forked from github.com/plausible-hosting
added plausible init container, security context's & events-db configuration into configmap
This commit is contained in:
parent
aa9f96cd12
commit
46f050f54c
@ -34,5 +34,5 @@ When you first log in with your admin credentials, you will be prompted to enter
|
||||
Otherwise, run this command to verify all users in the database:
|
||||
|
||||
```bash
|
||||
kubectl -n plausible exec deploy/plausible-db -- /bin/bash -c 'psql -U $POSTGRES_USER -d $POSTGRES_DB -c "UPDATE users SET email_verified = true;"'
|
||||
kubectl -n plausible exec statefulset/plausible-db -- /bin/bash -c 'psql -U $POSTGRES_USER -d $POSTGRES_DB -c "UPDATE users SET email_verified = true;"'
|
||||
```
|
||||
|
@ -42,6 +42,11 @@ spec:
|
||||
app.kubernetes.io/part-of: plausible
|
||||
spec:
|
||||
restartPolicy: Always
|
||||
# see https://github.com/docker-library/postgres/blob/6bbf1c7b308d1c4288251d73c37f6caf75f8a3d4/14/buster/Dockerfile
|
||||
securityContext:
|
||||
runAsUser: 999
|
||||
runAsGroup: 999
|
||||
fsGroup: 999
|
||||
containers:
|
||||
- name: plausible-db
|
||||
image: postgres:latest
|
||||
|
@ -18,6 +18,36 @@ spec:
|
||||
app.kubernetes.io/component: database
|
||||
app.kubernetes.io/part-of: plausible
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: plausible-events-db-config
|
||||
data:
|
||||
clickhouse-config.xml: |
|
||||
<yandex>
|
||||
<logger>
|
||||
<level>warning</level>
|
||||
<console>true</console>
|
||||
</logger>
|
||||
|
||||
<!-- Stop all the unnecessary logging -->
|
||||
<query_thread_log remove="remove"/>
|
||||
<query_log remove="remove"/>
|
||||
<text_log remove="remove"/>
|
||||
<trace_log remove="remove"/>
|
||||
<metric_log remove="remove"/>
|
||||
<asynchronous_metric_log remove="remove"/>
|
||||
</yandex>
|
||||
clickhouse-user-config.xml: |
|
||||
<yandex>
|
||||
<profiles>
|
||||
<default>
|
||||
<log_queries>0</log_queries>
|
||||
<log_query_threads>0</log_query_threads>
|
||||
</default>
|
||||
</profiles>
|
||||
</yandex>
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
@ -42,6 +72,11 @@ spec:
|
||||
app.kubernetes.io/part-of: plausible
|
||||
spec:
|
||||
restartPolicy: Always
|
||||
# see https://github.com/ClickHouse/ClickHouse/blob/master/docker/server/Dockerfile
|
||||
securityContext:
|
||||
runAsUser: 101
|
||||
runAsGroup: 101
|
||||
fsGroup: 101
|
||||
containers:
|
||||
- name: plausible-events-db
|
||||
image: yandex/clickhouse-server:latest
|
||||
@ -51,6 +86,14 @@ spec:
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /var/lib/clickhouse
|
||||
- name: config
|
||||
mountPath: /etc/clickhouse-server/config.d/logging.xml
|
||||
subPath: clickhouse-config.xml
|
||||
readOnly: true
|
||||
- name: config
|
||||
mountPath: /etc/clickhouse-server/users.d/logging.xml"
|
||||
subPath: clickhouse-user-config.xml
|
||||
readOnly: true
|
||||
env:
|
||||
- name: CLICKHOUSE_DB
|
||||
value: plausible
|
||||
@ -87,6 +130,10 @@ spec:
|
||||
initialDelaySeconds: 30
|
||||
failureThreshold: 3
|
||||
periodSeconds: 10
|
||||
volumes:
|
||||
- name: config
|
||||
configMap:
|
||||
name: plausible-events-db-config
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: data
|
||||
|
@ -36,14 +36,62 @@ spec:
|
||||
app.kubernetes.io/component: server
|
||||
spec:
|
||||
restartPolicy: Always
|
||||
# see https://github.com/plausible/analytics/blob/master/Dockerfile
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
initContainers:
|
||||
- name: plausible-init
|
||||
image: plausible/analytics:latest
|
||||
command:
|
||||
- "/bin/sh"
|
||||
- "-c"
|
||||
args:
|
||||
- sleep 30 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh db init-admin
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: plausible-config
|
||||
env:
|
||||
- name: POSTGRES_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: plausible-db-user
|
||||
key: username
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: plausible-db-user
|
||||
key: password
|
||||
- name: CLICKHOUSE_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: plausible-events-db-user
|
||||
key: username
|
||||
- name: CLICKHOUSE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: plausible-events-db-user
|
||||
key: password
|
||||
- name: DATABASE_URL
|
||||
value: postgres://$(POSTGRES_USER):$(POSTGRES_PASSWORD)@$(PLAUSIBLE_DB_SERVICE_HOST):$(PLAUSIBLE_DB_SERVICE_PORT)/plausible
|
||||
- name: CLICKHOUSE_DATABASE_URL
|
||||
value: http://$(CLICKHOUSE_USER):$(CLICKHOUSE_PASSWORD)@$(PLAUSIBLE_EVENTS_DB_SERVICE_HOST):$(PLAUSIBLE_EVENTS_DB_SERVICE_PORT)/plausible
|
||||
- name: SMTP_HOST_ADDR
|
||||
value: $(PLAUSIBLE_SMTP_SERVICE_HOST)
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
resources:
|
||||
limits:
|
||||
memory: 2Gi
|
||||
cpu: 1500m
|
||||
requests:
|
||||
memory: 50Mi
|
||||
cpu: 10m
|
||||
containers:
|
||||
- name: plausible
|
||||
image: plausible/analytics:latest
|
||||
imagePullPolicy: Always
|
||||
args:
|
||||
- /bin/sh
|
||||
- -c
|
||||
- sleep 10 && /entrypoint.sh db createdb && /entrypoint.sh db migrate && /entrypoint.sh db init-admin && /entrypoint.sh run
|
||||
ports:
|
||||
- containerPort: 8000
|
||||
envFrom:
|
||||
|
Loading…
Reference in New Issue
Block a user