diff --git a/flux/cluster/apps/kustomization.yaml b/flux/cluster/apps/kustomization.yaml index a6b3f3f..05bf7ef 100644 --- a/flux/cluster/apps/kustomization.yaml +++ b/flux/cluster/apps/kustomization.yaml @@ -6,3 +6,4 @@ resources: - authentik - gitops - monitoring + - olympus diff --git a/flux/cluster/apps/olympus/kustomization.yaml b/flux/cluster/apps/olympus/kustomization.yaml new file mode 100644 index 0000000..7d67441 --- /dev/null +++ b/flux/cluster/apps/olympus/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - xirion-registry-creds.yaml + - umami diff --git a/flux/cluster/apps/olympus/umami/deployment.yaml b/flux/cluster/apps/olympus/umami/deployment.yaml new file mode 100644 index 0000000..32b5e0b --- /dev/null +++ b/flux/cluster/apps/olympus/umami/deployment.yaml @@ -0,0 +1,32 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: umami + namespace: olympus + labels: + app: umami +spec: + replicas: 1 + selector: + matchLabels: + app: umami + template: + metadata: + labels: + app: umami + spec: + containers: + - name: umami + imagePullPolicy: IfNotPresent + image: ghcr.io/mikecao/umami:postgresql-v1.31.0 + ports: + - containerPort: 3000 + name: web + env: + - name: DATABASE_TYPE + value: postgres + - name: DATABASE_URL + value: "postgresql://umami@10.42.42.26/umami" + envFrom: + - secretRef: + name: umami diff --git a/flux/cluster/apps/olympus/umami/external-secret.yaml b/flux/cluster/apps/olympus/umami/external-secret.yaml new file mode 100644 index 0000000..49a91f1 --- /dev/null +++ b/flux/cluster/apps/olympus/umami/external-secret.yaml @@ -0,0 +1,17 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: umami + namespace: olympus +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: umami + data: + - secretKey: HASH_SALT + remoteRef: + key: olympus/umami + property: hash_salt diff --git a/flux/cluster/apps/olympus/umami/ingress.yaml b/flux/cluster/apps/olympus/umami/ingress.yaml new file mode 100644 index 0000000..d96e0b3 --- /dev/null +++ b/flux/cluster/apps/olympus/umami/ingress.yaml @@ -0,0 +1,17 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: umami + namespace: olympus +spec: + rules: + - host: "analytics.0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: umami + port: + number: 80 diff --git a/flux/cluster/apps/olympus/umami/kustomization.yaml b/flux/cluster/apps/olympus/umami/kustomization.yaml new file mode 100644 index 0000000..60d441c --- /dev/null +++ b/flux/cluster/apps/olympus/umami/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - deployment.yaml + - ingress.yaml + - svc.yaml diff --git a/flux/cluster/apps/olympus/umami/svc.yaml b/flux/cluster/apps/olympus/umami/svc.yaml new file mode 100644 index 0000000..042d1e1 --- /dev/null +++ b/flux/cluster/apps/olympus/umami/svc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: umami + namespace: olympus +spec: + selector: + app: umami + ports: + - protocol: TCP + port: 80 + targetPort: web diff --git a/flux/cluster/apps/olympus/xirion-registry-creds.yaml b/flux/cluster/apps/olympus/xirion-registry-creds.yaml new file mode 100644 index 0000000..54996c3 --- /dev/null +++ b/flux/cluster/apps/olympus/xirion-registry-creds.yaml @@ -0,0 +1,19 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: xirion-registry-creds + namespace: olympus +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: xirion-registry-creds + template: + type: kubernetes.io/dockerconfigjson + data: + - secretKey: .dockerconfigjson + remoteRef: + key: xirion-registry-creds + property: dockerconfigjson diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml index 40c98a2..7f9d7fe 100644 --- a/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml +++ b/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml @@ -15,4 +15,3 @@ spec: name: zookeeper port: number: 8085 - diff --git a/flux/cluster/core/namespaces/olympus.yaml b/flux/cluster/core/namespaces/olympus.yaml new file mode 100644 index 0000000..cbea7e3 --- /dev/null +++ b/flux/cluster/core/namespaces/olympus.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: olympus + labels: + goldilocks.fairwinds.com/enabled: "true" diff --git a/nixos/hosts/database/configuration.nix b/nixos/hosts/database/configuration.nix index 2202240..52f9f05 100644 --- a/nixos/hosts/database/configuration.nix +++ b/nixos/hosts/database/configuration.nix @@ -4,7 +4,7 @@ { config, pkgs, ... }: let - databases = [ "authentik" ]; + databases = [ "authentik" "umami" ]; in { diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index f7b0b75..5523dee 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -46,7 +46,7 @@ in # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; virtualHosts."id.0x76.dev" = k8s_proxy; - virtualHosts."agola.0x76.dev" = k8s_proxy; + virtualHosts."analytics.0x76.dev" = k8s_proxy; virtualHosts."zookeeper.0x76.dev" = k8s_proxy; virtualHosts."wooloofan.club" = k8s_proxy; virtualHosts."whoami.wooloofan.club" = k8s_proxy;