8 changed files with 3 additions and 293 deletions
--- a/README.md
+++ b/README.md
@ -47,7 +47,6 @@ enable EPEL Repo:
 # dnf install firewalld
 # firewall-cmd --add-service={http,https} --permanent
 # firewall-cmd --remove-service=cockpit --permanent
 # firewall-cmd --add-port=1883/tcp --permanent   ; only for MQTT
 # firewall-cmd --reload
 List Rules:
@ -193,19 +192,6 @@ Set Defaults:
 containers$ cat ~/.config/containers/containers.conf
 [network]
 network_backend = "netavark"
 Credentials for Gitlab Registry should be available after Reboot
 # User: drpuur, Password: Token from Gitlab (glpat-L5fU-_eZ6u74-3a8Jsnn)
 [containers@onyx-dev ~]$ podman login registry.gitlab.com
 Username: drpuur
 Password:
 Login Succeeded!
 [containers@onyx-dev ~]$ cp /run/user/1000/containers/auth.json ~/.config/containers/auth.json
 ```
 ### Setup Traefik
@ -323,7 +309,3 @@ on master:
 ```
 Read Rights for Grafana Agent:
 # setfacl -R -m u:grafana-agent:rX /var/log
--- a/gitea/README.md
+++ b/gitea/README.md
@ -1,7 +0,0 @@
 Config of Gitea is done in config/app.ini
 To disable the possibility to self-register:
 [root@onyx ~]# grep DISABLE_REGISTRATION /data/gitea/config/app.ini
 DISABLE_REGISTRATION              = true
--- a/gitea/gitea.yaml
+++ b/gitea/gitea.yaml
@ -1,57 +0,0 @@
 ---
 apiVersion: v1
 kind: Pod
 metadata:
  annotations:
    bind-mount-options:/data/gitea/data: z
    bind-mount-options:/data/gitea/config: z
    io.kubernetes.cri-o.TTY/gitea: "false"
    io.podman.annotations.autoremove/gitea: "FALSE"
    io.podman.annotations.init/gitea: "FALSE"
    io.podman.annotations.label/gitea: type:container_runtime_t
    io.podman.annotations.privileged/gitea: "FALSE"
    io.podman.annotations.publish-all/gitea: "FALSE"
  labels:
    app: gitea-pod
  name: gitea-pod
 spec:
  containers:
  - image: docker.io/gitea/gitea:latest-rootless
    name: gitea
    ports:
    - containerPort: 3000
      hostPort: 9080
      hostIP: 127.0.0.1
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /var/lib/gitea
      name: data-gitea-data-0
    - mountPath: /etc/gitea
      name: data-gitea-config-0
    - mountPath: /etc/timezone
      name: etc-timezone-0
      readOnly: true
    - mountPath: /etc/localtime
      name: etc-localtime-0
      readOnly: true
  volumes:
  - hostPath:
      path: /data/gitea/data
      type: Directory
    name: data-gitea-data-0
  - hostPath:
      path: /data/gitea/config
      type: Directory
    name: data-gitea-config-0
  - hostPath:
      path: /etc/timezone
      type: File
    name: etc-timezone-0
  - hostPath:
      path: /etc/localtime
      type: File
    name: etc-localtime-0
--- a/minibeieli/minibeieli.yaml
+++ b/minibeieli/minibeieli.yaml
@ -18,7 +18,7 @@ metadata:
 spec:
  containers:
  - name: mini-beieli-web
-    image: registry.gitlab.com/drpuur/mini-beieli-web:2023020301
+    image: registry.gitlab.com/drpuur/mini-beieli-web:2022122601
    env:
    - name: REDIS_CONNECTION_STRING
      value: 127.0.0.1:6379
@ -43,7 +43,7 @@ spec:
        - CAP_NET_RAW
        - CAP_AUDIT_WRITE
  - name: mini-beieli-lorahandler
-    image: registry.gitlab.com/drpuur/mini-beieli-lorahandler:2022122801
+    image: registry.gitlab.com/drpuur/mini-beieli-lorahandler:2022122601
    env:
    - name: REDIS_CONNECTION_STRING
      value: 127.0.0.1:6379
@ -64,6 +64,7 @@ spec:
    image: docker.io/library/influxdb:2.6
    ports:
    - containerPort: 8086
      hostPort: 8086
    resources: {}
    securityContext:
      capabilities:
--- a/traefik/configuration/gitea.yml
+++ b/traefik/configuration/gitea.yml
@ -1,18 +0,0 @@
 http:
  routers:
    gitea:
      entrypoints:
      - websecure
      tls:
        certresolver: "myresolver"
        domains:
          - main: "git.nbit.ch"
      rule: "Host(`git.nbit.ch`)"
      service: gitea
  services:
    gitea:
      loadBalancer:
        servers:
        - url: http://127.0.0.1:9080/
        passHostHeader: false
--- a/traefik/configuration/wobisch.yml
+++ b/traefik/configuration/wobisch.yml
@ -1,35 +0,0 @@
 http:
  routers:
    wobisch-web:
      entrypoints:
      - websecure
      tls:
        certresolver: "myresolver"
        domains:
          - main: "wo-bisch.ch"
            sans: "www.wo-bisch.ch"
      rule: "Host(`wo-bisch.ch`,`www.wo-bisch.ch`)"
      service: wobisch-web
    wobisch-lorahandler:
      entrypoints:
      - websecure
      tls:
        certresolver: "myresolver"
        domains:
          - main: "wo-bisch.ch"
            sans: "www.wo-bisch.ch"
      rule: "Host(`wo-bisch.ch`,`www.wo-bisch.ch`) && PathPrefix(`/lorahandler`)"
      service: wobisch-lorahandler
  services:
    wobisch-web:
      loadBalancer:
        servers:
        - url: http://127.0.0.1:9060/
        passHostHeader: true
    wobisch-lorahandler:
      loadBalancer:
        servers:
        - url: http://127.0.0.1:9061/
        passHostHeader: true
--- a/wobisch/telegraf.conf
+++ b/wobisch/telegraf.conf
@ -1,31 +0,0 @@
 [global_tags]
 # Configuration for telegraf agent
 [agent]
  interval = "10s"
  round_interval = true
  metric_batch_size = 1000
  metric_buffer_limit = 100000
  collection_jitter = "0s"
  flush_interval = "10s"
  flush_jitter = "0s"
  precision = ""
  debug = false
  quiet = false
  logfile = ""
  hostname = ""
  omit_hostname = false
 [[inputs.tail]]
  files = ["/data/wo-bisch-lorahandler.log"]
  from_beginning = false
  pipe = false
  tagexclude = ["path","host"]
  data_format = "influx"
 # Configuration for sending metrics to InfluxDB 2.0
 [[outputs.influxdb_v2]]
  urls = ["http://127.0.0.1:8086"]
  token = "OMFWazmSYezw2vVw2cC6pbvMXKaQpzjgN7nemstXifQtQAINeBSXNR66Z6PB2CemTHUdbz5IBIbRdBpcPXZ4FQ=="
  organization = "wobischorg"
  bucket = "wobischbucket"
--- a/wobisch/wobisch.yaml
+++ b/wobisch/wobisch.yaml
@ -1,125 +0,0 @@
 apiVersion: v1
 kind: Pod
 metadata:
  annotations:
    bind-mount-options:/data/wobisch/influxdb: z
    bind-mount-options:/data/wobisch/redis: z
    bind-mount-options:/data/wobisch/lorahandlerdata: z
    bind-mount-options:/home/containers/onyx_pods/wobisch/telegraf.conf: z
    io.kubernetes.cri-o.TTY/wobisch: "false"
    io.podman.annotations.autoremove/wobisch: "FALSE"
    io.podman.annotations.init/wobisch: "FALSE"
    io.podman.annotations.label/wobisch: type:container_runtime_t
    io.podman.annotations.privileged/wobisch: "FALSE"
    io.podman.annotations.publish-all/wobisch: "FALSE"
  labels:
    app: wobisch-pod
  name: wobisch-pod
 spec:
  containers:
  - name: wo-bisch-web
    image: registry.gitlab.com/drpuur/wo-bisch-web:2023020304
    env:
    - name: REDIS_CONNECTION_STRING
      value: 127.0.0.1:6379
    - name: INFLUX_URL
      value: http://127.0.0.1:8086/api/v2/query?org=wobischorg
    - name: INFLUX_RO_TOKEN
      value: hVK-DQk3kQhrTndYCvv8T1c99nSdpUe2wPAzEMH77rpuDKLbEdsI-Ten6S09EPlgKBCPVypYohMNO9AYbt0MlQ==
    - name: STRIPE_KEY
      value: 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
    - name: STRIPE_PK
      value: pk_live_51Icq29K2XyHQRTs2oNQMPT75m7J96ajcKDADEE8FCSA3WWD98je6IZgN0E7Q2t5Vccdu1ar5kQZUIjbPhRluTkS500rgdMr0dF
    - name: MAILSERVER_HOST
      value: mail.nbit.ch
    ports:
    - containerPort: 4000
      hostPort: 9060
    resources: {}
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_NET_RAW
        - CAP_AUDIT_WRITE
  - name: wo-bisch-lorahandler
    image: registry.gitlab.com/drpuur/wo-bisch-lorahandler:2022122801
    env:
    - name: REDIS_CONNECTION_STRING
      value: 127.0.0.1:6379
    - name: MAILSERVER_HOST
      value: mail.nbit.ch
    ports:
    - containerPort: 8080
      hostPort: 9061
    resources: {}
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_NET_RAW
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /data
      name: lorahandlerdata
  - name: influxdb
    image: docker.io/library/influxdb:2.6
    ports:
    - containerPort: 8086
      hostPort: 8087
    resources: {}
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_NET_RAW
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /var/lib/influxdb2
      name: influxdb
  - name: redis
    image: docker.io/library/redis:7
    args: ["--save 60 1", "--loglevel warning"]
    ports:
    - containerPort: 5432
    resources: {}
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_NET_RAW
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /data
      name: redis
  - name: telegraf
    image: docker.io/library/telegraf:1.25
    resources: {}
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /data
      name: lorahandlerdata
    - mountPath: /etc/telegraf/telegraf.conf
      name: telegrafconf
  restartPolicy: Always
  volumes:
  - hostPath:
      path: /data/wobisch/influxdb
      type: Directory
    name: influxdb
  - hostPath:
      path: /data/wobisch/redis
      type: Directory
    name: redis
  - hostPath:
      path: /data/wobisch/lorahandlerdata
      type: Directory
    name: lorahandlerdata
  - hostPath:
      path: /home/containers/onyx_pods/wobisch/telegraf.conf
      type: File
    name: telegrafconf