Merge branch 'master' of ssh://strix:/home/ntr/repos/strix

2024-04-07 23:55:17 +10:00 · 2024-04-07 23:55:17 +10:00 · a178e32326
commit a178e32326
parent bd738b14a3 6a7d804939
11 changed files with 32 additions and 31 deletions
--- a/README.md
+++ b/README.md
@ -5,4 +5,6 @@
 [x] private registry
 [x] secrets
 [x] ntr-cv static containers
-[ ] grafana etc
+[x] check mnmlgg mail
 [x] ufw
 [x] grafana etc
--- a/crates/crates.ingress.yaml
+++ b/crates/crates.ingress.yaml
@ -9,7 +9,7 @@ kind: Ingress
 metadata:
  name: crates-client
  annotations:
-    cert-manager.io/issuer: "letsencrypt-prod"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 spec:
  ingressClassName: nginx
  tls:
@ -34,7 +34,7 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  annotations:
-    cert-manager.io/issuer: "letsencrypt-prod"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/use-regex: "true"
    nginx.ingress.kubernetes.io/rewrite-target: /$2
  name: crates-api
--- a/mnml/mnml.ingress.yaml
+++ b/mnml/mnml.ingress.yaml
@ -8,7 +8,7 @@ kind: Ingress
 metadata:
  name: mnml-client
  annotations:
-    cert-manager.io/issuer: "letsencrypt-prod"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 spec:
  ingressClassName: nginx
  tls:
@ -35,7 +35,7 @@ metadata:
  name: mnml-api
  namespace: default
  annotations:
-    cert-manager.io/issuer: "letsencrypt-prod"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.org/websocket-services: "mnml-ws"
 spec:
  ingressClassName: nginx
@ -62,7 +62,7 @@ kind: Ingress
 metadata:
  name: mnml-ws
  annotations:
-    cert-manager.io/issuer: "letsencrypt-prod"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.org/proxy-read-timeout: "3600"
    nginx.org/proxy-send-timeout: "3600"
    nginx.org/websocket-services: mnml-ws
--- a/monitoring/grafana.yaml
+++ b/monitoring/grafana.yaml
@ -10,7 +10,7 @@ spec:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  claimRef:
-    namespace: default
+    namespace: monitor
    name: grafana-pvc
  hostPath:
    path: "/var/lib/rancher/k3s/storage/grafana-pv"
@ -20,6 +20,7 @@ apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: grafana-pvc
  namespace: monitor
 spec:
  volumeName: grafana-pv
  accessModes:
@ -27,15 +28,3 @@ spec:
  resources:
    requests:
      storage: 1Gi
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: grafana
 spec:
  ports:
    - port: 3000
      protocol: TCP
      targetPort: http-grafana
  selector:
    app: grafana
--- a/monitoring/grafana.ingress.yaml
+++ b/monitoring/grafana.ingress.yaml
@ -3,17 +3,18 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: grafana
+  name: monitor
  namespace: monitor
  annotations:
-    cert-manager.io/issuer: "letsencrypt-prod"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 spec:
  ingressClassName: nginx
  tls:
  - hosts:
-    - grafana.strix.systems
+    - monitor.strix.systems
-    secretName: grafana-strix-systems-tls
+    secretName: monitor-strix-systems-tls
  rules:
-  - host: grafana.strix.systems
+  - host: monitor.strix.systems
    http:
      paths:
      - path: /
--- a/monitoring/values.yaml
+++ b/monitoring/values.yaml
@ -9,3 +9,12 @@ grafana:
 alertmanager:
  enabled: false
 loki:
  auth_enabled: false
  commonConfig:
    replication_factor: 1
  storage:
    type: 'filesystem'
 singleBinary:
  replicas: 1
--- a/nginx-ingress/cert-manager.yaml
+++ b/nginx-ingress/cert-manager.yaml
@ -3,7 +3,7 @@
 ---
 apiVersion: cert-manager.io/v1
-kind: Issuer
+kind: ClusterIssuer
 metadata:
  name: letsencrypt-staging
 spec:
@ -24,7 +24,7 @@ spec:
 ---
 apiVersion: cert-manager.io/v1
-kind: Issuer
+kind: ClusterIssuer
 metadata:
  name: letsencrypt-prod
 spec:
--- a/ntr-cv/ntr-cv.ingress.yaml
+++ b/ntr-cv/ntr-cv.ingress.yaml
@ -5,7 +5,7 @@ kind: Ingress
 metadata:
  name: ntr-cv
  annotations:
-    cert-manager.io/issuer: "letsencrypt-prod"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 spec:
  ingressClassName: nginx
  tls:
--- a/ntr-cv/ntr-cv.yaml
+++ b/ntr-cv/ntr-cv.yaml
@ -21,7 +21,7 @@ spec:
      containers:
        - name: ntr-cv
          image: registry.strix.systems/ntr-cv
-          imagePullPolicy: IfNotPresent
+          imagePullPolicy: Always
          ports:
            - containerPort: 8080
--- a/registry/registry.ingress.yaml
+++ b/registry/registry.ingress.yaml
@ -6,7 +6,7 @@ metadata:
  name: registry
  annotations:
    nginx.ingress.kubernetes.io/proxy-body-size: 2g
-    cert-manager.io/issuer: "letsencrypt-prod"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 spec:
  ingressClassName: nginx
  tls:
--- a/spacerace/spacerace.ingress.yaml
+++ b/spacerace/spacerace.ingress.yaml
@ -4,7 +4,7 @@ kind: Ingress
 metadata:
  name: spacerace-api
  annotations:
-    cert-manager.io/issuer: "letsencrypt-prod"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    # don't do this again
    nginx.ingress.kubernetes.io/use-regex: "true"
    nginx.ingress.kubernetes.io/rewrite-target: /$2