forte prod
This commit is contained in:
@@ -0,0 +1,61 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ../../base/cert-manager-application
|
||||
- ../../base/cluster-resources-application
|
||||
- ../../base/enterprise-apps
|
||||
- ../../base/fluent-bit
|
||||
- ../../base/gitea
|
||||
- ../../base/gitea-actions
|
||||
- ../../base/grafana
|
||||
- ../../base/grafana-dashboards
|
||||
- ../../base/homepage
|
||||
- ../../base/karpor
|
||||
- ../../base/keycloak
|
||||
- ../../base/kyverno
|
||||
- ../../base/kyverno-policies
|
||||
- ../../base/loki
|
||||
- ../../base/opencost
|
||||
- ../../base/prometheus
|
||||
- ../../base/renovate
|
||||
- ../../base/sealedsecrets
|
||||
- ../../base/tempo
|
||||
- ../../base/traefik-application
|
||||
- ../../base/vault
|
||||
|
||||
patches:
|
||||
# Traefik: swap upc-dev → forte-group
|
||||
- target:
|
||||
kind: Application
|
||||
name: traefik
|
||||
patch: |
|
||||
- op: replace
|
||||
path: /spec/sources/0/helm/valueFiles/1
|
||||
value: $values/infra/values/forte-group/traefik-values.yaml
|
||||
|
||||
# Grafana: swap upc-dev → forte-group
|
||||
- target:
|
||||
kind: Application
|
||||
name: grafana
|
||||
patch: |
|
||||
- op: replace
|
||||
path: /spec/sources/0/helm/valueFiles/1
|
||||
value: $values/infra/values/forte-group/grafana-values.yaml
|
||||
|
||||
# OpenCost: swap upc-dev → forte-group
|
||||
- target:
|
||||
kind: Application
|
||||
name: opencost
|
||||
patch: |
|
||||
- op: replace
|
||||
path: /spec/sources/0/helm/valueFiles/1
|
||||
value: $values/infra/values/forte-group/opencost-values.yaml
|
||||
|
||||
# Gitea: swap upc-dev → forte-group
|
||||
- target:
|
||||
kind: Application
|
||||
name: gitea
|
||||
patch: |
|
||||
- op: replace
|
||||
path: /spec/sources/0/helm/valueFiles/1
|
||||
value: $values/infra/values/forte-group/gitea-values.yaml
|
||||
@@ -28,12 +28,3 @@ resources:
|
||||
|
||||
# No patches needed — base already has "upc-dev" paths
|
||||
# upc-dev is the default/base cluster
|
||||
|
||||
patches:
|
||||
- target:
|
||||
kind: Application
|
||||
name: databunker
|
||||
patch: |
|
||||
- op: add
|
||||
path: /spec/sources/0/helm/valueFiles/-
|
||||
value: $values/infra/values/upc-dev/databunker-values.yaml
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
global:
|
||||
domain: argocd.fortedigital.com
|
||||
notifications:
|
||||
context:
|
||||
clusterName: "prod-fd-no-svg1"
|
||||
@@ -0,0 +1,50 @@
|
||||
# UpCloud storage class for Gitea and its embedded PostgreSQL
|
||||
persistence:
|
||||
storageClass: upcloud-block-storage-maxiops
|
||||
postgresql:
|
||||
primary:
|
||||
persistence:
|
||||
storageClass: upcloud-block-storage-maxiops
|
||||
|
||||
gitea:
|
||||
# -- Gitea app.ini configuration
|
||||
config:
|
||||
APP_NAME: "Forte Git"
|
||||
|
||||
server:
|
||||
DOMAIN: source.forteapps.net
|
||||
ROOT_URL: https://source.forteapps.net
|
||||
SSH_DOMAIN: source.forteapps.net
|
||||
|
||||
|
||||
# -- Ingress via Traefik with Let's Encrypt TLS
|
||||
ingress:
|
||||
enabled: true
|
||||
className: traefik
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
gethomepage.dev/enabled: "true"
|
||||
gethomepage.dev/name: "Gitea"
|
||||
gethomepage.dev/description: "Git hosting & CI/CD"
|
||||
gethomepage.dev/group: "DevOps"
|
||||
gethomepage.dev/icon: "gitea"
|
||||
gethomepage.dev/href: "https://source.forteapps.net"
|
||||
gethomepage.dev/widget.type: "gitea"
|
||||
gethomepage.dev/widget.url: "https://source.forteapps.net"
|
||||
gethomepage.dev/widget.key: "{{HOMEPAGE_VAR_GITEA_TOKEN}}"
|
||||
hosts:
|
||||
- host: source.forteapps.net
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- source.forteapps.net
|
||||
|
||||
# -- Git repository storage
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 20Gi
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
@@ -0,0 +1,3 @@
|
||||
ingress:
|
||||
hosts:
|
||||
- grafana.fortedigital.com
|
||||
@@ -0,0 +1,2 @@
|
||||
ingress:
|
||||
hostname: id.forteapps.com
|
||||
@@ -0,0 +1,15 @@
|
||||
# UpCloud custom pricing (no native OpenCost integration)
|
||||
opencost:
|
||||
exporter:
|
||||
customPricing:
|
||||
enabled: true
|
||||
provider: custom
|
||||
costModel:
|
||||
description: "UpCloud 4-node cluster pricing"
|
||||
CPU: "5.86"
|
||||
RAM: "1.46"
|
||||
GPU: "0"
|
||||
storage: "0.34"
|
||||
zoneNetworkEgress: "0"
|
||||
regionNetworkEgress: "0"
|
||||
internetNetworkEgress: "0"
|
||||
@@ -0,0 +1,13 @@
|
||||
service:
|
||||
annotations: {}
|
||||
ports:
|
||||
web:
|
||||
proxyProtocol:
|
||||
trustedIPs: "10.0.0.0/16"
|
||||
forwardedHeaders:
|
||||
trustedIPs: "10.0.0.0/16"
|
||||
websecure:
|
||||
proxyProtocol:
|
||||
trustedIPs: "10.0.0.0/16"
|
||||
forwardedHeaders:
|
||||
trustedIPs: "10.0.0.0/16"
|
||||
@@ -1,8 +0,0 @@
|
||||
dot-ai:
|
||||
ingress:
|
||||
host: kubemcp.fortedigital.com
|
||||
webUI:
|
||||
baseUrl: http://kubemcpui.fortedigital.com
|
||||
dot-ai-ui:
|
||||
ingress:
|
||||
host: kubemcpui.fortedigital.com
|
||||
Reference in New Issue
Block a user