aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/namespaces/default
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/namespaces/default')
-rw-r--r--kubernetes/namespaces/default/grafana/README.md11
-rw-r--r--kubernetes/namespaces/default/grafana/configmap.yaml37
-rw-r--r--kubernetes/namespaces/default/grafana/deployment-grafana.yaml52
-rw-r--r--kubernetes/namespaces/default/grafana/ingress.yaml24
-rw-r--r--kubernetes/namespaces/default/grafana/secrets.yamlbin342 -> 0 bytes
-rw-r--r--kubernetes/namespaces/default/grafana/services.yaml9
-rw-r--r--kubernetes/namespaces/default/grafana/volume.yaml13
7 files changed, 0 insertions, 146 deletions
diff --git a/kubernetes/namespaces/default/grafana/README.md b/kubernetes/namespaces/default/grafana/README.md
deleted file mode 100644
index 03a9682..0000000
--- a/kubernetes/namespaces/default/grafana/README.md
+++ /dev/null
@@ -1,11 +0,0 @@
-# Grafana
-
-This folder contains the manifests for deploying our Grafana instance, the service we use to query our data.
-
-This deployment expects a number of secrets and environment variables to exist in a secret called `grafana-secret-env`.
-
-| Environment | Description |
-|------------------------------|-----------------------------------------------------|
-| GF_AUTH_GITHUB_CLIENT_ID | The client ID of the Github app to use for auth |
-| GF_AUTH_GITHUB_CLIENT_SECRET | The client secret of the Github app to use for auth |
-| GF_SECURITY_ADMIN_PASSWORD | The admin password the the grafana admin console |
diff --git a/kubernetes/namespaces/default/grafana/configmap.yaml b/kubernetes/namespaces/default/grafana/configmap.yaml
deleted file mode 100644
index 18fb16f..0000000
--- a/kubernetes/namespaces/default/grafana/configmap.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: grafana-default
-data:
- # Root settings
- GF_INSTANCE_NAME: "pythondiscord"
- GF_SERVER_DOMAIN: "grafana.pythondiscord.com"
- GF_SERVER_ROOT_URL: "https://grafana.pythondiscord.com"
- GF_SECURITY_COOKIE_SECURE: "true"
-
- # GitHub Auth
- GF_AUTH_GITHUB_ENABLED: "true"
- GF_AUTH_GITHUB_SCOPES: "user:email,read:org"
- # IDs can be retrieved via `gh api orgs/python-discord/teams`.
- GF_AUTH_GITHUB_TEAM_IDS: "2638565,3854739,3114246,7361120,9120709"
- GF_AUTH_GITHUB_ROLE_ATTRIBUTE_PATH: "contains(groups[*], '@python-discord/directors') && 'Admin' || contains(groups[*], '@python-discord/sudo-devops') && 'Admin' || contains(groups[*], '@python-discord/admins') && 'Editor' || 'Viewer'"
- GF_AUTH_GITHUB_AUTH_URL: "https://github.com/login/oauth/authorize"
- GF_AUTH_GITHUB_TOKEN_URL: "https://github.com/login/oauth/access_token"
- GF_AUTH_GITHUB_API_URL: "https://api.github.com/user"
- GF_AUTH_ALLOW_SIGN_UP: "true"
-
- # Image storage
- GF_EXTERNAL_IMAGE_STORAGE_PROVIDED: "local"
-
- # Metrics
- GF_METRICS_ENABLED: "false"
-
- # User sign up
- GF_USERS_AUTO_ASSIGN_ORG: "true"
- GF_USERS_AUTO_ASSIGN_ORG_ID: "2"
-
- # Feature toggles
- GF_FEATURE_TOGGLES_ENABLE: "autoMigrateOldPanels,nestedFolders,newVizTooltips,prometheusMetricEncyclopedia,datatrails"
-
- # Plugins
- GF_INSTALL_PLUGINS: "https://storage.googleapis.com/integration-artifacts/grafana-lokiexplore-app/grafana-lokiexplore-app-latest.zip;grafana-lokiexplore-app"
diff --git a/kubernetes/namespaces/default/grafana/deployment-grafana.yaml b/kubernetes/namespaces/default/grafana/deployment-grafana.yaml
deleted file mode 100644
index 436b932..0000000
--- a/kubernetes/namespaces/default/grafana/deployment-grafana.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: grafana
-spec:
- replicas: 1
- strategy:
- type: Recreate
- selector:
- matchLabels:
- app: grafana
- template:
- metadata:
- labels:
- app: grafana
- spec:
- containers:
- - name: grafana
- image: grafana/grafana:11.0.0-preview
- imagePullPolicy: Always
- ports:
- - containerPort: 3000
- resources:
- requests:
- cpu: 200m
- memory: 100Mi
- limits:
- cpu: 300m
- memory: 250Mi
- envFrom:
- - configMapRef:
- name: grafana-default
- - secretRef:
- name: grafana-secret-env
- volumeMounts:
- - mountPath: /var/lib/grafana
- name: grafana-volume
- - mountPath: /tmp
- name: grafana-tmp
- securityContext:
- readOnlyRootFilesystem: true
- volumes:
- - name: grafana-volume
- persistentVolumeClaim:
- claimName: grafana-storage
- - name: grafana-tmp
- emptyDir:
- medium: Memory
- securityContext:
- fsGroup: 2000
- runAsUser: 1000
- runAsNonRoot: true
diff --git a/kubernetes/namespaces/default/grafana/ingress.yaml b/kubernetes/namespaces/default/grafana/ingress.yaml
deleted file mode 100644
index 60138af..0000000
--- a/kubernetes/namespaces/default/grafana/ingress.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- annotations:
- nginx.ingress.kubernetes.io/auth-tls-verify-client: "on"
- nginx.ingress.kubernetes.io/auth-tls-secret: "kube-system/mtls-client-crt-bundle"
- nginx.ingress.kubernetes.io/auth-tls-error-page: "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
- name: grafana
-spec:
- tls:
- - hosts:
- - "*.pythondiscord.com"
- secretName: pythondiscord.com-tls
- rules:
- - host: grafana.pythondiscord.com
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: grafana
- port:
- number: 3000
diff --git a/kubernetes/namespaces/default/grafana/secrets.yaml b/kubernetes/namespaces/default/grafana/secrets.yaml
deleted file mode 100644
index ab29ba8..0000000
--- a/kubernetes/namespaces/default/grafana/secrets.yaml
+++ /dev/null
Binary files differ
diff --git a/kubernetes/namespaces/default/grafana/services.yaml b/kubernetes/namespaces/default/grafana/services.yaml
deleted file mode 100644
index 947ba40..0000000
--- a/kubernetes/namespaces/default/grafana/services.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: grafana
-spec:
- ports:
- - port: 3000
- selector:
- app: grafana
diff --git a/kubernetes/namespaces/default/grafana/volume.yaml b/kubernetes/namespaces/default/grafana/volume.yaml
deleted file mode 100644
index 6283a7c..0000000
--- a/kubernetes/namespaces/default/grafana/volume.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: grafana-storage
- labels:
- app: grafana
-spec:
- storageClassName: linode-block-storage-retain
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 10Gi
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 23:05:43 +0000