DevFW-CICD/stacks-instances
14
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Automated upload for observability.t09.de

Browse source
This commit is contained in:
Automated pipeline 2025-08-13 09:33:50 +00:00 committed by Actions pipeline
parent a2fcd2ed29
commit d10f650e99
4 changed files with 36 additions and 123 deletions
Download patch file Download diff file Expand all files Collapse all files

29
otc/observability.t09.de/stacks/core/dex.yaml
View file

@ -1,29 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: dex
namespace: argocd
labels:
env: dev
spec:
project: default
syncPolicy:
automated:
selfHeal: true
syncOptions:
- CreateNamespace=true
retry:
limit: -1
destination:
name: in-cluster
namespace: dex
sources:
- repoURL: https://charts.dexidp.io
chart: dex
targetRevision: 0.23.0
helm:
valueFiles:
- $values/otc/observability.t09.de/stacks/core/dex/values.yaml
- repoURL: https://edp.buildth.ing/DevFW-CICD/stacks-instances
targetRevision: HEAD
ref: values

71
otc/observability.t09.de/stacks/core/dex/values.yaml
View file

@ -1,71 +0,0 @@
ingress:
enabled: true
className: nginx
annotations:
cert-manager.io/cluster-issuer: main
hosts:
- host: dex.observability.t09.de
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- dex.observability.t09.de
secretName: dex-cert
envVars:
- name: FORGEJO_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: dex-forgejo-client
key: clientSecret
- name: FORGEJO_CLIENT_ID
valueFrom:
secretKeyRef:
name: dex-forgejo-client
key: clientID
- name: OIDC_DEX_GRAFANA_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: dex-grafana-client
key: clientSecret
- name: OIDC_DEX_ARGO_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: dex-argo-client
key: clientSecret
config:
# Set it to a valid URL
issuer: https://dex.observability.t09.de
# See https://dexidp.io/docs/storage/ for more options
storage:
type: memory
oauth2:
skipApprovalScreen: true
alwaysShowLoginScreen: false
connectors:
- type: gitea
id: gitea
name: Forgejo
config:
clientID: "{{`{{ .Env.FORGEJO_CLIENT_ID }}`}}"
clientSecret: "{{`{{ .Env.FORGEJO_CLIENT_SECRET }}`}}"
redirectURI: https://dex.observability.t09.de/callback
baseURL: https://edp.buildth.ing
enablePasswordDB: false
staticClients:
- id: controller-argocd-dex
name: ArgoCD Client
redirectURIs:
- "http://argocd.observability.t09.de/auth/callback"
secret: "{{`{{ .Env.OIDC_DEX_ARGO_CLIENT_SECRET }}`}}"
- id: grafana
redirectURIs:
- "https://grafana.observability.t09.de/login/generic_oauth"
name: "Grafana"
secret: "{{`{{ .Env.OIDC_DEX_GRAFANA_CLIENT_SECRET }}`}}"

2
otc/observability.t09.de/stacks/forgejo/forgejo-server/manifests/forgejo-s3-backup-cronjob.yaml
View file

@ -14,7 +14,7 @@ spec:
# 60 min until backup - 10 min start - (backoffLimit * activeDeadlineSeconds) - some time sync buffer
activeDeadlineSeconds: 1350
backoffLimit: 2
ttlSecondsAfterFinished: 259200 # 3 days
ttlSecondsAfterFinished: 259200 #
template:
spec:
containers:

57
otc/observability.t09.de/stacks/observability/victoria-k8s-stack/values.yaml
View file

@ -301,7 +301,8 @@ vmsingle:
# -- Enable deployment of ingress for server component
enabled: false
# -- Ingress annotations
annotations: {}
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# -- Ingress extra labels
@ -350,8 +351,9 @@ vmcluster:
spec:
resources:
requests:
storage: 10Gi
resources: {}
storage: 10Gi
resources:
{}
# limits:
# cpu: "1"
# memory: 1500Mi
@ -368,7 +370,8 @@ vmcluster:
resources:
requests:
storage: 2Gi
resources: {}
resources:
{}
# limits:
# cpu: "1"
# memory: "1000Mi"
@ -381,7 +384,8 @@ vmcluster:
port: "8480"
replicaCount: 2
extraArgs: {}
resources: {}
resources:
{}
# limits:
# cpu: "1"
# memory: 1000Mi
@ -474,7 +478,8 @@ vmcluster:
enabled: false
# -- Ingress annotations
annotations: {}
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
@ -538,7 +543,7 @@ alertmanager:
config:
route:
receiver: "blackhole"
routes:
routes:
- matchers:
- severity=~"critical|major"
receiver: outlook
@ -546,15 +551,15 @@ alertmanager:
- name: blackhole
- name: outlook
email_configs:
- smarthost: "mail.mms-support.de:465"
auth_username: "ipcei-cis-devfw@mms-support.de"
auth_password:
- smarthost: 'mail.mms-support.de:465'
auth_username: 'ipcei-cis-devfw@mms-support.de'
auth_password:
name: email-user-credentials
key: connection-string
from: '"IPCEI CIS DevFW" <ipcei-cis-devfw@mms-support.de>'
to: "f9f9953a.mg.telekom.de@de.teams.ms"
to: 'f9f9953a.mg.telekom.de@de.teams.ms'
headers:
subject: "Grafana Mail Alerts"
subject: 'Grafana Mail Alerts'
require_tls: false
# -- Better alert templates for [slack source](https://gist.github.com/milesbxf/e2744fc90e9c41b47aa47925f8ff6512)
@ -562,7 +567,8 @@ alertmanager:
enabled: true
# -- (object) Extra alert templates
templateFiles: {}
templateFiles:
{}
# template_1.tmpl: |-
# {{ define "hello" -}}
# hello, Victoria!
@ -576,7 +582,8 @@ alertmanager:
# See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
# ingressClassName: nginx
# Values can be templated
annotations: {}
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
labels: {}
@ -619,7 +626,8 @@ vmalert:
externalLabels: {}
# -- (object) Extra VMAlert annotation templates
templateFiles: {}
templateFiles:
{}
# template_1.tmpl: |-
# {{ define "hello" -}}
# hello, Victoria!
@ -642,7 +650,8 @@ vmalert:
# See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
# ingressClassName: nginx
# Values can be templated
annotations: {}
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
labels: {}
@ -694,7 +703,8 @@ vmagent:
# -- VMAgent annotations
annotations: {}
# -- Remote write configuration of VMAgent, allowed parameters defined in a [spec](https://docs.victoriametrics.com/operator/api#vmagentremotewritespec)
additionalRemoteWrites: []
additionalRemoteWrites:
[]
#- url: http://some-remote-write/api/v1/write
# -- (object) Full spec for VMAgent CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmagentspec)
spec:
@ -717,7 +727,8 @@ vmagent:
# See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
# ingressClassName: nginx
# Values can be templated
annotations: {}
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
labels: {}
@ -781,7 +792,7 @@ defaultDatasources:
implementation: prometheus
# -- Configure additional grafana datasources (passed through tpl).
# Check [here](http://docs.grafana.org/administration/provisioning/#datasources) for details
extra:
extra:
- name: VictoriaLogs
access: proxy
type: victoriametrics-logs-datasource
@ -832,7 +843,7 @@ grafana:
# Uncomment the block below, if you want to enable VictoriaMetrics Datasource in Grafana:
# Note that Grafana will need internet access to install the datasource plugin.
plugins:
- victoriametrics-metrics-datasource
- victoriametrics-logs-datasource
@ -843,7 +854,8 @@ grafana:
# See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
# ingressClassName: nginx
# Values can be templated
annotations: {}
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
labels: {}
@ -877,7 +889,7 @@ grafana:
matchLabels:
app.kubernetes.io/name: '{{ include "grafana.name" .Subcharts.grafana }}'
endpoints:
- port: "{{ .Values.grafana.service.portName }}"
- port: '{{ .Values.grafana.service.portName }}'
# -- prometheus-node-exporter dependency chart configuration. For possible values check [here](https://github.com/prometheus-community/helm-charts/blob/main/charts/prometheus-node-exporter/values.yaml)
prometheus-node-exporter:
@ -1215,3 +1227,4 @@ kubeProxy:
# -- Add extra objects dynamically to this chart
extraObjects: []