apps: add gatus status

This commit is contained in:
xeruf 2024-02-20 11:50:05 +01:00
parent e4d111cecf
commit f1c1e96c6b
13 changed files with 211 additions and 0 deletions

View File

@ -7,3 +7,4 @@ resources:
- support-kustomization.yaml - support-kustomization.yaml
- flow-kustomization.yaml - flow-kustomization.yaml
- meet-kustomization.yaml - meet-kustomization.yaml
- status-kustomization.yaml

View File

@ -0,0 +1,13 @@
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
name: add-status
namespace: flux-system
spec:
interval: 10m
prune: true
path: ./apps/status
sourceRef:
kind: GitRepository
name: stackspout

View File

@ -0,0 +1,35 @@
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
name: gatus
namespace: flux-system
spec:
interval: 5m
retryInterval: 2m
timeout: 10m
wait: true
prune: true
path: ./apps/status/gatus
sourceRef:
kind: GitRepository
name: stackspout
dependsOn:
- name: flux
- name: local-path-provisioner
- name: gatus-secrets
- name: nginx
- name: single-sign-on
postBuild:
substituteFrom:
- kind: Secret
name: stackspin-cluster-variables
- kind: ConfigMap
name: stackspin-gatus-kustomization-variables
- kind: Secret
name: stackspin-gatus-variables
# OIDC
- kind: Secret
name: stackspin-gatus-oauth-variables
- kind: ConfigMap
name: stackspin-single-sign-on-kustomization-variables

View File

@ -0,0 +1,22 @@
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
name: gatus-secrets
namespace: flux-system
spec:
interval: 5m
timeout: 4m
wait: true
prune: true
path: ./apps/status/gatus-secrets
sourceRef:
kind: GitRepository
name: stackspout
dependsOn:
- name: flux
- name: secrets-controller
postBuild:
substituteFrom:
- kind: Secret
name: stackspin-cluster-variables

View File

@ -0,0 +1,7 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: stackspin-gatus-kustomization-variables
namespace: flux-system
data:
gatus_domain: status.${domain}

View File

@ -0,0 +1,11 @@
apiVersion: secretgenerator.mittwald.de/v1alpha1
kind: StringSecret
metadata:
name: stackspin-gatus-oauth-variables
namespace: flux-system
spec:
data:
client_id: gatus
fields:
- fieldName: client_secret
length: "32"

View File

@ -0,0 +1,9 @@
---
apiVersion: secretgenerator.mittwald.de/v1alpha1
kind: StringSecret
metadata:
name: stackspin-gatus-variables
namespace: flux-system
spec:
fields:
- fieldname: password

View File

@ -0,0 +1,21 @@
apiVersion: hydra.ory.sh/v1alpha1
kind: OAuth2Client
metadata:
name: gatus-oauth-client
# Has to live in the same namespace as the stackspin-gatus-oauth-variables secret
namespace: flux-system
spec:
# TODO copied from wekan: https://github.com/wekan/wekan/wiki/Keycloak
grantTypes:
- authorization_code
- refresh_token
- client_credentials
- implicit
responseTypes:
- id_token
- code
scope: "openid profile email stackspin_roles"
secretName: stackspin-gatus-oauth-variables
#redirectUris:
# - https://${gatus_domain}/oauth/openid/
#tokenEndpointAuthMethod: client_secret_post

View File

@ -0,0 +1,15 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gatus-data
namespace: stackspout
labels:
stackspin.net/backupSet: "gatus"
spec:
accessModes:
- ReadWriteOnce
volumeMode: Filesystem
resources:
requests:
storage: 2Gi
storageClassName: local-path

View File

@ -0,0 +1,27 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: gatus
namespace: stackspout
spec:
releaseName: gatus
chart:
spec:
chart: gatus
version: 1.0 # TODO
sourceRef:
kind: HelmRepository
name: minicloudlabs
namespace: flux-system
interval: 5m
valuesFrom:
- kind: ConfigMap
name: stackspin-gatus-values
optional: false
# Allow overriding values by ConfigMap or Secret
- kind: ConfigMap
name: stackspin-gatus-override
optional: true
- kind: Secret
name: stackspin-gatus-override
optional: true

View File

@ -0,0 +1,37 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: stackspin-gatus-values
namespace: stackspout
data:
values.yaml: |
# https://github.com/minicloudlabs/helm-charts/blob/main/charts/gatus/values.yaml
# TODO verify structure matches chart
ingress:
enabled: true
annotations:
kubernetes.io/tls-acme: "true"
hosts: [ "${gatus_domain}" ]
tls:
- secretName: gatus-tls
hosts:
- "${gatus_domain}"
security:
oidc:
issuer-url: "https://${hydra_domain}"
redirect-url: "https://${gatus_domain}/authorization-code/callback"
client-id: "${client_id}"
client-secret: "${client_secret}"
scopes: ["openid"]
#autoDiscoverUrl: 'https://${hydra_domain}/.well-known/openid-configuration'
# TODO Adjust gatus Mailing config
# mailer:
# enabled: "${outgoing_mail_enabled}"
# host: "${outgoing_mail_smtp_host}"
# port: "${outgoing_mail_smtp_port}"
# username: "${outgoing_mail_smtp_user}"
# password: "${outgoing_mail_smtp_password}"
# fromemail: "${outgoing_mail_from_address}"

View File

@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- gatus-kustomization.yaml
- gatus-secrets-kustomization.yaml

View File

@ -0,0 +1,8 @@
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
name: minicloudlabs
namespace: flux-system
spec:
interval: 60m
url: https://minicloudlabs.github.io/helm-charts