feat: Initial commit

README.md

@@ -0,0 +1,3 @@
+# Kener
+
+Feature complet service uptime dashboard.

manifests/database-backup.yaml

@@ -0,0 +1,10 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: ScheduledBackup
+metadata:
+  name: kener-db-backup
+  namespace: kener
+spec:
+  schedule: "0 0 0 * * *"
+  backupOwnerReference: self
+  cluster:
+    name: kener-db

manifests/database-local-service.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: kener-db
+  name: kener-db-local
+  namespace: kener
+spec:
+  internalTrafficPolicy: Local
+  ports:
+    - name: postgres
+      port: 5432
+      protocol: TCP
+      targetPort: 5432
+  selector:
+    cnpg.io/cluster: kener-db
+    cnpg.io/instanceRole: primary

manifests/database-ondemand-backup.yaml

@@ -0,0 +1,8 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Backup
+metadata:
+  name: kener-db-ondemand-backup-280225
+  namespace: kener
+spec:
+  cluster:
+    name: kener-db

manifests/database-recovery.yaml

@@ -0,0 +1,61 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: kener-db
+  namespace: kener
+
+spec:
+  imageName: ghcr.io/cloudnative-pg/postgresql:17.4
+  instances: 1
+
+  storage:
+    size: 2Gi
+    storageClass: local-path
+
+  bootstrap:
+    recovery:
+      backup:
+        name: kener-db-20250429184645
+
+  postgresql:
+    pg_hba:
+      - host all all all md5
+
+  externalClusters:
+    - name: kener-db
+      barmanObjectStore:
+        serverName: kener-db
+        destinationPath: "s3://halis/cloudnativepg"
+        endpointURL: https://s3.halia.dev
+        s3Credentials:
+          accessKeyId:
+            name: s3-secret
+            key: AWS_ACCESS_KEY_ID
+          secretAccessKey:
+            name: s3-secret
+            key: AWS_SECRET_ACCESS_KEY
+          region:
+            name: s3-secret
+            key: AWS_REGION
+        wal:
+          compression: gzip
+          maxParallel: 8
+
+  resources:
+    requests:
+      cpu: 100m
+      memory: 512Mi
+    limits:
+      cpu: 500m
+      memory: 1Gi
+
+  monitoring:
+    enablePodMonitor: true
+
+  topologySpreadConstraints:
+    - maxSkew: 1
+      topologyKey: zone
+      whenUnsatisfiable: DoNotSchedule
+      labelSelector:
+        matchLabels:
+          cnpg.io/cluster: kener-db

manifests/database.yaml

@@ -0,0 +1,61 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: kener-db
+  namespace: kener
+
+spec:
+  imageName: ghcr.io/cloudnative-pg/postgresql:17.4
+  instances: 3
+
+  storage:
+    size: 1Gi
+    storageClass: local-path
+
+  bootstrap:
+    initdb:
+      database: kener
+      owner: kener
+      secret:
+        name: kener-db
+
+  postgresql:
+    pg_hba:
+      - host all all all md5
+
+  backup:
+    barmanObjectStore:
+      destinationPath: "s3://halis/cloudnativepg"
+      endpointURL: https://s3.halia.dev
+      s3Credentials:
+        accessKeyId:
+          name: s3-secret
+          key: AWS_ACCESS_KEY_ID
+        secretAccessKey:
+          name: s3-secret
+          key: AWS_SECRET_ACCESS_KEY
+        region:
+          name: s3-secret
+          key: AWS_REGION
+      wal:
+        compression: gzip
+        maxParallel: 8
+
+  resources:
+    requests:
+      cpu: 100m
+      memory: 512Mi
+    limits:
+      cpu: 500m
+      memory: 1Gi
+
+  monitoring:
+    enablePodMonitor: true
+
+  topologySpreadConstraints:
+    - maxSkew: 1
+      topologyKey: zone
+      whenUnsatisfiable: DoNotSchedule
+      labelSelector:
+        matchLabels:
+          cnpg.io/cluster: kener-db

manifests/deployment.yaml

@@ -0,0 +1,58 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+    name: kener
+    namespace: kener
+spec:
+    replicas: 1
+    selector:
+        matchLabels:
+            app: kener
+    template:
+        metadata:
+            labels:
+                app: kener
+        spec:
+            affinity:
+              podAffinity:
+                preferredDuringSchedulingIgnoredDuringExecution:
+                  - weight: 100
+                    podAffinityTerm:
+                      labelSelector:
+                        matchExpressions:
+                          - key: cnpg.io/cluster
+                            operator: In
+                            values:
+                              - kener-db
+                          - key: cnpg.io/instanceRole
+                            operator: In
+                            values:
+                              - primary
+                      topologyKey: "kubernetes.io/hostname"
+            containers:
+              - name: kener-web
+                image: rajnandan1/kener:3.2.17
+                ports:
+                  - containerPort: 3000
+                env:
+                  - name: TZ
+                    value: "Europe/Copenhagen"
+                  - name: ORIGIN
+                    value: "https://status.halis.io"
+                  - name: KENER_DB_USER
+                    valueFrom:
+                      secretKeyRef:
+                        name: kener-db
+                        key: username
+                  - name: KENER_DB_PASSWORD
+                    valueFrom:
+                      secretKeyRef:
+                        name: kener-db
+                        key: password
+                  - name: DATABASE_URL
+                    value: "postgresql://$(KENER_DB_USER):$(KENER_DB_PASSWORD)@kener-db-local.kener.svc.cluster.local:5432/kener"
+                  - name: KENER_SECRET_KEY
+                    valueFrom:
+                      secretKeyRef:
+                        name: kener-secrets
+                        key: key

manifests/ingress.yaml

@@ -0,0 +1,29 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: kener-ingress
+  namespace: kener
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-production
+    kubernetes.io/ingress.class: nginx-external
+    acme.cert-manager.io/http01-edit-in-place: "true"
+    nginx.ingress.kubernetes.io/proxy-body-size: "0"
+    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
+    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
+spec:
+  tls:
+  - hosts:
+    - status.halis.io
+    secretName: status-halis-io-tls
+  ingressClassName: nginx-external
+  rules:
+  - host: status.halis.io
+    http:
+      paths:
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: kener-svc
+              port:
+                number: 80

manifests/kustomization.yaml

@@ -0,0 +1,12 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - namespace.yaml
+  - secrets.yaml
+  - database.yaml
+  - database-backup.yaml
+  - database-local-service.yaml
+  - deployment.yaml
+  - service.yaml
+  - ingress.yaml

manifests/namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: kener

manifests/secrets.yaml

@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: kener-secrets
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: https://git.halis.io/athens-school/k3s-secrets
+    targetRevision: prod-migration
+    path: kener
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=false
+      - ApplyOutOfSyncOnly=true
+      - PruneLast=true
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: kener

manifests/service.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+    name: kener-svc
+    namespace: kener
+    labels:
+      app.kubernetes.io/name: kener
+spec:
+    ports:
+        - name: http
+          port: 80
+          protocol: TCP
+          targetPort: 3000
+    selector:
+        app: kener