--- apiVersion: source.toolkit.fluxcd.io/v1 kind: HelmRepository metadata: name: twin namespace: flux-system spec: interval: 1h url: https://twin.github.io/helm-charts --- apiVersion: v1 kind: Namespace metadata: name: gatus --- apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: gatus namespace: flux-system spec: interval: 1h targetNamespace: gatus install: createNamespace: true chart: spec: chart: gatus sourceRef: kind: HelmRepository name: twin interval: 1h values: resources: requests: cpu: 10m memory: 32Mi limits: cpu: 100m memory: 64Mi ingress: enabled: true ingressClassName: traefik annotations: cert-manager.io/cluster-issuer: letsencrypt-prod traefik.ingress.kubernetes.io/router.middlewares: default-authelia-forwardauth@kubernetescrd,default-redirect-https@kubernetescrd hosts: - status.davidepiu.xyz tls: - secretName: gatus-tls hosts: - status.davidepiu.xyz config: endpoints: - name: Gitea group: apps url: https://git.davidepiu.xyz interval: 60s conditions: - "[STATUS] == 200" - name: Podinfo group: apps url: https://app.davidepiu.xyz interval: 60s conditions: - "[STATUS] == 200" - name: Vaultwarden group: apps url: https://vault.davidepiu.xyz interval: 60s conditions: - "[STATUS] == 200" - name: Authelia group: security url: https://auth.davidepiu.xyz interval: 60s conditions: - "[STATUS] == 200" - name: Flux Dashboard group: infra url: https://flux.davidepiu.xyz interval: 60s conditions: - "[STATUS] == 200" - "[RESPONSE_TIME] < 5000" - name: Kubernetes API group: infra url: https://kubernetes.default.svc.cluster.local/healthz interval: 30s client: insecure: true conditions: - "[STATUS] == 200" --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: allow-ingress-from-traefik namespace: gatus spec: podSelector: {} policyTypes: - Ingress ingress: - from: - namespaceSelector: matchLabels: kubernetes.io/metadata.name: kube-system ports: - port: 8080 protocol: TCP