121 lines
3.2 KiB
YAML
121 lines
3.2 KiB
YAML
---
|
|
namePrefix: dev-
|
|
resources:
|
|
- ../base
|
|
- svc-db.yaml
|
|
- cm-ingress-nginx-tcp-services.yaml
|
|
|
|
helmCharts:
|
|
- name: postgresql
|
|
version: "11.1.28"
|
|
repo: https://charts.bitnami.com/bitnami
|
|
releaseName: postgresql
|
|
valuesInline:
|
|
metrics:
|
|
enabled: true
|
|
auth:
|
|
postgresPassword: postgres
|
|
database: default
|
|
|
|
configMapGenerator:
|
|
- name: prometheus-server
|
|
behavior: merge
|
|
files:
|
|
- prometheus.yml=prometheus.yaml
|
|
- name: grafana
|
|
behavior: merge
|
|
files:
|
|
- grafana.ini
|
|
- datasources.yaml=grafana-datasources.yaml
|
|
- name: invidious-config
|
|
files:
|
|
- config.yml=invidious-config.yaml
|
|
- name: element-config
|
|
files:
|
|
- config.json=element-config.json
|
|
- name: drone-config
|
|
literals:
|
|
# For Gitea/drone integration to work in dev, Gitea must be served from the
|
|
# external hostname `dev-gitea` so it matches with the internal DNS.
|
|
- gitea-server=http://dev-gitea
|
|
- server-host=dev-drone
|
|
- server-proto=http
|
|
- rpc-host=dev-drone
|
|
- rpc-proto=http
|
|
- logs-debug=false
|
|
|
|
secretGenerator:
|
|
- name: grafana-credentials
|
|
literals:
|
|
- admin-user=rob
|
|
- admin-password=testme
|
|
- name: invidious-credentials
|
|
literals:
|
|
- database-url=postgresql://kemal:kemal@dev-db:5432/invidious
|
|
# Individual keys required by init-invidious-db:
|
|
- database-host=dev-db
|
|
- database-port=5432
|
|
- database-name=invidious
|
|
- database-user=kemal
|
|
- database-password=kemal
|
|
- name: gitea-config
|
|
literals:
|
|
- admin-username=rob
|
|
- admin-password=testme
|
|
- admin-email=mail@localhost
|
|
files:
|
|
- config.ini=gitea-config.ini
|
|
- name: drone-credentials
|
|
literals:
|
|
- database-url=postgres://postgres:postgres@dev-db:5432/drone?sslmode=disable
|
|
- gitea-client-id=55847c4a-c80e-4e77-ab36-c6d102273115
|
|
- gitea-client-secret=IU4cb59RNNLuI9PRkUbldcEQ5wYPEZMBK5s6p7vTdVfe
|
|
- rpc-secret=f5ec349109bb9bbdf00e4394afd28754
|
|
- name: elon-staging-credentials
|
|
literals:
|
|
- session-key=secret
|
|
- twitter-client-id=foo
|
|
- twitter-client-secret=bar
|
|
- twitter-callback-url=http://localhost:8000/callback
|
|
- twitter-bearer-token=secret
|
|
- database-url=postgres://postgres:postgres@dev-db:5432/elon_staging?sslmode=disable
|
|
|
|
patches:
|
|
# Patch the metrics-server to not require TLS in dev cluster.
|
|
- target:
|
|
kind: Deployment
|
|
name: metrics-server
|
|
path: deploy-metrics-server.yaml
|
|
# Patch the ingress-nginx deployment to allow it to use a service with a
|
|
# namePrefix. See https://github.com/kubernetes/ingress-nginx/issues/2599#issuecomment-601170289.
|
|
- target:
|
|
kind: Deployment
|
|
name: ingress-nginx-controller
|
|
path: deploy-ingress-nginx.yaml
|
|
|
|
# Patch the ingress-nginx-admission-create job to reference its webhook with a
|
|
# namePrefix.
|
|
- target:
|
|
kind: Job
|
|
name: ingress-nginx-admission-create
|
|
path: job-ingress-nginx-admission-create.yaml
|
|
|
|
# Patch the ingress-nginx-admission-patch job to reference its webhook with a
|
|
# namePrefix.
|
|
- target:
|
|
kind: Job
|
|
name: ingress-nginx-admission-patch
|
|
path: job-ingress-nginx-admission-patch.yaml
|
|
|
|
# Patch the ingress resource with stage-specific hostnames:
|
|
- target:
|
|
kind: Ingress
|
|
name: ingress
|
|
path: ingress.yaml
|
|
|
|
# Patch Grafana deployment to inject PostgreSQL credentials:
|
|
- target:
|
|
kind: Deployment
|
|
name: grafana
|
|
path: deploy-grafana.yaml
|