ghostBlogTitle: 53rd Parallel Photography -ghostHost: https://53ll.ca -ghostUsername: # set through cli args -existingSecret: ghost-53ll-user-secret - -allowEmptyPassword: false - - -readinessProbe: - enabled: false - -resources: - limits: - cpu: 500m - ephemeral-storage: 2Gi - memory: 250Mi - requests: - cpu: 10m - ephemeral-storage: 50Mi - memory: 128Mi -persistence: - size: 1Gi - -smtpHost: "smtp.sendgrid.net" -smtpPort: 465 -smtpUser: "apikey" -smtpService: "SendGrid" -smtpProtocol: "tls" -smtpExistingSecret: 53ll-smtp-password - -mysql: - enabled: false -externalDatabase: - host: mariadb.datastore.svc.cluster.local - user: 53ll_ghost - database: 53ll_ghost - existingSecret: ghost-53ll-db-secret - -updateStrategy: - type: Recreate - -service: - type: ClusterIP -ingress: - enabled: true - hostname: 53ll.ca - tls: true - annotations: - "traefik.ingress.kubernetes.io/router.tls.certresolver": "letsencrypt" - diff --git a/gitea/values.yaml b/gitea/values.yaml deleted file mode 100644 index e88dbb4..0000000 --- a/gitea/values.yaml +++ /dev/null @@ -1,89 +0,0 @@ -gitea: - config: - server: - ROOT_URL: https://git.incngrnt.ca/ - MINIMUM_KEY_SIZE_CHECK: false - service: - DISABLE_REGISTRATION: true - database: - DB_TYPE: postgres - indexer: - ISSUE_INDEXER_TYPE: bleve - REPO_INDEXER_ENABLED: true - cron: - enabled: true - repository: - DISABLE_DOWNLOAD_SOURCE_ARCHIVES: true - additionalConfigFromEnvs: - - name: GITEA__DATABASE__HOST - valueFrom: - secretKeyRef: - name: postgres-pguser-gitea - key: host - - name: GITEA__DATABASE__NAME - valueFrom: - secretKeyRef: - name: postgres-pguser-gitea - key: dbname - - name: GITEA__DATABASE__USER - valueFrom: - secretKeyRef: - name: postgres-pguser-gitea - key: user - - name: GITEA__DATABASE__PASSWD - valueFrom: - secretKeyRef: - name: postgres-pguser-gitea - key: password - -strategy: - type: Recreate - -ingress: - enabled: true - hosts: - - host: git.incngrnt.ca - paths: - - path: "/" - pathType: Prefix - annotations: - "traefik.ingress.kubernetes.io/router.tls.certresolver": "letsencrypt" - -service: - ssh: - type: ClusterIP - port: 22 - clusterIP: - -actions: - enabled: true - existingSecret: gitea-runner-token - existingSecretKey: token - -redis: - enabled: true -redis-cluster: - enabled: false -postgresql: - enabled: false -postgresql-ha: - enabled: false - - -extraDeploy: -- apiVersion: traefik.io/v1alpha1 - kind: IngressRouteTCP - metadata: - name: gitea-ssh - namespace: gitea - labels: - app: gitea - spec: - entryPoints: - - ssh - routes: - - match: HostSNI(`*`) - services: - - name: gitea-ssh - port: 22 - diff --git a/grafana/alloy_values.yaml b/grafana/alloy_values.yaml deleted file mode 100644 index 9fa7368..0000000 --- a/grafana/alloy_values.yaml +++ /dev/null @@ -1,199 +0,0 @@ -alloy: - clustering: - enabled: true - configMap: - content: |- - logging { - level = "info" - format = "logfmt" - } - - discovery.kubernetes "pods" { - role = "pod" - } - discovery.kubernetes "nodes" { - role = "node" - } - - discovery.relabel "pods" { - targets = discovery.kubernetes.pods.targets - - rule { - source_labels = ["__meta_kubernetes_namespace", "__meta_kubernetes_pod_label_app_kubernetes_io_name", "__meta_kubernetes_pod_container_name"] - separator = "/" - target_label = "deployment_name" - action = "replace" - } - } - loki.source.kubernetes "pods" { - targets = discovery.relabel.pods.output - forward_to = [loki.process.process.receiver] - } - loki.process "process" { - forward_to = [loki.write.loki.receiver] - - stage.drop { - older_than = "1h" - drop_counter_reason = "too old" - } - stage.match { - selector = "{instance=~\".*\"}" - stage.json { - expressions = { - level = "\"level\"", - } - } - stage.labels { - values = { - level = "level", - } - } - } - stage.label_drop { - values = [ "job", "service_name" ] - } - } - loki.write "loki" { - endpoint { - url = "http://grafana-loki-distributor:3100/loki/api/v1/push" - } - } - - discovery.relabel "metrics" { - targets = discovery.kubernetes.pods.targets - rule { - source_labels = ["__meta_kubernetes_pod_annotation_prometheus_io_port"] - target_label = "__meta_kubernetes_pod_container_port_number" - action = "keepequal" - } - rule { - source_labels = ["__meta_kubernetes_pod_container_port_number"] - regex = "" - action = "drop" - } - rule { - source_labels = ["__meta_kubernetes_pod_annotation_prometheus_io_path",] - target_label = "__metrics_path__" - separator = "" - action = "replace" - } - } - prometheus.scrape "metrics" { - clustering { - enabled = true - } - targets = discovery.relabel.metrics.output - forward_to = [prometheus.remote_write.metrics.receiver] - scrape_interval = "30s" - } - discovery.relabel "pods_metrics" { - targets = discovery.kubernetes.nodes.targets - rule { - replacement = "kubernetes.default.svc:443" - target_label = "__address__" - } - rule { - regex = "(.+)" - replacement = "/api/v1/nodes/$1/proxy/metrics/cadvisor" - source_labels = ["__meta_kubernetes_node_name"] - target_label = "__metrics_path__" - } - } - prometheus.scrape "pods_metrics" { - clustering { - enabled = true - } - targets = discovery.relabel.pods_metrics.output - job_name = "integrations/kubernetes/kubelet" - scheme = "https" - honor_labels = true - forward_to = [prometheus.remote_write.metrics.receiver] - bearer_token_file = "/run/secrets/kubernetes.io/serviceaccount/token" - tls_config { - insecure_skip_verify = true - server_name = "kubernetes" - } - scrape_interval = "30s" - } - prometheus.exporter.unix "os_metrics" { } - prometheus.scrape "os_metrics" { - clustering { - enabled = true - } - targets = prometheus.exporter.unix.os_metrics.targets - forward_to = [prometheus.remote_write.metrics.receiver] - scrape_interval = "30s" - } - - discovery.kubernetes "kube_state_metrics" { - role = "endpoints" - - selectors { - role = "endpoints" - label = "app.kubernetes.io/name=kube-state-metrics" - } - namespaces { - names = ["grafana"] - } - } - - discovery.relabel "kube_state_metrics" { - targets = discovery.kubernetes.kube_state_metrics.targets - - // only keep targets with a matching port name - rule { - source_labels = ["__meta_kubernetes_endpoint_port_name"] - regex = "http" - action = "keep" - } - - rule { - action = "replace" - replacement = "kubernetes" - target_label = "source" - } - - } - - prometheus.scrape "kube_state_metrics" { - targets = discovery.relabel.kube_state_metrics.output - job_name = "integrations/kubernetes/kube-state-metrics" - scrape_interval = "30s" - scheme = "http" - bearer_token_file = "" - tls_config { - insecure_skip_verify = true - } - - clustering { - enabled = true - } - forward_to = [prometheus.relabel.kube_state_metrics.receiver] - } - - prometheus.relabel "kube_state_metrics" { - max_cache_size = 100000 - rule { - source_labels = ["__name__"] - regex = "up|scrape_samples_scraped|kube_configmap_info|kube_configmap_metadata_resource_version|kube_daemonset.*|kube_deployment_metadata_generation|kube_deployment_spec_replicas|kube_deployment_status_condition|kube_deployment_status_observed_generation|kube_deployment_status_replicas_available|kube_deployment_status_replicas_updated|kube_horizontalpodautoscaler_spec_max_replicas|kube_horizontalpodautoscaler_spec_min_replicas|kube_horizontalpodautoscaler_status_current_replicas|kube_horizontalpodautoscaler_status_desired_replicas|kube_job.*|kube_namespace_status_phase|kube_node.*|kube_persistentvolume_status_phase|kube_persistentvolumeclaim_access_mode|kube_persistentvolumeclaim_info|kube_persistentvolumeclaim_labels|kube_persistentvolumeclaim_resource_requests_storage_bytes|kube_persistentvolumeclaim_status_phase|kube_pod_container_info|kube_pod_container_resource_limits|kube_pod_container_resource_requests|kube_pod_container_status_last_terminated_reason|kube_pod_container_status_restarts_total|kube_pod_container_status_waiting_reason|kube_pod_info|kube_pod_owner|kube_pod_spec_volumes_persistentvolumeclaims_info|kube_pod_start_time|kube_pod_status_phase|kube_pod_status_reason|kube_replicaset.*|kube_resourcequota|kube_secret_metadata_resource_version|kube_statefulset.*" - action = "keep" - } - - forward_to = [prometheus.remote_write.metrics.receiver] - } - - prometheus.remote_write "metrics" { - endpoint { - url = "http://grafana-mimir-nginx/api/v1/push" - } - } - - - - resources: - requests: - cpu: 1m - memory: 5Mi - limits: - cpu: 1 - memory: 400Mi diff --git a/grafana/values.yaml b/grafana/values.yaml deleted file mode 100644 index 20b3c55..0000000 --- a/grafana/values.yaml +++ /dev/null @@ -1,19 +0,0 @@ -grafana: - ingress: - enabled: true - hosts: - - watcher.incngrnt.ca - annotations: - "traefik.ingress.kubernetes.io/router.tls.certresolver": "letsencrypt" - - persistence: - enabled: true - -mimir: - mimir: - structuredConfig: - limits: - compactor_blocks_retention_period: 2h - ingester: - persistentVolume: - size: 5Gi diff --git a/incngrnt-web/values.yaml b/incngrnt-web/values.yaml deleted file mode 100644 index 84726b5..0000000 --- a/incngrnt-web/values.yaml +++ /dev/null @@ -1,14 +0,0 @@ -init: - method: wget - wget: - url: https://git.incngrnt.ca/grant/incngrnt/releases/download/v0.0.8/v0.0.8.tar - -ingress: - enabled: true - annotations: - "traefik.ingress.kubernetes.io/router.tls.certresolver": "letsencrypt" - hosts: - - host: incngrnt.ca - paths: - - path: / - pathType: ImplementationSpecific diff --git a/k8up/values.yaml b/k8up/values.yaml deleted file mode 100644 index 7b2b09d..0000000 --- a/k8up/values.yaml +++ /dev/null @@ -1,4 +0,0 @@ -k8up: - envVars: - - name: BACKUP_GLOBAL_CONCURRENT_BACKUP_JOBS_LIMIT - values: 1 diff --git a/kgnot/values.yaml b/kgnot/values.yaml deleted file mode 100644 index 4d818ff..0000000 --- a/kgnot/values.yaml +++ /dev/null @@ -1,54 +0,0 @@ -image: - debug: true - -ghostBlogTitle: K&G Tie the Kgnot -ghostHost: https://kgnot.ca -ghostUsername: # set through cli args -existingSecret: ghost-kgnot-user-secret - -allowEmptyPassword: false - - -readinessProbe: - enabled: false - -resources: - limits: - cpu: 500m - ephemeral-storage: 2Gi - memory: 250Mi - requests: - cpu: 10m - ephemeral-storage: 50Mi - memory: 128Mi - -persistence: - size: 1Gi - -smtpHost: "smtp.sendgrid.net" -smtpPort: 465 -smtpUser: "apikey" -smtpService: "SendGrid" -smtpProtocol: "tls" -smtpExistingSecret: kgnot-smtp-password - -mysql: - enabled: false -externalDatabase: - host: mariadb.datastore.svc.cluster.local - user: kgnot_ghost - database: kgnot_ghost - existingSecret: ghost-kgnot-db-secret - -updateStrategy: - type: Recreate - -service: - type: ClusterIP - -ingress: - enabled: true - hostname: kgnot.ca - tls: true - annotations: - "traefik.ingress.kubernetes.io/router.tls.certresolver": "letsencrypt" diff --git a/mariadb/values.yaml b/mariadb/values.yaml deleted file mode 100644 index 5e99f28..0000000 --- a/mariadb/values.yaml +++ /dev/null @@ -1,14 +0,0 @@ -persistent: - size: 5Gi - -primary: - resources: - limits: - cpu: 375m - ephemeral-storage: 2Gi - memory: 384Mi - requests: - cpu: 50m - ephemeral-storage: 50Mi - memory: 256Mi - diff --git a/matrix-registration/values.yaml b/matrix-registration/values.yaml deleted file mode 100644 index 302e072..0000000 --- a/matrix-registration/values.yaml +++ /dev/null @@ -1,5 +0,0 @@ -serverLocation: http://goatchat-matrix-synapse:8008 -serverName: goatchat.ca -serverBaseUrl: /gate -registrationSharedSecret: # set through cli -adminApiSharedSecret: # set through cli diff --git a/metallb/values.yaml b/metallb/values.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/postgres/operator-values.yaml b/postgres/operator-values.yaml deleted file mode 100644 index a4783b6..0000000 --- a/postgres/operator-values.yaml +++ /dev/null @@ -1,2 +0,0 @@ -pgoControllerLeaseName: '' -replicas: 1 diff --git a/postgres/values.yaml b/postgres/values.yaml deleted file mode 100644 index 3321d69..0000000 --- a/postgres/values.yaml +++ /dev/null @@ -1,45 +0,0 @@ -instanceSize: 50Gi - -patroni: - dynamicConfiguration: - postgresql: - pg_hba: - - "host all all all scram-sha-256" - shared_preload_libraries: pgvector -users: - - name: grant - databases: - - postgres - - synapse - - gitea - - immich - options: "SUPERUSER LOGIN" - - name: synapse - databases: - - synapse - options: "LOGIN" - - name: gitea - databases: - - gitea - options: "LOGIN" - - name: immich - databases: - - immich - options: "LOGIN" - - -pgBackRestConfig: - global: - repo1-path: /pgbackrest/datastore/postgres/repo1 - repo1-retention-full: "10" - repo1-retention-full-type: count - - repos: - - name: repo1 - s3: - bucket: fog - endpoint: hel1.your-objectstorage.com - region: hel1 - schedules: - full: "0 1 * * 0" - differential: "0 1 * * 1-6" diff --git a/rook-ceph-cluster/values.yaml b/rook-ceph-cluster/values.yaml deleted file mode 100644 index 35eac5d..0000000 --- a/rook-ceph-cluster/values.yaml +++ /dev/null @@ -1,82 +0,0 @@ -cephClusterSpec: - dashboard: - ssl: false - - storage: - useAllNodes: true - useAllDevices: false - deviceFilter: "^sda" - resources: - mgr: - requests: - cpu: 50m - memory: 256Mi - limits: - cpu: "1" - mon: - requests: - cpu: 100m - memory: 256Mi - limits: - cpu: "1" - osd: - requests: - cpu: 100m - memory: 256Mi - limits: - cpu: "1" - -ingress: - dashboard: - host: - name: fog.incngrnt.ca - path: /fog/ceph - pathType: Prefix - annotations: - "traefik.ingress.kubernetes.io/router.tls.certresolver": "letsencrypt" - "traefik.ingress.kubernetes.io/router.middlewares": "rook-ceph-ceph-stripprefix@kubernetescrd" - -cephFileSystems: - - name: ceph-filesystem - # see https://github.com/rook/rook/blob/master/Documentation/ceph-filesystem-crd.md#filesystem-settings for available configuration - spec: - metadataPool: - replicated: - size: 2 - dataPools: - - failureDomain: host - replicated: - size: 2 - # Optional and highly recommended, 'data0' by default, see https://github.com/rook/rook/blob/master/Documentation/ceph-filesystem-crd.md#pools - name: data0 - metadataServer: - activeCount: 1 - activeStandby: true - resources: - requests: - cpu: 50m - memory: 256Mi - limit: - cpu: "1" - storageClass: - enabled: true - isDefault: false - name: ceph-filesystem - # (Optional) specify a data pool to use, must be the name of one of the data pools above, 'data0' by default - pool: data0 - reclaimPolicy: Delete - allowVolumeExpansion: true - mountOptions: [] - # see https://github.com/rook/rook/blob/master/Documentation/ceph-filesystem.md#provision-storage for available configuration - parameters: - # The secrets contain Ceph admin credentials. - csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner - csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph - csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner - csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph - csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node - csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph - # Specify the filesystem type of the volume. If not specified, csi-provisioner - # will set default as `ext4`. Note that `xfs` is not recommended due to potential deadlock - # in hyperconverged settings where the volume is mounted on the same node as the osds. - csi.storage.k8s.io/fstype: ext4 diff --git a/rook-ceph/values.yaml b/rook-ceph/values.yaml deleted file mode 100644 index 27bc9b4..0000000 --- a/rook-ceph/values.yaml +++ /dev/null @@ -1,4 +0,0 @@ -resources: - requests: - cpu: 100m - memory: 128Mi diff --git a/synapse/values.yaml b/synapse/values.yaml deleted file mode 100644 index 45867b7..0000000 --- a/synapse/values.yaml +++ /dev/null @@ -1,84 +0,0 @@ -serverName: 'goatchat.ca' -publicServerName: 'goatchat.ca' - -wellknown: - enabled: true - -signingkey: - job: - enabled: false - existingSecret: goatchatca-signingkey - existingSecretKey: signing.key - -synapse: - strategy: - type: Recreate - resources: - requests: - cpu: 10m - memory: 160Mi - limits: - cpu: '1' - memory: 320Mi - -config: - macaroonSecretKey: # set through cli args - registrationSharedSecret: # set through cli args - -extraConfig: - url_preview_enabled: true - url_preview_ip_range_blacklist: - - '127.0.0.0/8' - - '10.0.0.0/8' - - '172.16.0.0/12' - - '192.168.0.0/16' - - '100.64.0.0/10' - - '169.254.0.0/16' - - '::1/128' - - 'fe80::/64' - - 'fc00::/7' - - max_upload_size: 100M - - email: - enable_notifs: true - smtp_host: "smtp.sendgrid.net" - smtp_port: 587 - smtp_user: "apikey" - smtp_pass: # set through cli args - require_transport_security: true - notif_from: "Your Friendly %(app)s homeserver " - app_name: Goatchat - validation_token_lifetime: 1h - - - user_directory: - enabled: true - search_all_users: true - prefer_local_users: true - - server_notices: - system_mxid_localpart: notices - system_mxid_display_name: "Screaming Goat" - system_mxid_avatar_url: "" - room_name: "Goatchat Notices" - room_avatar_url: "" - room_topic: "Room used by your server admin to notify you of important information" - auto_join: true - - -ingress: - traefikPaths: true - annotations: - "traefik.ingress.kubernetes.io/router.tls.certresolver": "letsencrypt" - - -persistence: - size: 30Gi - -postgresql: - enabled: false -externalPostgresql: - host: postgres-primary.datastore.svc - existingSecret: postgres-pguser-synapse - existingSecretPasswordKey: password diff --git a/tailscale/values.yaml b/tailscale/values.yaml deleted file mode 100644 index 21ec46a..0000000 --- a/tailscale/values.yaml +++ /dev/null @@ -1,4 +0,0 @@ -operatorConfig: - extraEnv: - - name: PROXY_PRIORITY_CLASS_NAME - value: critical diff --git a/traefik/values.yaml b/traefik/values.yaml deleted file mode 100644 index 920f18e..0000000 --- a/traefik/values.yaml +++ /dev/null @@ -1,102 +0,0 @@ -deployment: - initContainers: - - name: volume-permissions - image: busybox:latest - command: ["sh", "-c", "touch /data/acme.json; chmod -v 600 /data/acme.json"] - volumeMounts: - - name: data - mountPath: /data - -updateStrategy: - type: Recreate - -env: - - name: HETZNER_API_KEY - valueFrom: - secretKeyRef: - name: hetzner-api-key - key: token - -additionalArguments: - - "--api.basePath=/fog/traefik" - -persistence: - enabled: true - -logs: - format: json - access: - enabled: true - format: json - -service: - spec: - externalTrafficPolicy: Local - -ingressRoute: - dashboard: - enabled: true - matchRule: Host(`fog.incngrnt.ca`) && (PathPrefix(`/fog/traefik/dashboard`) || PathPrefix(`/fog/traefik/api`)) - entryPoints: ["websecure"] - middlewares: - - name: traefik-dashboard-auth - tls: - certResolver: letsencrypt - -ports: - websecure: - middlewares: - - traefik-rate-limit@kubernetescrd - web: - middlewares: - - traefik-redirectscheme@kubernetescrd - ssh: - port: 2222 - expose: - default: true - exposedPort: 2222 - protocol: TCP - - -extraObjects: - - apiVersion: v1 - kind: Secret - metadata: - name: traefik-dashboard-auth-secret - type: kubernetes.io/basic-auth - stringData: - username: admin - password: # set through cli args - - - apiVersion: traefik.io/v1alpha1 - kind: Middleware - metadata: - name: traefik-dashboard-auth - spec: - basicAuth: - secret: traefik-dashboard-auth-secret - - apiVersion: traefik.io/v1alpha1 - kind: Middleware - metadata: - name: rate-limit - spec: - rateLimit: - average: 50 - burst: 100 - - apiVersion: traefik.io/v1alpha1 - kind: Middleware - metadata: - name: redirectscheme - spec: - redirectScheme: - scheme: https - permanent: true - -certificatesResolvers: - letsencrypt: - acme: - dnschallenge: - provider: hetzner - delaybeforecheck: 30 - email: # set through cli args - storage: /data/acme.json