aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes (follow)
Commit message (Collapse)AuthorAgeLines
* Move IPA CA to be a cluster-wide configmap (with Reflector)Gravatar Joe Banks2024-07-26-34/+39
|
* Add new modmail secretsGravatar Chris Lovering2024-07-26-0/+0
|
* Redirect requests to root to account config pageGravatar Joe Banks2024-07-25-13/+17
|
* chore(deps): update registry.k8s.io/kube-state-metrics/kube-state-metrics ↵Gravatar renovate[bot]2024-07-24-1/+1
| | | | | | | | | docker tag to v2.13.0 (#412) | datasource | package | from | to | | ---------- | ----------------------------------------------------- | ------- | ------- | | docker | registry.k8s.io/kube-state-metrics/kube-state-metrics | v2.12.0 | v2.13.0 | Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* Remove ghost blogGravatar Chris Lovering2024-07-22-99/+0
|
* chore(deps): update ghost docker tag to v5.88Gravatar renovate[bot]2024-07-22-1/+1
| | | | | | | datasource | package | from | to | | ---------- | ------- | ---- | ---- | | docker | ghost | 5.87 | 5.88 |
* Add a trust store to Keycloak for the IPA generated CAGravatar Joe Banks2024-07-21-1/+44
| | | | | | | This allows us to authenticate requests to LDAP with LDAPS and ensure a) authenticity and b) security of the transmission. Signed-off-by: Joe Banks <[email protected]>
* chore(deps): update quay.io/keycloak/keycloak docker tag to v25.0.2Gravatar renovate[bot]2024-07-18-1/+1
| | | | | | | datasource | package | from | to | | ---------- | ------------------------- | ------ | ------ | | docker | quay.io/keycloak/keycloak | 25.0.1 | 25.0.2 |
* Update node_exporter daemonset to 1.27+ featuresetGravatar Joe Banks2024-07-18-3/+3
|
* chore(deps): update quay.io/prometheus/node-exporter docker tag to v1.8.2Gravatar renovate[bot]2024-07-18-1/+1
| | | | | | | datasource | package | from | to | | ---------- | -------------------------------- | ------ | ------ | | docker | quay.io/prometheus/node-exporter | v1.2.0 | v1.8.2 |
* chore(deps): update ghost docker tag to v5.87Gravatar renovate[bot]2024-07-18-1/+1
| | | | | | | datasource | package | from | to | | ---------- | ------- | ---- | ---- | | docker | ghost | 5.78 | 5.87 |
* Add certbot post deploy hook to reload nginxGravatar Chris Lovering2024-07-16-1/+2
|
* Document current redis database usageGravatar Chris Lovering2024-07-16-0/+7
|
* Add redis url secret to forms-backendGravatar Chris Lovering2024-07-16-0/+0
|
* Add Admins to Grafana authorized Team IDsGravatar Joe Banks2024-07-14-1/+1
|
* Bump mogno mem requests and limitGravatar Chris Lovering2024-07-10-2/+2
|
* Add sumer code jam announcement channel idGravatar Chris Lovering2024-07-05-0/+1
|
* Add YouTube API key to king-arthurGravatar Chris Lovering2024-07-05-0/+3
| | | | This also documents secrets that were already present in the file.
* Update Sir Robin to CJ11 (#399)Gravatar Boris Muratov2024-07-03-1/+1
|
* Move noqa definition required in latest ruff versionGravatar Chris Lovering2024-07-01-2/+2
|
* Allow new kube-state-metrics image to watch ingressesGravatar Joe Banks2024-07-01-0/+1
|
* Move away from vendored kube-state-metricsGravatar Joe Banks2024-07-01-1/+1
|
* Add issuer for Vault certificates in tooling namespaceGravatar Joe Banks2024-06-27-0/+5
| | | | | We will use this to deploy internal TLS certificates from a self-signed CA that allows for TLS traffic within the cluster.
* Add deployment of KeycloakGravatar Joe Banks2024-06-27-0/+122
|
* Scale AM back to 3 replicasGravatar Chris Lovering2024-06-24-1/+1
|
* Add ff-bot deploymentGravatar Joe Banks2024-06-16-0/+82
|
* Add Kubernetes volume alertsGravatar Joe Banks2024-06-16-0/+11
| | | | | | | | | | | It seems that Linode has added storage reporting info to the CSI driver allowing us to pick up on the storage use of persistent volume claims within the cluster. This creates and deploys an alert that will report if any volume has under 10% of space left. I have excluded Prometheus as our TSDB retention settings mean that it will always stay just below it's volume size by design.
* Update Loki config with new compactor preferences for retention modesGravatar Joe Banks2024-06-13-1/+6
| | | | | | | | | * `retention_enabled`: enable retention mode within the compactor * `delete_request_store`: store deletion requests within the s3 cluster that is also used to house log chunks * `delete_request_cancel_period`: do not exercise log deletion instructions until at least one hour has passed to prevent accidental deletion
* Update Prometheus deployment with a tmpfs for the reloaderGravatar Joe Banks2024-06-10-0/+9
|
* Add secrets for reloader webhookGravatar Joe Banks2024-06-10-0/+0
|
* Add sidecar container to reload Prometheus config on changeGravatar Joe Banks2024-06-10-0/+25
|
* Add reloader hook configmap to reload prometheus on changeGravatar Joe Banks2024-06-10-0/+38
|
* Add Alert for Prometheus config reload failureGravatar Joe Banks2024-06-10-0/+9
|
* Enable scraping of Prometheus podsGravatar Joe Banks2024-06-10-0/+3
|
* Update Pinnwand logo to square imageGravatar Joe Banks2024-06-09-1/+1
|
* Update from command to args in site deploymentGravatar Joe Banks2024-06-07-1/+1
| | | | | | | | Kubernetes renames ENTRYPOINT in Docker images to command and any additional args go in `args` (confusing, I know!) This ensures that we run within the context of Poetry so can reach Django and other installed requirements when running migrations.
* Remove unnecessary shell execution for migration initContainerGravatar Joe Banks2024-06-07-3/+3
|
* Update site to run migrations in an init containerGravatar Joe Banks2024-06-07-0/+13
| | | | | | | | | | | | | | | | | | In accordance with updates from python-discord/site#1338 this changes the way migrations are run. Previously, migrations would be run all from within the manage.py execution process with the command being manually spawned using Django internals. After python-discord/site#1338 merges the Dockerfile will directly invoke gunicorn and bypass manage.py to simplify the process and avoid problems with shared database contexts. Hence, we need to manually run migrations using an init container. With testing there is no additional delay in doing this as spinning up an init container is cheap and we don't cut over any traffic until the site passes a healthcheck anyway.
* Rename relabelledpods to just podsGravatar Joe Banks2024-06-07-1/+1
| | | | | | | This was a redundant rename and reduced the clarity of jobs when querying from inside Grafana. This rectifies that by renaming the stream to just `pods`.
* Reflect pydis.wtf certificate into Loki namespaceGravatar Joe Banks2024-06-07-2/+2
|
* Add secret for Loki authenticationGravatar Joe Banks2024-06-07-0/+0
|
* Add new Ingress for Loki gatewayGravatar Joe Banks2024-06-07-0/+25
|
* Add Metricity manifestGravatar Joe Banks2024-06-06-0/+30
| | | | Copies the Metricity deployment manifest from the Metricity repo.
* Add tmpfs to King ArthurGravatar Joe Banks2024-06-05-0/+9
|
* Remove PostgreSQL Exporter from KubernetesGravatar Joe Banks2024-06-02-55/+0
|
* Remove Kubernetes PostgreSQL AlertsGravatar Joe Banks2024-06-02-29/+0
|
* Remove Kubernetes PostgreSQL backup from BlackboxGravatar Joe Banks2024-06-02-6/+1
|
* Remove PostgreSQL deployment from KubernetesGravatar Joe Banks2024-06-02-127/+0
|
* Update pixels environment variableGravatar Joe Banks2024-06-02-0/+0
|
* Update Metabase configuration secretGravatar Joe Banks2024-06-02-0/+0
|
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-22 19:45:31 +0000