vynil/domain
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2024-05-09 12:15:27 +02:00
parent 89c17cb483
commit 599d175f82
31 changed files with 830 additions and 866 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
apps/code-server/index.yaml
View File

@@ -6,11 +6,36 @@ metadata:
name: code-server
description: VS Code in the browser
options:
admin:
default:
cluster: false
namespace: false
examples:
- cluster: false
namespace: false
properties:
cluster:
default: false
type: boolean
namespace:
default: false
type: boolean
type: object
app_group:
default: dev
examples:
- dev
type: string
domain:
default: your-company
examples:
- your-company
type: string
domain_name:
default: your-company.com
examples:
- your-company.com
type: string
images:
default:
codeserver:
@@ -50,15 +75,10 @@ options:
type: string
type: object
type: object
timezone:
default: Europe/Paris
ingress_class:
default: traefik
examples:
- Europe/Paris
type: string
domain_name:
default: your-company.com
examples:
- your-company.com
- traefik
type: string
issuer:
default: letsencrypt-prod
@@ -70,36 +90,6 @@ options:
examples:
- false
type: boolean
domain:
default: your-company
examples:
- your-company
type: string
sub_domain:
default: code
examples:
- code
type: string
ingress_class:
default: traefik
examples:
- traefik
type: string
admin:
default:
cluster: false
namespace: false
examples:
- cluster: false
namespace: false
properties:
cluster:
default: false
type: boolean
namespace:
default: false
type: boolean
type: object
storage:
default:
volume:
@@ -143,10 +133,17 @@ options:
type: string
type: object
type: object
sub_domain:
default: code
examples:
- code
type: string
timezone:
default: Europe/Paris
examples:
- Europe/Paris
type: string
dependencies:
- dist: null
category: share
component: authentik-forward
- dist: null
category: core
component: secret-generator

212
apps/dbgate/index.yaml
View File

@@ -6,6 +6,70 @@ metadata:
name: dbgate
description: The Smartest SQL+noSQL Database Client
options:
app_group:
default: dev
examples:
- dev
type: string
domain:
default: your-company
examples:
- your-company
type: string
domain_name:
default: your_company.com
examples:
- your_company.com
type: string
images:
default:
dbgate:
pull_policy: IfNotPresent
registry: docker.io
repository: dbgate/dbgate
tag: 5.2.7-alpine
examples:
- dbgate:
pull_policy: IfNotPresent
registry: docker.io
repository: dbgate/dbgate
tag: 5.2.7-alpine
properties:
dbgate:
default:
pull_policy: IfNotPresent
registry: docker.io
repository: dbgate/dbgate
tag: 5.2.7-alpine
properties:
pull_policy:
default: IfNotPresent
enum:
- Always
- Never
- IfNotPresent
type: string
registry:
default: docker.io
type: string
repository:
default: dbgate/dbgate
type: string
tag:
default: 5.2.7-alpine
type: string
type: object
type: object
ingress_class:
default: traefik
examples:
- traefik
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
maria:
default: []
examples:
@@ -64,45 +128,49 @@ options:
type: string
type: object
type: array
images:
default:
dbgate:
pull_policy: IfNotPresent
registry: docker.io
repository: dbgate/dbgate
tag: 5.2.7-alpine
pg:
default: []
examples:
- dbgate:
pull_policy: IfNotPresent
registry: docker.io
repository: dbgate/dbgate
tag: 5.2.7-alpine
properties:
dbgate:
default:
pull_policy: IfNotPresent
registry: docker.io
repository: dbgate/dbgate
tag: 5.2.7-alpine
properties:
pull_policy:
default: IfNotPresent
enum:
- Always
- Never
- IfNotPresent
type: string
registry:
default: docker.io
type: string
repository:
default: dbgate/dbgate
type: string
tag:
default: 5.2.7-alpine
type: string
type: object
type: object
- []
items:
properties:
dbname:
default: ''
type: string
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
redis:
default: []
examples:
- []
items:
properties:
name:
default: ''
type: string
namespace:
default: ''
type: string
type: object
type: array
storage:
default:
volume:
@@ -146,79 +214,11 @@ options:
type: string
type: object
type: object
ingress_class:
default: traefik
examples:
- traefik
type: string
domain_name:
default: your_company.com
examples:
- your_company.com
type: string
domain:
default: your-company
examples:
- your-company
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
sub_domain:
default: dbgate
examples:
- dbgate
type: string
app_group:
default: dev
examples:
- dev
type: string
redis:
default: []
examples:
- []
items:
properties:
name:
default: ''
type: string
namespace:
default: ''
type: string
type: object
type: array
pg:
default: []
examples:
- []
items:
properties:
dbname:
default: ''
type: string
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
dependencies:
- dist: null
category: core

487
apps/dolibarr/index.yaml
View File

@@ -6,6 +6,147 @@ metadata:
name: dolibarr
description: Open Source ERP & CRM for business
options:
app_group:
default: ''
examples:
- ''
type: string
backups:
default:
enable: false
endpoint: ''
key_id_key: s3-id
restic_key: bck-password
retention:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
schedule:
backup: 20 3 * * *
check: 20 5 * * 1
db: 0 3 * * *
prune: 20 1 * * 0
secret_key: s3-secret
secret_name: backup-settings
use_barman: false
examples:
- enable: false
endpoint: ''
key_id_key: s3-id
restic_key: bck-password
retention:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
schedule:
backup: 20 3 * * *
check: 20 5 * * 1
db: 0 3 * * *
prune: 20 1 * * 0
secret_key: s3-secret
secret_name: backup-settings
use_barman: false
properties:
enable:
default: false
type: boolean
endpoint:
default: ''
type: string
key_id_key:
default: s3-id
type: string
restic_key:
default: bck-password
type: string
retention:
default:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
properties:
db:
default: 30d
type: string
keepDaily:
default: 14
type: integer
keepMonthly:
default: 12
type: integer
keepWeekly:
default: 6
type: integer
keepYearly:
default: 12
type: integer
type: object
schedule:
default:
backup: 20 3 * * *
check: 20 5 * * 1
db: 0 3 * * *
prune: 20 1 * * 0
properties:
backup:
default: 20 3 * * *
type: string
check:
default: 20 5 * * 1
type: string
db:
default: 0 3 * * *
type: string
prune:
default: 20 1 * * 0
type: string
type: object
secret_key:
default: s3-secret
type: string
secret_name:
default: backup-settings
type: string
use_barman:
default: false
type: boolean
type: object
domain:
default: your-company
examples:
- your-company
type: string
domain_name:
default: your_company.com
examples:
- your_company.com
type: string
hpa:
default:
avg-cpu: 50
max-replicas: 5
min-replicas: 1
examples:
- avg-cpu: 50
max-replicas: 5
min-replicas: 1
properties:
avg-cpu:
default: 50
type: integer
max-replicas:
default: 5
type: integer
min-replicas:
default: 1
type: integer
type: object
images:
default:
dolibarr:
@@ -155,6 +296,107 @@ options:
type: string
type: object
type: object
ingress_class:
default: traefik
examples:
- traefik
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
log-level:
default: 5
examples:
- 5
type: integer
modules:
default:
- societe
examples:
- - societe
items:
type: string
type: array
parameters:
default:
MAIN_LANG_DEFAULT: auto
examples:
- MAIN_LANG_DEFAULT: auto
properties:
MAIN_LANG_DEFAULT:
default: auto
type: string
type: object
postgres:
default:
replicas: 1
examples:
- replicas: 1
properties:
replicas:
default: 1
type: integer
type: object
redis:
default:
exporter:
enabled: true
examples:
- exporter:
enabled: true
properties:
exporter:
default:
enabled: true
properties:
enabled:
default: true
type: boolean
type: object
type: object
resources:
default:
limits:
cpu: 200m
memory: 256Mi
requests:
cpu: 50m
memory: 100Mi
examples:
- limits:
cpu: 200m
memory: 256Mi
requests:
cpu: 50m
memory: 100Mi
properties:
limits:
default:
cpu: 200m
memory: 256Mi
properties:
cpu:
default: 200m
type: string
memory:
default: 256Mi
type: string
type: object
requests:
default:
cpu: 50m
memory: 100Mi
properties:
cpu:
default: 50m
type: string
memory:
default: 100Mi
type: string
type: object
type: object
storage:
default:
postgres:
@@ -222,179 +464,11 @@ options:
type: string
type: object
type: object
hpa:
default:
avg-cpu: 50
max-replicas: 5
min-replicas: 1
examples:
- avg-cpu: 50
max-replicas: 5
min-replicas: 1
properties:
avg-cpu:
default: 50
type: integer
max-replicas:
default: 5
type: integer
min-replicas:
default: 1
type: integer
type: object
backups:
default:
enable: false
endpoint: ''
key_id_key: s3-id
restic_key: bck-password
retention:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
schedule:
backup: 20 3 * * *
check: 20 5 * * 1
db: 0 3 * * *
prune: 20 1 * * 0
secret_key: s3-secret
secret_name: backup-settings
use_barman: false
examples:
- enable: false
endpoint: ''
key_id_key: s3-id
restic_key: bck-password
retention:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
schedule:
backup: 20 3 * * *
check: 20 5 * * 1
db: 0 3 * * *
prune: 20 1 * * 0
secret_key: s3-secret
secret_name: backup-settings
use_barman: false
properties:
enable:
default: false
type: boolean
endpoint:
default: ''
type: string
key_id_key:
default: s3-id
type: string
restic_key:
default: bck-password
type: string
retention:
default:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
properties:
db:
default: 30d
type: string
keepDaily:
default: 14
type: integer
keepMonthly:
default: 12
type: integer
keepWeekly:
default: 6
type: integer
keepYearly:
default: 12
type: integer
type: object
schedule:
default:
backup: 20 3 * * *
check: 20 5 * * 1
db: 0 3 * * *
prune: 20 1 * * 0
properties:
backup:
default: 20 3 * * *
type: string
check:
default: 20 5 * * 1
type: string
db:
default: 0 3 * * *
type: string
prune:
default: 20 1 * * 0
type: string
type: object
secret_key:
default: s3-secret
type: string
secret_name:
default: backup-settings
type: string
use_barman:
default: false
type: boolean
type: object
redis:
default:
exporter:
enabled: true
examples:
- exporter:
enabled: true
properties:
exporter:
default:
enabled: true
properties:
enabled:
default: true
type: boolean
type: object
type: object
domain_name:
default: your_company.com
examples:
- your_company.com
type: string
app_group:
default: ''
examples:
- ''
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
sub_domain:
default: erp
examples:
- erp
type: string
parameters:
default:
MAIN_LANG_DEFAULT: auto
examples:
- MAIN_LANG_DEFAULT: auto
properties:
MAIN_LANG_DEFAULT:
default: auto
type: string
type: object
user-groups:
default:
- admin: true
@@ -410,84 +484,7 @@ options:
type: string
type: object
type: array
modules:
default:
- societe
examples:
- - societe
items:
type: string
type: array
postgres:
default:
replicas: 1
examples:
- replicas: 1
properties:
replicas:
default: 1
type: integer
type: object
ingress_class:
default: traefik
examples:
- traefik
type: string
domain:
default: your-company
examples:
- your-company
type: string
log-level:
default: 5
examples:
- 5
type: integer
resources:
default:
limits:
cpu: 200m
memory: 256Mi
requests:
cpu: 50m
memory: 100Mi
examples:
- limits:
cpu: 200m
memory: 256Mi
requests:
cpu: 50m
memory: 100Mi
properties:
limits:
default:
cpu: 200m
memory: 256Mi
properties:
cpu:
default: 200m
type: string
memory:
default: 256Mi
type: string
type: object
requests:
default:
cpu: 50m
memory: 100Mi
properties:
cpu:
default: 50m
type: string
memory:
default: 100Mi
type: string
type: object
type: object
dependencies:
- dist: null
category: share
component: authentik-ldap
- dist: null
category: core
component: secret-generator

4
apps/dolibarr/redis.tf
View File

@@ -5,7 +5,7 @@ locals {
}
resource "kubectl_manifest" "dolibarr_redis" {
yaml_body = <<-EOF
apiVersion: "redis.redis.opstreelabs.in/v1beta2"
apiVersion: "redis.redis.opstreelabs.in/v1beta1"
kind: "Redis"
metadata:
name: "${var.instance}-${var.component}-redis"
@@ -25,7 +25,7 @@ resource "kubectl_manifest" "dolibarr_redis" {
redisExporter:
enabled: ${var.redis.exporter.enabled}
image: "${var.images.redis_exporter.registry}/${var.images.redis_exporter.repository}:${var.images.redis_exporter.tag}"
podSecurityContext:
securityContext:
runAsUser: 1000
fsGroup: 1000
EOF

18
apps/gitea/index.rhai
View File

@@ -1,18 +0,0 @@
const NS=config.namespace;
const SRC=src;
const DEST=dest;
fn pre_pack() {
shell("helm repo add gitea-charts https://dl.gitea.io/charts/");
shell(`helm template gitea --version 9.5.0 gitea-charts/gitea --namespace=vynil-ci -a "monitoring.coreos.com/v1/ServiceMonitor" -a "monitoring.coreos.com/v1/PrometheusRule" --values values.yml >${global::SRC}/chart.yaml`);
}
fn post_pack() {
shell(`rm -f ${global::DEST}/v1_Pod_gitea-test-connection.yaml`);
shell(`rm -f ${global::DEST}/v1_Secret_gitea-inline-config.yaml`);
let regex = "'\\\\\\${\\(LDAP_[A-Z_]*\\)}'";
let final = "\\\"\\${\\1}\\\"";
shell(`sed -i "s/${regex}/${final}/g" ${global::DEST}/v1_Secret_gitea-init.yaml`);
}
fn pre_install() {
shell(`kubectl create -n ${global::NS} -f ${global::SRC}/v1_ConfigMap_gitea-themes.yaml || :`);
}

3
apps/gitea/index.yaml
View File

@@ -476,9 +476,6 @@ options:
type: boolean
type: object
dependencies:
- dist: null
category: share
component: authentik-ldap
- dist: null
category: core
component: secret-generator

3
apps/gramo/index.yaml
View File

@@ -91,9 +91,6 @@ options:
- gramo
type: string
dependencies:
- dist: null
category: share
component: authentik-forward
- dist: null
category: core
component: secret-generator

2
apps/infisical/configs.tf
View File

@@ -3,7 +3,7 @@ resource "kubectl_manifest" "config" {
apiVersion: v1
kind: ConfigMap
metadata:
name: "${var.component}-${var.instance}"
name: "${var.instance}-${var.component}"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
data:

2
apps/infisical/deploy.tf
View File

@@ -3,7 +3,7 @@ resource "kubectl_manifest" "deploy" {
apiVersion: apps/v1
kind: Deployment
metadata:
name: "${var.component}-${var.instance}"
name: "${var.instance}-${var.component}"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
annotations:

84
apps/infisical/index.yaml
View File

@@ -6,47 +6,20 @@ metadata:
name: infisical
description: null
options:
sub_domain:
default: infisical
examples:
- infisical
type: string
replicas:
default: 1
examples:
- 1
type: integer
app_group:
default: apps
examples:
- apps
type: string
redis:
default:
exporter:
enabled: true
domain:
default: your-company
examples:
- exporter:
enabled: true
properties:
exporter:
default:
enabled: true
properties:
enabled:
default: true
type: boolean
type: object
type: object
sso_vynil:
default: true
- your-company
type: string
domain_name:
default: your-company.com
examples:
- true
type: boolean
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
- your-company.com
type: string
images:
default:
@@ -155,20 +128,47 @@ options:
type: string
type: object
type: object
domain_name:
default: your-company.com
examples:
- your-company.com
type: string
ingress_class:
default: traefik
examples:
- traefik
type: string
domain:
default: your-company
issuer:
default: letsencrypt-prod
examples:
- your-company
- letsencrypt-prod
type: string
redis:
default:
exporter:
enabled: true
examples:
- exporter:
enabled: true
properties:
exporter:
default:
enabled: true
properties:
enabled:
default: true
type: boolean
type: object
type: object
replicas:
default: 1
examples:
- 1
type: integer
sso_vynil:
default: true
examples:
- true
type: boolean
sub_domain:
default: infisical
examples:
- infisical
type: string
dependencies:
- dist: null

2
apps/infisical/secret.tf
View File

@@ -5,7 +5,7 @@ resource "kubectl_manifest" "secret" {
apiVersion: "secretgenerator.mittwald.de/v1alpha1"
kind: "StringSecret"
metadata:
name: "${var.component}-${var.instance}"
name: "${var.instance}-${var.component}"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:

2
apps/nextcloud/apps_v1_Deployment_nextcloud-metrics.yaml
View File

@@ -5,7 +5,7 @@ metadata:
name: nextcloud-metrics
labels:
app.kubernetes.io/name: nextcloud
helm.sh/chart: nextcloud-4.6.4
helm.sh/chart: nextcloud-4.6.8
app.kubernetes.io/instance: nextcloud
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: metrics

4
apps/nextcloud/apps_v1_Deployment_nextcloud.yaml
View File

@@ -5,7 +5,7 @@ metadata:
name: nextcloud
labels:
app.kubernetes.io/name: nextcloud
helm.sh/chart: nextcloud-4.6.4
helm.sh/chart: nextcloud-4.6.8
app.kubernetes.io/instance: nextcloud
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: app
@@ -32,7 +32,7 @@ spec:
spec:
containers:
- name: nextcloud
image: nextcloud:28.0.3-apache
image: nextcloud:29.0.0-apache
imagePullPolicy: IfNotPresent
env:

2
apps/nextcloud/autoscaling_v1_HorizontalPodAutoscaler_nextcloud.yaml
View File

@@ -5,7 +5,7 @@ metadata:
name: nextcloud
labels:
app.kubernetes.io/name: nextcloud
helm.sh/chart: nextcloud-4.6.4
helm.sh/chart: nextcloud-4.6.8
app.kubernetes.io/instance: nextcloud
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: app

481
apps/nextcloud/index.yaml
View File

@@ -6,62 +6,20 @@ metadata:
name: nextcloud
description: null
options:
openid-name:
default: vynil
examples:
- vynil
type: string
redis:
admin:
default:
exporter:
enabled: true
name: nextcloud_admin
examples:
- exporter:
enabled: true
- name: nextcloud_admin
properties:
exporter:
default:
enabled: true
properties:
enabled:
default: true
type: boolean
type: object
name:
default: nextcloud_admin
type: string
type: object
hpa:
default:
avg-cpu: 50
max-replicas: 5
min-replicas: 1
app_group:
default: ''
examples:
- avg-cpu: 50
max-replicas: 5
min-replicas: 1
properties:
avg-cpu:
default: 50
type: integer
max-replicas:
default: 5
type: integer
min-replicas:
default: 1
type: integer
type: object
ingress_class:
default: traefik
examples:
- traefik
type: string
domain:
default: your-company
examples:
- your-company
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
- ''
type: string
apps:
default:
@@ -153,95 +111,142 @@ options:
default: true
type: boolean
type: object
postgres:
backups:
default:
replicas: 1
enable: false
endpoint: ''
key_id_key: s3-id
restic_key: bck-password
retention:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
schedule:
backup: 30 3 * * *
check: 30 5 * * 1
db: 30 3 * * *
prune: 30 1 * * 0
secret_key: s3-secret
secret_name: backup-settings
use_barman: false
examples:
- replicas: 1
- enable: false
endpoint: ''
key_id_key: s3-id
restic_key: bck-password
retention:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
schedule:
backup: 30 3 * * *
check: 30 5 * * 1
db: 30 3 * * *
prune: 30 1 * * 0
secret_key: s3-secret
secret_name: backup-settings
use_barman: false
properties:
replicas:
default: 1
type: integer
type: object
storage:
default:
postgres:
size: 5Gi
redis:
size: 2Gi
volume:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
description: Configure this app storage
examples:
- postgres:
size: 5Gi
redis:
size: 2Gi
volume:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
properties:
postgres:
default:
size: 5Gi
properties:
size:
default: 5Gi
type: string
type: object
redis:
default:
size: 2Gi
properties:
size:
default: 2Gi
type: string
type: object
volume:
default:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
properties:
accessMode:
default: ReadWriteOnce
enum:
- ReadWriteOnce
- ReadOnlyMany
- ReadWriteMany
type: string
class:
default: ''
type: string
size:
default: 10Gi
type: string
type:
default: Filesystem
type: string
type: object
type: object
admin:
default:
name: nextcloud_admin
examples:
- name: nextcloud_admin
properties:
name:
default: nextcloud_admin
enable:
default: false
type: boolean
endpoint:
default: ''
type: string
key_id_key:
default: s3-id
type: string
restic_key:
default: bck-password
type: string
retention:
default:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
properties:
db:
default: 30d
type: string
keepDaily:
default: 14
type: integer
keepMonthly:
default: 12
type: integer
keepWeekly:
default: 6
type: integer
keepYearly:
default: 12
type: integer
type: object
schedule:
default:
backup: 30 3 * * *
check: 30 5 * * 1
db: 30 3 * * *
prune: 30 1 * * 0
properties:
backup:
default: 30 3 * * *
type: string
check:
default: 30 5 * * 1
type: string
db:
default: 30 3 * * *
type: string
prune:
default: 30 1 * * 0
type: string
type: object
secret_key:
default: s3-secret
type: string
secret_name:
default: backup-settings
type: string
use_barman:
default: false
type: boolean
type: object
domain:
default: your-company
examples:
- your-company
type: string
domain_name:
default: your_company.com
examples:
- your_company.com
type: string
hpa:
default:
avg-cpu: 50
max-replicas: 5
min-replicas: 1
examples:
- avg-cpu: 50
max-replicas: 5
min-replicas: 1
properties:
avg-cpu:
default: 50
type: integer
max-replicas:
default: 5
type: integer
min-replicas:
default: 1
type: integer
type: object
images:
default:
collabora:
@@ -497,126 +502,118 @@ options:
type: string
type: object
type: object
app_group:
default: ''
ingress_class:
default: traefik
examples:
- ''
- traefik
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
openid-name:
default: vynil
examples:
- vynil
type: string
postgres:
default:
replicas: 1
examples:
- replicas: 1
properties:
replicas:
default: 1
type: integer
type: object
redis:
default:
exporter:
enabled: true
examples:
- exporter:
enabled: true
properties:
exporter:
default:
enabled: true
properties:
enabled:
default: true
type: boolean
type: object
type: object
storage:
default:
postgres:
size: 5Gi
redis:
size: 2Gi
volume:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
description: Configure this app storage
examples:
- postgres:
size: 5Gi
redis:
size: 2Gi
volume:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
properties:
postgres:
default:
size: 5Gi
properties:
size:
default: 5Gi
type: string
type: object
redis:
default:
size: 2Gi
properties:
size:
default: 2Gi
type: string
type: object
volume:
default:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
properties:
accessMode:
default: ReadWriteOnce
enum:
- ReadWriteOnce
- ReadOnlyMany
- ReadWriteMany
type: string
class:
default: ''
type: string
size:
default: 10Gi
type: string
type:
default: Filesystem
type: string
type: object
type: object
sub_domain:
default: files
examples:
- files
type: string
backups:
default:
enable: false
endpoint: ''
key_id_key: s3-id
restic_key: bck-password
retention:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
schedule:
backup: 30 3 * * *
check: 30 5 * * 1
db: 30 3 * * *
prune: 30 1 * * 0
secret_key: s3-secret
secret_name: backup-settings
use_barman: false
examples:
- enable: false
endpoint: ''
key_id_key: s3-id
restic_key: bck-password
retention:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
schedule:
backup: 30 3 * * *
check: 30 5 * * 1
db: 30 3 * * *
prune: 30 1 * * 0
secret_key: s3-secret
secret_name: backup-settings
use_barman: false
properties:
enable:
default: false
type: boolean
endpoint:
default: ''
type: string
key_id_key:
default: s3-id
type: string
restic_key:
default: bck-password
type: string
retention:
default:
db: 30d
keepDaily: 14
keepMonthly: 12
keepWeekly: 6
keepYearly: 12
properties:
db:
default: 30d
type: string
keepDaily:
default: 14
type: integer
keepMonthly:
default: 12
type: integer
keepWeekly:
default: 6
type: integer
keepYearly:
default: 12
type: integer
type: object
schedule:
default:
backup: 30 3 * * *
check: 30 5 * * 1
db: 30 3 * * *
prune: 30 1 * * 0
properties:
backup:
default: 30 3 * * *
type: string
check:
default: 30 5 * * 1
type: string
db:
default: 30 3 * * *
type: string
prune:
default: 30 1 * * 0
type: string
type: object
secret_key:
default: s3-secret
type: string
secret_name:
default: backup-settings
type: string
use_barman:
default: false
type: boolean
type: object
dependencies:
- dist: null
category: share
component: authentik
- dist: null
category: core
component: secret-generator

2
apps/nextcloud/monitoring.coreos.com_v1_ServiceMonitor_nextcloud.yaml
View File

@@ -6,7 +6,7 @@ metadata:
namespace: "vynil-cloud"
labels:
app.kubernetes.io/name: nextcloud
helm.sh/chart: nextcloud-4.6.4
helm.sh/chart: nextcloud-4.6.8
app.kubernetes.io/instance: nextcloud
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: metrics

4
apps/nextcloud/redis.tf
View File

@@ -5,7 +5,7 @@ locals {
}
resource "kubectl_manifest" "prj_redis" {
yaml_body = <<-EOF
apiVersion: "redis.redis.opstreelabs.in/v1beta2"
apiVersion: "redis.redis.opstreelabs.in/v1beta1"
kind: "Redis"
metadata:
name: "${var.instance}-${var.component}-redis"
@@ -25,7 +25,7 @@ resource "kubectl_manifest" "prj_redis" {
redisExporter:
enabled: ${var.redis.exporter.enabled}
image: "${var.images.redis_exporter.registry}/${var.images.redis_exporter.repository}:${var.images.redis_exporter.tag}"
podSecurityContext:
securityContext:
runAsUser: 1000
fsGroup: 1000
EOF

2
apps/nextcloud/v1_ConfigMap_nextcloud-config.yaml
View File

@@ -5,7 +5,7 @@ metadata:
name: nextcloud-config
labels:
app.kubernetes.io/name: nextcloud
helm.sh/chart: nextcloud-4.6.4
helm.sh/chart: nextcloud-4.6.8
app.kubernetes.io/instance: nextcloud
app.kubernetes.io/managed-by: Helm
data:

2
apps/nextcloud/v1_ConfigMap_nextcloud-nginxconfig.yaml
View File

@@ -5,7 +5,7 @@ metadata:
name: nextcloud-nginxconfig
labels:
app.kubernetes.io/name: nextcloud
helm.sh/chart: nextcloud-4.6.4
helm.sh/chart: nextcloud-4.6.8
app.kubernetes.io/instance: nextcloud
app.kubernetes.io/managed-by: Helm
data:

4
apps/nextcloud/v1_PersistentVolumeClaim_nextcloud-nextcloud.yaml
View File

@@ -5,10 +5,12 @@ metadata:
name: nextcloud-nextcloud
labels:
app.kubernetes.io/name: nextcloud
helm.sh/chart: nextcloud-4.6.4
helm.sh/chart: nextcloud-4.6.8
app.kubernetes.io/instance: nextcloud
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: app
annotations:
helm.sh/resource-policy: keep
spec:
accessModes:
- "ReadWriteOnce"

2
apps/nextcloud/v1_Service_nextcloud-metrics.yaml
View File

@@ -5,7 +5,7 @@ metadata:
name: nextcloud-metrics
labels:
app.kubernetes.io/name: nextcloud
helm.sh/chart: nextcloud-4.6.4
helm.sh/chart: nextcloud-4.6.8
app.kubernetes.io/instance: nextcloud
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: metrics

2
apps/nextcloud/v1_Service_nextcloud.yaml
View File

@@ -5,7 +5,7 @@ metadata:
name: nextcloud
labels:
app.kubernetes.io/name: nextcloud
helm.sh/chart: nextcloud-4.6.4
helm.sh/chart: nextcloud-4.6.8
app.kubernetes.io/instance: nextcloud
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: app

6
apps/okd/deploy.tf
View File

@@ -3,7 +3,7 @@ resource "kubectl_manifest" "deploy" {
apiVersion: apps/v1
kind: Deployment
metadata:
name: "${var.component}-${var.instance}"
name: "${var.instance}-${var.component}"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
@@ -53,7 +53,7 @@ resource "kubectl_manifest" "deploy" {
successThreshold: 1
timeoutSeconds: 1
restartPolicy: Always
serviceAccount: "${var.component}-${var.instance}"
serviceAccountName: "${var.component}-${var.instance}"
serviceAccount: "${var.instance}-${var.component}"
serviceAccountName: "${var.instance}-${var.component}"
EOF
}

51
apps/okd/index.yaml
View File

@@ -6,36 +6,26 @@ metadata:
name: okd
description: The console is a more friendly kubectl in the form of a single page webapp. It also integrates with other services like monitoring, chargeback, and OLM.
options:
domain_name:
default: your_company.com
examples:
- your_company.com
type: string
ingress_class:
default: traefik
examples:
- traefik
type: string
app_group:
default: infra
examples:
- infra
type: string
issuer:
default: letsencrypt-prod
cluster-admin:
default: false
examples:
- letsencrypt-prod
type: string
sub_domain:
default: okd
examples:
- okd
type: string
- false
type: boolean
domain:
default: your-company
examples:
- your-company
type: string
domain_name:
default: your_company.com
examples:
- your_company.com
type: string
images:
default:
okd:
@@ -75,12 +65,17 @@ options:
type: string
type: object
type: object
managed:
default: false
ingress_class:
default: traefik
examples:
- false
type: boolean
cluster-admin:
- traefik
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
managed:
default: false
examples:
- false
@@ -90,10 +85,12 @@ options:
items:
type: string
type: array
sub_domain:
default: okd
examples:
- okd
type: string
dependencies:
- dist: null
category: share
component: authentik-forward
- dist: null
category: core
component: secret-generator

22
apps/okd/rbac.tf
View File

@@ -6,7 +6,7 @@ resource "kubectl_manifest" "okd_sa" {
apiVersion: v1
kind: ServiceAccount
metadata:
name: "${var.component}-${var.instance}"
name: "${var.instance}-${var.component}"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
EOF
@@ -18,7 +18,7 @@ resource "kubectl_manifest" "okd_crb_admin" {
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: "${var.namespace}-${var.component}-${var.instance}"
name: "${var.namespace}-${var.instance}-${var.component}"
labels: ${jsonencode(local.common-labels)}
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -26,7 +26,7 @@ resource "kubectl_manifest" "okd_crb_admin" {
name: cluster-admin
subjects:
- kind: ServiceAccount
name: "${var.component}-${var.instance}"
name: "${var.instance}-${var.component}"
namespace: "${var.namespace}"
EOF
}
@@ -37,7 +37,7 @@ resource "kubectl_manifest" "okd_roles" {
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: "${var.namespace}-${var.component}-${var.instance}"
name: "${var.namespace}-${var.instance}-${var.component}"
namespace: "${local.sorted-namespaces[count.index]}"
labels: ${jsonencode(local.common-labels)}
rules:
@@ -53,16 +53,16 @@ resource "kubectl_manifest" "okd_role_bindings" {
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: "${var.namespace}-${var.component}-${var.instance}"
name: "${var.namespace}-${var.instance}-${var.component}"
namespace: "${local.sorted-namespaces[count.index]}"
labels: ${jsonencode(local.common-labels)}
subjects:
- kind: ServiceAccount
name: "${var.component}-${var.instance}"
name: "${var.instance}-${var.component}"
namespace: "${var.namespace}"
roleRef:
kind: Role
name: "${var.namespace}-${var.component}-${var.instance}"
name: "${var.namespace}-${var.instance}-${var.component}"
apiGroup: rbac.authorization.k8s.io
EOF
}
@@ -73,7 +73,7 @@ resource "kubectl_manifest" "okd_clusterrole" {
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: "${var.namespace}-${var.component}-${var.instance}-list"
name: "${var.namespace}-${var.instance}-${var.component}-list"
labels: ${jsonencode(local.common-labels)}
rules:
- apiGroups: [""]
@@ -92,16 +92,16 @@ resource "kubectl_manifest" "okd_clusterrole_bindings" {
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: "${var.namespace}-${var.component}-${var.instance}-list"
name: "${var.namespace}-${var.instance}-${var.component}-list"
namespace: "${local.sorted-namespaces[count.index]}"
labels: ${jsonencode(local.common-labels)}
subjects:
- kind: ServiceAccount
name: "${var.component}-${var.instance}"
name: "${var.instance}-${var.component}"
namespace: "${var.namespace}"
roleRef:
kind: ClusterRole
name: "${var.namespace}-${var.component}-${var.instance}-list"
name: "${var.namespace}-${var.instance}-${var.component}-list"
apiGroup: rbac.authorization.k8s.io
EOF
}

27
apps/traefik-ui/index.yaml
View File

@@ -6,25 +6,15 @@ metadata:
name: traefik-ui
description: Access to the Traefik UI
options:
sub_domain:
default: traefik
examples:
- traefik
type: string
domain:
default: your-company
examples:
- your-company
type: string
app_group:
default: infra
examples:
- infra
type: string
issuer:
default: letsencrypt-prod
domain:
default: your-company
examples:
- letsencrypt-prod
- your-company
type: string
domain_name:
default: your_company.com
@@ -36,6 +26,16 @@ options:
examples:
- traefik
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
sub_domain:
default: traefik
examples:
- traefik
type: string
dependencies:
- dist: null
category: share
@@ -45,6 +45,7 @@ providers:
authentik: true
kubectl: true
postgresql: null
mysql: null
restapi: true
http: true
gitea: null

2
apps/traefik-ui/presentation.tf
View File

@@ -8,7 +8,7 @@ locals {
Authorization = "Bearer ${data.kubernetes_secret_v1.authentik.data["AUTHENTIK_BOOTSTRAP_TOKEN"]}"
}
service = {
"name" = "${var.component}-${var.instance}"
"name" = "${var.instance}-${var.component}"
"port" = {
"number" = 80
}

2
apps/traefik-ui/svc.tf
View File

@@ -3,7 +3,7 @@ resource "kubectl_manifest" "service" {
apiVersion: v1
kind: Service
metadata:
name: "${var.component}-${var.instance}"
name: "${var.instance}-${var.component}"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:

2
apps/woodpecker/datas.tf
View File

@@ -186,7 +186,7 @@ data "kustomization_overlay" "data" {
- secretRef:
name: woodpecker-secret
- secretRef:
name: "${var.component}-${var.instance}-gitea"
name: "${var.instance}-${var.component}-gitea"
- configMapRef:
name: "${var.instance}-${var.component}-server"
volumeMounts:

2
apps/woodpecker/gitea_token.tf
View File

@@ -28,7 +28,7 @@ resource "gitea_oauth2_app" "prj" {
resource "kubernetes_secret_v1" "oauth2-client-gitea" {
metadata {
name = "${var.component}-${var.instance}-gitea"
name = "${var.instance}-${var.component}-gitea"
namespace = var.namespace
}
data = {

179
apps/woodpecker/index.yaml
View File

@@ -6,85 +6,25 @@ metadata:
name: woodpecker
description: Woodpecker is a simple yet powerful CI/CD engine with great extensibility
options:
admin-users:
default: woodpecker,admin
examples:
- woodpecker,admin
type: string
app_group:
default: dev
examples:
- dev
type: string
domain:
default: your-company
examples:
- your-company
type: string
timeouts:
default:
default: '60'
max: '120'
domain_name:
default: your_company.com
examples:
- default: '60'
max: '120'
properties:
default:
default: '60'
type: string
max:
default: '120'
type: string
type: object
storage:
default:
agent:
size: 10Gi
volume:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
description: Configure this app storage
examples:
- agent:
size: 10Gi
volume:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
properties:
agent:
default:
size: 10Gi
properties:
size:
default: 10Gi
type: string
type: object
volume:
default:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
properties:
accessMode:
default: ReadWriteOnce
enum:
- ReadWriteOnce
- ReadOnlyMany
- ReadWriteMany
type: string
class:
default: ''
type: string
size:
default: 10Gi
type: string
type:
default: Filesystem
enum:
- Filesystem
- Block
type: string
type: object
type: object
app_group:
default: dev
examples:
- dev
- your_company.com
type: string
images:
default:
@@ -183,35 +123,92 @@ options:
type: string
type: object
type: object
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
domain_name:
default: your_company.com
examples:
- your_company.com
type: string
admin-users:
default: woodpecker,admin
examples:
- woodpecker,admin
type: string
ingress_class:
default: traefik
examples:
- traefik
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
storage:
default:
agent:
size: 10Gi
volume:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
description: Configure this app storage
examples:
- agent:
size: 10Gi
volume:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
properties:
agent:
default:
size: 10Gi
properties:
size:
default: 10Gi
type: string
type: object
volume:
default:
accessMode: ReadWriteOnce
class: ''
size: 10Gi
type: Filesystem
properties:
accessMode:
default: ReadWriteOnce
enum:
- ReadWriteOnce
- ReadOnlyMany
- ReadWriteMany
type: string
class:
default: ''
type: string
size:
default: 10Gi
type: string
type:
default: Filesystem
enum:
- Filesystem
- Block
type: string
type: object
type: object
sub_domain:
default: ci
examples:
- ci
type: string
timeouts:
default:
default: '60'
max: '120'
examples:
- default: '60'
max: '120'
properties:
default:
default: '60'
type: string
max:
default: '120'
type: string
type: object
dependencies:
- dist: null
category: apps
component: gitea
- dist: null
category: core
component: secret-generator