Обновить helm/prometheus/values.yaml

fix: ignore vault webhook caBundle drift
2026-06-18 14:00:10 +00:00 · 2026-06-18 13:58:04 +00:00 · 2026-06-18 13:52:59 +00:00 · 2026-06-18 13:50:02 +00:00 · 2026-06-18 13:48:04 +00:00 · 2026-06-18 13:42:06 +00:00
21 changed files with 325 additions and 4 deletions
@@ -0,0 +1,24 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: authelia
  namespace: argocd
 spec:
  project: default
  sources:
    - repoURL: https://charts.authelia.com
      chart: authelia
      targetRevision: "0.11.6"
      helm:
        valueFiles:
          - $values/helm/authelia/values.yaml
    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
      targetRevision: HEAD
      ref: values
  destination:
    server: https://kubernetes.default.svc
    namespace: authelia
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
@@ -0,0 +1,24 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: cert-manager
  namespace: argocd
 spec:
  project: default
  sources:
    - repoURL: https://charts.jetstack.io
      chart: cert-manager
      targetRevision: "v1.14.4"
      helm:
        valueFiles:
          - $values/helm/cert-manager/values.yaml
    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
      targetRevision: HEAD
      ref: values
  destination:
    server: https://kubernetes.default.svc
    namespace: cert-manager
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
@@ -21,4 +21,9 @@ spec:
  syncPolicy:
    automated:
      prune: true
-      selfHeal: true
+      selfHeal: false
  ignoreDifferences:
    - group: networking.k8s.io
      kind: Ingress
      jsonPointers:
        - /spec/ingressClassName
@@ -0,0 +1,24 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: grafana
  namespace: argocd
 spec:
  project: default
  sources:
    - repoURL: https://grafana.github.io/helm-charts
      chart: grafana
      targetRevision: "10.5.15"
      helm:
        valueFiles:
          - $values/helm/grafana/values.yaml
    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
      targetRevision: HEAD
      ref: values
  destination:
    server: https://kubernetes.default.svc
    namespace: monitoring
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
@@ -0,0 +1,24 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: loki
  namespace: argocd
 spec:
  project: default
  sources:
    - repoURL: https://grafana.github.io/helm-charts
      chart: loki
      targetRevision: "7.0.0"
      helm:
        valueFiles:
          - $values/helm/loki/values.yaml
    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
      targetRevision: HEAD
      ref: values
  destination:
    server: https://kubernetes.default.svc
    namespace: monitoring
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
@@ -0,0 +1,24 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: minio
  namespace: argocd
 spec:
  project: default
  sources:
    - repoURL: https://charts.min.io
      chart: minio
      targetRevision: "5.4.0"
      helm:
        valueFiles:
          - $values/helm/minio/values.yaml
    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
      targetRevision: HEAD
      ref: values
  destination:
    server: https://kubernetes.default.svc
    namespace: minio
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
@@ -0,0 +1,24 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: prometheus
  namespace: argocd
 spec:
  project: default
  sources:
    - repoURL: https://prometheus-community.github.io/helm-charts
      chart: kube-prometheus-stack
      targetRevision: "86.2.0"
      helm:
        valueFiles:
          - $values/helm/prometheus/values.yaml
    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
      targetRevision: HEAD
      ref: values
  destination:
    server: https://kubernetes.default.svc
    namespace: monitoring
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
@@ -0,0 +1,24 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: promtail
  namespace: argocd
 spec:
  project: default
  sources:
    - repoURL: https://grafana.github.io/helm-charts
      chart: promtail
      targetRevision: "6.17.1"
      helm:
        valueFiles:
          - $values/helm/promtail/values.yaml
    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
      targetRevision: HEAD
      ref: values
  destination:
    server: https://kubernetes.default.svc
    namespace: monitoring
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
@@ -0,0 +1,29 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
  name: vault
  namespace: argocd
 spec:
  project: default
  sources:
    - repoURL: https://helm.releases.hashicorp.com
      chart: vault
      targetRevision: "0.32.0"
      helm:
        valueFiles:
          - $values/helm/vault/values.yaml
    - repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k8s-manifests
      targetRevision: HEAD
      ref: values
  destination:
    server: https://kubernetes.default.svc
    namespace: vault
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
  ignoreDifferences:
    - group: admissionregistration.k8s.io
      kind: MutatingWebhookConfiguration
      jsonPointers:
        - /webhooks/0/clientConfig/caBundle
@@ -0,0 +1,59 @@
 configMap:
  access_control:
    default_policy: deny
    rules:
    - domain: vpn.uzbutterfly.com
      policy: two_factor
  authentication_backend:
    file:
      enabled: true
      path: /secrets/authelia-users/users.yml
  identity_validation:
    reset_password:
      secret:
        value: f86cac59ff096d5dba433b5242eef1c409421165fe3ad7414827f71382ad0e84
  notifier:
    disable_startup_check: true
    filesystem:
      enabled: true
      filename: /tmp/notification.txt
  session:
    cookies:
    - default_redirection_url: https://vpn.uzbutterfly.com
      domain: uzbutterfly.com
      subdomain: auth
    encryption_key:
      value: 03e75899a8f009bb3c1877c63a864f37f7e38fed0fabd599eb871d259ac86148
    redis:
      enabled: true
      host: authelia-redis-master
      port: 6379
  storage:
    encryption_key:
      value: 0b1bbffd77ba566e6441dcb848d6b25a165443d339d356482f86b6dcedc39c79
    postgres:
      address: tcp://authelia-postgres-postgresql:5432
      database: authelia
      enabled: true
      password:
        value: authelia_pg_pass
      username: authelia
  theme: dark
  totp:
    disable: false
    issuer: uzbutterfly.com
 ingress:
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod
    kubernetes.io/ingress.class: nginx
  className: nginx
  enabled: true
  tls:
    enabled: true
    secret: authelia-tls
 secret:
  additionalSecrets:
    authelia-users:
      items:
      - key: users.yml
        path: users.yml
@@ -0,0 +1 @@
 null
@@ -2,7 +2,6 @@ persistence:
  storageClass: local-path
 ingress:
  enabled: true
  ingressClassName: nginx
  annotations:
    kubernetes.io/ingress.class: nginx
    cert-manager.io/cluster-issuer: letsencrypt-prod
@@ -0,0 +1,4 @@
 adminPassword: CHANGEME
 persistence:
  enabled: true
  size: 5Gi
@@ -1,4 +1,3 @@
 USER-SUPPLIED VALUES:
 controller:
  config:
    ssl-reject-handshake: true
@@ -1,4 +1,3 @@
 USER-SUPPLIED VALUES:
 controller:
  electionID: ingress-private-leader
  ingressClass: nginx-private
@@ -0,0 +1,21 @@
 backend:
  replicas: 0
 deploymentMode: SingleBinary
 loki:
  auth_enabled: false
  commonConfig:
    replication_factor: 1
  storage:
    type: filesystem
  useTestSchema: true
 read:
  replicas: 0
 resources:
  limits:
    memory: 256Mi
  requests:
    memory: 128Mi
 singleBinary:
  replicas: 1
 write:
  replicas: 0
@@ -0,0 +1,13 @@
 mode: standalone
 persistence:
  enabled: true
  size: 20Gi
 resources:
  limits:
    cpu: 500m
    memory: 1Gi
  requests:
    cpu: 250m
    memory: 512Mi
 rootPassword: _!Str0ngP@ssw0rd
 rootUser: admin
@@ -0,0 +1,13 @@
 grafana:
  enabled: false
  ingress:
    enabled: true
    ingressClassName: nginx-private
 prometheus:
  prometheusSpec:
    resources:
      limits:
        memory: 512Mi
      requests:
        memory: 256Mi
    retention: 7d
@@ -0,0 +1,3 @@
 config:
  clients:
  - url: http://loki-gateway.monitoring.svc.cluster.local/loki/api/v1/push
@@ -0,0 +1,2 @@
 bootstrapPassword: CHANGEME
 hostname: rancher.uzbutterfly.com
@@ -0,0 +1,6 @@
 server:
  dev:
    devRootToken: root
    enabled: true
 ui:
  enabled: true
Author	SHA1	Message	Date
admin	8fbc138a1a	Обновить helm/prometheus/values.yaml	2026-06-18 14:00:10 +00:00
admin	cca384b5bf	Обновить helm/prometheus/values.yaml	2026-06-18 13:58:04 +00:00
admin	281f2c8479	fix: ignore vault webhook caBundle drift	2026-06-18 13:52:59 +00:00
admin	a8d628a655	fix: remove USER-SUPPLIED VALUES header from helm values	2026-06-18 13:50:02 +00:00
admin	70d2ce04c6	feat: add all service app manifests	2026-06-18 13:48:04 +00:00
admin	0db41c8500	feat: add all services helm values and app manifests	2026-06-18 13:42:06 +00:00
admin	c6fe907c20	fix: ignore ingressClassName drift in gitea	2026-06-18 13:25:27 +00:00
admin	d3d7030b3f	fix: remove ingressClassName, use annotation only	2026-06-18 13:24:02 +00:00
		`@@ -0,0 +1,2 @@`
							`bootstrapPassword: CHANGEME`
							`hostname: rancher.uzbutterfly.com`