red/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

enable prometheus ports, configure prometheus server

Browse source
This commit is contained in:
red 2025-07-13 21:50:33 -04:00
parent f7556d0e12
commit 242b70eb21
8 changed files with 272 additions and 158 deletions
Download patch file Download diff file Expand all files Collapse all files

0
manifests/grafana/service.yaml Normal file
View file

5
manifests/pleroma/service.yaml
View file

@ -7,8 +7,13 @@ metadata:
spec: spec:
ports: ports:
- port: 80 - port: 80
name: http
targetPort: 4000 targetPort: 4000
protocol: TCP protocol: TCP
- port: 4021
name: prometheus
targetPort: 4021
protocol: TCP
selector: selector:
app: pleroma app: pleroma
--- ---

317
manifests/pleroma/templates/deployment.yaml
View file

@ -15,166 +15,167 @@ spec:
app: pleroma app: pleroma
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: registry-credentials - name: registry-credentials
initContainers: initContainers:
- name: init - name: init
image: cr.forge.lan/darkdork-dev/pleroma:${CI_COMMIT_SHA} image: cr.forge.lan/darkdork-dev/pleroma:${CI_COMMIT_SHA}
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
command: [ "sh", "-c", "mix ecto.migrate" ] command: [ "sh", "-c", "mix ecto.migrate" ]
env: env:
- name: MIX_ENV - name: MIX_ENV
value: prod value: prod
- name: SIGNING_SALT - name: SIGNING_SALT
value: quYau0c value: quYau0c
- name: DOMAIN - name: DOMAIN
value: darkdork.dev value: darkdork.dev
- name: INSTANCE_NAME - name: INSTANCE_NAME
value: DarkDork.dev value: DarkDork.dev
- name: ADMIN_EMAIL - name: ADMIN_EMAIL
value: pwm@crlf.ninja value: pwm@crlf.ninja
- name: NOTIFY_EMAIL - name: NOTIFY_EMAIL
value: pleroma@crlf.ninja value: pleroma@crlf.ninja
- name: REGISTRATIONS_OPEN - name: REGISTRATIONS_OPEN
value: "false" value: "false"
- name: INVITES_ENABLED - name: INVITES_ENABLED
value: "true" value: "true"
- name: SECRET_KEY_BASE - name: SECRET_KEY_BASE
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: pleroma name: pleroma
key: secret-key-base key: secret-key-base
- name: WEB_PUSH_PUBLIC_KEY - name: WEB_PUSH_PUBLIC_KEY
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: pleroma name: pleroma
key: web-push-public-key key: web-push-public-key
- name: WEB_PUSH_PRIVATE_KEY - name: WEB_PUSH_PRIVATE_KEY
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: pleroma name: pleroma
key: web-push-private-key key: web-push-private-key
- name: DEFAULT_SIGNER - name: DEFAULT_SIGNER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: pleroma name: pleroma
key: default-signer key: default-signer
- name: MEDIA_URL - name: MEDIA_URL
value: "https://media.darkdork.dev" value: "https://media.darkdork.dev"
- name: S3_BUCKET - name: S3_BUCKET
value: pleroma.darkdork.dev value: pleroma.darkdork.dev
- name: S3_ACCESS_KEY - name: S3_ACCESS_KEY
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: pleroma name: pleroma
key: minio-access-key key: minio-access-key
- name: S3_SECRET_KEY - name: S3_SECRET_KEY
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: pleroma name: pleroma
key: minio-secret-key key: minio-secret-key
- name: S3_SCHEME - name: S3_SCHEME
value: "http://" value: "http://"
- name: S3_HOST - name: S3_HOST
value: minio value: minio
- name: S3_PORT - name: S3_PORT
value: "80" value: "80"
- name: DB_HOST - name: DB_HOST
value: postgres value: postgres
- name: DB_NAME - name: DB_NAME
value: pleroma value: pleroma
- name: DB_USER - name: DB_USER
value: pleroma value: pleroma
- name: DB_PASS - name: DB_PASS
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: postgres name: postgres
key: postgres-password key: postgres-password
volumeMounts: volumeMounts:
- name: pleroma-config-volume - name: pleroma-config-volume
mountPath: /pleroma/config/prod.secret.exs mountPath: /pleroma/config/prod.secret.exs
subPath: prod.secret.exs subPath: prod.secret.exs
containers: containers:
- name: pleroma - name: pleroma
image: cr.forge.lan/darkdork-dev/pleroma:${CI_COMMIT_SHA} image: cr.forge.lan/darkdork-dev/pleroma:${CI_COMMIT_SHA}
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
command: ["sh", "-c", "elixir --sname pleroma -S mix phx.server --no-compile"] command: ["sh", "-c", "elixir --sname pleroma -S mix phx.server --no-compile"]
ports: ports:
- containerPort: 4000 - containerPort: 4000
env: - containerPort: 4021
- name: MIX_ENV env:
value: prod - name: MIX_ENV
- name: SIGNING_SALT value: prod
value: quYau0c - name: SIGNING_SALT
- name: DOMAIN value: quYau0c
value: darkdork.dev - name: DOMAIN
- name: INSTANCE_NAME value: darkdork.dev
value: DarkDork.dev - name: INSTANCE_NAME
- name: ADMIN_EMAIL value: DarkDork.dev
value: pwm@crlf.ninja - name: ADMIN_EMAIL
- name: NOTIFY_EMAIL value: pwm@crlf.ninja
value: pleroma@crlf.ninja - name: NOTIFY_EMAIL
- name: REGISTRATIONS_OPEN value: pleroma@crlf.ninja
value: "false" - name: REGISTRATIONS_OPEN
- name: INVITES_ENABLED value: "false"
value: "true" - name: INVITES_ENABLED
- name: SECRET_KEY_BASE value: "true"
valueFrom: - name: SECRET_KEY_BASE
secretKeyRef: valueFrom:
name: pleroma secretKeyRef:
key: secret-key-base name: pleroma
- name: WEB_PUSH_PUBLIC_KEY key: secret-key-base
valueFrom: - name: WEB_PUSH_PUBLIC_KEY
secretKeyRef: valueFrom:
name: pleroma secretKeyRef:
key: web-push-public-key name: pleroma
- name: WEB_PUSH_PRIVATE_KEY key: web-push-public-key
valueFrom: - name: WEB_PUSH_PRIVATE_KEY
secretKeyRef: valueFrom:
name: pleroma secretKeyRef:
key: web-push-private-key name: pleroma
- name: DEFAULT_SIGNER key: web-push-private-key
valueFrom: - name: DEFAULT_SIGNER
secretKeyRef: valueFrom:
name: pleroma secretKeyRef:
key: default-signer name: pleroma
- name: MEDIA_URL key: default-signer
value: "https://media.darkdork.dev" - name: MEDIA_URL
- name: S3_BUCKET value: "https://media.darkdork.dev"
value: pleroma.darkdork.dev - name: S3_BUCKET
- name: S3_ACCESS_KEY value: pleroma.darkdork.dev
valueFrom: - name: S3_ACCESS_KEY
secretKeyRef: valueFrom:
name: pleroma secretKeyRef:
key: minio-access-key name: pleroma
- name: S3_SECRET_KEY key: minio-access-key
valueFrom: - name: S3_SECRET_KEY
secretKeyRef: valueFrom:
name: pleroma secretKeyRef:
key: minio-secret-key name: pleroma
- name: S3_SCHEME key: minio-secret-key
value: "http://" - name: S3_SCHEME
- name: S3_HOST value: "http://"
value: minio - name: S3_HOST
- name: S3_PORT value: minio
value: "80" - name: S3_PORT
- name: DB_HOST value: "80"
value: postgres - name: DB_HOST
- name: DB_NAME value: postgres
value: pleroma - name: DB_NAME
- name: DB_USER value: pleroma
value: pleroma - name: DB_USER
- name: DB_PASS value: pleroma
valueFrom: - name: DB_PASS
secretKeyRef: valueFrom:
name: postgres secretKeyRef:
key: postgres-password name: postgres
volumeMounts: key: postgres-password
- name: pleroma-config-volume volumeMounts:
mountPath: /pleroma/config/prod.secret.exs - name: pleroma-config-volume
subPath: prod.secret.exs mountPath: /pleroma/config/prod.secret.exs
- name: pleroma-emoji-volume subPath: prod.secret.exs
mountPath: /static-files/emoji/ - name: pleroma-emoji-volume
subPath: emoji/ mountPath: /static-files/emoji/
subPath: emoji/
volumes: volumes:
- name: pleroma-config-volume - name: pleroma-config-volume
configMap: configMap:

16
manifests/prometheus/configmap.yaml Normal file
View file

@ -0,0 +1,16 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: darkdork-dev
name: prometheus-config
data:
prometheus.yaml: |
global:
scrape_interval: 15s
scrape_configs:
- job_name: 'pleroma'
scheme: http
static_configs:
- targets: ['pleroma:4021']

40
manifests/prometheus/deployment.yaml Normal file
View file

@ -0,0 +1,40 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: prometheus
namespace: darkdork-dev
spec:
replicas: 1
selector:
matchLabels:
app: prometheus
template:
metadata:
labels:
app: prometheus
spec:
imagePullSecrets:
- name: registry-credentials
containers:
- name: prometheus
image: prom/prometheus
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9090
volumeMounts:
- name: prometheus-data
mountPath: /prometheus
- name: prometheus-config
mountPath: /etc/prometheus/prometheus.yaml
subPath: prometheus.yaml
volumes:
- name: prometheus-data
persistentVolumeClaim:
claimName: prometheus-pvc
- name: prometheus-config
configMap:
name: prometheus-config
securityContext:
fsGroup: 1000
---

20
manifests/prometheus/ingress.yaml Normal file
View file

@ -0,0 +1,20 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: prometheus
namespace: darkdork-dev
spec:
ingressClassName: nginx
rules:
- host: darkdork.prometheus.lan
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: prometheus
port:
number: 9090
---

17
manifests/prometheus/pvc.yaml Normal file
View file

@ -0,0 +1,17 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: prometheus-pvc
namespace: darkdork-dev
labels:
app: prometheus
spec:
storageClassName: longhorn-ssd
accessModes:
- ReadWriteOnce
resources:
requests:
storage:
10Gi
---

15
manifests/prometheus/service.yaml Normal file
View file

@ -0,0 +1,15 @@
---
apiVersion: v1
kind: Service
metadata:
name: prometheus
namespace: darkdork-dev
spec:
ports:
- port: 9090
name: prometheus
targetPort: 9090
protocol: TCP
selector:
app: prometheus
---