diff --git a/kubernetes/apps/default/microbin/app/helmrelease.yaml b/kubernetes/apps/default/microbin/app/helmrelease.yaml index 19a0aa094..3aceb8ec5 100644 --- a/kubernetes/apps/default/microbin/app/helmrelease.yaml +++ b/kubernetes/apps/default/microbin/app/helmrelease.yaml @@ -2,69 +2,81 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: - name: &app microbin - namespace: default + name: microbin spec: - interval: 15m chart: spec: chart: app-template - version: 1.5.1 sourceRef: kind: HelmRepository name: bjw-s-charts namespace: flux-system - install: - createNamespace: true - remediation: - retries: 5 - upgrade: - remediation: - retries: 5 + version: 3.4.0 values: - controller: - type: statefulset - annotations: - reloader.stakater.com/auto: "true" - fullNameOverride: *app - image: - repository: docker.io/danielszabo99/microbin - tag: 2.0.4@sha256:c5bd4643135540a68a2846950fe4f65f3bcc94b62ed7c7644e563dfde6f1732c - env: - MICROBIN_PUBLIC_PATH: "https://pastebin.${SECRET_DOMAIN}" - MICROBIN_PORT: "80" - MICROBIN_DATA_DIR: &data /var/lib/microbin - envfrom: - - secretRef: - name: microbin-secret - volumeClaimTemplates: - - name: data - mountPath: *data - accessMode: ReadWriteOnce - size: 1Mi - service: - main: - ports: - http: - port: &port 80 + controllers: + microbin: + containers: + app: + env: + MICROBIN_PUBLIC_PATH: "https://pastebin.${SECRET_DOMAIN}" + MICROBIN_PORT: "80" + MICROBIN_DATA_DIR: &data /var/lib/microbin + envFrom: + - secretRef: + name: microbin-secret + image: + repository: ghcr.io/vaskozl/microbin-bin + tag: 2.0.4@sha256:0b6bd97aafff7c54c66611f3428218314f191594f8c4a4836b54b16b6a1b3689 + probes: + liveness: + enabled: true + readiness: + enabled: true + resources: + limits: + memory: 80Mi + requests: + cpu: 10m + memory: 10Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + statefulset: + podManagementPolicy: Parallel + volumeClaimTemplates: + - accessMode: ReadWriteOnce + globalMounts: + - path: *data + name: data + size: 1Mi + type: statefulset + defaultPodOptions: + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault ingress: - main: - enabled: true - ingressClassName: "internal" - annotations: - gatus.io/enabled: "true" - hajimari.io/icon: simple-icons:pastebin + app: + className: external hosts: - host: &host "pastebin.${SECRET_DOMAIN}" paths: - path: / - pathType: Prefix + service: + identifier: app + port: http tls: - hosts: - *host - resources: - requests: - cpu: 5m - memory: 50Mi - limits: - memory: 250Mi + service: + app: + controller: microbin + ports: + http: + port: 80 diff --git a/kubernetes/apps/default/microbin/ks.yaml b/kubernetes/apps/default/microbin/ks.yaml index 6d9654bd9..e1b2bebd9 100644 --- a/kubernetes/apps/default/microbin/ks.yaml +++ b/kubernetes/apps/default/microbin/ks.yaml @@ -5,16 +5,13 @@ metadata: name: cluster-apps-microbin namespace: flux-system spec: + targetNamespace: default path: ./kubernetes/apps/default/microbin/app prune: true sourceRef: kind: GitRepository name: home-kubernetes - healthChecks: - - apiVersion: helm.toolkit.fluxcd.io/v2beta1 - kind: HelmRelease - name: microbin - namespace: default + wait: true interval: 30m retryInterval: 1m - timeout: 3m + timeout: 15m