grant/fog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add infrastructure

Browse Source
This commit is contained in:
Grant 2025-02-01 14:19:14 -07:00
parent 5ac5f7c75a
commit cc3f8446d6
8 changed files with 145 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mariadb/values.yaml Normal file
View File

@ -0,0 +1,2 @@
persistent:
size: 5Gi

10
metallb/ipaddresspool.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: fog-pool
namespace: metallb-system
spec:
addresses:
- 192.168.1.38/32
- 192.168.1.39/32
- 192.168.1.43/32

5
metallb/kubeproxy.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
mode: "ipvs"
ipvs:
strictARP: true

5
metallb/l2advertisement.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: fog
namespace: metallb-system

2
postgres/operator-values.yaml Normal file
View File

@ -0,0 +1,2 @@
pgoControllerLeaseName: ''
replicas: 1

22
postgres/values.yaml Normal file
View File

@ -0,0 +1,22 @@
instanceSize: 5Gi
backupsSize: 5Gi
patroni:
dynamicConfiguration:
postgresql:
pg_hba:
- "host all all all scram-sha-256"
users:
- name: grant
databases:
- postgres
- synapse
options: "SUPERUSER LOGIN"
- name: synapse
databases:
- synapse
options: "LOGIN"

28
rook-ceph-cluster/route.yaml Normal file
View File

@ -0,0 +1,28 @@
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: rook-ceph-mgr-dashboard
spec:
entryPoints:
- websecure
routes:
- match: Host(`fog.goatchat.ca`) && PathPrefix(`/fog/ceph`)
kind: Rule
middlewares:
- name: ceph-stripprefix
services:
- kind: Service
name: rook-ceph-mgr-dashboard
port: 7000
tls:
certResolver: letsencrypt
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: ceph-stripprefix
spec:
stripPrefix:
prefixes:
- /fog/ceph

71
rook-ceph-cluster/values.yaml Normal file
View File

@ -0,0 +1,71 @@
cephClusterSpec:
dashboard:
ssl: false
storage:
useAllNodes: true
useAllDevices: false
deviceFilter: "^sda"
resources:
mgr:
requests:
cpu: 250m
memory: 256Mi
limits:
cpu: "1"
mon:
requests:
cpu: 250m
memory: 256Mi
limits:
cpu: "1"
osd:
requests:
cpu: 250m
memory: 256Mi
limits:
cpu: "1"
cephFileSystems:
- name: ceph-filesystem
# see https://github.com/rook/rook/blob/master/Documentation/ceph-filesystem-crd.md#filesystem-settings for available configuration
spec:
metadataPool:
replicated:
size: 2
dataPools:
- failureDomain: host
replicated:
size: 2
# Optional and highly recommended, 'data0' by default, see https://github.com/rook/rook/blob/master/Documentation/ceph-filesystem-crd.md#pools
name: data0
metadataServer:
activeCount: 1
activeStandby: true
resources:
requests:
cpu: 250m
memory: 256Mi
limit:
cpu: "1"
storageClass:
enabled: true
isDefault: false
name: ceph-filesystem
# (Optional) specify a data pool to use, must be the name of one of the data pools above, 'data0' by default
pool: data0
reclaimPolicy: Delete
allowVolumeExpansion: true
mountOptions: []
# see https://github.com/rook/rook/blob/master/Documentation/ceph-filesystem.md#provision-storage for available configuration
parameters:
# The secrets contain Ceph admin credentials.
csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner
csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph
csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner
csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph
csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node
csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph
# Specify the filesystem type of the volume. If not specified, csi-provisioner
# will set default as `ext4`. Note that `xfs` is not recommended due to potential deadlock
# in hyperconverged settings where the volume is mounted on the same node as the osds.
csi.storage.k8s.io/fstype: ext4