Compare commits
3 Commits
1e00abc934
...
12bcabf7b2
| Author | SHA1 | Date | |
|---|---|---|---|
|
12bcabf7b2 | ||
|
|
23cc0fd76c | ||
|
|
485f26ca19 |
@ -2,34 +2,34 @@ version: 0.170.1
|
||||
dependencies:
|
||||
- name: alloy
|
||||
repository: https://grafana.github.io/helm-charts
|
||||
version: 1.0.2
|
||||
version: 1.0.3
|
||||
- name: ghost
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 22.2.15
|
||||
version: 23.0.3
|
||||
- name: ghost
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 22.2.15
|
||||
version: 23.0.3
|
||||
- name: gitea
|
||||
repository: https://dl.gitea.io/charts
|
||||
version: 11.0.1
|
||||
- name: immich
|
||||
repository: https://immich-app.github.io/immich-charts
|
||||
version: 0.9.2
|
||||
version: 0.9.3
|
||||
- name: k8up
|
||||
repository: https://k8up-io.github.io/k8up
|
||||
version: 4.8.4
|
||||
- name: kube-state-metrics
|
||||
repository: https://prometheus-community.github.io/helm-charts
|
||||
version: 5.33.0
|
||||
version: 5.33.1
|
||||
- name: lgtm-distributed
|
||||
repository: https://grafana.github.io/helm-charts
|
||||
version: 2.1.0
|
||||
- name: mariadb
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 20.5.3
|
||||
version: 20.5.5
|
||||
- name: matrix-synapse
|
||||
repository: https://ananace.gitlab.io/charts
|
||||
version: 3.11.8
|
||||
version: 3.12.0
|
||||
- name: pgo
|
||||
repository: git+https://github.com/grantdhunter/postgres-operator@helm?ref=main
|
||||
version: 5.8.1
|
||||
@ -38,10 +38,10 @@ dependencies:
|
||||
version: 5.7.4
|
||||
- name: rook-ceph
|
||||
repository: https://charts.rook.io/release
|
||||
version: v1.17.1
|
||||
version: v1.17.2
|
||||
- name: rook-ceph-cluster
|
||||
repository: https://charts.rook.io/release
|
||||
version: v1.17.1
|
||||
version: v1.17.2
|
||||
- name: static-site
|
||||
repository: git+https://github.com/cfpb/static-site@charts?ref=main
|
||||
version: 0.1.1
|
||||
@ -50,6 +50,6 @@ dependencies:
|
||||
version: 1.82.0
|
||||
- name: traefik
|
||||
repository: https://traefik.github.io/charts
|
||||
version: 35.1.0
|
||||
digest: sha256:0f76bdeb08192e5e6b2ab43e8e76c9db3c7e60f048fd898792a3285f4082ae37
|
||||
generated: "2025-04-28T10:17:31.616984087-06:00"
|
||||
version: 35.2.0
|
||||
digest: sha256:1a28daf0763e7dab2d0a974f717a4f9818bf0e7785e5ba1b1cef182dee2833e0
|
||||
generated: "2025-05-19T00:03:46.329319824-06:00"
|
||||
|
||||
@ -47,13 +47,13 @@ releases:
|
||||
namespace: tailscale
|
||||
createNamespace: true
|
||||
chart: tailscale/tailscale-operator
|
||||
values:
|
||||
- ./tailscale/values.yaml
|
||||
setString:
|
||||
- name: oauth.clientId
|
||||
value: {{ requiredEnv "TAILSCALE_OAUTH_CLIENT_ID" }}
|
||||
- name: oauth.clientSecret
|
||||
value: {{ requiredEnv "TAILSCALE_OAUTH_CLIENT_SECRET" }}
|
||||
- name: apiServerProxyConfig.mode
|
||||
value: noauth
|
||||
# storage infrastructure
|
||||
- name: rook-ceph
|
||||
namespace: rook-ceph
|
||||
|
||||
4
justfile
4
justfile
@ -8,8 +8,10 @@ sdiff ARGS='':
|
||||
bws run 'helmfile diff --output simple'
|
||||
|
||||
ddiff ARGS='':
|
||||
bws run 'helmfile diff --output dyff'
|
||||
bws run 'helmfile diff --output dyff {{ARGS}}'
|
||||
|
||||
cleanuppods:
|
||||
kubectl get pods --no-headers | grep -v Running | awk '{print $1}' | xargs kubectl delete pod
|
||||
|
||||
pgrestart:
|
||||
kubectl patch postgrescluster/postgres --type merge --patch '{"spec":{"metadata":{"annotations":{"restarted":"'"$(date)"'"}}}}'
|
||||
11
tailscale/connector.yaml
Normal file
11
tailscale/connector.yaml
Normal file
@ -0,0 +1,11 @@
|
||||
apiVersion: tailscale.com/v1alpha1
|
||||
kind: Connector
|
||||
metadata:
|
||||
name: home-cidr
|
||||
spec:
|
||||
tags:
|
||||
- "tag:k8s"
|
||||
hostname: home-cidr
|
||||
subnetRouter:
|
||||
advertiseRoutes:
|
||||
- "192.168.1.0/24"
|
||||
30
tailscale/rbac.yaml
Normal file
30
tailscale/rbac.yaml
Normal file
@ -0,0 +1,30 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: tailscale
|
||||
|
||||
---
|
||||
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: tailscale
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resourceNames: ["tailscale-auth"]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get", "update", "patch"]
|
||||
|
||||
---
|
||||
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: tailscale
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: tailscale
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: tailscale
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
4
tailscale/values.yaml
Normal file
4
tailscale/values.yaml
Normal file
@ -0,0 +1,4 @@
|
||||
operatorConfig:
|
||||
extraEnv:
|
||||
- name: PROXY_PRIORITY_CLASS_NAME
|
||||
value: critical
|
||||
15
utils/priorityclasses.yaml
Normal file
15
utils/priorityclasses.yaml
Normal file
@ -0,0 +1,15 @@
|
||||
apiVersion: scheduling.k8s.io/v1
|
||||
kind: PriorityClass
|
||||
metadata:
|
||||
name: critical
|
||||
value: 1000000
|
||||
globalDefault: false
|
||||
description: "This priority class is for admin and critical maintenance services"
|
||||
---
|
||||
apiVersion: scheduling.k8s.io/v1
|
||||
kind: PriorityClass
|
||||
metadata:
|
||||
name: high
|
||||
value: 500000
|
||||
globalDefault: false
|
||||
description: "This priority class is for high value services"
|
||||
Loading…
x
Reference in New Issue
Block a user