diff --git a/manifests/grafana/service.yaml b/manifests/grafana/service.yaml new file mode 100644 index 0000000..e69de29 diff --git a/manifests/pleroma/service.yaml b/manifests/pleroma/service.yaml index 28ea493..96bc549 100644 --- a/manifests/pleroma/service.yaml +++ b/manifests/pleroma/service.yaml @@ -7,8 +7,13 @@ metadata: spec: ports: - port: 80 + name: http targetPort: 4000 protocol: TCP + - port: 4021 + name: prometheus + targetPort: 4021 + protocol: TCP selector: app: pleroma --- diff --git a/manifests/pleroma/templates/deployment.yaml b/manifests/pleroma/templates/deployment.yaml index c994d73..672e423 100644 --- a/manifests/pleroma/templates/deployment.yaml +++ b/manifests/pleroma/templates/deployment.yaml @@ -15,166 +15,167 @@ spec: app: pleroma spec: imagePullSecrets: - - name: registry-credentials + - name: registry-credentials initContainers: - - name: init - image: cr.forge.lan/darkdork-dev/pleroma:${CI_COMMIT_SHA} - imagePullPolicy: IfNotPresent - command: [ "sh", "-c", "mix ecto.migrate" ] - env: - - name: MIX_ENV - value: prod - - name: SIGNING_SALT - value: quYau0c - - name: DOMAIN - value: darkdork.dev - - name: INSTANCE_NAME - value: DarkDork.dev - - name: ADMIN_EMAIL - value: pwm@crlf.ninja - - name: NOTIFY_EMAIL - value: pleroma@crlf.ninja - - name: REGISTRATIONS_OPEN - value: "false" - - name: INVITES_ENABLED - value: "true" - - name: SECRET_KEY_BASE - valueFrom: - secretKeyRef: - name: pleroma - key: secret-key-base - - name: WEB_PUSH_PUBLIC_KEY - valueFrom: - secretKeyRef: - name: pleroma - key: web-push-public-key - - name: WEB_PUSH_PRIVATE_KEY - valueFrom: - secretKeyRef: - name: pleroma - key: web-push-private-key - - name: DEFAULT_SIGNER - valueFrom: - secretKeyRef: - name: pleroma - key: default-signer - - name: MEDIA_URL - value: "https://media.darkdork.dev" - - name: S3_BUCKET - value: pleroma.darkdork.dev - - name: S3_ACCESS_KEY - valueFrom: - secretKeyRef: - name: pleroma - key: minio-access-key - - name: S3_SECRET_KEY - valueFrom: - secretKeyRef: - name: pleroma - key: minio-secret-key - - name: S3_SCHEME - value: "http://" - - name: S3_HOST - value: minio - - name: S3_PORT - value: "80" - - name: DB_HOST - value: postgres - - name: DB_NAME - value: pleroma - - name: DB_USER - value: pleroma - - name: DB_PASS - valueFrom: - secretKeyRef: - name: postgres - key: postgres-password - volumeMounts: - - name: pleroma-config-volume - mountPath: /pleroma/config/prod.secret.exs - subPath: prod.secret.exs + - name: init + image: cr.forge.lan/darkdork-dev/pleroma:${CI_COMMIT_SHA} + imagePullPolicy: IfNotPresent + command: [ "sh", "-c", "mix ecto.migrate" ] + env: + - name: MIX_ENV + value: prod + - name: SIGNING_SALT + value: quYau0c + - name: DOMAIN + value: darkdork.dev + - name: INSTANCE_NAME + value: DarkDork.dev + - name: ADMIN_EMAIL + value: pwm@crlf.ninja + - name: NOTIFY_EMAIL + value: pleroma@crlf.ninja + - name: REGISTRATIONS_OPEN + value: "false" + - name: INVITES_ENABLED + value: "true" + - name: SECRET_KEY_BASE + valueFrom: + secretKeyRef: + name: pleroma + key: secret-key-base + - name: WEB_PUSH_PUBLIC_KEY + valueFrom: + secretKeyRef: + name: pleroma + key: web-push-public-key + - name: WEB_PUSH_PRIVATE_KEY + valueFrom: + secretKeyRef: + name: pleroma + key: web-push-private-key + - name: DEFAULT_SIGNER + valueFrom: + secretKeyRef: + name: pleroma + key: default-signer + - name: MEDIA_URL + value: "https://media.darkdork.dev" + - name: S3_BUCKET + value: pleroma.darkdork.dev + - name: S3_ACCESS_KEY + valueFrom: + secretKeyRef: + name: pleroma + key: minio-access-key + - name: S3_SECRET_KEY + valueFrom: + secretKeyRef: + name: pleroma + key: minio-secret-key + - name: S3_SCHEME + value: "http://" + - name: S3_HOST + value: minio + - name: S3_PORT + value: "80" + - name: DB_HOST + value: postgres + - name: DB_NAME + value: pleroma + - name: DB_USER + value: pleroma + - name: DB_PASS + valueFrom: + secretKeyRef: + name: postgres + key: postgres-password + volumeMounts: + - name: pleroma-config-volume + mountPath: /pleroma/config/prod.secret.exs + subPath: prod.secret.exs containers: - - name: pleroma - image: cr.forge.lan/darkdork-dev/pleroma:${CI_COMMIT_SHA} - imagePullPolicy: IfNotPresent - command: ["sh", "-c", "elixir --sname pleroma -S mix phx.server --no-compile"] - ports: - - containerPort: 4000 - env: - - name: MIX_ENV - value: prod - - name: SIGNING_SALT - value: quYau0c - - name: DOMAIN - value: darkdork.dev - - name: INSTANCE_NAME - value: DarkDork.dev - - name: ADMIN_EMAIL - value: pwm@crlf.ninja - - name: NOTIFY_EMAIL - value: pleroma@crlf.ninja - - name: REGISTRATIONS_OPEN - value: "false" - - name: INVITES_ENABLED - value: "true" - - name: SECRET_KEY_BASE - valueFrom: - secretKeyRef: - name: pleroma - key: secret-key-base - - name: WEB_PUSH_PUBLIC_KEY - valueFrom: - secretKeyRef: - name: pleroma - key: web-push-public-key - - name: WEB_PUSH_PRIVATE_KEY - valueFrom: - secretKeyRef: - name: pleroma - key: web-push-private-key - - name: DEFAULT_SIGNER - valueFrom: - secretKeyRef: - name: pleroma - key: default-signer - - name: MEDIA_URL - value: "https://media.darkdork.dev" - - name: S3_BUCKET - value: pleroma.darkdork.dev - - name: S3_ACCESS_KEY - valueFrom: - secretKeyRef: - name: pleroma - key: minio-access-key - - name: S3_SECRET_KEY - valueFrom: - secretKeyRef: - name: pleroma - key: minio-secret-key - - name: S3_SCHEME - value: "http://" - - name: S3_HOST - value: minio - - name: S3_PORT - value: "80" - - name: DB_HOST - value: postgres - - name: DB_NAME - value: pleroma - - name: DB_USER - value: pleroma - - name: DB_PASS - valueFrom: - secretKeyRef: - name: postgres - key: postgres-password - volumeMounts: - - name: pleroma-config-volume - mountPath: /pleroma/config/prod.secret.exs - subPath: prod.secret.exs - - name: pleroma-emoji-volume - mountPath: /static-files/emoji/ - subPath: emoji/ + - name: pleroma + image: cr.forge.lan/darkdork-dev/pleroma:${CI_COMMIT_SHA} + imagePullPolicy: IfNotPresent + command: ["sh", "-c", "elixir --sname pleroma -S mix phx.server --no-compile"] + ports: + - containerPort: 4000 + - containerPort: 4021 + env: + - name: MIX_ENV + value: prod + - name: SIGNING_SALT + value: quYau0c + - name: DOMAIN + value: darkdork.dev + - name: INSTANCE_NAME + value: DarkDork.dev + - name: ADMIN_EMAIL + value: pwm@crlf.ninja + - name: NOTIFY_EMAIL + value: pleroma@crlf.ninja + - name: REGISTRATIONS_OPEN + value: "false" + - name: INVITES_ENABLED + value: "true" + - name: SECRET_KEY_BASE + valueFrom: + secretKeyRef: + name: pleroma + key: secret-key-base + - name: WEB_PUSH_PUBLIC_KEY + valueFrom: + secretKeyRef: + name: pleroma + key: web-push-public-key + - name: WEB_PUSH_PRIVATE_KEY + valueFrom: + secretKeyRef: + name: pleroma + key: web-push-private-key + - name: DEFAULT_SIGNER + valueFrom: + secretKeyRef: + name: pleroma + key: default-signer + - name: MEDIA_URL + value: "https://media.darkdork.dev" + - name: S3_BUCKET + value: pleroma.darkdork.dev + - name: S3_ACCESS_KEY + valueFrom: + secretKeyRef: + name: pleroma + key: minio-access-key + - name: S3_SECRET_KEY + valueFrom: + secretKeyRef: + name: pleroma + key: minio-secret-key + - name: S3_SCHEME + value: "http://" + - name: S3_HOST + value: minio + - name: S3_PORT + value: "80" + - name: DB_HOST + value: postgres + - name: DB_NAME + value: pleroma + - name: DB_USER + value: pleroma + - name: DB_PASS + valueFrom: + secretKeyRef: + name: postgres + key: postgres-password + volumeMounts: + - name: pleroma-config-volume + mountPath: /pleroma/config/prod.secret.exs + subPath: prod.secret.exs + - name: pleroma-emoji-volume + mountPath: /static-files/emoji/ + subPath: emoji/ volumes: - name: pleroma-config-volume configMap: diff --git a/manifests/prometheus/configmap.yaml b/manifests/prometheus/configmap.yaml new file mode 100644 index 0000000..19ac86f --- /dev/null +++ b/manifests/prometheus/configmap.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: darkdork-dev + name: prometheus-config +data: + prometheus.yaml: | + global: + scrape_interval: 15s + + scrape_configs: + - job_name: 'pleroma' + scheme: http + static_configs: + - targets: ['pleroma:4021'] \ No newline at end of file diff --git a/manifests/prometheus/deployment.yaml b/manifests/prometheus/deployment.yaml new file mode 100644 index 0000000..7eebc0c --- /dev/null +++ b/manifests/prometheus/deployment.yaml @@ -0,0 +1,40 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: prometheus + namespace: darkdork-dev +spec: + replicas: 1 + selector: + matchLabels: + app: prometheus + template: + metadata: + labels: + app: prometheus + spec: + imagePullSecrets: + - name: registry-credentials + containers: + - name: prometheus + image: prom/prometheus + imagePullPolicy: IfNotPresent + ports: + - containerPort: 9090 + volumeMounts: + - name: prometheus-data + mountPath: /prometheus + - name: prometheus-config + mountPath: /etc/prometheus/prometheus.yaml + subPath: prometheus.yaml + volumes: + - name: prometheus-data + persistentVolumeClaim: + claimName: prometheus-pvc + - name: prometheus-config + configMap: + name: prometheus-config + securityContext: + fsGroup: 1000 +--- diff --git a/manifests/prometheus/ingress.yaml b/manifests/prometheus/ingress.yaml new file mode 100644 index 0000000..17ec259 --- /dev/null +++ b/manifests/prometheus/ingress.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: prometheus + namespace: darkdork-dev +spec: + ingressClassName: nginx + rules: + - host: darkdork.prometheus.lan + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: prometheus + port: + number: 9090 +--- diff --git a/manifests/prometheus/pvc.yaml b/manifests/prometheus/pvc.yaml new file mode 100644 index 0000000..c3f7206 --- /dev/null +++ b/manifests/prometheus/pvc.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: prometheus-pvc + namespace: darkdork-dev + labels: + app: prometheus +spec: + storageClassName: longhorn-ssd + accessModes: + - ReadWriteOnce + resources: + requests: + storage: + 10Gi +--- diff --git a/manifests/prometheus/service.yaml b/manifests/prometheus/service.yaml new file mode 100644 index 0000000..b2412de --- /dev/null +++ b/manifests/prometheus/service.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: prometheus + namespace: darkdork-dev +spec: + ports: + - port: 9090 + name: prometheus + targetPort: 9090 + protocol: TCP + selector: + app: prometheus +---