commit cd37c1fbb3a30bb773523b538fc556d13099780a Author: Keli Grubb Date: Thu Oct 19 15:53:26 2023 -0400 initial commit diff --git a/.woodpecker.yml b/.woodpecker.yml new file mode 100644 index 0000000..6d6cd12 --- /dev/null +++ b/.woodpecker.yml @@ -0,0 +1,22 @@ +steps: + dry-run: + when: + - branch: + exclude: + - main + image: bitnami/kubectl + secrets: + - kube_config + commands: + - echo "$KUBE_CONFIG" > ~/.kube/config + - DRU_RUN=true ./deploy.sh + deploy: + when: + - branch: + main + image: bitnami/kubectl + secrets: + - kube_config + commands: + - echo "$KUBE_CONFIG" > ~/.kube/config + - ./deploy.sh diff --git a/README.md b/README.md new file mode 100644 index 0000000..30faf18 --- /dev/null +++ b/README.md @@ -0,0 +1,4 @@ +Homestead +=== + +This repo builds and manages the various services to keep a digital homestead up and running. diff --git a/deploy.sh b/deploy.sh new file mode 100644 index 0000000..39deebf --- /dev/null +++ b/deploy.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +for namespace in namespaces/*; do + if [ "$DRY_RUN" = true ]; then + printf "\033[1;33m*******************************************************\n" + printf "Dry running changes to %s\n" "$(basename "$namespace")" + printf "*******************************************************\033[0m\n" + kubectl apply -f "$namespace" --dry-run=server + else + printf "\033[1;33m*******************************************************\n" + printf "Deploying changes to %s\n" "$(basename "$namespace")" + printf "*******************************************************\033[0m\n" + kubectl apply -f "$namespace" + fi +done \ No newline at end of file diff --git a/namespaces/git/gitea-chart.yml b/namespaces/git/gitea-chart.yml new file mode 100644 index 0000000..e92d382 --- /dev/null +++ b/namespaces/git/gitea-chart.yml @@ -0,0 +1,70 @@ +# helm repo add gitea-charts https://dl.gitea.io/charts/ +# helm install gitea gitea-charts/gitea +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: gitea + namespace: git +spec: + chart: gitea + targetNamespace: git + repo: https://dl.gitea.io/charts/ + version: 9.5.0 + valuesContent: |- + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 200m + memory: 256Mi + redis-cluster: + enabled: false + postgresql: + enabled: true + postgresql-ha: + enabled: false + persistence: + enabled: true + gitea: + metrics: + enabled: true + serviceMonitor: + enabled: true + config: + picture: + ENABLE_FEDERATED_AVATAR: false + DISABLE_GRAVATAR: true + ui: + DEFAULT_THEME: arc-green + server: + ENABLE_PPROF: true + database: + DB_TYPE: postgres + session: + PROVIDER: db + cache: + ADAPTER: memory + queue: + TYPE: level + indexer: + ISSUE_INDEXER_TYPE: bleve + REPO_INDEXER_ENABLED: true + webhook: + ALLOWED_HOST_LIST: "external,loopback" + service: + ssh: + port: 22 + annotations: + metallb.universe.tf/allow-shared-ip: test + ingress: + enabled: true + className: nginx + hosts: + - host: git.keligrubb.com + paths: + - path: / + pathType: Prefix + persistence: + storageClass: longhorn + size: 64Gi diff --git a/namespaces/git/namespace.yml b/namespaces/git/namespace.yml new file mode 100644 index 0000000..b1f2782 --- /dev/null +++ b/namespaces/git/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: git \ No newline at end of file diff --git a/namespaces/git/woodpecker-chart.yml b/namespaces/git/woodpecker-chart.yml new file mode 100644 index 0000000..4fefb21 --- /dev/null +++ b/namespaces/git/woodpecker-chart.yml @@ -0,0 +1,39 @@ +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: woodpecker + namespace: git +spec: + chart: woodpecker + targetNamespace: git + repo: https://woodpecker-ci.org/ + version: 0.4.2 + valuesContent: |- + server: + image: + tag: v1.0.3 + env: + WOODPECKER_ADMIN: kgrubb + WOODPECKER_GITEA: true + WOODPECKER_GITEA_URL: http://git.keligrubb.com + WOODPECKER_GITEA_SKIP_VERIFY: true + WOODPECKER_HOST: http://ci.keligrubb.com + WOODPECKER_ORGS: homestead + extraSecretNamesForEnvFrom: + - woodpecker-gitea-client + - woodpecker-gitea-secret + ingress: + enabled: true + ingressClassName: nginx + hosts: + - host: ci.keligrubb.com + paths: + - path: / + backend: + serviceName: ci.keligrubb.com + servicePort: 80 + agent: + image: + tag: v1.0.3 + env: + WOODPECKER_GITEA: true \ No newline at end of file diff --git a/namespaces/ingress-nginx/ingress-nginx-chart.yml b/namespaces/ingress-nginx/ingress-nginx-chart.yml new file mode 100644 index 0000000..0f950f5 --- /dev/null +++ b/namespaces/ingress-nginx/ingress-nginx-chart.yml @@ -0,0 +1,25 @@ +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: ingress-nginx + namespace: ingress-nginx +spec: + chart: ingress-nginx + targetNamespace: ingress-nginx + repo: https://kubernetes.github.io/ingress-nginx + version: 4.8.0 + valuesContent: |- + controller: + metrics: + enabled: true + serviceMonitor: + enabled: true + additionalLabels: + release: prometheus + resources: + requests: + cpu: 100m + memory: 180Mi + limits: + cpu: 100m + memory: 180Mi diff --git a/namespaces/ingress-nginx/namespace.yml b/namespaces/ingress-nginx/namespace.yml new file mode 100644 index 0000000..89ba98c --- /dev/null +++ b/namespaces/ingress-nginx/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: ingress-nginx \ No newline at end of file diff --git a/namespaces/kube-system/helm-controller.yaml b/namespaces/kube-system/helm-controller.yaml new file mode 100644 index 0000000..e6cb2d8 --- /dev/null +++ b/namespaces/kube-system/helm-controller.yaml @@ -0,0 +1,173 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: helmcharts.helm.cattle.io +spec: + group: helm.cattle.io + names: + kind: HelmChart + plural: helmcharts + singular: helmchart + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.jobName + name: Job + type: string + - jsonPath: .spec.chart + name: Chart + type: string + - jsonPath: .spec.targetNamespace + name: TargetNamespace + type: string + - jsonPath: .spec.version + name: Version + type: string + - jsonPath: .spec.repo + name: Repo + type: string + - jsonPath: .spec.helmVersion + name: HelmVersion + type: string + - jsonPath: .spec.bootstrap + name: Bootstrap + type: string + name: v1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + authPassCredentials: + type: boolean + authSecret: + nullable: true + properties: + name: + nullable: true + type: string + type: object + backOffLimit: + nullable: true + type: integer + bootstrap: + type: boolean + chart: + nullable: true + type: string + chartContent: + nullable: true + type: string + createNamespace: + type: boolean + dockerRegistrySecret: + nullable: true + properties: + name: + nullable: true + type: string + type: object + failurePolicy: + nullable: true + type: string + helmVersion: + nullable: true + type: string + jobImage: + nullable: true + type: string + repo: + nullable: true + type: string + repoCA: + nullable: true + type: string + repoCAConfigMap: + nullable: true + properties: + name: + nullable: true + type: string + type: object + set: + additionalProperties: + x-kubernetes-int-or-string: true + nullable: true + type: object + targetNamespace: + nullable: true + type: string + timeout: + nullable: true + type: string + valuesContent: + nullable: true + type: string + version: + nullable: true + type: string + type: object + status: + properties: + jobName: + nullable: true + type: string + type: object + type: object + served: true + storage: true + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: helmchartconfigs.helm.cattle.io +spec: + group: helm.cattle.io + names: + kind: HelmChartConfig + plural: helmchartconfigs + singular: helmchartconfig + preserveUnknownFields: false + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + failurePolicy: + nullable: true + type: string + valuesContent: + nullable: true + type: string + type: object + type: object + served: true + storage: true +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: helm-controller + name: helm-controller +spec: + replicas: 1 + selector: + matchLabels: + app: helm-controller + template: + metadata: + labels: + app: helm-controller + spec: + containers: + - command: + - helm-controller + image: rancher/helm-controller:v0.15.4 + name: helm-controller +--- diff --git a/namespaces/kube-system/metrics-server.yml b/namespaces/kube-system/metrics-server.yml new file mode 100644 index 0000000..cff86df --- /dev/null +++ b/namespaces/kube-system/metrics-server.yml @@ -0,0 +1,200 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + k8s-app: metrics-server + name: metrics-server + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + k8s-app: metrics-server + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" + name: system:aggregated-metrics-reader +rules: +- apiGroups: + - metrics.k8s.io + resources: + - pods + - nodes + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + k8s-app: metrics-server + name: system:metrics-server +rules: +- apiGroups: + - "" + resources: + - nodes/metrics + verbs: + - get +- apiGroups: + - "" + resources: + - pods + - nodes + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + k8s-app: metrics-server + name: metrics-server-auth-reader + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: +- kind: ServiceAccount + name: metrics-server + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + k8s-app: metrics-server + name: metrics-server:system:auth-delegator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: +- kind: ServiceAccount + name: metrics-server + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + k8s-app: metrics-server + name: system:metrics-server +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:metrics-server +subjects: +- kind: ServiceAccount + name: metrics-server + namespace: kube-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + k8s-app: metrics-server + name: metrics-server + namespace: kube-system +spec: + ports: + - name: https + port: 443 + protocol: TCP + targetPort: https + selector: + k8s-app: metrics-server +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + k8s-app: metrics-server + name: metrics-server + namespace: kube-system +spec: + selector: + matchLabels: + k8s-app: metrics-server + strategy: + rollingUpdate: + maxUnavailable: 0 + template: + metadata: + labels: + k8s-app: metrics-server + spec: + containers: + - args: + - --cert-dir=/tmp + - --secure-port=4443 + - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname + - --kubelet-use-node-status-port + - --kubelet-insecure-tls + - --metric-resolution=15s + image: registry.k8s.io/metrics-server/metrics-server:v0.6.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /livez + port: https + scheme: HTTPS + periodSeconds: 10 + name: metrics-server + ports: + - containerPort: 4443 + name: https + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readyz + port: https + scheme: HTTPS + initialDelaySeconds: 20 + periodSeconds: 10 + resources: + requests: + cpu: 100m + memory: 200Mi + limits: + cpu: 200m + memory: 400Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + volumeMounts: + - mountPath: /tmp + name: tmp-dir + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-cluster-critical + serviceAccountName: metrics-server + volumes: + - emptyDir: {} + name: tmp-dir +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService +metadata: + labels: + k8s-app: metrics-server + name: v1beta1.metrics.k8s.io +spec: + group: metrics.k8s.io + groupPriorityMinimum: 100 + insecureSkipTLSVerify: true + service: + name: metrics-server + namespace: kube-system + version: v1beta1 + versionPriority: 100 diff --git a/namespaces/kube-system/nodelocaldns.yml b/namespaces/kube-system/nodelocaldns.yml new file mode 100644 index 0000000..19ed5ae --- /dev/null +++ b/namespaces/kube-system/nodelocaldns.yml @@ -0,0 +1,211 @@ +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-local-dns + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +--- +apiVersion: v1 +kind: Service +metadata: + name: kube-dns-upstream + namespace: kube-system + labels: + k8s-app: kube-dns + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile + kubernetes.io/name: "KubeDNSUpstream" +spec: + ports: + - name: dns + port: 53 + protocol: UDP + targetPort: 53 + - name: dns-tcp + port: 53 + protocol: TCP + targetPort: 53 + selector: + k8s-app: kube-dns +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: node-local-dns + namespace: kube-system + labels: + addonmanager.kubernetes.io/mode: Reconcile +data: + Corefile: | + cluster.local:53 { + errors + cache { + success 9984 30 + denial 9984 5 + } + reload + loop + bind 169.254.20.10 10.43.0.10 + forward . __PILLAR__CLUSTER__DNS__ { + force_tcp + } + prometheus :9253 + health 169.254.20.10:8080 + } + in-addr.arpa:53 { + errors + cache 30 + reload + loop + bind 169.254.20.10 10.43.0.10 + forward . __PILLAR__CLUSTER__DNS__ { + force_tcp + } + prometheus :9253 + } + ip6.arpa:53 { + errors + cache 30 + reload + loop + bind 169.254.20.10 10.43.0.10 + forward . __PILLAR__CLUSTER__DNS__ { + force_tcp + } + prometheus :9253 + } + .:53 { + errors + cache 30 + reload + loop + bind 169.254.20.10 10.43.0.10 + forward . __PILLAR__UPSTREAM__SERVERS__ + prometheus :9253 + } +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: node-local-dns + namespace: kube-system + labels: + k8s-app: node-local-dns + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: 10% + selector: + matchLabels: + k8s-app: node-local-dns + template: + metadata: + labels: + k8s-app: node-local-dns + annotations: + prometheus.io/port: "9253" + prometheus.io/scrape: "true" + spec: + priorityClassName: system-node-critical + serviceAccountName: node-local-dns + hostNetwork: true + dnsPolicy: Default # Don't use cluster DNS. + tolerations: + - key: "CriticalAddonsOnly" + operator: "Exists" + - effect: "NoExecute" + operator: "Exists" + - effect: "NoSchedule" + operator: "Exists" + containers: + - name: node-cache + image: registry.k8s.io/dns/k8s-dns-node-cache:1.22.23 + resources: + requests: + cpu: 25m + memory: 5Mi + args: [ "-localip", "169.254.20.10,10.43.0.10", "-conf", "/etc/Corefile", "-upstreamsvc", "kube-dns-upstream" ] + securityContext: + capabilities: + add: + - NET_ADMIN + ports: + - containerPort: 53 + name: dns + protocol: UDP + - containerPort: 53 + name: dns-tcp + protocol: TCP + - containerPort: 9253 + name: metrics + protocol: TCP + livenessProbe: + httpGet: + host: 169.254.20.10 + path: /health + port: 8080 + initialDelaySeconds: 60 + timeoutSeconds: 5 + volumeMounts: + - mountPath: /run/xtables.lock + name: xtables-lock + readOnly: false + - name: config-volume + mountPath: /etc/coredns + - name: kube-dns-config + mountPath: /etc/kube-dns + volumes: + - name: xtables-lock + hostPath: + path: /run/xtables.lock + type: FileOrCreate + - name: kube-dns-config + configMap: + name: kube-dns + optional: true + - name: config-volume + configMap: + name: node-local-dns + items: + - key: Corefile + path: Corefile.base +--- +# A headless service is a service with a service IP but instead of load-balancing it will return the IPs of our associated Pods. +# We use this to expose metrics to Prometheus. +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "9253" + prometheus.io/scrape: "true" + labels: + k8s-app: node-local-dns + name: node-local-dns + namespace: kube-system +spec: + clusterIP: None + ports: + - name: metrics + port: 9253 + targetPort: 9253 + selector: + k8s-app: node-local-dns diff --git a/namespaces/longhorn-system/longhorn-chart.yml b/namespaces/longhorn-system/longhorn-chart.yml new file mode 100644 index 0000000..b552718 --- /dev/null +++ b/namespaces/longhorn-system/longhorn-chart.yml @@ -0,0 +1,15 @@ +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: longhorn + namespace: longhorn-system +spec: + chart: longhorn + targetNamespace: longhorn-system + repo: https://charts.longhorn.io + version: 1.5.1 + valuesContent: |- + ingress: + enabled: true + ingressClassName: nginx + host: storage.keligrubb.com diff --git a/namespaces/longhorn-system/namespace.yml b/namespaces/longhorn-system/namespace.yml new file mode 100644 index 0000000..5fd39ce --- /dev/null +++ b/namespaces/longhorn-system/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: longhorn-system \ No newline at end of file diff --git a/namespaces/metallb-system/metallb-chart.yml b/namespaces/metallb-system/metallb-chart.yml new file mode 100644 index 0000000..c157737 --- /dev/null +++ b/namespaces/metallb-system/metallb-chart.yml @@ -0,0 +1,36 @@ +# helm repo add metallb https://metallb.github.io/metallb +# helm install metallb metallb/metallb +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: metallb + namespace: metallb-system +spec: + chart: metallb + targetNamespace: metallb-system + repo: https://metallb.github.io/metallb + version: 0.13.11 + valuesContent: |- + prometheus: + serviceMonitor: + enabled: true + additionalLabels: + release: prometheus + serviceAccount: prometheus-kube-prometheus-prometheus + namespace: monitoring + controller: + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 100m + memory: 100Mi + speaker: + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 100m + memory: 100Mi diff --git a/namespaces/metallb-system/metallb-l2-addresspool.yml b/namespaces/metallb-system/metallb-l2-addresspool.yml new file mode 100644 index 0000000..7b59a19 --- /dev/null +++ b/namespaces/metallb-system/metallb-l2-addresspool.yml @@ -0,0 +1,18 @@ +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + name: default + namespace: metallb-system +spec: + addresses: + - 192.168.1.3-192.168.1.4 + autoAssign: true +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: default + namespace: metallb-system +spec: + ipAddressPools: + - default diff --git a/namespaces/metallb-system/namespace.yml b/namespaces/metallb-system/namespace.yml new file mode 100644 index 0000000..d2ace7e --- /dev/null +++ b/namespaces/metallb-system/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: metallb-system \ No newline at end of file diff --git a/namespaces/minecraft/ingress.yml b/namespaces/minecraft/ingress.yml new file mode 100644 index 0000000..7ddfd3b --- /dev/null +++ b/namespaces/minecraft/ingress.yml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: minecraft-ingress + namespace: minecraft + labels: + name: minecraft-ingress +spec: + ingressClassName: nginx + rules: + - host: mc.keligrubb.com + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: minecraft + port: + number: 25565 + - pathType: Prefix + path: "/" + backend: + service: + name: minecraft-voice + port: + number: 24454 diff --git a/namespaces/minecraft/minecraft-deployment.yml b/namespaces/minecraft/minecraft-deployment.yml new file mode 100644 index 0000000..b23111e --- /dev/null +++ b/namespaces/minecraft/minecraft-deployment.yml @@ -0,0 +1,39 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: minecraft + labels: + app: minecraft + namespace: minecraft +spec: + replicas: 1 + selector: + matchLabels: + app: minecraft + template: + metadata: + labels: + app: minecraft + spec: + containers: + - name: minecraft-forge + image: kgrubb/forge:1.19 + imagePullPolicy: Always + resources: + requests: + memory: "6144Mi" + cpu: "2" + limits: + memory: "8192Mi" + cpu: "4" + ports: + - containerPort: 25565 + securityContext: + readOnlyRootFilesystem: false + volumeMounts: + - name: minecraft-world-saves + mountPath: /forge/world + volumes: + - name: minecraft-world-saves + persistentVolumeClaim: + claimName: minecraft-world-saves diff --git a/namespaces/minecraft/minecraft-service.yml b/namespaces/minecraft/minecraft-service.yml new file mode 100644 index 0000000..14ddb37 --- /dev/null +++ b/namespaces/minecraft/minecraft-service.yml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: minecraft + annotations: + metallb.universe.tf/allow-shared-ip: minecraft +spec: + selector: + app: minecraft + ports: + - protocol: TCP + port: 25565 + targetPort: 25565 + type: LoadBalancer + loadBalancerIP: 192.168.1.4 diff --git a/namespaces/minecraft/minecraft-voice-service.yml b/namespaces/minecraft/minecraft-voice-service.yml new file mode 100644 index 0000000..e2eac1f --- /dev/null +++ b/namespaces/minecraft/minecraft-voice-service.yml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: minecraft-voice + annotations: + metallb.universe.tf/allow-shared-ip: minecraft +spec: + selector: + app: minecraft + ports: + - protocol: UDP + port: 24454 + targetPort: 24454 + type: LoadBalancer + loadBalancerIP: 192.168.1.4 \ No newline at end of file diff --git a/namespaces/minecraft/namespace.yml b/namespaces/minecraft/namespace.yml new file mode 100644 index 0000000..838d282 --- /dev/null +++ b/namespaces/minecraft/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: minecraft \ No newline at end of file diff --git a/namespaces/minecraft/pvc.yml b/namespaces/minecraft/pvc.yml new file mode 100644 index 0000000..34ba878 --- /dev/null +++ b/namespaces/minecraft/pvc.yml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: minecraft-world-saves + namespace: minecraft +spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn + resources: + requests: + storage: 20Gi diff --git a/namespaces/monitoring/kube-prometheus-stack-chart.yml b/namespaces/monitoring/kube-prometheus-stack-chart.yml new file mode 100644 index 0000000..95a173d --- /dev/null +++ b/namespaces/monitoring/kube-prometheus-stack-chart.yml @@ -0,0 +1,71 @@ +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: prometheus + namespace: monitoring +spec: + chart: kube-prometheus-stack + targetNamespace: monitoring + repo: https://prometheus-community.github.io/helm-charts + version: 51.5.3 + valuesContent: |- + grafana: + defaultDashboardsTimezone: "US/Eastern" + ingress: + enabled: true + ingressClassName: nginx + paths: + - path: "/" + pathType: Prefix + hosts: + - monitoring.keligrubb.com + kubelet: + serviceMonitor: + metricRelabelings: + - action: replace + sourceLabels: + - node + targetLabel: instance + kube-state-metrics: + selfMonitor: + enabled: true + prometheus: + selfMonitor: + metricRelabelings: + - action: replace + regex: (.*) + replacement: $1 + sourceLabels: + - __meta_kubernetes_pod_node_name + targetLabel: kubernetes_node + prometheus: + ingress: + enabled: true + ingressClassName: nginx + paths: + - / + hosts: + - prometheus.keligrubb.com + prometheusSpec: + replicaExternalLabelName: "replica" + ruleSelectorNilUsesHelmValues: false + serviceMonitorSelectorNilUsesHelmValues: false + podMonitorSelectorNilUsesHelmValues: false + probeSelectorNilUsesHelmValues: fales + retention: 14d + retentionSize: "64GB" + enableAdminAPI: true + securityContext: + runAsUser: 0 + runAsNonRoot: false + runAsGroup: 0 + fsGroup: 65534 + storageSpec: + volumeClaimTemplate: + spec: + storageclassname: longhorn + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 64Gi diff --git a/namespaces/monitoring/namespace.yml b/namespaces/monitoring/namespace.yml new file mode 100644 index 0000000..ddd7450 --- /dev/null +++ b/namespaces/monitoring/namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: monitoring \ No newline at end of file