From 1e40073cb756722b8c38d0eb4a4ab798fcaa4b40 Mon Sep 17 00:00:00 2001 From: Ultradesu Date: Thu, 5 Feb 2026 19:08:15 +0200 Subject: [PATCH] moved to manifests from chart --- k8s/apps/n8n/plain/rbac.yaml | 37 +++++++++++++++ k8s/apps/n8n/rbac.yaml | 71 ----------------------------- k8s/apps/n8n/storage.yaml | 12 ----- k8s/apps/n8n/values-n8n.yaml | 86 ----------------------------------- k8s/apps/n8n/values-yacy.yaml | 24 ---------- 5 files changed, 37 insertions(+), 193 deletions(-) create mode 100644 k8s/apps/n8n/plain/rbac.yaml delete mode 100644 k8s/apps/n8n/rbac.yaml delete mode 100644 k8s/apps/n8n/storage.yaml delete mode 100644 k8s/apps/n8n/values-n8n.yaml delete mode 100644 k8s/apps/n8n/values-yacy.yaml diff --git a/k8s/apps/n8n/plain/rbac.yaml b/k8s/apps/n8n/plain/rbac.yaml new file mode 100644 index 0000000..05450cb --- /dev/null +++ b/k8s/apps/n8n/plain/rbac.yaml @@ -0,0 +1,37 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: n8n +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: n8n-clusterrole +rules: +- apiGroups: + - "" + resources: + - pods + - jobs + - cronjobs + - deployments + - statefulsets + verbs: + - get + - list + - watch + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: n8n-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: n8n-clusterrole +subjects: +- kind: ServiceAccount + name: n8n + namespace: n8n \ No newline at end of file diff --git a/k8s/apps/n8n/rbac.yaml b/k8s/apps/n8n/rbac.yaml deleted file mode 100644 index b773da5..0000000 --- a/k8s/apps/n8n/rbac.yaml +++ /dev/null @@ -1,71 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: n8n-readonly -rules: -- apiGroups: [""] - resources: - - pods - - services - - endpoints - - persistentvolumeclaims - - persistentvolumes - - configmaps - - secrets - - nodes - - namespaces - - events - verbs: ["get", "list", "watch"] -- apiGroups: ["apps"] - resources: - - deployments - - replicasets - - statefulsets - - daemonsets - verbs: ["get", "list", "watch"] -- apiGroups: ["networking.k8s.io"] - resources: - - ingresses - - networkpolicies - verbs: ["get", "list", "watch"] -- apiGroups: ["extensions"] - resources: - - ingresses - verbs: ["get", "list", "watch"] -- apiGroups: ["autoscaling"] - resources: - - horizontalpodautoscalers - verbs: ["get", "list", "watch"] -- apiGroups: ["batch"] - resources: - - jobs - - cronjobs - verbs: ["get", "list", "watch"] -- apiGroups: ["metrics.k8s.io"] - resources: - - pods - - nodes - verbs: ["get", "list"] -- apiGroups: ["storage.k8s.io"] - resources: - - storageclasses - verbs: ["get", "list", "watch"] -- apiGroups: ["policy"] - resources: - - poddisruptionbudgets - verbs: ["get", "list", "watch"] - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: n8n-readonly -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: n8n-readonly -subjects: -- kind: ServiceAccount - name: n8n-readonly - namespace: n8n \ No newline at end of file diff --git a/k8s/apps/n8n/storage.yaml b/k8s/apps/n8n/storage.yaml deleted file mode 100644 index 5aae8a5..0000000 --- a/k8s/apps/n8n/storage.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: n8n-home -spec: - accessModes: - - ReadWriteMany - storageClassName: nfs-csi - resources: - requests: - storage: 10Gi diff --git a/k8s/apps/n8n/values-n8n.yaml b/k8s/apps/n8n/values-n8n.yaml deleted file mode 100644 index 7ed0db0..0000000 --- a/k8s/apps/n8n/values-n8n.yaml +++ /dev/null @@ -1,86 +0,0 @@ -nodeSelector: - kubernetes.io/hostname: master.tail2fe2d.ts.net - - -db: - type: postgresdb - -podSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - runAsNonRoot: true - -# Configure health probes for slow startup -main: - extraEnvVars: - NODES_EXCLUDE: "[]" - resources: - requests: - cpu: 100m - memory: 128Mi - limits: - cpu: 512m - memory: 512Mi - persistence: - enabled: true - existingClaim: n8n-home - mountPath: /home/node/.n8n - livenessProbe: - httpGet: - path: /healthz - port: http - initialDelaySeconds: 120 - periodSeconds: 30 - timeoutSeconds: 10 - failureThreshold: 6 - - readinessProbe: - httpGet: - path: /healthz/readiness - port: http - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 10 - - -worker: - mode: regular - -webhook: - url: https://n8n.hexor.cy - -redis: - enabled: true - -existingEncryptionKeySecret: credentials - -serviceAccount: - create: true - automount: true - annotations: {} - name: "n8n-readonly" - -externalPostgresql: - existingSecret: credentials - host: "psql.psql.svc" - username: "n8n" - database: "n8n" - -ingress: - enabled: true - className: traefik - annotations: - cert-manager.io/cluster-issuer: letsencrypt - traefik.ingress.kubernetes.io/router.middlewares: kube-system-https-redirect@kubernetescrd - - hosts: - - host: n8n.hexor.cy - paths: - - path: / - pathType: Prefix - tls: - - secretName: n8n-tls - hosts: - - '*.hexor.cy' - diff --git a/k8s/apps/n8n/values-yacy.yaml b/k8s/apps/n8n/values-yacy.yaml deleted file mode 100644 index ee05612..0000000 --- a/k8s/apps/n8n/values-yacy.yaml +++ /dev/null @@ -1,24 +0,0 @@ -nodeSelector: - kubernetes.io/hostname: master.tail2fe2d.ts.net - -resources: - limits: - memory: 2Gi - requests: - memory: 1Gi - -persistence: - enabled: true - size: 10Gi - -yacy: - network: - mode: "intranet" - config: - network.unit.bootstrap.seedlist: "" - network.unit.remotecrawl: "false" - network.unit.dhtredundancy.junior: "1" - network.unit.dhtredundancy.senior: "1" - index.receive.allow: "false" - index.distribute.allow: "false" - crawl.response.timeout: "10000" \ No newline at end of file