diff --git a/clusters/lab/apps/gatus.yaml b/clusters/lab/apps/gatus.yaml new file mode 100644 index 0000000..3cdcdf5 --- /dev/null +++ b/clusters/lab/apps/gatus.yaml @@ -0,0 +1,111 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: twin + namespace: flux-system +spec: + interval: 1h + url: https://twin.github.io/helm-charts +--- +apiVersion: v1 +kind: Namespace +metadata: + name: gatus +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: gatus + namespace: flux-system +spec: + interval: 1h + targetNamespace: gatus + install: + createNamespace: true + chart: + spec: + chart: gatus + sourceRef: + kind: HelmRepository + name: twin + interval: 1h + values: + resources: + requests: + cpu: 10m + memory: 32Mi + limits: + cpu: 100m + memory: 64Mi + ingress: + enabled: true + ingressClassName: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/router.middlewares: default-authelia-forwardauth@kubernetescrd,default-redirect-https@kubernetescrd + hosts: + - status.davidepiu.xyz + tls: + - secretName: gatus-tls + hosts: + - status.davidepiu.xyz + config: + endpoints: + - name: Gitea + group: apps + url: https://git.davidepiu.xyz + interval: 60s + conditions: + - "[STATUS] == 200" + - name: Podinfo + group: apps + url: https://app.davidepiu.xyz + interval: 60s + conditions: + - "[STATUS] == 200" + - name: Vaultwarden + group: apps + url: https://vault.davidepiu.xyz + interval: 60s + conditions: + - "[STATUS] == 200" + - name: Authelia + group: security + url: https://auth.davidepiu.xyz + interval: 60s + conditions: + - "[STATUS] == 200" + - name: Flux Dashboard + group: infra + url: https://flux.davidepiu.xyz + interval: 60s + conditions: + - "[STATUS] == 200" + - "[RESPONSE_TIME] < 5000" + - name: Kubernetes API + group: infra + url: https://kubernetes.default.svc.cluster.local/healthz + interval: 30s + client: + insecure: true + conditions: + - "[STATUS] == 200" +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-ingress-from-traefik + namespace: gatus +spec: + podSelector: {} + policyTypes: + - Ingress + ingress: + - from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: kube-system + ports: + - port: 8080 + protocol: TCP diff --git a/clusters/lab/apps/uptime-kuma.yaml b/clusters/lab/apps/uptime-kuma.yaml deleted file mode 100644 index 3de17ad..0000000 --- a/clusters/lab/apps/uptime-kuma.yaml +++ /dev/null @@ -1,73 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: uptime-kuma - namespace: flux-system -spec: - interval: 1h - url: https://helm.irsigler.cloud ---- -apiVersion: v1 -kind: Namespace -metadata: - name: uptime-kuma ---- -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: uptime-kuma - namespace: flux-system -spec: - interval: 1h - targetNamespace: uptime-kuma - install: - createNamespace: true - chart: - spec: - chart: uptime-kuma - sourceRef: - kind: HelmRepository - name: uptime-kuma - interval: 1h - values: - ingress: - enabled: true - className: traefik - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - traefik.ingress.kubernetes.io/router.middlewares: default-authelia-forwardauth@kubernetescrd,default-redirect-https@kubernetescrd - hosts: - - host: status.davidepiu.xyz - paths: - - path: / - pathType: Prefix - tls: - - secretName: uptime-kuma-tls - hosts: - - status.davidepiu.xyz - persistence: - enabled: true - size: 4Gi - resources: - requests: - cpu: 10m - memory: 64Mi - limits: - cpu: 200m - memory: 200Mi ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: allow-ingress-from-traefik - namespace: uptime-kuma -spec: - podSelector: {} - policyTypes: - - Ingress - ingress: - - from: - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: kube-system