Compare commits
4 commits
60cb3d1419
...
57582cc815
Author | SHA1 | Date | |
---|---|---|---|
Gabriel Simmer | 57582cc815 | ||
Gabriel Simmer | 37f28e2981 | ||
Gabriel Simmer | a385ed156c | ||
Gabriel Simmer | 12328f342f |
|
@ -3,7 +3,7 @@ authentik:
|
|||
enabled: false
|
||||
global:
|
||||
image:
|
||||
tag: 2024.6.0
|
||||
tag: 2024.6.1
|
||||
env:
|
||||
- name: AUTHENTIK_WEB__THREADS
|
||||
value: "2"
|
||||
|
|
|
@ -6,7 +6,7 @@ helmCharts:
|
|||
releaseName: authentik
|
||||
repo: https://charts.goauthentik.io
|
||||
valuesFile: ./authentik.yml
|
||||
version: 2024.6.0
|
||||
version: 2024.6.1
|
||||
kind: Kustomization
|
||||
namespace: authentik
|
||||
resources:
|
||||
|
|
|
@ -4,7 +4,6 @@ kind: Deployment
|
|||
metadata:
|
||||
name: e6-gallery
|
||||
namespace: e6-gallery
|
||||
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
|
|
|
@ -33,6 +33,9 @@ spec:
|
|||
secretKeyRef:
|
||||
key: username
|
||||
name: postgres-soju
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: soju
|
||||
image: git.gmem.ca/arch/soju:s3
|
||||
imagePullPolicy: Always
|
||||
name: soju
|
||||
|
|
|
@ -1,9 +1,12 @@
|
|||
listen ircs://
|
||||
listen unix+admin:///app/admin
|
||||
listen ws+insecure://
|
||||
listen http+insecure://
|
||||
listen http+prometheus://localhost:9090
|
||||
hostname irc.gmem.ca
|
||||
title irc.gmem.ca
|
||||
db postgres "dbname=soju"
|
||||
message-store db
|
||||
tls /ssl/tls.crt /ssl/tls.key
|
||||
|
||||
file-upload s3 https://7dc420732ea679a530aee304ea49a63c.r2.cloudflarestorage.com/gabrielsimmer-com
|
||||
file-cdn https://stash.arch.dog
|
|
@ -27,3 +27,4 @@ resources:
|
|||
- vaultwarden
|
||||
- smarthome
|
||||
- cert-manager
|
||||
- e6-gallery
|
||||
|
|
|
@ -34,3 +34,18 @@ spec:
|
|||
rolloutRestartTargets:
|
||||
- name: vaultwarden
|
||||
kind: Deployment
|
||||
---
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: VaultStaticSecret
|
||||
metadata:
|
||||
name: vaultwarden-keys
|
||||
namespace: vaultwarden
|
||||
spec:
|
||||
destination:
|
||||
create: true
|
||||
name: vaultwarden-keys
|
||||
mount: kv
|
||||
path: vaultwarden/keys
|
||||
refreshAfter: 30s
|
||||
type: kv-v2
|
||||
vaultAuthRef: vault
|
||||
|
|
|
@ -4,7 +4,7 @@ metadata:
|
|||
name: vaultwarden
|
||||
namespace: vaultwarden
|
||||
spec:
|
||||
replicas: 1
|
||||
replicas: 2
|
||||
selector:
|
||||
matchLabels:
|
||||
app: vaultwarden
|
||||
|
@ -16,16 +16,26 @@ spec:
|
|||
volumes:
|
||||
- name: data-dir
|
||||
emptyDir: {}
|
||||
- name: rsa-key
|
||||
secret:
|
||||
secretName: vaultwarden-keys
|
||||
initContainers:
|
||||
- name: copy-keys
|
||||
image: busybox:1.36
|
||||
command: ['sh', '-c', 'cp /keys/rsa_key.pem /data' ]
|
||||
volumeMounts:
|
||||
- name: data-dir
|
||||
mountPath: /data
|
||||
- name: rsa-key
|
||||
mountPath: /keys
|
||||
containers:
|
||||
- name: vaultwarden
|
||||
image: vaultwarden/server:1.31.0
|
||||
resources:
|
||||
limits:
|
||||
memory: "128Mi"
|
||||
cpu: "500m"
|
||||
memory: "256Mi"
|
||||
requests:
|
||||
memory: "64Mi"
|
||||
cpu: "100m"
|
||||
memory: "32Mi"
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: vaultwarden
|
||||
|
@ -41,6 +51,20 @@ spec:
|
|||
ports:
|
||||
- containerPort: 80
|
||||
name: web
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /alive
|
||||
port: 80
|
||||
failureThreshold: 1
|
||||
initialDelaySeconds: 2
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /alive
|
||||
port: 80
|
||||
failureThreshold: 1
|
||||
initialDelaySeconds: 2
|
||||
periodSeconds: 10
|
||||
volumeMounts:
|
||||
- name: data-dir
|
||||
mountPath: /data
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Loading…
Reference in a new issue