athens-school/Dawarich
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Initial configuration

Browse Source
This commit is contained in:
Tanguy Herbron 2025-03-06 20:56:41 +01:00
commit 930a6d0c65
12 changed files with 379 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md Normal file
View File

@ -0,0 +1,3 @@
# Dawarich
Location tracking and history

10
manifests/database-backup.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: postgresql.cnpg.io/v1
kind: ScheduledBackup
metadata:
name: dawarich-db-backup
namespace: dawarich
spec:
schedule: "0 0 0 * * *"
backupOwnerReference: self
cluster:
name: dawarich-db

8
manifests/database-ondemande-backup.yaml Normal file
View File

@ -0,0 +1,8 @@
apiVersion: postgresql.cnpg.io/v1
kind: Backup
metadata:
name: dawarich-db-ondemand-backup
namespace: dawarich
spec:
cluster:
name: dawarich-db

48
manifests/database-recovery.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: dawarich-db
namespace: dawarich
spec:
instances: 3
storage:
size: 1Gi
storageClass: local-path
bootstrap:
recovery:
source: dawarich-db
postgresql:
pg_hba:
- host all all all md5
externalClusters:
- name: dawarich-db
barmanObjectStore:
serverName: dawarich-db
destinationPath: "s3://halis/cloudnativepg"
endpointURL: https://s3.halia.dev
s3Credentials:
accessKeyId:
name: s3-secret
key: AWS_ACCESS_KEY_ID
secretAccessKey:
name: s3-secret
key: AWS_SECRET_ACCESS_KEY
region:
name: s3-secret
key: AWS_REGION
wal:
compression: gzip
maxParallel: 8
resources:
requests:
cpu: 100m
memory: 100Mi
limits:
cpu: 500m
memory: 500Mi

57
manifests/database.yaml Normal file
View File

@ -0,0 +1,57 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: dawarich-db
namespace: dawarich
spec:
instances: 3
imageName: git.halis.io/athens-school/cnpg-postgis:17-3.5
storage:
size: 1Gi
storageClass: local-path
bootstrap:
initdb:
database: dawarich
owner: dawarich
secret:
name: dawarich-db
postInitTemplateSQL:
- CREATE EXTENSION postgis;
- CREATE EXTENSION postgis_topology;
postgresql:
pg_hba:
- host all all all md5
backup:
barmanObjectStore:
destinationPath: "s3://halis/cloudnativepg"
endpointURL: https://s3.halia.dev
s3Credentials:
accessKeyId:
name: s3-secret
key: AWS_ACCESS_KEY_ID
secretAccessKey:
name: s3-secret
key: AWS_SECRET_ACCESS_KEY
region:
name: s3-secret
key: AWS_REGION
wal:
compression: gzip
maxParallel: 8
resources:
requests:
cpu: 100m
memory: 100Mi
limits:
cpu: 500m
memory: 500Mi
monitoring:
enablePodMonitor: true

135
manifests/deployment.yaml Normal file
View File

@ -0,0 +1,135 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: dawarich
namespace: dawarich
spec:
replicas: 1
selector:
matchLabels:
app: dawarich
template:
metadata:
labels:
app: dawarich
spec:
containers:
- name: dawarich
image: freikin/dawarich:0.24.1
command: ["web-entrypoint.sh"]
args: ["bin/rails", "server", "-p", "3000", "-b", "::"]
ports:
- containerPort: 3000
- containerPort: 9394
name: metrics
env:
- name: RAILS_ENV
value: "production"
- name: REDIS_URL
value: "redis://dawarich-svc.dawarich.svc.cluster.local:6379/0"
- name: DATABASE_HOST
value: "dawarich-db-rw.dawarich.svc.cluster.local"
- name: DATABASE_PORT
value: "5432"
- name: DATABASE_USERNAME
valueFrom:
secretKeyRef:
name: dawarich-db
key: username
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: dawarich-db
key: password
- name: DATABASE_NAME
value: "dawarich"
- name: MIN_MINUTES_SPENT_IN_CITY
value: "60"
- name: APPLICATION_HOSTS
value: "timeline.halis.io"
- name: TIME_ZONE
value: "Europe/Copenhagen"
- name: APPLICATION_PROTOCOL
value: "http"
- name: DISTANCE_UNIT
value: "km"
- name: PROMETHEUS_EXPORTER_ENABLED
value: "false"
- name: PROMETHES_EXPORTER_HOST
value: "0.0.0.0"
- name: PROMETHES_EXPORTER_PORT
value: "9394"
- name: SECRET_KEY_BASE
valueFrom:
secretKeyRef:
name: dawarich-secrets
key: key
- name: RAILS_LOG_TO_STDOUT
value: "true"
volumeMounts:
- mountPath: "/var/app/public"
name: dawarich-public
- mountPath: "/var/app/tmp/imports/watched"
name: dawarich-watched
- name: sidekiq
image: freikin/dawarich:0.24.1
command: ["sidekiq-entrypoint.sh"]
args: ["bundle", "exec", "sidekiq"]
env:
- name: RAILS_ENV
value: "production"
- name: REDIS_URL
value: "redis://dawarich-svc.dawarich.svc.cluster.local:6379/0"
- name: DATABASE_HOST
value: "dawarich-db-rw.dawarich.svc.cluster.local"
- name: DATABASE_PORT
value: "5432"
- name: DATABASE_USERNAME
valueFrom:
secretKeyRef:
name: dawarich-db
key: username
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: dawarich-db
key: password
- name: DATABASE_NAME
value: "dawarich"
- name: APPLICATION_HOST
value: "timeline.halis.io"
- name: BACKGROUND_PROCESSING_CONCURRENCY
value: "10"
- name: APPLICATION_PROTOCOL
value: "http"
- name: DISTANCE_UNIT
value: "km"
- name: PROMETHEUS_EXPORTER_ENABLED
value: "false"
- name: PROMETHEUS_EXPORTER_HOST
value: "0.0.0.0"
- name: PROMETHEUS_EXPORTER_PORT
value: "9394"
- name: SECRET_KEY_BASE
valueFrom:
secretKeyRef:
name: dawarich-secrets
key: key
- name: RAILS_LOG_TO_STDOUT
value: "true"
volumeMounts:
- mountPath: "/var/app/public"
name: dawarich-public
- mountPath: "/var/app/tmp/imports/watched"
name: dawarich-watched
- name: redis
image: redis:7.4.2
ports:
- containerPort: 6379
volumes:
- name: dawarich-public
persistentVolumeClaim:
claimName: dawarich-public-pvc
- name: dawarich-watched
persistentVolumeClaim:
claimName: dawarich-watched-pvc

29
manifests/ingress.yaml Normal file
View File

@ -0,0 +1,29 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: dawarich-ingress
namespace: dawarich
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
kubernetes.io/ingress.class: nginx-external
acme.cert-manager.io/http01-edit-in-place: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
spec:
tls:
- hosts:
- timeline.halis.io
secretName: timeline-halis-io-tls
ingressClassName: nginx-external
rules:
- host: timeline.halis.io
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: dawarich-svc
port:
number: 80

12
manifests/kustomization.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- secrets.yaml
- database.yaml
- database-backup.yaml
- service.yaml
- ingress.yaml
- pvc.yaml
- deployment.yaml

4
manifests/namespace.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: dawarich

31
manifests/pvc.yaml Normal file
View File

@ -0,0 +1,31 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: dawarich-public-pvc
namespace: dawarich
labels:
recurring-job.longhorn.io/source: enabled
recurring-job-group.longhorn.io/standard-pvc: enabled
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: redundant-storage-class
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: dawarich-watched-pvc
namespace: dawarich
labels:
recurring-job.longhorn.io/source: enabled
recurring-job-group.longhorn.io/standard-pvc: enabled
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: redundant-storage-class

24
manifests/secrets.yaml Normal file
View File

@ -0,0 +1,24 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: dawarich-secrets
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: https://git.halis.io/athens-school/k3s-secrets.git
targetRevision: prod-migration
path: dawarich
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=false
- ApplyOutOfSyncOnly=true
- PruneLast=true
destination:
server: https://kubernetes.default.svc
namespace: dawarich

18
manifests/service.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: dawarich-svc
namespace: dawarich
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 3000
- name: redis
port: 6379
protocol: TCP
targetPort: 6379
selector:
app: dawarich