--- namePrefix: prod- resources: - ../minimal-base # Prometheus, in a different namespace to the old cluster. - inflated/prometheus/charts/prometheus-node-exporter/templates/daemonset.yaml - inflated/prometheus/charts/prometheus-node-exporter/templates/serviceaccount.yaml - inflated/prometheus/charts/prometheus-node-exporter/templates/service.yaml - inflated/prometheus/charts/alertmanager/templates/serviceaccount.yaml - inflated/prometheus/charts/alertmanager/templates/services.yaml - inflated/prometheus/charts/alertmanager/templates/configmap.yaml - inflated/prometheus/charts/alertmanager/templates/statefulset.yaml - inflated/prometheus/charts/kube-state-metrics/templates/serviceaccount.yaml - inflated/prometheus/charts/kube-state-metrics/templates/deployment.yaml - inflated/prometheus/charts/kube-state-metrics/templates/role.yaml - inflated/prometheus/charts/kube-state-metrics/templates/service.yaml - inflated/prometheus/charts/kube-state-metrics/templates/clusterrolebinding.yaml - inflated/prometheus/charts/prometheus-pushgateway/templates/serviceaccount.yaml - inflated/prometheus/charts/prometheus-pushgateway/templates/deployment.yaml - inflated/prometheus/charts/prometheus-pushgateway/templates/service.yaml - inflated/prometheus/templates/serviceaccount.yaml - inflated/prometheus/templates/service.yaml - inflated/prometheus/templates/clusterrole.yaml - inflated/prometheus/templates/cm.yaml - inflated/prometheus/templates/deploy.yaml - inflated/prometheus/templates/clusterrolebinding.yaml - inflated/prometheus/templates/pvc.yaml - clusterissuer.yaml - cert-ingress-tls.yaml - svc-db.yaml - ingress.yaml - statefulset-gitea.yaml - svc-gitea.yaml - traefik-ingress-route-gitea-ssh.yaml - traefik-middleware-ssl-redirect.yaml - statefulset-radicale.yaml - svc-radicale.yaml - deploy-solar-toolkit-gateway.yaml - svc-solar-toolkit-gateway.yaml configMapGenerator: - name: gitea-scripts files: - init-directory-structure.sh=resources/gitea-init-directory-structure.sh - setup.sh=resources/gitea-setup.sh options: labels: app: gitea - name: prometheus-server namespace: prometheus behavior: merge files: - prometheus.yml=resources/prometheus.yaml - alerting_rules.yml=resources/prometheus-alerting-rules.yaml options: labels: app: prometheus - name: prometheus-alertmanager namespace: prometheus behavior: merge files: - alertmanager.yml=secrets/prometheus-alertmanager.yaml options: labels: app: prometheus - name: grafana behavior: merge files: - grafana.ini=secrets/grafana-config.ini - datasources.yaml=secrets/grafana-datasources.yaml - contactpoints.yaml=resources/grafana-contactpoints.yaml - rules.yaml=resources/grafana-rules.yaml - name: radicale-config files: - config.toml=secrets/radicale-config.toml - users=secrets/radicale-users options: labels: app: radicale secretGenerator: - name: prometheus-credentials namespace: prometheus files: - secrets/exporter-password - name: grafana-credentials files: - admin-user=secrets/grafana-admin-user - admin-password=secrets/grafana-admin-password - name: gitea-config files: - admin-username=secrets/gitea-admin-username - admin-password=secrets/gitea-admin-password - admin-email=secrets/gitea-admin-email - config.ini=secrets/gitea-config.ini options: labels: app: gitea - name: solar-toolkit-gateway files: - database-url=secrets/solar-toolkit-gateway-database-url options: labels: app: solar-toolkit-gateway patches: # Patch prometheus-server pod to mount the secrets volume. - target: kind: Deployment name: prometheus-server namespace: prometheus patch: |- - op: add path: /spec/template/spec/volumes/- value: secret: secretName: prod-prometheus-credentials name: secrets-volume - op: add path: /spec/template/spec/containers/1/volumeMounts/- value: mountPath: /etc/secrets name: secrets-volume readOnly: true # Patch Grafana deployment to inject PostgreSQL credentials: - target: kind: Deployment name: grafana path: deploy-grafana.yaml