Обновить helm/prometheus/values.yaml

fix: ignore vault webhook caBundle drift
2026-06-18 14:00:10 +00:00 · 2026-06-18 13:58:04 +00:00 · 2026-06-18 13:52:59 +00:00 · 2026-06-18 13:50:02 +00:00 · 2026-06-18 13:48:04 +00:00 · 2026-06-18 13:42:06 +00:00
21 changed files with 325 additions and 4 deletions
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: authelia
+  namespace: argocd
+spec:
+  project: default
+  sources:
+    - repoURL: https://charts.authelia.com
+      chart: authelia
+      targetRevision: "0.11.6"
+      helm:
+        valueFiles:
+          - $values/helm/authelia/values.yaml
+    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
+      targetRevision: HEAD
+      ref: values
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: authelia
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: cert-manager
+  namespace: argocd
+spec:
+  project: default
+  sources:
+    - repoURL: https://charts.jetstack.io
+      chart: cert-manager
+      targetRevision: "v1.14.4"
+      helm:
+        valueFiles:
+          - $values/helm/cert-manager/values.yaml
+    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
+      targetRevision: HEAD
+      ref: values
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: cert-manager
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
@@ -21,4 +21,9 @@ spec:
  syncPolicy:
    automated:
      prune: true
-      selfHeal: true
+      selfHeal: false
+  ignoreDifferences:
+    - group: networking.k8s.io
+      kind: Ingress
+      jsonPointers:
+        - /spec/ingressClassName
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: grafana
+  namespace: argocd
+spec:
+  project: default
+  sources:
+    - repoURL: https://grafana.github.io/helm-charts
+      chart: grafana
+      targetRevision: "10.5.15"
+      helm:
+        valueFiles:
+          - $values/helm/grafana/values.yaml
+    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
+      targetRevision: HEAD
+      ref: values
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: monitoring
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: loki
+  namespace: argocd
+spec:
+  project: default
+  sources:
+    - repoURL: https://grafana.github.io/helm-charts
+      chart: loki
+      targetRevision: "7.0.0"
+      helm:
+        valueFiles:
+          - $values/helm/loki/values.yaml
+    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
+      targetRevision: HEAD
+      ref: values
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: monitoring
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: minio
+  namespace: argocd
+spec:
+  project: default
+  sources:
+    - repoURL: https://charts.min.io
+      chart: minio
+      targetRevision: "5.4.0"
+      helm:
+        valueFiles:
+          - $values/helm/minio/values.yaml
+    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
+      targetRevision: HEAD
+      ref: values
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: minio
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: prometheus
+  namespace: argocd
+spec:
+  project: default
+  sources:
+    - repoURL: https://prometheus-community.github.io/helm-charts
+      chart: kube-prometheus-stack
+      targetRevision: "86.2.0"
+      helm:
+        valueFiles:
+          - $values/helm/prometheus/values.yaml
+    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
+      targetRevision: HEAD
+      ref: values
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: monitoring
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: promtail
+  namespace: argocd
+spec:
+  project: default
+  sources:
+    - repoURL: https://grafana.github.io/helm-charts
+      chart: promtail
+      targetRevision: "6.17.1"
+      helm:
+        valueFiles:
+          - $values/helm/promtail/values.yaml
+    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
+      targetRevision: HEAD
+      ref: values
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: monitoring
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
@@ -0,0 +1,29 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: vault
+  namespace: argocd
+spec:
+  project: default
+  sources:
+    - repoURL: https://helm.releases.hashicorp.com
+      chart: vault
+      targetRevision: "0.32.0"
+      helm:
+        valueFiles:
+          - $values/helm/vault/values.yaml
+    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
+      targetRevision: HEAD
+      ref: values
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: vault
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+  ignoreDifferences:
+    - group: admissionregistration.k8s.io
+      kind: MutatingWebhookConfiguration
+      jsonPointers:
+        - /webhooks/0/clientConfig/caBundle
@@ -0,0 +1,59 @@
+configMap:
+  access_control:
+    default_policy: deny
+    rules:
+    - domain: vpn.uzbutterfly.com
+      policy: two_factor
+  authentication_backend:
+    file:
+      enabled: true
+      path: /secrets/authelia-users/users.yml
+  identity_validation:
+    reset_password:
+      secret:
+        value: f86cac59ff096d5dba433b5242eef1c409421165fe3ad7414827f71382ad0e84
+  notifier:
+    disable_startup_check: true
+    filesystem:
+      enabled: true
+      filename: /tmp/notification.txt
+  session:
+    cookies:
+    - default_redirection_url: https://vpn.uzbutterfly.com
+      domain: uzbutterfly.com
+      subdomain: auth
+    encryption_key:
+      value: 03e75899a8f009bb3c1877c63a864f37f7e38fed0fabd599eb871d259ac86148
+    redis:
+      enabled: true
+      host: authelia-redis-master
+      port: 6379
+  storage:
+    encryption_key:
+      value: 0b1bbffd77ba566e6441dcb848d6b25a165443d339d356482f86b6dcedc39c79
+    postgres:
+      address: tcp://authelia-postgres-postgresql:5432
+      database: authelia
+      enabled: true
+      password:
+        value: authelia_pg_pass
+      username: authelia
+  theme: dark
+  totp:
+    disable: false
+    issuer: uzbutterfly.com
+ingress:
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    kubernetes.io/ingress.class: nginx
+  className: nginx
+  enabled: true
+  tls:
+    enabled: true
+    secret: authelia-tls
+secret:
+  additionalSecrets:
+    authelia-users:
+      items:
+      - key: users.yml
+        path: users.yml
@@ -0,0 +1 @@
+null
@@ -2,7 +2,6 @@ persistence:
  storageClass: local-path
 ingress:
  enabled: true
-  ingressClassName: nginx
  annotations:
    kubernetes.io/ingress.class: nginx
    cert-manager.io/cluster-issuer: letsencrypt-prod
@@ -0,0 +1,4 @@
+adminPassword: CHANGEME
+persistence:
+  enabled: true
+  size: 5Gi
@@ -1,4 +1,3 @@
-USER-SUPPLIED VALUES:
 controller:
  config:
    ssl-reject-handshake: true
@@ -1,4 +1,3 @@
-USER-SUPPLIED VALUES:
 controller:
  electionID: ingress-private-leader
  ingressClass: nginx-private
@@ -0,0 +1,21 @@
+backend:
+  replicas: 0
+deploymentMode: SingleBinary
+loki:
+  auth_enabled: false
+  commonConfig:
+    replication_factor: 1
+  storage:
+    type: filesystem
+  useTestSchema: true
+read:
+  replicas: 0
+resources:
+  limits:
+    memory: 256Mi
+  requests:
+    memory: 128Mi
+singleBinary:
+  replicas: 1
+write:
+  replicas: 0
@@ -0,0 +1,13 @@
+mode: standalone
+persistence:
+  enabled: true
+  size: 20Gi
+resources:
+  limits:
+    cpu: 500m
+    memory: 1Gi
+  requests:
+    cpu: 250m
+    memory: 512Mi
+rootPassword: _!Str0ngP@ssw0rd
+rootUser: admin
@@ -0,0 +1,13 @@
+grafana:
+  enabled: false
+  ingress:
+    enabled: true
+    ingressClassName: nginx-private
+prometheus:
+  prometheusSpec:
+    resources:
+      limits:
+        memory: 512Mi
+      requests:
+        memory: 256Mi
+    retention: 7d
@@ -0,0 +1,3 @@
+config:
+  clients:
+  - url: http://loki-gateway.monitoring.svc.cluster.local/loki/api/v1/push
@@ -0,0 +1,2 @@
+bootstrapPassword: CHANGEME
+hostname: rancher.uzbutterfly.com
@@ -0,0 +1,6 @@
+server:
+  dev:
+    devRootToken: root
+    enabled: true
+ui:
+  enabled: true
Author	SHA1	Message	Date
admin	8fbc138a1a	Обновить helm/prometheus/values.yaml	2026-06-18 14:00:10 +00:00
admin	cca384b5bf	Обновить helm/prometheus/values.yaml	2026-06-18 13:58:04 +00:00
admin	281f2c8479	fix: ignore vault webhook caBundle drift	2026-06-18 13:52:59 +00:00
admin	a8d628a655	fix: remove USER-SUPPLIED VALUES header from helm values	2026-06-18 13:50:02 +00:00
admin	70d2ce04c6	feat: add all service app manifests	2026-06-18 13:48:04 +00:00
admin	0db41c8500	feat: add all services helm values and app manifests	2026-06-18 13:42:06 +00:00
admin	c6fe907c20	fix: ignore ingressClassName drift in gitea	2026-06-18 13:25:27 +00:00
admin	d3d7030b3f	fix: remove ingressClassName, use annotation only	2026-06-18 13:24:02 +00:00