stacks

DevFW-CICD/stacks

Fork 0

Commit graph

3263113ebe Update template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml richardrobertreitz 2025-04-12 18:49:15 +00:00
5d0182d6ee Update template/stacks/core/forgejo/values.yaml richardrobertreitz 2025-04-12 16:27:05 +00:00
c01d4952ad Disabled user self registration in Forgejo richardrobertreitz 2025-04-12 16:17:20 +00:00
777d6afeb4 Update template/stacks/core/forgejo-runner/dind-docker.yaml richardrobertreitz 2025-04-11 14:12:29 +00:00
529182ee3d logrotate-cronjob miwr 2025-04-02 15:31:38 +02:00
dd9ddc8fdb sidecar-script miwr 2025-04-02 15:26:04 +02:00
6811280b92 - name: sidecar-nginx image: nginx:latest ports: - containerPort: 8080 volumeMounts: - name: idecar-script mountPath: /etc/nginx subPath: nginx.conf subPathExpr: 'nginx.conf' - name: idecar-script mountPath: /tmp/sidecar.sh subPath: sidecar.sh mode: 0755 - name: passwd-volume mountPath: /etc/passwd subPath: passwd miwr 2025-04-02 15:20:11 +02:00
949cf77c4e sighup miwr 2025-04-02 14:53:08 +02:00
a11947c5e7 kill -SIGHUP $(pidof bao) || echo "OpenBAO process not found" miwr 2025-04-02 14:40:13 +02:00
853ce17354 app: openbao-0 miwr 2025-04-02 14:39:56 +02:00
8b6b29cb9f sleep infinity miwr 2025-04-02 14:21:28 +02:00
4553289695 tmp miwr 2025-04-02 13:59:01 +02:00
0f229f7adb sleep infinity miwr 2025-04-02 13:51:28 +02:00
cfb473659d command: ["/bin/sh", "-c", "sleep 1000000000000000000000"] miwr 2025-04-02 13:46:04 +02:00
795d575d5e kill -SIGHUP $(pidof bao) || echo "OpenBAO process not found" mkdir pupa miwr 2025-04-02 13:38:34 +02:00
c754dc80bc signal-sidecar-script miwr 2025-04-02 13:32:15 +02:00
1a85de6cda 5k miwr 2025-04-02 11:03:54 +02:00
5db72e2dc0 cronjob miwr 2025-04-02 10:43:10 +02:00
ca9fd7ba39 - name: status mountPath: /var/lib miwr 2025-04-02 10:08:07 +02:00
48fb2c1481 size 1M miwr 2025-04-02 09:53:08 +02:00
a2d2bd9b87 volumeMounts: - name: host-log-storage mountPath: /openbao/logs miwr 2025-04-02 08:59:29 +02:00
49fdf90dd8 - name: logrotate2 miwr 2025-04-01 14:49:40 +02:00
b5a515c6f9 imroc/logrotate:latest miwr 2025-04-01 14:44:46 +02:00
485e772016 # - name: status # mountPath: /var/lib miwr 2025-04-01 14:11:35 +02:00
71a45cc0b8 value: "* * * * *" miwr 2025-04-01 14:04:13 +02:00
5200aa748c 5k miwr 2025-04-01 13:53:08 +02:00
29ec426778 delaycompress rmoved miwr 2025-04-01 13:36:33 +02:00
7b8ea2de6b status miwr 2025-04-01 13:28:10 +02:00
ee630c88b9 env: - name: CRON_SCHEDULE value: "0 * * * *" - name: TINI_SUBREAPER value: miwr 2025-04-01 13:18:44 +02:00
fc6ee8bcae 1M miwr 2025-04-01 12:53:31 +02:00
c9d72e9f90 should be done miwr 2025-04-01 11:57:46 +02:00
7cc75f0095 test miwr 2025-04-01 11:44:52 +02:00
37a9a73664 - name: passwd-volume mountPath: /etc/passwd subPath: passwd miwr 2025-04-01 11:44:19 +02:00
ad76195004 passwd-user-configmap miwr 2025-04-01 11:35:26 +02:00
d3b60c036a extraArgs: "chmod o+rwx /etc/passwd" miwr 2025-04-01 11:20:56 +02:00
de3194062d extraArgs: - | chmod o+rwx /etc/passwd chmod o+rwx /etc/group miwr 2025-04-01 11:16:07 +02:00
cda3fc8179 extraArgs: - chmod o+rwx /etc/passwd - chmod o+rwx /etc/group miwr 2025-04-01 11:15:20 +02:00
2dc751b5e3 chmod o+rwx /etc/passwd chmod o+rwx /etc/group miwr 2025-04-01 10:59:09 +02:00
12a4ed37f7 /etc/group miwr 2025-04-01 10:51:43 +02:00
77b571b768 chown 100:100 /etc/passwd miwr 2025-04-01 10:50:59 +02:00
6df0858cdf - name: init image: alpine:latest miwr 2025-04-01 10:45:20 +02:00
06fb6d223f runAsUser: 100 miwr 2025-04-01 10:21:07 +02:00
4f8eb0bc8b chmod o+rwx /var/log/openbao miwr 2025-04-01 10:05:55 +02:00
1164768b9f runAsUser: 1 miwr 2025-03-31 15:53:54 +02:00
f66f437cdf runAsUser: 100 miwr 2025-03-31 15:48:42 +02:00
ce5bdf0226 runAsUser: 1 miwr 2025-03-31 15:35:06 +02:00
56c5cc2620 - name: alloy-data mountPath: /var/lib/ miwr 2025-03-31 15:24:21 +02:00
458414e779 set -e mkdir -p /var/log/openbao chown 100:100 /var/log/openbao echo "logrotate❌100💯:/home/logrotate:/bin/sh" >> /etc/passwd echo "logrotate❌100:" >> /etc/group mkdir -p /home/logrotate # chown 100:100 /var/lib miwr 2025-03-31 15:09:30 +02:00
8eae08aaa9 securityContext: runAsUser: 0 miwr 2025-03-31 15:04:11 +02:00
ba9452e03c chown 100:100 /var/lib miwr 2025-03-31 14:55:39 +02:00
888d32c403 set -e mkdir -p /var/log/openbao chown 100:100 /var/log/openbao echo "logrotate❌100💯:/home/logrotate:/bin/sh" >> /etc/passwd echo "logrotate❌100:" >> /etc/group chown logrotate:logrotate /var/lib miwr 2025-03-31 14:49:48 +02:00
6f3effeaf5 # bao audit enable file file_path=stdout miwr 2025-03-31 14:49:09 +02:00
fd02d55dda bao audit enable file file_path=stdout miwr 2025-03-31 14:26:58 +02:00
63b17c9e32 echo "logrotate❌100💯:/home/logrotate:/bin/sh" >> /etc/passwd echo "logrotate❌100:" >> /etc/group miwr 2025-03-31 14:10:34 +02:00
f13bf825ff set -e chown 100:100 /var/lib tail -f /dev/null miwr 2025-03-31 14:03:43 +02:00
abd7da5cd3 image: alpine:latest miwr 2025-03-31 13:58:12 +02:00
a42df6275c restart policy removed miwr 2025-03-31 13:50:24 +02:00
5a802be864 - | set -e useradd -u 100 logrotate chown logrotate:logrotate /var/lib tail -f /dev/null miwr 2025-03-31 13:45:05 +02:00
bc6ed363e2 logrotate-priviledges miwr 2025-03-31 13:38:33 +02:00
631be775f5 chown logrotate:logrotate /var/lib/logrotate.status miwr 2025-03-31 13:28:37 +02:00
0107666fe2 logrotate-config-volume miwr 2025-03-31 12:31:38 +02:00
e5ccae1aab - name: logrotate-config mountPath: /etc/logrotate.conf subPath: logrotate.conf readOnly: true miwr 2025-03-31 12:22:35 +02:00
f6d1842876 image: skymatic/logrotate:latest miwr 2025-03-31 12:14:19 +02:00
508ecd3f12 imagePullPolicy: IfNotPresent miwr 2025-03-31 12:07:24 +02:00
5e47caaee1 - name: logrotate image: imroc/logrotate:latest env: - name: LOGROTATE_FILE_PATTERN value: "/var/log/nginx/nginx_*.log" - name: LOGROTATE_FILESIZE value: "20M" - name: LOGROTATE_FILENUM value: "10" - name: CRON_EXPR value: "*/1 * * * *" - name: CROND_LOGLEVEL value: "7" miwr 2025-03-31 11:54:31 +02:00
0485a8fb76 image: skymatic/logrotate:latest miwr 2025-03-31 11:42:14 +02:00
17f578dde2 blacklabelops/logrotate miwr 2025-03-31 11:20:56 +02:00
a35aefc376 image: debian:stable-slim miwr 2025-03-31 11:07:40 +02:00
398c94fbc8 alpine:latest miwr 2025-03-31 11:02:11 +02:00
30f0c6f218 debian:stable-slim miwr 2025-03-31 10:54:23 +02:00
d6fa372e5f Merge pull request 'Update fix to latest kindserver' (#23) from kindserver_development_test into development 1.2.0 richardrobertreitz 2025-03-31 08:33:58 +00:00
06303ef355 bao audit enable -path="file" file file_path=/openbao/logs/openbao/openbao.log miwr 2025-03-31 10:30:15 +02:00
08471dee47 bao audit enable -path="file" file file_path=/var/log/openbao/openbao.log miwr 2025-03-31 10:25:48 +02:00
881b65fcec apiVersion: apps/v1 kind: DaemonSet metadata: name: openbao-logging-dir namespace: openbao spec: selector: matchLabels: app: openbao-logging-dir template: metadata: labels: app: openbao-logging-dir spec: initContainers: - name: creator image: busybox command: ["/bin/sh", "-c"] args: - | set -e mkdir -p /var/log/openbao chown 100:100 /var/log/openbao securityContext: runAsUser: 0 volumeMounts: - name: host-log mountPath: /var/log containers: - name: running-container image: busybox command: ["sleep", "infinity"] volumes: - name: host-log hostPath: path: /var/log type: Directory miwr 2025-03-31 10:19:39 +02:00
3853370a8c # - name: logrotate-config # mountPath: /etc/logrotate.conf # subPath: logrotate.conf miwr 2025-03-31 10:10:59 +02:00
6acd284b83 - name: logrotate image: alpine:latest command: ["/bin/sh", "-c", "while true; do /usr/sbin/logrotate /etc/logrotate.conf; sleep 60; done"] securityContext: runAsUser: 100 volumeMounts: - name: host-log-storage mountPath: /openbao/logs - name: logrotate-config mountPath: /etc/logrotate.conf subPath: logrotate.conf miwr 2025-03-31 10:03:59 +02:00
51e765049b Update fix to latest kindserver Richard Robert Reitz 2025-03-30 22:34:04 +02:00
cc07dbf719 Update fix to latest kindserver kindserver_development Richard Robert Reitz 2025-03-30 22:20:40 +02:00
a58f8f7a07 updated update_provider_argocd Richard Robert Reitz 2025-03-29 08:54:41 +01:00
4814dff26f Merge pull request 'updated argocd nginxingress and forgejo' (#22) from forgejo_upgrade_to_11_0_5 into development richardrobertreitz 2025-03-27 19:49:13 +00:00
b3495f610c updated argocd Richard Robert Reitz 2025-03-27 20:42:01 +01:00
9ba027f94b updated nginx-ingress Richard Robert Reitz 2025-03-27 20:10:06 +01:00
dd7551a293 updated forgejo and forgejo-runner Richard Robert Reitz 2025-03-27 19:33:56 +01:00
c79114f463 # bao audit enable file file_path=stdout miwr 2025-03-27 13:43:26 +01:00
6a5be1257c bao audit enable file file_path=stdout miwr 2025-03-27 13:19:45 +01:00
1cb714aabb volumeMounts: - mountPath: /var/log name: log-storage readOnly: false miwr 2025-03-26 15:51:24 +01:00
450b5ff1a8 # removed miwr 2025-03-26 15:42:15 +01:00
aaaf905edc # rm -rf /openbao/data/* miwr 2025-03-26 15:40:05 +01:00
bd89c91d52 forgot to add login miwr 2025-03-26 15:31:49 +01:00
a9ad7c1c5c comments deleted miwr 2025-03-26 15:24:19 +01:00
66a56f2c43 bao login $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}') moved two lines up miwr 2025-03-26 15:14:06 +01:00
8126550d70 rm removed miwr 2025-03-26 15:09:21 +01:00
a772e4f9ae # UN-initialises the openbao server (necessary for the new instance to spin up if the pod or container crashes) removed miwr 2025-03-26 15:00:49 +01:00
509a07b39d configuration added IPCEICIS-3110 miwr 2025-03-26 14:58:55 +01:00
f9c880549d configuration added IPCEICIS-3111 miwr 2025-03-26 14:51:33 +01:00
d057e9dae1 configuration added miwr 2025-03-26 14:44:35 +01:00
1898daa4a5 bao audit enable file file_path=stdout added miwr 2025-03-26 14:36:03 +01:00
1f429f079b loki.source.syslog "tcp_socket" { listener { address = "0.0.0.0:1514" labels = { component = "loki.source.syslog", protocol = "tcp" } } forward_to = [loki.write.local_loki.receiver] } shipping_openbao_logs miwr 2025-03-26 13:55:46 +01:00
574fe29565 labels = { component = "loki.source.syslog", protocol = "tcp" } miwr 2025-03-26 13:46:08 +01:00
992749c6fc loki.source.kubernetes "all_pod_logs" { targets = discovery.relabel.pod_logs.output forward_to = [loki.write.local_loki.receiver] } miwr 2025-03-26 13:16:02 +01:00