Initial commit

minibeielidev/minibeielidev.yaml

@@ -0,0 +1,120 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  annotations:
+    bind-mount-options:/data/minibeielidev/influxdb: z
+    bind-mount-options:/data/minibeielidev/redis: z
+    bind-mount-options:/data/minibeielidev/lorahandlerdata: z
+    bind-mount-options:/home/containers/onyx-dev_pods/minibeielidev/telegraf.conf: z
+    io.kubernetes.cri-o.TTY/minibeielidev: "false"
+    io.podman.annotations.autoremove/minibeielidev: "FALSE"
+    io.podman.annotations.init/minibeielidev: "FALSE"
+    io.podman.annotations.label/minibeielidev: type:container_runtime_t
+    io.podman.annotations.privileged/minibeielidev: "FALSE"
+    io.podman.annotations.publish-all/minibeielidev: "FALSE"
+  labels:
+    app: minibeielidev-pod
+  name: minibeielidev-pod
+spec:
+  containers:
+  - name: mini-beieli-web
+    image: registry.gitlab.com/drpuur/mini-beieli-web:2022122601
+    env:
+    - name: REDIS_CONNECTION_STRING
+      value: 127.0.0.1:6379
+    - name: INFLUX_URL
+      value: http://127.0.0.1:8086/api/v2/query?org=minibeieliorg
+    - name: INFLUX_RO_TOKEN
+      value: o9V-_rvQrC1VuwR59wFCqWVWQ-FYnP18CBpEaLzVBec7AtDO65M-dU3EFD6pSNtTSIQMEQY_IqqCI2_z6JBQ7Q==
+    - name: STRIPE_KEY
+      value: sk_test_GJbXPD0IAFNvvGpNEpaeDfhl
+    - name: STRIPE_PK
+      value: pk_test_YkSGqH3Tk9WKK9HrlY63GhAg
+    ports:
+    - containerPort: 4000
+      hostPort: 9050
+    resources: {}
+    securityContext:
+      capabilities:
+        drop:
+        - CAP_MKNOD
+        - CAP_NET_RAW
+        - CAP_AUDIT_WRITE
+  - name: mini-beieli-lorahandler
+    image: registry.gitlab.com/drpuur/mini-beieli-lorahandler:2022122601
+    env:
+    - name: REDIS_CONNECTION_STRING
+      value: 127.0.0.1:6379
+    ports:
+    - containerPort: 8080
+      hostPort: 9051
+    resources: {}
+    securityContext:
+      capabilities:
+        drop:
+        - CAP_MKNOD
+        - CAP_NET_RAW
+        - CAP_AUDIT_WRITE
+    volumeMounts:
+    - mountPath: /data
+      name: lorahandlerdata
+  - name: influxdb
+    image: docker.io/library/influxdb:2.6
+    ports:
+    - containerPort: 8086
+    resources: {}
+    securityContext:
+      capabilities:
+        drop:
+        - CAP_MKNOD
+        - CAP_NET_RAW
+        - CAP_AUDIT_WRITE
+    volumeMounts:
+    - mountPath: /var/lib/influxdb2
+      name: influxdb
+  - name: redis
+    image: docker.io/library/redis:7
+    args: ["--save 60 1", "--loglevel warning"]
+    ports:
+    - containerPort: 5432
+    resources: {}
+    securityContext:
+      capabilities:
+        drop:
+        - CAP_MKNOD
+        - CAP_NET_RAW
+        - CAP_AUDIT_WRITE
+    volumeMounts:
+    - mountPath: /data
+      name: redis
+  - name: telegraf
+    image: docker.io/library/telegraf:1.25
+    resources: {}
+    securityContext:
+      capabilities:
+        drop:
+        - CAP_MKNOD
+        - CAP_AUDIT_WRITE
+    volumeMounts:
+    - mountPath: /data
+      name: lorahandlerdata
+    - mountPath: /etc/telegraf/telegraf.conf
+      name: telegrafconf
+  restartPolicy: Always
+  volumes:
+  - hostPath:
+      path: /data/minibeielidev/influxdb
+      type: Directory
+    name: influxdb
+  - hostPath:
+      path: /data/minibeielidev/redis
+      type: Directory
+    name: redis
+  - hostPath:
+      path: /data/minibeielidev/lorahandlerdata
+      type: Directory
+    name: lorahandlerdata
+  - hostPath:
+      path: /home/containers/onyx-dev_pods/minibeielidev/telegraf.conf
+      type: File
+    name: telegrafconf

minibeielidev/telegraf.conf

@@ -0,0 +1,31 @@
+[global_tags]
+
+# Configuration for telegraf agent
+[agent]
+  interval = "10s"
+  round_interval = true
+  metric_batch_size = 1000
+  metric_buffer_limit = 100000
+  collection_jitter = "0s"
+  flush_interval = "10s"
+  flush_jitter = "0s"
+  precision = ""
+  debug = false
+  quiet = false
+  logfile = ""
+  hostname = ""
+  omit_hostname = false
+
+[[inputs.tail]]
+  files = ["/data/mini-beieli-lorahandler.log"]
+  from_beginning = false
+  pipe = false
+  tagexclude = ["path","host"]
+  data_format = "influx"
+
+# Configuration for sending metrics to InfluxDB 2.0
+[[outputs.influxdb_v2]]
+  urls = ["http://127.0.0.1:8086"]
+  token = "x_AqP_6HJ0s9_o1JA4_W0KHs-BBOuj904DWqAnmc_SzmMz6n-qA_rbPBN9OVIOifVQg0SI2d_dHx1VNUZgNngw=="
+  organization = "minibeieliorg"
+  bucket = "minibeielibucket"

traefik/configuration/minibeielidev.yml

@@ -0,0 +1,33 @@
+http:
+  routers:
+    minibeielidev-web:
+      entrypoints:
+      - websecure
+      tls:
+        certresolver: "myresolver"
+        domains:
+          - main: "dev.mini-beieli.ch"
+      rule: "Host(`dev.mini-beieli.ch`)"
+      service: minibeielidev-web
+
+    minibeielidev-lorahandler:
+      entrypoints:
+      - websecure
+      tls:
+        certresolver: "myresolver"
+        domains:
+          - main: "dev.mini-beieli.ch"
+      rule: "Host(`dev.mini-beieli.ch`) && PathPrefix(`/lorahandler`)"
+      service: minibeielidev-lorahandler
+
+  services:
+    minibeielidev-web:
+      loadBalancer:
+        servers:
+        - url: http://127.0.0.1:9050/
+        passHostHeader: true
+    minibeielidev-lorahandler:
+      loadBalancer:
+        servers:
+        - url: http://127.0.0.1:9051/
+        passHostHeader: true

traefik/configuration/tls-config.yml

@@ -0,0 +1,20 @@
+tls:
+  options:
+    default:
+      sniStrict: true
+      minVersion: VersionTLS12
+      cipherSuites:
+       - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+       - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+       - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+       - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+       - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
+       - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
+    tlsv13only:
+      minVersion: VersionTLS13
+  stores:
+    default:
+      defaultGeneratedCert:
+        resolver: myresolver
+        domain:
+          main: onyx-dev.nbit.ch

traefik/configuration/wobischdev.yml

@@ -0,0 +1,33 @@
+http:
+  routers:
+    wobischdev-web:
+      entrypoints:
+      - websecure
+      tls:
+        certresolver: "myresolver"
+        domains:
+          - main: "dev.wo-bisch.ch"
+      rule: "Host(`dev.wo-bisch.ch`)"
+      service: wobischdev-web
+
+    wobischdev-lorahandler:
+      entrypoints:
+      - websecure
+      tls:
+        certresolver: "myresolver"
+        domains:
+          - main: "dev.wo-bisch.ch"
+      rule: "Host(`dev.wo-bisch.ch`) && PathPrefix(`/lorahandler`)"
+      service: wobischdev-lorahandler
+
+  services:
+    wobischdev-web:
+      loadBalancer:
+        servers:
+        - url: http://127.0.0.1:9040/
+        passHostHeader: true
+    wobischdev-lorahandler:
+      loadBalancer:
+        servers:
+        - url: http://127.0.0.1:9041/
+        passHostHeader: true

traefik/traefik.yaml

@@ -0,0 +1,56 @@
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  annotations:
+    bind-mount-options:/home/containers/onyx-dev_pods/traefik/configuration: z
+    bind-mount-options:/data/traefik/acme.json: z
+    io.kubernetes.cri-o.TTY/traefik: "false"
+    io.podman.annotations.autoremove/traefik: "FALSE"
+    io.podman.annotations.init/traefik: "FALSE"
+    io.podman.annotations.label/traefik: type:container_runtime_t
+    io.podman.annotations.privileged/traefik: "FALSE"
+    io.podman.annotations.publish-all/traefik: "FALSE"
+  creationTimestamp: "2022-12-03T15:45:41Z"
+  labels:
+    app: traefik-pod
+  name: traefik-pod
+spec:
+  hostNetwork: true
+  containers:
+  - args:
+    - --entrypoints.web.address=:80
+    - --entrypoints.web.http.redirections.entryPoint.to=websecure
+    - --entrypoints.web.http.redirections.entryPoint.scheme=https
+    - --entrypoints.websecure.address=:443
+    - --certificatesresolvers.myresolver.acme.email=postmaster@nbit.ch
+    - --certificatesresolvers.myresolver.acme.storage=/acme.json
+    - --certificatesresolvers.myresolver.acme.tlschallenge=true
+    - --certificatesresolvers.myresolver.acme.httpChallenge.entrypoint=web
+    - --providers.file.directory=/configuration/
+    - --providers.file.watch=true
+    - --accesslog=true
+    #- --log.level=DEBUG
+    #- --api.dashboard=true
+    #- --api.insecure=true
+    image: docker.io/library/traefik:latest
+    name: traefik
+    securityContext:
+      capabilities:
+        drop:
+        - CAP_MKNOD
+        - CAP_AUDIT_WRITE
+    volumeMounts:
+    - mountPath: /configuration/
+      name: home-containers-onyx-dev_pods-traefik-configuration-host-0
+    - mountPath: /acme.json
+      name: data-traefik-acme.json-host-2
+  volumes:
+  - hostPath:
+      path: /home/containers/onyx-dev_pods/traefik/configuration
+      type: Directory
+    name: home-containers-onyx-dev_pods-traefik-configuration-host-0
+  - hostPath:
+      path: /data/traefik/acme.json
+      type: File
+    name: data-traefik-acme.json-host-2

wobischdev/telegraf.conf

@@ -0,0 +1,31 @@
+[global_tags]
+
+# Configuration for telegraf agent
+[agent]
+  interval = "10s"
+  round_interval = true
+  metric_batch_size = 1000
+  metric_buffer_limit = 100000
+  collection_jitter = "0s"
+  flush_interval = "10s"
+  flush_jitter = "0s"
+  precision = ""
+  debug = false
+  quiet = false
+  logfile = ""
+  hostname = ""
+  omit_hostname = false
+
+[[inputs.tail]]
+  files = ["/data/wo-bisch-lorahandler.log"]
+  from_beginning = false
+  pipe = false
+  tagexclude = ["path","host"]
+  data_format = "influx"
+
+# Configuration for sending metrics to InfluxDB 2.0
+[[outputs.influxdb_v2]]
+  urls = ["http://127.0.0.1:8086"]
+  token = "PWuleFEPB2YSduUkzkcW94V_-KFDK5Fi3MAeaA999Qe51OsGlJJSrcZ41pUAppCwF-z3rUNnyFQQJs8fCSTFzg=="
+  organization = "wobischorg"
+  bucket = "wobischbucket"

wobischdev/wobischdev.yaml

@@ -0,0 +1,120 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  annotations:
+    bind-mount-options:/data/wobischdev/influxdb: z
+    bind-mount-options:/data/wobischdev/redis: z
+    bind-mount-options:/data/wobischdev/lorahandlerdata: z
+    bind-mount-options:/home/containers/onyx-dev_pods/wobischdev/telegraf.conf: z
+    io.kubernetes.cri-o.TTY/wobischdev: "false"
+    io.podman.annotations.autoremove/wobischdev: "FALSE"
+    io.podman.annotations.init/wobischdev: "FALSE"
+    io.podman.annotations.label/wobischdev: type:container_runtime_t
+    io.podman.annotations.privileged/wobischdev: "FALSE"
+    io.podman.annotations.publish-all/wobischdev: "FALSE"
+  labels:
+    app: wobischdev-pod
+  name: wobischdev-pod
+spec:
+  containers:
+  - name: wo-bisch-web
+    image: registry.gitlab.com/drpuur/wo-bisch-web:2022122101
+    env:
+    - name: REDIS_CONNECTION_STRING
+      value: 127.0.0.1:6379
+    - name: INFLUX_URL
+      value: http://127.0.0.1:8086/api/v2/query?org=wobischorg
+    - name: INFLUX_RO_TOKEN
+      value: TQvQxxLLAj1kTKWuEqcx7BA-KfE6WtJUeDlPa_Dnvms6Zqf6uh6lMbpXtzcsCjKO_x3PrpxxGDR5E6YnDB5PFg==
+    - name: STRIPE_KEY
+      value: sk_test_51Icq29K2XyHQRTs20aEeyUHH3WgE6nBkAKUFuXsQtbnZNIP5fap5zTLTaA0XvhIcRHkqt3vJ2nui6df8R9VDuDDh00nhzmWdHr
+    - name: STRIPE_PK
+      value: pk_test_51Icq29K2XyHQRTs2DeltUIWrbFb5evfJVGaQzMv4r50g8Q7HAUkSFr7BBGv0aP1damXIhM6fZ4Yf9Wz0qW6TpTVi00dWcW7J1O
+    ports:
+    - containerPort: 4000
+      hostPort: 9040
+    resources: {}
+    securityContext:
+      capabilities:
+        drop:
+        - CAP_MKNOD
+        - CAP_NET_RAW
+        - CAP_AUDIT_WRITE
+  - name: wo-bisch-lorahandler
+    image: registry.gitlab.com/drpuur/wo-bisch-lorahandler:2022122101
+    env:
+    - name: REDIS_CONNECTION_STRING
+      value: 127.0.0.1:6379
+    ports:
+    - containerPort: 8080
+      hostPort: 9041
+    resources: {}
+    securityContext:
+      capabilities:
+        drop:
+        - CAP_MKNOD
+        - CAP_NET_RAW
+        - CAP_AUDIT_WRITE
+    volumeMounts:
+    - mountPath: /data
+      name: lorahandlerdata
+  - name: influxdb
+    image: docker.io/library/influxdb:2.6
+    ports:
+    - containerPort: 8086
+    resources: {}
+    securityContext:
+      capabilities:
+        drop:
+        - CAP_MKNOD
+        - CAP_NET_RAW
+        - CAP_AUDIT_WRITE
+    volumeMounts:
+    - mountPath: /var/lib/influxdb2
+      name: influxdb
+  - name: redis
+    image: docker.io/library/redis:7
+    args: ["--save 60 1", "--loglevel warning"]
+    ports:
+    - containerPort: 5432
+    resources: {}
+    securityContext:
+      capabilities:
+        drop:
+        - CAP_MKNOD
+        - CAP_NET_RAW
+        - CAP_AUDIT_WRITE
+    volumeMounts:
+    - mountPath: /data
+      name: redis
+  - name: telegraf
+    image: docker.io/library/telegraf:1.25
+    resources: {}
+    securityContext:
+      capabilities:
+        drop:
+        - CAP_MKNOD
+        - CAP_AUDIT_WRITE
+    volumeMounts:
+    - mountPath: /data
+      name: lorahandlerdata
+    - mountPath: /etc/telegraf/telegraf.conf
+      name: telegrafconf
+  restartPolicy: Always
+  volumes:
+  - hostPath:
+      path: /data/wobischdev/influxdb
+      type: Directory
+    name: influxdb
+  - hostPath:
+      path: /data/wobischdev/redis
+      type: Directory
+    name: redis
+  - hostPath:
+      path: /data/wobischdev/lorahandlerdata
+      type: Directory
+    name: lorahandlerdata
+  - hostPath:
+      path: /home/containers/onyx-dev_pods/wobischdev/telegraf.conf
+      type: File
+    name: telegrafconf