diff --git a/base/README.adoc b/base/README.adoc index eb13309..d42c596 100644 --- a/base/README.adoc +++ b/base/README.adoc @@ -2,7 +2,7 @@ = base -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] +image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] == Maintainers diff --git a/docs/modules/components/nav.adoc b/docs/modules/components/nav.adoc index 8146755..9da39a2 100644 --- a/docs/modules/components/nav.adoc +++ b/docs/modules/components/nav.adoc @@ -7,7 +7,9 @@ ** xref:infra-trivy.adoc[infra-trivy] ** xref:mycloud-authentik.adoc[mycloud-authentik] ** xref:mycloud-collabora.adoc[mycloud-collabora] +** xref:mycloud-firefly-iii.adoc[mycloud-firefly-iii] ** xref:mycloud-gotosocial.adoc[mycloud-gotosocial] ** xref:mycloud-matrix.adoc[mycloud-matrix] ** xref:mycloud-nextcloud.adoc[mycloud-nextcloud] ** xref:mycloud-services.adoc[mycloud-services] +** xref:template.adoc[template] diff --git a/docs/modules/components/pages/mycloud-firefly-iii.adoc b/docs/modules/components/pages/mycloud-firefly-iii.adoc new file mode 120000 index 0000000..4b75def --- /dev/null +++ b/docs/modules/components/pages/mycloud-firefly-iii.adoc @@ -0,0 +1 @@ +../../../../mycloud-firefly-iii/README.adoc \ No newline at end of file diff --git a/docs/modules/components/pages/template.adoc b/docs/modules/components/pages/template.adoc new file mode 120000 index 0000000..5cba0dc --- /dev/null +++ b/docs/modules/components/pages/template.adoc @@ -0,0 +1 @@ +../../../../template/README.adoc \ No newline at end of file diff --git a/docs/modules/mycloud/pages/partial-list-components.adoc b/docs/modules/mycloud/pages/partial-list-components.adoc index 43d35df..788df2e 100644 --- a/docs/modules/mycloud/pages/partial-list-components.adoc +++ b/docs/modules/mycloud/pages/partial-list-components.adoc @@ -1,6 +1,7 @@ * xref:components:mycloud-authentik.adoc[mycloud-authentik] * xref:components:mycloud-collabora.adoc[mycloud-collabora] +* xref:components:mycloud-firefly-iii.adoc[mycloud-firefly-iii] * xref:components:mycloud-gotosocial.adoc[mycloud-gotosocial] * xref:components:mycloud-matrix.adoc[mycloud-matrix] * xref:components:mycloud-nextcloud.adoc[mycloud-nextcloud] diff --git a/infra-ingress/README.adoc b/infra-ingress/README.adoc index b08f606..250bdbb 100644 --- a/infra-ingress/README.adoc +++ b/infra-ingress/README.adoc @@ -61,6 +61,36 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | `{}` | labels on Pod- and Service-Monitor |=== + +.Values Commons Tracing +|=== +| Key | Type | Default | Description + +| commons.tracing.enabled +| bool +| `false` +| enable tracing on all components + +| commons.tracing.grpc.enabled +| bool +| `true` +| prefer grpc over http + +| commons.tracing.grpc.endpoint +| string +| `"tempo.monitoring.svc:4317"` +| grpc endpoint + +| commons.tracing.grpc.insecure +| bool +| `true` +| allow insecure connection per grpc + +| commons.tracing.http.endpoint +| string +| `"http://tempo.monitoring.svc:4318/v1/traces"` +| http endpoint +|=== .Values Other Values |=== | Key | Type | Default | Description @@ -75,6 +105,11 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | `true` | +| hostNetwork +| bool +| `true` +| + | init.namespace | string | `"bases"` diff --git a/infra-monitoring/README.adoc b/infra-monitoring/README.adoc index 4d21326..978d90f 100644 --- a/infra-monitoring/README.adoc +++ b/infra-monitoring/README.adoc @@ -62,8 +62,8 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | tls on every ingress | commons.ingress.tls.override -| string -| `nil` +| list +| `[]` | use own definition of tls (e.g. for own or wildcard certificate) |=== @@ -240,6 +240,11 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | `nil` | generated from commons.masterPassword +| grafana.auth.enabled +| bool +| `false` +| + | grafana.dashboards.annotations."grafana.mon.local/dashboard-folder" | string | `"Kubernetes"` @@ -290,6 +295,11 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | `true` | +| karma.filters.default[0] +| string +| `"@state=active"` +| + | karma.ingress.annotations | object | `{}` @@ -315,6 +325,11 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | `true` | +| prometheus.exporter.blackbox.hostNetwork +| bool +| `false` +| + | prometheus.exporter.blackbox.ingress.annotations | object | `{}` @@ -344,6 +359,11 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | string | `""` | + +| tempo.enabled +| bool +| `false` +| |=== Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/infra-monitoring/templates/kube-prometheus-stack/release.yaml b/infra-monitoring/templates/kube-prometheus-stack/release.yaml index 35e8a23..27d4a01 100644 --- a/infra-monitoring/templates/kube-prometheus-stack/release.yaml +++ b/infra-monitoring/templates/kube-prometheus-stack/release.yaml @@ -53,6 +53,13 @@ spec: {{- if .Values.prometheus.ingress.enabled }} externalUrl: "https://{{ $hostPrometheus }}" {{- end }} + {{- if .Values.tempo.enabled }} + enableRemoteWriteReceiver: true + tracingConfig: + clientType: grpc + endpoint: "tempo.{{ .Release.Namespace }}:4317" + insecure: true + {{- end }} podMonitorSelector: matchLabels: prometheus: "default" @@ -179,6 +186,14 @@ spec: enabled: true {{- end }} + {{- if .Values.tempo.enabled }} + plugin.plugin_id: + tracing: true + tracing.opentelemetry.otlp: + address: tempo.{{ .Release.Namespace }}:4317 + propagation: "w3c" + {{- end }} + {{- if and .Values.commons.auth.enabled (eq .Values.commons.auth.type "authentik") }} auth.generic_oauth: name: authentik @@ -215,6 +230,12 @@ spec: {{- end }} datasources: searchNamespace: ALL + + serviceMonitor: + enabled: true + labels: + prometheus: default + {{- with .Values.grafana.ingress }} {{- if .enabled }} {{- $hostGrafana := .host | default (printf "grafana.%s" $.Values.commons.ingress.domain) }} diff --git a/infra-monitoring/templates/tempo/configmap_datasource.yaml b/infra-monitoring/templates/tempo/configmap_datasource.yaml new file mode 100644 index 0000000..65821bd --- /dev/null +++ b/infra-monitoring/templates/tempo/configmap_datasource.yaml @@ -0,0 +1,30 @@ +{{- if .Values.tempo.enabled }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: tempo-grafana-datasource + labels: + grafana_datasource: "1" +data: + datasource.yaml: |- + apiVersion: 1 + datasources: + - uid: "tempo" + name: "Tempo" + type: tempo + url: "http://tempo.{{ .Release.Namespace }}:3100/" + jsonData: + serviceMap: + datasourceUid: 'prometheus' + nodeGraph: + enabled: true + tracesToMetrics: + datasourceUid: 'prometheus' + spanStartTimeShift: '1h' + spanEndTimeShift: '-1h' + tags: [{ key: 'service.name', value: 'service' }, { key: 'job' }] + queries: + - name: 'Sample query' + query: 'sum(rate(traces_spanmetrics_latency_bucket{$$__tags}[5m]))' +{{- end }} diff --git a/infra-monitoring/templates/tempo/release.yaml b/infra-monitoring/templates/tempo/release.yaml new file mode 100644 index 0000000..cb1a49b --- /dev/null +++ b/infra-monitoring/templates/tempo/release.yaml @@ -0,0 +1,34 @@ +{{- if .Values.tempo.enabled }} +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: tempo +spec: + chart: + spec: + sourceRef: + kind: HelmRepository + name: "grafana" + chart: "tempo" + install: + {{- toYaml .Values.commons.helm.release.install | nindent 4 }} + test: + {{- toYaml .Values.commons.helm.release.test | nindent 4 }} + upgrade: + {{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }} + driftDetection: + {{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }} + interval: 10m + values: + serviceMonitor: + enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} + additionalLabels: + {{- toYaml .Values.commons.prometheus.monitor.labels | nindent 8 }} + + tempo: + reportingEnabled: false + metricsGenerator: + enabled: true + remoteWriteUrl: "http://kube-prometheus-stack-prometheus.{{ .Release.Namespace }}:9090/api/v1/write" +{{- end }} diff --git a/infra-monitoring/templates/tempo/repo.yaml b/infra-monitoring/templates/tempo/repo.yaml new file mode 100644 index 0000000..c577a10 --- /dev/null +++ b/infra-monitoring/templates/tempo/repo.yaml @@ -0,0 +1,11 @@ +{{- if .Values.tempo.enabled }} +--- +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: grafana +spec: + url: oci://ghcr.io/grafana/helm-charts + type: oci + interval: 10m +{{- end }} diff --git a/infra-monitoring/values.yaml b/infra-monitoring/values.yaml index 96651ed..c5a722e 100644 --- a/infra-monitoring/values.yaml +++ b/infra-monitoring/values.yaml @@ -206,3 +206,6 @@ karma: - '@state=active' additionalAlertmanager: + +tempo: + enabled: false diff --git a/mycloud-authentik/README.adoc b/mycloud-authentik/README.adoc index e4b6ac9..da9bffb 100644 --- a/mycloud-authentik/README.adoc +++ b/mycloud-authentik/README.adoc @@ -62,8 +62,8 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | tls on every ingress | commons.ingress.tls.override -| string -| `nil` +| list +| `[]` | use own definition of tls (e.g. for own or wildcard certificate) |=== diff --git a/mycloud-collabora/README.adoc b/mycloud-collabora/README.adoc index da954b9..74382b3 100644 --- a/mycloud-collabora/README.adoc +++ b/mycloud-collabora/README.adoc @@ -87,8 +87,8 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | tls on every ingress | commons.ingress.tls.override -| string -| `nil` +| list +| `[]` | use own definition of tls (e.g. for own or wildcard certificate) |=== diff --git a/mycloud-firefly-iii/README.adoc b/mycloud-firefly-iii/README.adoc new file mode 100644 index 0000000..0f2d128 --- /dev/null +++ b/mycloud-firefly-iii/README.adoc @@ -0,0 +1,229 @@ + + += mycloud-firefly-iii + +image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0] +image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] +== Maintainers + +.Maintainers +|=== +| Name | Email | Url + +| WrenIX +| +| +|=== + +== Values + +.Values Commons +|=== +| Key | Type | Default | Description + +| commons.auth.host +| string +| `nil` +| default auth.(.Values.commons.ingress.domain) + +| commons.masterPassword +| string +| `"CHANGEME"` +| masterPassword to generate secrets +|=== + +.Values Commons helm release +|=== +| Key | Type | Default | Description + +| commons.helm.release.driftDetection +| object +| `{}` +| driftDetection of FluxCD HelmRelease + +| commons.helm.release.install +| object +| `{}` +| install of FluxCD HelmRelease + +| commons.helm.release.test +| object +| `{}` +| test of FluxCD HelmRelease + +| commons.helm.release.upgrade +| object +| `{}` +| upgrade of FluxCD HelmRelease +|=== + +.Values Commons Ingress +|=== +| Key | Type | Default | Description + +| commons.ingress.annotations +| object +| `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` +| annotations for all ingress objects + +| commons.ingress.domain +| string +| `"wrenix.eu"` +| top domain for all services + +| commons.ingress.tls.enabled +| bool +| `true` +| tls on every ingress + +| commons.ingress.tls.override +| list +| `[]` +| use own definition of tls (e.g. for own or wildcard certificate) +|=== + +.Values Commons mail +|=== +| Key | Type | Default | Description + +| commons.mail.from +| string +| `nil` +| send from address + +| commons.mail.host +| string +| `nil` +| smtp server + +| commons.mail.password +| string +| `nil` +| smtp password + +| commons.mail.use_ssl +| bool +| `false` +| smtp server use ssl + +| commons.mail.use_tls +| bool +| `false` +| smtp server use start tls + +| commons.mail.username +| string +| `nil` +| smtp username +|=== + +.Values Commons Persistence +|=== +| Key | Type | Default | Description + +| commons.persistence.hostPath.enabled +| bool +| `false` +| use hostPath instatt of PVC + +| commons.persistence.hostPath.prefix +| string +| `"/var/lib/mycloud"` +| use hostPath under the following path + +| commons.persistence.storageClass +| string +| `nil` +| storageClass of PVC +|=== + +.Values Commons theme +|=== +| Key | Type | Default | Description + +| commons.theme.favicon +| string +| `"/static/dist/assets/icons/icon.png"` +| favicon everywhere + +| commons.theme.logo +| string +| `"/static/dist/assets/icons/icon_left_brand.svg"` +| logo everywhere + +| commons.theme.title +| string +| `"myCloud"` +| title everywhere +|=== +.Values Other Values +|=== +| Key | Type | Default | Description + +| commons.auth.authentik.backend +| string +| `"mycloud-authentik-hr-server"` +| + +| database.host +| string +| `"mycloud-services-postgresql"` +| default is from mysql-services + +| database.name +| string +| `"firefly"` +| + +| database.password +| string +| `nil` +| generated by .Values.commons.masterPassword (equal to mycloud-services) + +| database.username +| string +| `"firefly"` +| + +| ingress.annotations +| object +| `{}` +| + +| ingress.host +| string +| `nil` +| default: social.(Values.commons.ingress.domain) + +| init.namespace +| string +| `"bases"` +| + +| init.version +| int +| `0` +| + +| mail.from +| string +| `nil` +| generade by Values.commons.mail.from + +| mail.host +| string +| `nil` +| default Values.commons.mail.host + +| persistence.size +| string +| `"16Gi"` +| + +| persistence.storageClass +| string +| `nil` +| +|=== + +Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/mycloud-gotosocial/README.adoc b/mycloud-gotosocial/README.adoc index 5d629e8..6a395e2 100644 --- a/mycloud-gotosocial/README.adoc +++ b/mycloud-gotosocial/README.adoc @@ -77,8 +77,8 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | tls on every ingress | commons.ingress.tls.override -| string -| `nil` +| list +| `[]` | use own definition of tls (e.g. for own or wildcard certificate) |=== @@ -171,6 +171,36 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | `"myCloud"` | title everywhere |=== + +.Values Commons Tracing +|=== +| Key | Type | Default | Description + +| commons.tracing.enabled +| bool +| `false` +| enable tracing on all components + +| commons.tracing.grpc.enabled +| bool +| `true` +| prefer grpc over http + +| commons.tracing.grpc.endpoint +| string +| `"tempo.monitoring.svc:4317"` +| grpc endpoint + +| commons.tracing.grpc.insecure +| bool +| `true` +| allow insecure connection per grpc + +| commons.tracing.http.endpoint +| string +| `"http://tempo.monitoring.svc:4318/v1/traces"` +| http endpoint +|=== .Values Other Values |=== | Key | Type | Default | Description diff --git a/mycloud-matrix/README.adoc b/mycloud-matrix/README.adoc index 60e6259..6db8f40 100644 --- a/mycloud-matrix/README.adoc +++ b/mycloud-matrix/README.adoc @@ -102,8 +102,8 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | tls on every ingress | commons.ingress.tls.override -| string -| `nil` +| list +| `[]` | use own definition of tls (e.g. for own or wildcard certificate) |=== @@ -181,6 +181,36 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | `"myCloud"` | title everywhere |=== + +.Values Commons Tracing +|=== +| Key | Type | Default | Description + +| commons.tracing.enabled +| bool +| `false` +| enable tracing on all components + +| commons.tracing.grpc.enabled +| bool +| `true` +| prefer grpc over http + +| commons.tracing.grpc.endpoint +| string +| `"tempo.monitoring.svc:4317"` +| grpc endpoint + +| commons.tracing.grpc.insecure +| bool +| `true` +| allow insecure connection per grpc + +| commons.tracing.http.endpoint +| string +| `"http://tempo.monitoring.svc:4318/v1/traces"` +| http endpoint +|=== .Values Other Values |=== | Key | Type | Default | Description diff --git a/mycloud-nextcloud/README.adoc b/mycloud-nextcloud/README.adoc index a7c702b..2743fba 100644 --- a/mycloud-nextcloud/README.adoc +++ b/mycloud-nextcloud/README.adoc @@ -77,8 +77,8 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | tls on every ingress | commons.ingress.tls.override -| string -| `nil` +| list +| `[]` | use own definition of tls (e.g. for own or wildcard certificate) |=== @@ -275,6 +275,16 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | `"nextcloud"` | +| default.language +| string +| `"en"` +| + +| default.phoneRegion +| string +| `"GB"` +| + | ingress.annotations | string | `nil` @@ -295,6 +305,16 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | `0` | +| limits.memory +| string +| `"512M"` +| + +| limits.upload +| string +| `"2G"` +| + | mail.authtype | string | `"PLAIN"` diff --git a/template/README.adoc b/template/README.adoc new file mode 100644 index 0000000..e641a9d --- /dev/null +++ b/template/README.adoc @@ -0,0 +1,244 @@ + + +=