Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Gitea Actions Bot
|
6cbc573d12 |
@@ -5,6 +5,6 @@ resources:
|
||||
- app.yaml
|
||||
- external-secrets.yaml
|
||||
- deployment.yaml
|
||||
- user-unban-cronjob.yaml
|
||||
- service.yaml
|
||||
- ingress.yaml
|
||||
|
||||
|
||||
@@ -1,60 +0,0 @@
|
||||
---
|
||||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: gitea-user-unban
|
||||
labels:
|
||||
app: gitea-user-unban
|
||||
spec:
|
||||
schedule: "*/10 * * * *"
|
||||
concurrencyPolicy: Forbid
|
||||
successfulJobsHistoryLimit: 3
|
||||
failedJobsHistoryLimit: 3
|
||||
jobTemplate:
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: gitea-user-unban
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
kubernetes.io/hostname: master.tail2fe2d.ts.net
|
||||
volumes:
|
||||
- name: storage
|
||||
hostPath:
|
||||
path: /k8s/gitea
|
||||
type: Directory
|
||||
containers:
|
||||
- name: sqlite-unban
|
||||
image: 'gitea/gitea:latest'
|
||||
imagePullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
memory: "32Mi"
|
||||
cpu: "10m"
|
||||
limits:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
command:
|
||||
- /bin/sh
|
||||
- -ec
|
||||
- |
|
||||
sqlite3 -cmd ".timeout 30000" /data/gitea/gitea.db "
|
||||
UPDATE \"user\"
|
||||
SET is_active = 1,
|
||||
prohibit_login = 0,
|
||||
updated_unix = unixepoch()
|
||||
WHERE lower(email) = lower('ab@hexor.cy')
|
||||
AND (is_active <> 1 OR prohibit_login <> 0);
|
||||
|
||||
SELECT printf(
|
||||
'gitea user watchdog: id=%d login=%s email=%s is_active=%d prohibit_login=%d updated_unix=%d',
|
||||
id, lower_name, email, is_active, prohibit_login, updated_unix
|
||||
)
|
||||
FROM \"user\"
|
||||
WHERE lower(email) = lower('ab@hexor.cy');
|
||||
"
|
||||
volumeMounts:
|
||||
- name: storage
|
||||
mountPath: /data
|
||||
@@ -1,45 +0,0 @@
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: auth-proxy
|
||||
spec:
|
||||
forwardAuth:
|
||||
address: http://auth-proxy.auth-proxy.svc:80/auth
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-Auth-Request-User
|
||||
- X-Auth-Request-Email
|
||||
- X-Auth-Request-Groups
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: prometheus
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`prom.hexor.cy`)
|
||||
kind: Rule
|
||||
middlewares:
|
||||
- name: auth-proxy
|
||||
services:
|
||||
- name: prometheus-kube-prometheus-prometheus
|
||||
port: 9090
|
||||
tls:
|
||||
secretName: prometheus-tls
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: prometheus-tls
|
||||
spec:
|
||||
secretName: prometheus-tls
|
||||
issuerRef:
|
||||
name: letsencrypt
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- prom.hexor.cy
|
||||
@@ -4,7 +4,6 @@ kind: Kustomization
|
||||
resources:
|
||||
- persistentVolume.yaml
|
||||
- external-secrets.yaml
|
||||
- ingress.yaml
|
||||
- grafana-alerting-configmap.yaml
|
||||
- alertmanager-config.yaml
|
||||
- dashboards/telemt-dashboard-cm.yaml
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
|
||||
alertmanager:
|
||||
config:
|
||||
global:
|
||||
@@ -24,7 +25,7 @@ alertmanager:
|
||||
{{ end }}
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
enabled: true
|
||||
ingressClassName: traefik
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
@@ -45,7 +46,7 @@ alertmanager:
|
||||
|
||||
prometheus:
|
||||
ingress:
|
||||
enabled: false
|
||||
enabled: true
|
||||
ingressClassName: traefik
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
|
||||
@@ -16,10 +16,6 @@ proxy_applications = {
|
||||
domain = "pass.hexor.cy"
|
||||
allowed_groups = ["hexor-admin", "app-pass"]
|
||||
}
|
||||
Prometheus = {
|
||||
domain = "prom.hexor.cy"
|
||||
allowed_groups = ["hexor-admin"]
|
||||
}
|
||||
}
|
||||
|
||||
oauth2_applications = {
|
||||
|
||||
Reference in New Issue
Block a user