Compare commits
41 Commits
renovate/g
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
| c8e73f6531 | |||
| 9375d89604 | |||
| c90999316d | |||
| cec6a4a557 | |||
| 495c5b2ef3 | |||
| d0189facbc | |||
| 8d05b9bc13 | |||
| c47fd16eae | |||
| bbdfa6f420 | |||
| a3c311c74c | |||
| 6126d83bd7 | |||
| 11775c08b7 | |||
| aadc1aec2a | |||
| 044a6e2428 | |||
| d18858c464 | |||
| 9ce7081f4f | |||
| d4f5f92fca | |||
| 12662da158 | |||
| b20545290c | |||
| 199cb325ee | |||
| c1b60ddbea | |||
| afd0d9aa4e | |||
| be38994f30 | |||
| a4e27b0a8d | |||
| 807b1ac1a6 | |||
| 3252358d95 | |||
| 83f530725e | |||
| dd866e241e | |||
| 92c45e7a01 | |||
| 4ce37ccdd5 | |||
| 281eeb2571 | |||
| 104338b3aa | |||
| a555f67fc7 | |||
| 2d51e7e85a | |||
| f3ff5fbb9f | |||
| eac3b18ef2 | |||
| bc6e85fe90 | |||
| ceae756a2f | |||
| b056354f20 | |||
| d053452ba1 | |||
| 1a34c57cf7 |
@ -36,7 +36,7 @@ See [services](./kubernetes/apps/production/) for a list of services that I use
|
|||||||
|
|
||||||
## Todo
|
## Todo
|
||||||
|
|
||||||
Nothing !
|
- [ ] Setup Grafana and Traefik metrics
|
||||||
|
|
||||||
### Backlog
|
### Backlog
|
||||||
|
|
||||||
@ -68,6 +68,6 @@ Don't forget to give the project a star! Thanks again!
|
|||||||
[traefik]: https://traefik.io/
|
[traefik]: https://traefik.io/
|
||||||
[cert-manager]: https://cert-manager.io/
|
[cert-manager]: https://cert-manager.io/
|
||||||
[metallb]: https://metallb.org/
|
[metallb]: https://metallb.org/
|
||||||
[nfs]: https://nfs.fascinated.cc/
|
[nfs]: https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner/
|
||||||
[spegel]: https://github.com/spegel-org/spegel/
|
[spegel]: https://github.com/spegel-org/spegel/
|
||||||
[eraser]: https://github.com/eraser-dev/eraser/
|
[eraser]: https://github.com/eraser-dev/eraser/
|
||||||
|
|||||||
@ -15,6 +15,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: drone-service
|
- name: drone-service
|
||||||
port: 80
|
port: 80
|
||||||
|
|||||||
@ -14,6 +14,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: searxng-service
|
- name: searxng-service
|
||||||
port: 8080
|
port: 8080
|
||||||
|
|||||||
@ -16,7 +16,7 @@ spec:
|
|||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: flyimg-container
|
- name: flyimg-container
|
||||||
image: flyimg/flyimg:1.4.13
|
image: flyimg/flyimg:1.4.14
|
||||||
securityContext:
|
securityContext:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
ports:
|
ports:
|
||||||
@ -26,8 +26,8 @@ spec:
|
|||||||
cpu: 50m
|
cpu: 50m
|
||||||
memory: 100Mi
|
memory: 100Mi
|
||||||
limits:
|
limits:
|
||||||
cpu: 1000m # 1 vCPU
|
cpu: 2000m
|
||||||
memory: 200Mi
|
memory: 512Mi
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: flyimg-storage
|
- name: flyimg-storage
|
||||||
mountPath: /var/www/html/web/uploads
|
mountPath: /var/www/html/web/uploads
|
||||||
|
|||||||
@ -14,6 +14,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: flyimg-service
|
- name: flyimg-service
|
||||||
port: 80
|
port: 80
|
||||||
|
|||||||
@ -5,7 +5,7 @@ metadata:
|
|||||||
name: volsync-repository
|
name: volsync-repository
|
||||||
namespace: backups
|
namespace: backups
|
||||||
spec:
|
spec:
|
||||||
interval: 12h
|
interval: 5m0s
|
||||||
url: https://backube.github.io/helm-charts/
|
url: https://backube.github.io/helm-charts/
|
||||||
---
|
---
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
|
|||||||
@ -14,6 +14,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: capacitor
|
- name: capacitor
|
||||||
port: 9000
|
port: 9000
|
||||||
|
|||||||
@ -5,7 +5,7 @@ metadata:
|
|||||||
name: cert-manager
|
name: cert-manager
|
||||||
namespace: cert-manager
|
namespace: cert-manager
|
||||||
spec:
|
spec:
|
||||||
interval: 12h
|
interval: 5m0s
|
||||||
url: https://charts.jetstack.io
|
url: https://charts.jetstack.io
|
||||||
---
|
---
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
@ -18,7 +18,7 @@ spec:
|
|||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: cert-manager
|
chart: cert-manager
|
||||||
version: "1.15.3"
|
version: "v1.16.1"
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: cert-manager
|
name: cert-manager
|
||||||
|
|||||||
@ -8,7 +8,7 @@ spec:
|
|||||||
interval: 30m
|
interval: 30m
|
||||||
url: https://github.com/traefik/traefik-helm-chart.git
|
url: https://github.com/traefik/traefik-helm-chart.git
|
||||||
ref:
|
ref:
|
||||||
tag: v31.1.1
|
tag: v32.1.1
|
||||||
ignore: |
|
ignore: |
|
||||||
# exclude all
|
# exclude all
|
||||||
/*
|
/*
|
||||||
|
|||||||
@ -15,6 +15,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: notification-controller
|
- name: notification-controller
|
||||||
port: 80
|
port: 80
|
||||||
|
|||||||
@ -14,6 +14,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: kube-prometheus-stack-grafana
|
- name: kube-prometheus-stack-grafana
|
||||||
port: 80
|
port: 80
|
||||||
|
|||||||
@ -5,7 +5,7 @@ metadata:
|
|||||||
name: monitoring
|
name: monitoring
|
||||||
namespace: monitoring
|
namespace: monitoring
|
||||||
spec:
|
spec:
|
||||||
interval: 12h
|
interval: 5m0s
|
||||||
url: https://prometheus-community.github.io/helm-charts
|
url: https://prometheus-community.github.io/helm-charts
|
||||||
---
|
---
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
@ -18,7 +18,7 @@ spec:
|
|||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: kube-prometheus-stack
|
chart: kube-prometheus-stack
|
||||||
version: "62.7.0"
|
version: "65.2.0"
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: monitoring
|
name: monitoring
|
||||||
|
|||||||
@ -5,7 +5,7 @@ metadata:
|
|||||||
name: csi-driver-nfs
|
name: csi-driver-nfs
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
spec:
|
spec:
|
||||||
interval: 12h
|
interval: 5m0s
|
||||||
url: https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts
|
url: https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts
|
||||||
---
|
---
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
|
|||||||
@ -5,7 +5,7 @@ metadata:
|
|||||||
name: sealed-secrets
|
name: sealed-secrets
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
spec:
|
spec:
|
||||||
interval: 12h
|
interval: 5m0s
|
||||||
url: https://bitnami-labs.github.io/sealed-secrets
|
url: https://bitnami-labs.github.io/sealed-secrets
|
||||||
---
|
---
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
|
|||||||
@ -18,7 +18,7 @@ spec:
|
|||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: spegel
|
chart: spegel
|
||||||
version: "v0.0.24"
|
version: "v0.0.26"
|
||||||
interval: 5m
|
interval: 5m
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: aetheria-grafana-external
|
- name: aetheria-grafana-external
|
||||||
port: 3000
|
port: 3000
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: aetheria-influx-external
|
- name: aetheria-influx-external
|
||||||
port: 8086
|
port: 8086
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: analytics-external
|
- name: analytics-external
|
||||||
port: 8000
|
port: 8000
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: mc-utils-api-external
|
- name: mc-utils-api-external
|
||||||
port: 80
|
port: 80
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: azure-metrics-external
|
- name: azure-metrics-external
|
||||||
port: 3000
|
port: 3000
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: azure-phpma-external
|
- name: azure-phpma-external
|
||||||
port: 8080
|
port: 8080
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: bitmagnet-local-external
|
- name: bitmagnet-local-external
|
||||||
port: 3333
|
port: 3333
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: cdn-external
|
- name: cdn-external
|
||||||
port: 8087
|
port: 8087
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: nextcloud-external
|
- name: nextcloud-external
|
||||||
port: 80
|
port: 80
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: docs-external
|
- name: docs-external
|
||||||
port: 80
|
port: 80
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: main-site-external
|
- name: main-site-external
|
||||||
port: 3000
|
port: 3000
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: git-external
|
- name: git-external
|
||||||
port: 3003
|
port: 3003
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: sentry-external
|
- name: sentry-external
|
||||||
port: 8000
|
port: 8000
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: mc-utils-grafana-external
|
- name: mc-utils-grafana-external
|
||||||
port: 3000
|
port: 3000
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: mc-utils-influx-external
|
- name: mc-utils-influx-external
|
||||||
port: 8086
|
port: 8086
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: mastodon-external
|
- name: mastodon-external
|
||||||
port: 3000
|
port: 3000
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: mc-tracker-external
|
- name: mc-tracker-external
|
||||||
port: 3000
|
port: 3000
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: mc-utils-external
|
- name: mc-utils-external
|
||||||
port: 80
|
port: 80
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: node-hl-01-external
|
- name: node-hl-01-external
|
||||||
port: 443
|
port: 443
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: obsidian-sync-external
|
- name: obsidian-sync-external
|
||||||
port: 5984
|
port: 5984
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: overseerr-external
|
- name: overseerr-external
|
||||||
port: 5055
|
port: 5055
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: owntracks-web-external
|
- name: owntracks-web-external
|
||||||
port: 6969
|
port: 6969
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: owntracks-external
|
- name: owntracks-external
|
||||||
port: 8083
|
port: 8083
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: panel-external
|
- name: panel-external
|
||||||
port: 80
|
port: 80
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: paste-grafana-local-external
|
- name: paste-grafana-local-external
|
||||||
port: 3035
|
port: 3035
|
||||||
|
|||||||
@ -0,0 +1,35 @@
|
|||||||
|
kind: Service
|
||||||
|
apiVersion: v1
|
||||||
|
metadata:
|
||||||
|
name: paste-external
|
||||||
|
namespace: traefik
|
||||||
|
spec:
|
||||||
|
type: ExternalName
|
||||||
|
externalName: 10.0.50.118
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
port: 8080
|
||||||
|
---
|
||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: IngressRoute
|
||||||
|
metadata:
|
||||||
|
name: paste-external-ingress
|
||||||
|
namespace: traefik
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/ingress.class: traefik-external
|
||||||
|
spec:
|
||||||
|
entryPoints:
|
||||||
|
- websecure
|
||||||
|
routes:
|
||||||
|
- match: Host(`paste.fascinated.cc`)
|
||||||
|
kind: Rule
|
||||||
|
middlewares:
|
||||||
|
- name: default-headers
|
||||||
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
|
services:
|
||||||
|
- name: paste-external
|
||||||
|
port: 8080
|
||||||
|
tls:
|
||||||
|
secretName: fascinated-cc
|
||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: plex-external
|
- name: plex-external
|
||||||
port: 32400
|
port: 32400
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: proxmox-luna-local-external
|
- name: proxmox-luna-local-external
|
||||||
port: 8006
|
port: 8006
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: repo-external
|
- name: repo-external
|
||||||
port: 8080
|
port: 8080
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: restic-backups-external
|
- name: restic-backups-external
|
||||||
port: 8000
|
port: 8000
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: slash-external
|
- name: slash-external
|
||||||
port: 5231
|
port: 5231
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: sonarr-anime-local-external
|
- name: sonarr-anime-local-external
|
||||||
port: 8988
|
port: 8988
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: sonarr-local-external
|
- name: sonarr-local-external
|
||||||
port: 8989
|
port: 8989
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: ssr-staging-external
|
- name: ssr-staging-external
|
||||||
port: 80
|
port: 80
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: status-external
|
- name: status-external
|
||||||
port: 3001
|
port: 3001
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: subscriptions-external
|
- name: subscriptions-external
|
||||||
port: 8282
|
port: 8282
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: tautulli-external
|
- name: tautulli-external
|
||||||
port: 8181
|
port: 8181
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: tdarr-local-external
|
- name: tdarr-local-external
|
||||||
port: 8265
|
port: 8265
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: teleport-external
|
- name: teleport-external
|
||||||
port: 3080
|
port: 3080
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: torrent-local-external
|
- name: torrent-local-external
|
||||||
port: 8080
|
port: 8080
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: translate-external
|
- name: translate-external
|
||||||
port: 5000
|
port: 5000
|
||||||
|
|||||||
@ -0,0 +1,35 @@
|
|||||||
|
kind: Service
|
||||||
|
apiVersion: v1
|
||||||
|
metadata:
|
||||||
|
name: trigger-external
|
||||||
|
namespace: traefik
|
||||||
|
spec:
|
||||||
|
type: ExternalName
|
||||||
|
externalName: 10.0.50.205
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
port: 3040
|
||||||
|
---
|
||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: IngressRoute
|
||||||
|
metadata:
|
||||||
|
name: trigger-external-ingress
|
||||||
|
namespace: traefik
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/ingress.class: traefik-external
|
||||||
|
spec:
|
||||||
|
entryPoints:
|
||||||
|
- websecure
|
||||||
|
routes:
|
||||||
|
- match: Host(`trigger.fascinated.cc`)
|
||||||
|
kind: Rule
|
||||||
|
middlewares:
|
||||||
|
- name: default-headers
|
||||||
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
|
services:
|
||||||
|
- name: trigger-external
|
||||||
|
port: 3040
|
||||||
|
tls:
|
||||||
|
secretName: fascinated-cc
|
||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: tube-external
|
- name: tube-external
|
||||||
port: 8209
|
port: 8209
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: vaultwarden-external
|
- name: vaultwarden-external
|
||||||
port: 4743
|
port: 4743
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: vencloud-external
|
- name: vencloud-external
|
||||||
port: 8080
|
port: 8080
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: wakatime-external
|
- name: wakatime-external
|
||||||
port: 3355
|
port: 3355
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: wazuh-external
|
- name: wazuh-external
|
||||||
port: 443
|
port: 443
|
||||||
|
|||||||
@ -26,6 +26,8 @@ spec:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- name: default-headers
|
- name: default-headers
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
|
- name: compress
|
||||||
|
namespace: traefik
|
||||||
services:
|
services:
|
||||||
- name: wiki-external
|
- name: wiki-external
|
||||||
port: 80
|
port: 80
|
||||||
|
|||||||
@ -9,5 +9,6 @@ resources:
|
|||||||
- ./certificates/local-fascinated-cc.yaml
|
- ./certificates/local-fascinated-cc.yaml
|
||||||
- ./certificates/mcutils-xyz.yaml
|
- ./certificates/mcutils-xyz.yaml
|
||||||
- ./middlewares/default-headers.yaml
|
- ./middlewares/default-headers.yaml
|
||||||
|
- ./middlewares/compress.yaml
|
||||||
#- ./external-services
|
#- ./external-services
|
||||||
# for some stupid fucking reason kustomize doesn't support wildcards or globs?!?!?!??!?
|
# for some stupid fucking reason kustomize doesn't support wildcards or globs?!?!?!??!?
|
||||||
|
|||||||
@ -0,0 +1,8 @@
|
|||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: Middleware
|
||||||
|
metadata:
|
||||||
|
name: compress
|
||||||
|
namespace: traefik
|
||||||
|
spec:
|
||||||
|
compress:
|
||||||
|
defaultEncoding: br,gzip
|
||||||
@ -12,7 +12,6 @@ spec:
|
|||||||
stsPreload: true
|
stsPreload: true
|
||||||
stsSeconds: 15552000
|
stsSeconds: 15552000
|
||||||
referrerPolicy: no-referrer
|
referrerPolicy: no-referrer
|
||||||
contentSecurityPolicy: "default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' https: data:; connect-src 'self' https:; frame-src 'self' https:; media-src 'self' https:; object-src 'none'; frame-ancestors 'self'; base-uri 'self'; form-action 'self';"
|
|
||||||
customFrameOptionsValue: SAMEORIGIN
|
customFrameOptionsValue: SAMEORIGIN
|
||||||
customRequestHeaders:
|
customRequestHeaders:
|
||||||
X-Forwarded-Proto: https
|
X-Forwarded-Proto: https
|
||||||
|
|||||||
@ -5,7 +5,7 @@ metadata:
|
|||||||
name: traefik
|
name: traefik
|
||||||
namespace: traefik
|
namespace: traefik
|
||||||
spec:
|
spec:
|
||||||
interval: 12h
|
interval: 5m0s
|
||||||
url: https://helm.traefik.io/traefik
|
url: https://helm.traefik.io/traefik
|
||||||
---
|
---
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
@ -18,7 +18,7 @@ spec:
|
|||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: traefik
|
chart: traefik
|
||||||
version: "31.1.1"
|
version: "32.1.1"
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: traefik
|
name: traefik
|
||||||
|
|||||||
20
sealed-secrets.yaml
Normal file
20
sealed-secrets.yaml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
---
|
||||||
|
apiVersion: bitnami.com/v1alpha1
|
||||||
|
kind: SealedSecret
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: ssr-secret
|
||||||
|
namespace: public-services
|
||||||
|
spec:
|
||||||
|
encryptedData:
|
||||||
|
MONGO_URI: AgBDDZhuphvpFZJZq31CA8OmiTr1J8p5Fy/rcr/zvm2nl64GnpbmVCuYgUiH6PwZPCUa9zcyUeZJO9/Xqe9PbJ8hA82j0Pb+Pcl1Rk3+B6jkDaEzcJKDmXS/zx8Q+JPWFOGVpRNy0HCKxm8azy88A9iyiKseIFsMWWrkJMkEObokRBCB4joD9Mh+aOsE2vaUkoE49ASxwVXU9MnL/34eksqGD6D5/BGpVZGftvY/x5eOuhULtK7z3tcd/orc//21AXUSAlVgWcekstEfZWQovk7Rwl67pgpHYf+KuegY4i+0ybge1qEngjvwt76yObTqfmhrdVQNfrV21FpTfoBeZS6ZoHdli6DBanPZgXJdKU2Ttr3C5EJ8c0Gir20J3wRs11SQ1gaKu6bxL4EH4kAtgdVoD5t6MSqvDzkfovAcJUHfXLA2HPhs1CEcu7Y6Kv/v+aGWSlo9jPVQg8JJ7IPF/+DDbF4JgEnwr34e7M5Z/CKVhwm7mK8Nr1yzgEhkucjZ6fcEVmt91fjx1usxDvtN+mllibc7HS2a/ObMDx3MtfHxXhTpt0wXyNyhXtnKNvKbICR5LGZfosF3viNfuRcEFTGvC2Ak9hlhVrznp0FRUiQJSNWsBQKZUKG5Yd5ckQwJUY8B/OLAjg0Keo26LIkciZ0jZD3JtK+bxU5LntdfSCwuO9+xHgaMgCxY+7plPQOgXL9BAOk9Zerc/6xQXJ7y4Q1PogrNaiPn6xCr368utFH2bA4zOAZCwrngnZtmT4pB6r6C/425JoZiQQw6qVQklpC7UhWpV1SbMvdGrlYgBW9TkT5rJPNIE3Bp3kA=
|
||||||
|
NEXT_PUBLIC_SITE_URL: AgCpMUZ2MFY8mHgQ3fizTzcBImnwFmWzccRCtMAThI0cAIOcDe15Drk2a5a4UjcYgl1F+JrHB3b3IPbflr1E4dNAANKRgiGW+gyI2S7J/oDpb+ANCv/0RJIlfQh9Pcb/E4noKVOoUfe4dg5asq1kQjOob4uOn6MfQXoC5WfgK8u8q0T5tEPcuGxXt2Q1OnyAAWm/0Z7JSLfgQN2sKaAbRbWqKfwfsc4LgjxY98m/+BkXN7x6R7BJmXXMd0cb5ctdgM1ZpU+gYhhwyO0xsxYWURcJb9EsrNZR6OY4DbwXw2tpoagFxA20u5J2ZUhUeVRg2x2R5AdkL7OBIT73Xbh3WxIYVAqGDhs90aRrmlCdr61eBLCLtytC33LJ/6Odq2Pa9DLaKqRlqRX/IWk7+cgHOKfSd8/k5R1roA3A96ShFby9RdXGudGLA2G4dvLtrruLCYVRfxMJB2k3UYtGZB21o+3SAV0jx/83eoYzoBGHM6K8ySCpL1uDCo8ATL2iYJcacgYZGKaGxBumzEjAMBqTLBSUl0Jhx3mr59p6mrYKFtbewa9rJUOkNniYvdCeokLyVntxUMx60Jtrtg05G3vSFaP34Gp6Oq6J0jSzvYi/A3/iSe+cNB1fpNJvJVLRFmJ6f7qyMMoSujIoql5SfIhx/tyUHueiOFQ5KXKTeNhbu6byakY1ZHa2o03+Mooca2ATwUnlNNi73sKluFKhnRysANIiVoRZLDQniLwV
|
||||||
|
NEXT_PUBLIC_TRIGGER_PUBLIC_API_KEY: AgCZwhhUNhSMwuR1pCP5qDY9fD99u78PFq89ej141pc/L/y/UCydLvftFKT62bXzIFhoq77dlU3yFx2FqbApdiDv3sDltZkIQh/afYwySPw3bXxoQoHcAix5qGhWrpDkPFDOi+sJkkPnnZC1OBncrqz8xAwfYAhwOscW9mjugRMJPynqSlnVHS1RdYm6z7eSJpZEMEHIT4tptPnzP+icRwbolgKL66JXFXvuS6SnTZ+ZOtub39L+wpWE9dQ83E5YqtWl3hci2G+rK9KBk89zuBM7Ho+MTpcdcaes64ApMqaUnFPelqJKSk6PK7mEX9DZhCUqNyCu897ktfHKulVZQ5Wy2+pVHXx9e1IBI7YqNph64CbX6N0V6ABfNlO2sS+zFG3dGuEGj/lI9hfSxqQauYOWXR7r8zM86WvNuxWuQFQbO4B1TDd8oofhZ+wwcUfJ0/pZIqyxcINB13opF107wa4MlfoCI6sgB4/adq/bbMP/JO10/GBiuJRhE63NhVJEZovJoRNV2+wBRNSVRfZpEQ9AXSACm1BtqOxhYhAmDnJt6ThF6VDWB2ZoDZfWul/kPUTUiOulGHmsRdn/bzTS8GjhY93G1/FpNmhNSOC8YbO3FDw8vXg2Vy6jpdKOhy08H9R/9UqbiHxnXPyBGyoizbnjP0sDx4jYYXtix03ZPFf6Dxz6iwwy5BbHpk9Ik+3l2iKI7IcxOOS9P8ljlsB0cCivpTax1iuDZ4hlJ7zm
|
||||||
|
TRIGGER_API_KEY: AgARH8DdSu8INQ2OW6I4s2W+HZqHGZHn0i54l02Ui48Oph9koB6pfTvAkYspQ6LI2zh/R/uiAeOHorybTMZ9X0EEwk5GxTuXBUn4f5Ifpd2QkoHeDVWP6MA951PVanfPuXLklwKJm2O70oFKIVE61v52yZbk0L3wAOiYdRTj0igrSEDkmmc9iHorGdbDCI3CkZHpOMMl37zdIwCvbpHaCnSBpKEuQ0PmvRtAw9ydM3FhVpTxNVh3KhTgvGBBYwrGXOZuKOayLGvQ16pYmTSPoN6DNRFSLjmE/BOjwKnYfZU0C0qkpGPlNLSUteuLLvHtzlS8IOSboOspreQJMVaSRpg+Qp1/cV0XGEhmU/CWVTYqkNx5QtfgaxWllrKrQxNW0WMDJmnQI83scsAiweSFUffsfiX8BCMjHkD2nvlXCz6vzUcJ7Zn0bDPoHcv/uG7efZbsJXLie1PxQiGwFYpuyr0b7+A+RVgx0G/WNwKJIUjFC7acI7jY4dGE04zKe1STYhMhoc1gjKGhXe0BG73LAX/O5/x6W4iYUyc4n0HL7gLwlbpfR3zLkvuiiAtzFeKGRr+SF24mj95pfw+MPFoKEi9htLdPgHxTYomfQ+1I8R7Iya0sHtyW2fI/1e5XzJOMHub/tYh5y9h0UqE5n7ByapRMyj0mOrKXXPUoT4btQDz0U6aNRX+MrlwMsuXYjSfUCuXmy30RKQImmT+9vaukIq1CX7WJ2LQ8fHaYACnp
|
||||||
|
TRIGGER_API_URL: AgAOwyGxQEScm5T3Hh1armqqcEcMEo0v5Mwf9JjEf3G+3svlDDPGHlyHdQolcC2YlkX7DhsenEp6rokh1grwyVoruyUc6OmRdRR70+PV5qMgSC3HY6lZ5f2gcGfA0uh9A5sm4qkOw4rliRddpJqKOqDz28zcrcu5RmusPxric+KF6Hcdy+ugqmq0KZl9VU2+D4z3QWkdokHk3WahdLneS4a3bHYC/NIpKyI5SveK6QAaQlU3NXrqKcof6VzDQG20bnCKGo+Y935LgzEIEmWKw2C9lwCV+/RUIjeaK2qzZpeMiZue9zgoq1dyNNjrar9B6zb+rSxcgnbqBolXUAVk1If3+egVNEaB9SjU22n+WoTA6HK1MOSwsaMtf1Tug/8nSQfFHdw1nZzBVtiVaFMtzmg0aKyrUpAYyz4XTn6xn9EhEKgcPSaWINf4zVcmceLOYenOP/y7S3cVx9KHBjUNGf/eDJVmXSiOzeguIJBfdEOla/lqv7Zx2/wvfHeEdurn5ENTkG2aQAekIvWiJ1HzPwrKKR6WcBpNTgjoDRMNxVoMcZ3QB9iJlp3AoLfJW72B2soTVeIikcNlT0Q0S91hiqvEcE+WuE5bDSttzhnb9nvEJXz6gC6AykCKH1VLIJJuiMI6R7V9z8fo7pFVXbQsM10VUph/9vxhib2XZ1c/25YMfj5vaI1+N7UiVDFlEfE2YJQMwd2vj+wTa3wHJz+2KXc/9rhBoaIpznN4LmKR6g==
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: ssr-secret
|
||||||
|
namespace: public-services
|
||||||
|
type: Opaque
|
||||||
Loading…
Reference in New Issue
Block a user