Compare commits
15 Commits
9bb286a45f
...
cb4152c149
| Author | SHA1 | Date |
|---|---|---|
bot
|
cb4152c149 | |
 Dustin
|
982cd88255 | |
|
Dustin
|
ffa47b9fba | |
|
Dustin
|
9ec6b651c1 | |
|
Dustin
|
c83ceee994 | |
|
Dustin
|
3f39747557 | |
|
Dustin
|
8f354a4460 | |
|
Dustin
|
1c6286a977 | |
|
Dustin
|
a6683c9123 | |
|
Dustin
|
f5b79cfdf8 | |
|
Dustin
|
4cab489534 | |
bot
|
ceaa9cd2cb | |
|
bot
|
669029ea33 | |
|
Dustin
|
551f945364 | |
|
Dustin
|
26422d9f3c |
|
|
@ -94,6 +94,7 @@ identity_providers:
|
||||||
$pbkdf2-sha512$310000$TkQ1BwLrr.d8AVGWk2rLhA$z4euAPhkkZdjcxKFD3tZRtNQ/R78beW7epJ.BGFWSwQdAme5TugNj9Ba.aL5TEqrBDmXRW0xiI9EbxSszckG5A
|
$pbkdf2-sha512$310000$TkQ1BwLrr.d8AVGWk2rLhA$z4euAPhkkZdjcxKFD3tZRtNQ/R78beW7epJ.BGFWSwQdAme5TugNj9Ba.aL5TEqrBDmXRW0xiI9EbxSszckG5A
|
||||||
redirect_uris:
|
redirect_uris:
|
||||||
- https://burp.pyrocufflink.blue:9090/oauth_callback
|
- https://burp.pyrocufflink.blue:9090/oauth_callback
|
||||||
|
- https://minio.backups.pyrocufflink.blue/oauth_callback
|
||||||
- id: step-ca
|
- id: step-ca
|
||||||
description: step-ca
|
description: step-ca
|
||||||
public: true
|
public: true
|
||||||
|
|
|
||||||
|
|
@ -117,7 +117,7 @@ patches:
|
||||||
name: dch-root-ca
|
name: dch-root-ca
|
||||||
images:
|
images:
|
||||||
- name: ghcr.io/home-assistant/home-assistant
|
- name: ghcr.io/home-assistant/home-assistant
|
||||||
newTag: 2024.9.1
|
newTag: 2024.9.2
|
||||||
- name: docker.io/rhasspy/wyoming-whisper
|
- name: docker.io/rhasspy/wyoming-whisper
|
||||||
newTag: 2.1.0
|
newTag: 2.1.0
|
||||||
- name: docker.io/rhasspy/wyoming-piper
|
- name: docker.io/rhasspy/wyoming-piper
|
||||||
|
|
@ -125,4 +125,4 @@ images:
|
||||||
- name: docker.io/koenkk/zigbee2mqtt
|
- name: docker.io/koenkk/zigbee2mqtt
|
||||||
newTag: 1.40.1
|
newTag: 1.40.1
|
||||||
- name: docker.io/zwavejs/zwave-js-ui
|
- name: docker.io/zwavejs/zwave-js-ui
|
||||||
newTag: 9.18.1
|
newTag: 9.19.0
|
||||||
|
|
|
||||||
|
|
@ -9,7 +9,7 @@ metadata:
|
||||||
nginx.ingress.kubernetes.io/proxy-body-size: 40m
|
nginx.ingress.kubernetes.io/proxy-body-size: 40m
|
||||||
spec:
|
spec:
|
||||||
rules:
|
rules:
|
||||||
- host: invoiceninja.pyrocufflink.blue
|
- host: invoiceninja.pyrocufflink.net
|
||||||
http:
|
http:
|
||||||
paths:
|
paths:
|
||||||
- path: /
|
- path: /
|
||||||
|
|
@ -46,3 +46,17 @@ spec:
|
||||||
name: invoice-ninja
|
name: invoice-ninja
|
||||||
port:
|
port:
|
||||||
name: http
|
name: http
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: invoice-ninja-redirect
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: invoice-ninja-redirect
|
||||||
|
app.kubernetes.io/component: invoice-ninja
|
||||||
|
annotations:
|
||||||
|
nginx.ingress.kubernetes.io/permanent-redirect: https://invoiceninja.pyrocufflink.net
|
||||||
|
spec:
|
||||||
|
rules:
|
||||||
|
- host: invoiceninja.pyrocufflink.blue
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
APP_LOGO=https://invoiceninja.pyrocufflink.blue/images/logo.png
|
APP_LOGO=https://invoiceninja.pyrocufflink.net/images/logo.png
|
||||||
APP_URL=https://invoiceninja.pyrocufflink.blue
|
APP_URL=https://invoiceninja.pyrocufflink.net
|
||||||
TRUSTED_PROXIES=172.30.0.171,172.30.0.172,172.30.0.173
|
TRUSTED_PROXIES=172.30.0.171,172.30.0.172,172.30.0.173
|
||||||
|
|
||||||
MAIL_MAILER=smtp
|
MAIL_MAILER=smtp
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,6 @@ resources:
|
||||||
configMapGenerator:
|
configMapGenerator:
|
||||||
- name: invoice-ninja-init
|
- name: invoice-ninja-init
|
||||||
files:
|
files:
|
||||||
- init.sh
|
|
||||||
- start.sh
|
- start.sh
|
||||||
|
|
||||||
- name: invoice-ninja
|
- name: invoice-ninja
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,23 @@
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
namespace: ntfy
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- ntfy.yaml
|
||||||
|
|
||||||
|
configMapGenerator:
|
||||||
|
- name: ntfy
|
||||||
|
namespace: ntfy
|
||||||
|
files:
|
||||||
|
- server.yml
|
||||||
|
options:
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/name: ntfy
|
||||||
|
app.kubernetes.io/component: ntfy
|
||||||
|
app.kubernetes.io/instance: ntfy
|
||||||
|
app.kubernetes.io/part-of: ntfy
|
||||||
|
|
||||||
|
images:
|
||||||
|
- name: docker.io/binwiederhier/ntfy
|
||||||
|
newTag: v2.11.0
|
||||||
|
|
@ -5,25 +5,6 @@ metadata:
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/instance: ntfy
|
app.kubernetes.io/instance: ntfy
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: ntfy
|
|
||||||
namespace: ntfy
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: ntfy
|
|
||||||
app.kubernetes.io/component: ntfy
|
|
||||||
app.kubernetes.io/instance: ntfy
|
|
||||||
app.kubernetes.io/part-of: ntfy
|
|
||||||
data:
|
|
||||||
server.yml: |+
|
|
||||||
base-url: https://ntfy.pyrocufflink.net
|
|
||||||
behind-proxy: true
|
|
||||||
listen-http: '[::]:2586'
|
|
||||||
attachment-cache-dir: /var/cache/ntfy/attachments
|
|
||||||
attachment-file-size-limit: 100M
|
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,6 @@
|
||||||
|
base-url: https://ntfy.pyrocufflink.net
|
||||||
|
behind-proxy: true
|
||||||
|
listen-http: '[::]:2586'
|
||||||
|
attachment-cache-dir: /var/cache/ntfy/attachments
|
||||||
|
attachment-file-size-limit: 100M
|
||||||
|
enable-metrics: true
|
||||||
|
|
@ -12,6 +12,7 @@ resources:
|
||||||
- network-policy.yaml
|
- network-policy.yaml
|
||||||
- restic-exporter.yaml
|
- restic-exporter.yaml
|
||||||
- secrets.yaml
|
- secrets.yaml
|
||||||
|
- ../dch-root-ca
|
||||||
|
|
||||||
configMapGenerator:
|
configMapGenerator:
|
||||||
- name: restic-exporter
|
- name: restic-exporter
|
||||||
|
|
@ -29,8 +30,19 @@ patches:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: restic-exporter
|
- name: restic-exporter
|
||||||
|
env:
|
||||||
|
- name: RESTIC_CACERT
|
||||||
|
value: /run/dch-ca/dch-root-ca.crt
|
||||||
envFrom:
|
envFrom:
|
||||||
- secretRef:
|
- secretRef:
|
||||||
name: restic-s3
|
name: restic-s3
|
||||||
- configMapRef:
|
- configMapRef:
|
||||||
name: restic-exporter
|
name: restic-exporter
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /run/dch-ca
|
||||||
|
name: dch-ca
|
||||||
|
readOnly: true
|
||||||
|
volumes:
|
||||||
|
- name: dch-ca
|
||||||
|
configMap:
|
||||||
|
name: dch-root-ca
|
||||||
|
|
|
||||||
|
|
@ -21,9 +21,9 @@ spec:
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
- to:
|
- to:
|
||||||
- ipBlock:
|
- ipBlock:
|
||||||
cidr: 172.30.0.30/32
|
cidr: 172.30.0.15/32
|
||||||
ports:
|
ports:
|
||||||
- port: 9000
|
- port: 443
|
||||||
ingress:
|
ingress:
|
||||||
- from:
|
- from:
|
||||||
- namespaceSelector:
|
- namespaceSelector:
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
TZ=America/Chicago
|
TZ=America/Chicago
|
||||||
RESTIC_REPOSITORY=s3:https://burp.pyrocufflink.blue:9000/restic
|
RESTIC_REPOSITORY=s3:s3.backups.pyrocufflink.blue/restic
|
||||||
INCLUDE_PATHS=True
|
INCLUDE_PATHS=True
|
||||||
REFRESH_INTERVAL=3600
|
REFRESH_INTERVAL=3600
|
||||||
|
|
|
||||||
|
|
@ -31,8 +31,8 @@ metadata:
|
||||||
app.kubernetes.io/part-of: restic-exporter
|
app.kubernetes.io/part-of: restic-exporter
|
||||||
spec:
|
spec:
|
||||||
encryptedData:
|
encryptedData:
|
||||||
AWS_ACCESS_KEY_ID: AgCiUz6l8sPPSxh8lmtH4HEiQEu2EWN8zpS3Farh4/CxWVn01HufAU7n7xxPjMTkkoCfa42ux/WNLl3Gl539CgAoyaudlAfuzl+Uq5w3S1XesL/lTwBqYr3mF0ZeGxeHBh2h+S9IaTPef9SWFTV/F+X3rDOKw6OfMLSI3TZAarVuvNJ9GnK8vTu5MoE+4IhHfJRBor4qI9TGKOQQDtoQP9xcwWrOQJOKvyXGtOmz/u+H4K5VVsGvPpIWYDHS3V1HIzCaVLDEulL13dyNofXKmQB7mW7yPhRIn/MJGfuAvUXAE5Or1bgamftCujtl1nR8/K5Gq6h5212hVCtY2F8YMBZSt5G+GmitTSz7PJrjTB6OzXy1Uu+bNGWgjtck6bxzm/pkO44bC5/ZvhB0AESDSBIkpBSm1o7LMl6rCF+mUybsGNmRq9mcMvtMwAbUgzEewlMbdA+zN/YqEJFMZWcE9fYHms9pil3O+mDB1LilBMUczPD/zzpP88b2m36XmT3nSRBCTcfx8nqaqB6dvYK2AYjmM9iDPM0jRxZOaA6WZy3PsTUeJvfzxNapfE72lWREtaTVP3wfhwt2BcoiIxWqc7i/9LplcEOl62S2WhMtP0wJGXMSWmzxOPHno98u1aA4r/2K3LBk+9gSzA9grwi3VpK9NsADf1vFbLmd25eDqSe6zQl5YNk+Ty20uHqK53fdqwkM2WlvOmakXlw9dBr1CWGr
|
AWS_ACCESS_KEY_ID: AgAhNzhHnjDoEopNvdZaVxe84VhtxMiwxzYbwrFNvBkWMTF3aHbVjB2/qsWMjNU+a/jFFgFJZQzzfGK6Y9o0G3xFZaMwiBvBKBxRAOS6c2J8ClB7enCPD8HkAW/6BeuY3KsUW9wSEbGBlx8oW9tRWEOVFsRv6KHZwwh/vNfvSCiCXsZgBFAPorFy0Bh9FX+3PyZhANH6AAugWzGnxZGlRcNEgYx8ZnQovlFhhSxZsmUnSwyKzpZP2h+A48N3q+aUooFQlWuq6zGMEJqrFpMwiYg0M4A+60LBXneZGzc13FibWpbWpwEoX7YljnYYVnsat002U1qgkxSCoU75EKn3nay3vO6jT8lV5CUMGzbhxdNnaKbKevpaZgRZlUirrh+KGvG6pU8JghsiCKsP+HAuFRPTVfUYM2L13v5WDqOyVvLFT7S1Z1fl+LDwm1u7SPr8HYkEdgI/7ALD+vEBDUKmSCiQ8/sR3HGz9roDu8Lh0+HFZyUeuW27mEaDtSI5c/jKpWR8exN6ltClRS7vNyWuNGe1Jq3v7qyWrLEziTwxd2vunmvE/0bS6U4VgrkAvct0e6OUycuKP2Aaik/3tJA5OGYcw6x9hymc0y+XHszrIrkxJ6n4dtYP1Ymsf8OiqMTj3SOrP3+zUaFlSLi3474KlxmBR3GN/9W3wJx0nFhceXvoZVETtjdJXsfgXgMJ874WxC3YGld3weYqVSrIIs2BdjjTAc2j5g==
|
||||||
AWS_SECRET_ACCESS_KEY: AgCJ3K0gt8GqI3go1fQ/pMjFjpW0Z+j/YElaPqTUp8dpuhEdRS3MybCOjLhKwfpQN/nufRXbk0hLZYgloGznjEpdJvP4EEb3uwwdfZ2oP+h8YVyHpHsh7DlnuHUk7RwGJiL+wb+Xnh6ChsYKQQ2HfWnIQ+JZMGKDMQqaq0CwaQAde8MUZlJyqu7tZjD5wP3PFf6WxG2lwQiwD7vMi+M/r8h0a5Sf4TVdXIrRSPE9nvVmuaN7+4eAmOmzRmVqUxXqHhSL0/yMichOFGXXOCWryQlM/gm0BETEj8g9RdhqyJ6iXvgR8/ObZUQ4zoOeonaQQNZYOjgcZ+oWD+8n0gayziCIQz1Czf3HeGyXFpmVRCcQKOFb+Pz/U308zefDT/sCg4ggH8Le/7VVBYqKjUZWPFrJrhVju1IU3BZDs8PZhjaFWDIHvL7IuI9QLLKhhHHNWQ1IQSZgSyQUNYGK0lLbOWpID14w1FgIBI9+JhLSGtue+KwKgZxgrmE9QUI1CEhEPVXCZDCSmjY629QNLiVmNG/SiEL9uJAj2BlXkMpPtZuI4b9iINcw+vS8yYifdiRxcBpCZQTD9DiEf9NRh8pvC4YuwTkFVN8++vQyDtPiJPigJpZo3Uuz2S7dEcsRD28Y2sSiLMOdzTzRwovUigkUUSONCecNWhWeMWneFx7u97PvNMK1ogDOAzjDxvM13I8dw/eK6uXB9XNKZh3NkC/18RsIqdHhLhZKeAzx3VOtbvTOIw==
|
AWS_SECRET_ACCESS_KEY: AgC26kXxZxlGlIUTFVu1aG/4c+UhCnudcOmHfmqXqwDqkY4OSEuFkdpp2uTdziT3oGGLlNxcjYUJRD1Jkn+d8TAuqMfKqaosILne6SwRzAFFn1+hYyntwuV4gvCjNn6dpI5uaweX2tpwqS8RG+aGhesugLD2XpRqh+iLrqEf6vJrfJHuURmrnHmU+zl3+3RrsjFf3BaUBOHBJRA/b/QoyBsrZ/ABbp9MVP8b7g7N7+2WVE4XMvlaVfax8J49XekMISKvqnw4oEV/UB471q6wODlQC+uSzepcFX+kBrwpkGGDrtYdPISeVtYdPQ1QDRX7XVw35s1wA67hh8UuNkp2CxMJ8VUz/uVIoMPv9EdnLiWZC2/OO84jLWcFPz/w7/LyBiicmWgaCd+A9HtODBW6Gdg8s6+8mmD3u4YQW3PgYVuI1tTWccn1FCLd3O5U3V8pS88aNRqg2c9FdQ853SNv6CJwm5CjeHW7go6KaJlbElVpqy3Vi3WY+/76HVBrfo6T6RtDc18wcBLpfDh1DiVwpVHqiVwNTPMLgalnX+VuohU6LsnRzQo0jvzx9OfwhdNA+pHGgfQt2nrKHr8pSqnPsaJBlXzm4N2Su2MeXVn962RYU1KtcciClKG70WdRxUxZ/EGKqCgleUS+1kSC488XYWSwg44zCEHqfzJxgF1ykCAF6oG5FT+rKpB4845OHsFKEn2X9gDb3UExNSuyzdQeyxSQSVo1EivjQbh2jK3vtdGckkmfJ8Nlxmoi
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
name: restic-s3
|
name: restic-s3
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,7 @@ metadata:
|
||||||
labels: &labels
|
labels: &labels
|
||||||
app.kubernetes.io/name: updatebot
|
app.kubernetes.io/name: updatebot
|
||||||
spec:
|
spec:
|
||||||
schedule: 32 6 * * 1
|
schedule: 32 6 * * 6
|
||||||
timeZone: America/Chicago
|
timeZone: America/Chicago
|
||||||
concurrencyPolicy: Forbid
|
concurrencyPolicy: Forbid
|
||||||
jobTemplate:
|
jobTemplate:
|
||||||
|
|
|
||||||
|
|
@ -11,12 +11,16 @@ receivers:
|
||||||
- name: ntfy
|
- name: ntfy
|
||||||
webhook_configs:
|
webhook_configs:
|
||||||
- url: http://alertmanager-ntfy:8000/hook
|
- url: http://alertmanager-ntfy:8000/hook
|
||||||
|
- name: none
|
||||||
|
|
||||||
route:
|
route:
|
||||||
group_by:
|
group_by:
|
||||||
- '...'
|
- '...'
|
||||||
receiver: ntfy
|
receiver: ntfy
|
||||||
routes:
|
routes:
|
||||||
|
- receiver: none
|
||||||
|
matchers:
|
||||||
|
- alertname=Battery Low
|
||||||
- receiver: ntfy
|
- receiver: ntfy
|
||||||
matchers:
|
matchers:
|
||||||
- alertname=DiskUsage
|
- alertname=DiskUsage
|
||||||
|
|
|
||||||
|
|
@ -10,7 +10,7 @@ modules:
|
||||||
timeout: 2s
|
timeout: 2s
|
||||||
dns_recursive:
|
dns_recursive:
|
||||||
dns:
|
dns:
|
||||||
query_name: news.ycombinator.com
|
query_name: github.com
|
||||||
query_type: A
|
query_type: A
|
||||||
prober: dns
|
prober: dns
|
||||||
timeout: 5s
|
timeout: 5s
|
||||||
|
|
|
||||||
|
|
@ -34,10 +34,7 @@ scrape_configs:
|
||||||
- icmp
|
- icmp
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets:
|
- targets:
|
||||||
- github.com
|
- 23.29.47.1
|
||||||
- cloudflare.com
|
|
||||||
- amazonaws.com
|
|
||||||
- azure.com
|
|
||||||
relabel_configs:
|
relabel_configs:
|
||||||
- source_labels: [__address__]
|
- source_labels: [__address__]
|
||||||
target_label: __param_target
|
target_label: __param_target
|
||||||
|
|
@ -63,7 +60,6 @@ scrape_configs:
|
||||||
- https://nextcloud.pyrocufflink.net/
|
- https://nextcloud.pyrocufflink.net/
|
||||||
- https://bitwarden.pyrocufflink.blue/
|
- https://bitwarden.pyrocufflink.blue/
|
||||||
- https://git.pyrocufflink.blue/
|
- https://git.pyrocufflink.blue/
|
||||||
- https://jenkins.pyrocufflink.blue/login
|
|
||||||
- https://tabitha.biz/
|
- https://tabitha.biz/
|
||||||
- https://dustinandtabitha.com/
|
- https://dustinandtabitha.com/
|
||||||
- https://hatchlearningcenter.org/
|
- https://hatchlearningcenter.org/
|
||||||
|
|
@ -430,6 +426,17 @@ scrape_configs:
|
||||||
target_label: __address__
|
target_label: __address__
|
||||||
replacement: '$1:9187'
|
replacement: '$1:9187'
|
||||||
|
|
||||||
|
- job_name: wal-g
|
||||||
|
static_configs:
|
||||||
|
- targets:
|
||||||
|
- db0.pyrocufflink.blue
|
||||||
|
relabel_configs:
|
||||||
|
- source_labels: [__address__]
|
||||||
|
target_label: instance
|
||||||
|
- source_labels: [__address__]
|
||||||
|
target_label: __address__
|
||||||
|
replacement: '$1:9102'
|
||||||
|
|
||||||
- job_name: rabbitmq
|
- job_name: rabbitmq
|
||||||
kubernetes_sd_configs:
|
kubernetes_sd_configs:
|
||||||
- role: pod
|
- role: pod
|
||||||
|
|
@ -447,3 +454,17 @@ scrape_configs:
|
||||||
- source_labels:
|
- source_labels:
|
||||||
- __meta_kubernetes_pod_name
|
- __meta_kubernetes_pod_name
|
||||||
target_label: instance
|
target_label: instance
|
||||||
|
|
||||||
|
- job_name: ntfy
|
||||||
|
kubernetes_sd_configs:
|
||||||
|
- role: pod
|
||||||
|
namespaces:
|
||||||
|
names:
|
||||||
|
- ntfy
|
||||||
|
selectors:
|
||||||
|
- role: pod
|
||||||
|
label: app.kubernetes.io/name=ntfy
|
||||||
|
relabel_configs:
|
||||||
|
- source_labels:
|
||||||
|
- __meta_kubernetes_pod_name
|
||||||
|
target_label: instance
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue