Clean up docs
This commit is contained in:
parent
59c4267826
commit
1efc73f64b
198
chart/README.org
198
chart/README.org
|
@ -1,198 +0,0 @@
|
||||||
#+TITLE: Helm chart
|
|
||||||
|
|
||||||
* Configuration
|
|
||||||
|
|
||||||
| Parameter | Description | Default |
|
|
||||||
|-----------------------------------------------+-----------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------|
|
|
||||||
| disableAuth | Disables authentication completely, no registration, login will be shown | ~false~ |
|
|
||||||
| disableRegistration | Disables registration of new users, keep your admin credentials handy | ~false~ |
|
|
||||||
| adminUser.email | The default ("admin") user email | ~""~ |
|
|
||||||
| adminUser.name | Admin user's name | ~""~ |
|
|
||||||
| adminUser.password | The default ("admin") user password | ~""~ |
|
|
||||||
| database.enabled | Set database URL in env | ~true~ |
|
|
||||||
| database.url | The database URL as dictated [[https://hexdocs.pm/ecto/Ecto.Repo.html#module-urls][here]] | ~postgres://postgres:postgres@postgres/plausible?ssl=off~ |
|
|
||||||
| clickhouse.enabled | Set clickhouse URL in env | ~true~ |
|
|
||||||
| clickhouse.url | Connection string for Clickhouse in the same format | ~http://plausible-events-db:8123/plausible~ |
|
|
||||||
| smtp.enabled | Set SMTP configuration in env | ~true~ |
|
|
||||||
| smtp.mailer.emailAddress | The email id to use for as from address of all communications from Plausible | ~""~ |
|
|
||||||
| smtp.mailer.adapter | Instead of the default, replace this with Bamboo.PostmarkAdapter | ~""~ |
|
|
||||||
| smtp.host | The host address of your smtp server | ~""~ |
|
|
||||||
| smtp.port | The port of your smtp server | ~""~ |
|
|
||||||
| smtp.username | The username/email in case SMTP auth is enabled | ~""~ |
|
|
||||||
| smtp.password | The password in case SMTP auth is enabled | ~""~ |
|
|
||||||
| smtp.ssl.enabled | If SSL is enabled for SMTP connection | ~false~ |
|
|
||||||
| smtp.retries | Number of retries to make until mailer gives up | ~2~ |
|
|
||||||
| postmark.apiKey | Enter your API key | ~""~ |
|
|
||||||
| geoliteCountryDB | Path to your IP geolocation database in MaxMind's format | ~""~ |
|
|
||||||
| google.clientID | The Client ID from the Google API Console for your Plausible Analytics project | ~""~ |
|
|
||||||
| google.clientSecret | The Client Secret from the Google API Console for your Plausible Analytics project | ~""~ |
|
|
||||||
| twitter.consumer.key | The API key from the Twitter Developer Portal | ~""~ |
|
|
||||||
| twitter.consumer.secret | The API key secret from the Twitter Developer Portal | ~""~ |
|
|
||||||
| twitter.access.token | The access token you generated in the steps above | ~""~ |
|
|
||||||
| twitter.access.secret | The access token secret you generated in the steps above | ~""~ |
|
|
||||||
| labels | Extra labels to add to all managed resources | ~{}~ |
|
|
||||||
| extraEnv | Declare extra environment variables | ~[]~ |
|
|
||||||
| image.repository | The repo where the image lives | ~plausible/analytics~ |
|
|
||||||
| image.tag | Specifies a tag of from the image to use | ~""~ |
|
|
||||||
| image.pullPolicy | Pod container pull policy | ~IfNotPresent~ |
|
|
||||||
| imagePullSecrets | References for the registry secrets to pull the container images in the Pod with | ~[]~ |
|
|
||||||
| nameOverride | Expand the name of the chart | ~""~ |
|
|
||||||
| fullNameOverride | Create a FQDN for the app name | ~""~ |
|
|
||||||
| serviceAccount.create | Whether a serviceAccount should be created for the Pod to use | ~false~ |
|
|
||||||
| serviceAccount.name | A name to give the servce account | ~nil~ |
|
|
||||||
| podAnnotations | Annotations to assign Pods | ~{}~ |
|
|
||||||
| podSecurityContext | Set a security context for the Pod | ~{}~ |
|
|
||||||
| securityContext.readOnlyRootFilesystem | Mount container filesytem as read only | ~true~ |
|
|
||||||
| securityContext.runAsNonRoot | Don't allow the container in the Pod to run as root | ~true~ |
|
|
||||||
| securityContext.runAsUser | The user ID to run the container in the Pod as | ~1000~ |
|
|
||||||
| securityContext.runAsGroup | The group ID to run the container in the Pod as | ~1000~ |
|
|
||||||
| service.type | The service type to create | ~ClusterIP~ |
|
|
||||||
| service.port | The port to bind the app on and for the service to be set to | ~8000~ |
|
|
||||||
| ingress.enabled | Create an ingress manifests | ~false~ |
|
|
||||||
| ingress.realIPHeader | A header to forward, which contains the real client IP address | ~""~ |
|
|
||||||
| ingress.annotations | Set annotations for the ingress manifest | ~{}~ |
|
|
||||||
| ingress.hosts | The hosts which the ingress endpoint should be accessed from | |
|
|
||||||
| ingress.tls | References to TLS secrets | ~[]~ |
|
|
||||||
| resources | Limits and requests for the Pods | ~{}~ |
|
|
||||||
| autoscaling.enabled | Enable autoscaling for the deployment | ~false~ |
|
|
||||||
| autoscaling.minReplicas | The minimum amount of Pods to run | ~1~ |
|
|
||||||
| autoscaling.maxReplicas | The maximum amount of Pods to run | ~1~ |
|
|
||||||
| autoscaling.targetCPUUtilizationPercentage | The individual Pod CPU amount until autoscaling occurs | ~80~ |
|
|
||||||
| autoscaling.targetMemoryUtilizationPercentage | The individual Pod Memory amount until autoscaling occurs | |
|
|
||||||
| nodeSelector | Declare the node labels for Pod scheduling | ~{}~ |
|
|
||||||
| tolerations | Declare the toleration labels for Pod scheduling | ~[]~ |
|
|
||||||
| affinity | Declare the affinity settings for the Pod scheduling | ~{}~ |
|
|
||||||
|
|
||||||
|
|
||||||
* Installation
|
|
||||||
|
|
||||||
#+begin_src shell :pwd ./ :results silent
|
|
||||||
helm install plausible -n plausible \
|
|
||||||
--debug \
|
|
||||||
--set adminUser.email=myemail@example.com \
|
|
||||||
--set adminUser.name="Test User" \
|
|
||||||
--set adminUser.password="password" \
|
|
||||||
--set database.url="postgres://plausible:plausible@postgres/plausible?ssl=false" \
|
|
||||||
--set clickhouse.url="http://plausible-events-db:8123/plausible" \
|
|
||||||
--set disableRegistration=true \
|
|
||||||
--set disableAuth=true \
|
|
||||||
--set image.tag=dev \
|
|
||||||
plausible-analytics
|
|
||||||
#+end_src
|
|
||||||
|
|
||||||
#+begin_src shell :pwd ./
|
|
||||||
kubectl -n plausible get pods,svc
|
|
||||||
#+end_src
|
|
||||||
|
|
||||||
#+begin_src shell :pwd ./ :results silent
|
|
||||||
helm uninstall plausible -n plausible
|
|
||||||
#+end_src
|
|
||||||
|
|
||||||
#+BEGIN_SRC yaml :tangle /tmp/postgres-operator.yaml
|
|
||||||
apiVersion: helm.fluxcd.io/v1
|
|
||||||
kind: HelmRelease
|
|
||||||
metadata:
|
|
||||||
name: postgres-operator
|
|
||||||
namespace: postgres-operator
|
|
||||||
spec:
|
|
||||||
releaseName: postgres-operator
|
|
||||||
chart:
|
|
||||||
git: https://github.com/zalando/postgres-operator.git
|
|
||||||
ref: v1.6.1
|
|
||||||
path: charts/postgres-operator
|
|
||||||
values:
|
|
||||||
configKubernetes:
|
|
||||||
enable_pod_antiaffinity: "true"
|
|
||||||
#+END_SRC
|
|
||||||
|
|
||||||
#+BEGIN_SRC tmate :window plausible-setup
|
|
||||||
kubectl create ns postgres-operator
|
|
||||||
kubectl apply -f /tmp/postgres-operator.yaml
|
|
||||||
#+END_SRC
|
|
||||||
|
|
||||||
#+BEGIN_SRC yaml :tangle /tmp/postgresql.yaml
|
|
||||||
apiVersion: "acid.zalan.do/v1"
|
|
||||||
kind: postgresql
|
|
||||||
metadata:
|
|
||||||
name: plausible-db
|
|
||||||
namespace: plausible
|
|
||||||
spec:
|
|
||||||
enableConnectionPooler: true
|
|
||||||
connectionPooler:
|
|
||||||
mode: session
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 250m
|
|
||||||
memory: 100Mi
|
|
||||||
limits:
|
|
||||||
cpu: "1"
|
|
||||||
memory: 100Mi
|
|
||||||
teamId: "plausible"
|
|
||||||
volume:
|
|
||||||
size: 3Gi
|
|
||||||
numberOfInstances: 3
|
|
||||||
users:
|
|
||||||
plausible: # database owner
|
|
||||||
- superuser
|
|
||||||
- createdb
|
|
||||||
databases:
|
|
||||||
plausible: plausible # dbname: owner
|
|
||||||
postgresql:
|
|
||||||
version: "12"
|
|
||||||
#+END_SRC
|
|
||||||
|
|
||||||
#+BEGIN_SRC tmate :window plausible-setup
|
|
||||||
kubectl -n plausible create secret generic plausible.plausible-db.credentials.postgresql.acid.zalan.do --from-literal=password=plausible --from-literal=username=plausible --dry-run=client -o yaml | kubectl apply -f -
|
|
||||||
kubectl apply -f /tmp/postgresql.yaml
|
|
||||||
#+END_SRC
|
|
||||||
|
|
||||||
* Deploying with Helm-Operator
|
|
||||||
#+BEGIN_SRC yaml :tangle /tmp/plausible.yaml
|
|
||||||
apiVersion: helm.fluxcd.io/v1
|
|
||||||
kind: HelmRelease
|
|
||||||
metadata:
|
|
||||||
name: plausible
|
|
||||||
namespace: plausible
|
|
||||||
spec:
|
|
||||||
chart:
|
|
||||||
git: https://github.com/BobyMCbobs/plausible-hosting
|
|
||||||
path: chart/plausible-analytics
|
|
||||||
ref: fffcb3e87395d42e73ccd6034d8008ba68c216b2
|
|
||||||
releaseName: plausible
|
|
||||||
values:
|
|
||||||
replicaCount: 3
|
|
||||||
adminUser:
|
|
||||||
name: "My Name Here"
|
|
||||||
email: "my-email@address.here"
|
|
||||||
password: "a-secure-password-here"
|
|
||||||
database:
|
|
||||||
url: "postgres://plausible:plausible@plausible-db-pooler.plausible/plausible?ssl=true"
|
|
||||||
clickhouse:
|
|
||||||
url: "http://plausible-events-db:8123/plausible"
|
|
||||||
secretKeyBase: "hello-this-is-plausible-analytics-this-value-must-be-at-least-64-bytes-long"
|
|
||||||
extraVolumes:
|
|
||||||
- name: tmptmp
|
|
||||||
emptyDir: {}
|
|
||||||
extraVolumeMounts:
|
|
||||||
- name: tmptmp
|
|
||||||
mountPath: /tmp/tmp
|
|
||||||
ingress:
|
|
||||||
enabled: true
|
|
||||||
hosts:
|
|
||||||
- host: plausible.bobymcbobs-weekend.pair.sharing.io
|
|
||||||
paths:
|
|
||||||
- /
|
|
||||||
realIPHeader: X-Real-Ip
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- plausible.bobymcbobs-weekend.pair.sharing.io
|
|
||||||
secretName: letsencrypt-prod
|
|
||||||
#+END_SRC
|
|
||||||
|
|
||||||
#+BEGIN_SRC tmate :window plausible-setup
|
|
||||||
kubectl apply -f /tmp/plausible.yaml
|
|
||||||
#+END_SRC
|
|
||||||
|
|
||||||
#+BEGIN_SRC tmate :window plausible-setup
|
|
||||||
kubectl psql -n plausible plausible-db plausible psql -c "UPDATE users SET email_verified = true;"
|
|
||||||
#+END_SRC
|
|
|
@ -1,78 +0,0 @@
|
||||||
#+TITLE: Setup Plausible
|
|
||||||
|
|
||||||
* Prelimiary requirements
|
|
||||||
|
|
||||||
** Notes
|
|
||||||
- Postgres manifests are also included, in case you don't want to deploy a highly available Postgres database locally (~DATABASE_URL~ will need to be updated also)
|
|
||||||
|
|
||||||
* Setup
|
|
||||||
|
|
||||||
#+NAME: create namespace
|
|
||||||
#+begin_src tmate :window plausible-setup
|
|
||||||
kubectl create ns plausible
|
|
||||||
#+end_src
|
|
||||||
|
|
||||||
#+NAME: label the namespace
|
|
||||||
#+BEGIN_SRC tmate :window plausible-setup
|
|
||||||
kubectl label ns plausible cert-manager-tls=sync --overwrite
|
|
||||||
#+END_SRC
|
|
||||||
|
|
||||||
#+NAME: create the database secrets
|
|
||||||
#+begin_src tmate :window plausible-setup
|
|
||||||
kubectl -n plausible create secret generic postgres-configuration \
|
|
||||||
--from-literal=POSTGRES_DB=plausible \
|
|
||||||
--from-literal=POSTGRES_USER=plausible \
|
|
||||||
--from-literal=POSTGRES_PASSWORD=plausible \
|
|
||||||
--from-literal=PGUSER=plausible \
|
|
||||||
--from-literal=PGPASSWORD=plausible \
|
|
||||||
--from-literal=PGDATABASE=plausible \
|
|
||||||
--dry-run=client \
|
|
||||||
-o yaml | kubectl apply -f -
|
|
||||||
#+end_src
|
|
||||||
|
|
||||||
#+NAME: install Postgres
|
|
||||||
#+begin_src tmate :window plausible-setup
|
|
||||||
kubectl -n plausible apply -f postgres.yaml
|
|
||||||
#+end_src
|
|
||||||
|
|
||||||
#+NAME: create secrets
|
|
||||||
#+begin_src tmate :window plausible-setup
|
|
||||||
kubectl -n plausible create secret generic plausible \
|
|
||||||
--from-literal=ADMIN_USER_EMAIL="$GIT_AUTHOR_EMAIL" \
|
|
||||||
--from-literal=ADMIN_USER_NAME="$GIT_AUTHOR_NAME" \
|
|
||||||
--from-literal=ADMIN_USER_PWD="password" \
|
|
||||||
--from-literal=SECRET_KEY_BASE="$(openssl rand -base64 64)" \
|
|
||||||
--from-literal=DATABASE_URL="postgres://plausible:plausible@postgres/plausible?ssl=false" \
|
|
||||||
--from-literal=CLICKHOUSE_DATABASE_URL=http://plausible-events-db:8123/plausible \
|
|
||||||
--dry-run=client \
|
|
||||||
-o yaml | kubectl apply -f -
|
|
||||||
#+end_src
|
|
||||||
|
|
||||||
#+NAME: create configuration
|
|
||||||
#+begin_src tmate :window plausible-setup
|
|
||||||
kubectl -n plausible create configmap plausible \
|
|
||||||
--from-literal=BASE_URL=https://plausible.$SHARINGIO_PAIR_BASE_DNS_NAME \
|
|
||||||
--dry-run=client \
|
|
||||||
-o yaml | kubectl apply -f -
|
|
||||||
#+end_src
|
|
||||||
|
|
||||||
#+NAME: install Plausible
|
|
||||||
#+begin_src tmate :window plausible-setup
|
|
||||||
kubectl -n plausible apply \
|
|
||||||
-f event-data-persistentvolumeclaim.yaml \
|
|
||||||
-f mail-deployment.yaml \
|
|
||||||
-f mail-service.yaml \
|
|
||||||
-f plausible-deployment.yaml \
|
|
||||||
-f plausible-service.yaml \
|
|
||||||
-f plausible-ingress.yaml \
|
|
||||||
-f plausible-events-db-deployment.yaml \
|
|
||||||
-f plausible-events-db-service.yaml
|
|
||||||
#+end_src
|
|
||||||
|
|
||||||
#+BEGIN_SRC tmate :window plausible-setup
|
|
||||||
kubectl -n plausible exec -it statefulset/postgres -- psql -c "UPDATE users SET email_verified = true;"
|
|
||||||
#+END_SRC
|
|
||||||
|
|
||||||
* Notes and references
|
|
||||||
- https://docs.plausible.io/self-hosting-configuration/
|
|
||||||
- https://github.com/plausible/hosting/blob/c5146231aa0bf8d7a0da11370845e11a4973373e/docker-compose.yml
|
|
|
@ -1,12 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
kind: PersistentVolumeClaim
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: event-data
|
|
||||||
name: event-data
|
|
||||||
spec:
|
|
||||||
accessModes:
|
|
||||||
- ReadWriteOnce
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 100Mi
|
|
|
@ -1,26 +0,0 @@
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: mail
|
|
||||||
name: mail
|
|
||||||
spec:
|
|
||||||
replicas: 1
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: mail
|
|
||||||
strategy: {}
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: mail
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- image: bytemark/smtp
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
name: mail
|
|
||||||
resources: {}
|
|
||||||
ports:
|
|
||||||
- name: mail
|
|
||||||
containerPort: 25
|
|
||||||
restartPolicy: Always
|
|
|
@ -1,13 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: mail
|
|
||||||
name: mail
|
|
||||||
spec:
|
|
||||||
ports:
|
|
||||||
- name: http
|
|
||||||
port: 25
|
|
||||||
targetPort: 25
|
|
||||||
selector:
|
|
||||||
app: mail
|
|
|
@ -1,124 +0,0 @@
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: plausible
|
|
||||||
spec:
|
|
||||||
replicas: 1
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: plausible
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: plausible
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: plausible
|
|
||||||
image: plausible/analytics:v1.3.0
|
|
||||||
imagePullPolicy: Always
|
|
||||||
securityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
runAsGroup: 1000
|
|
||||||
readOnlyRootFilesystem: true
|
|
||||||
allowPrivilegeEscalation: false
|
|
||||||
command:
|
|
||||||
- /app/bin/plausible
|
|
||||||
- start
|
|
||||||
env:
|
|
||||||
- name: ADMIN_USER_EMAIL
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: ADMIN_USER_EMAIL
|
|
||||||
name: plausible
|
|
||||||
- name: ADMIN_USER_NAME
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: ADMIN_USER_NAME
|
|
||||||
name: plausible
|
|
||||||
- name: ADMIN_USER_PWD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: ADMIN_USER_PWD
|
|
||||||
name: plausible
|
|
||||||
- name: DATABASE_URL
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: DATABASE_URL
|
|
||||||
name: plausible
|
|
||||||
- name: SECRET_KEY_BASE
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: SECRET_KEY_BASE
|
|
||||||
name: plausible
|
|
||||||
- name: CLICKHOUSE_DATABASE_URL
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: CLICKHOUSE_DATABASE_URL
|
|
||||||
name: plausible
|
|
||||||
- name: BASE_URL
|
|
||||||
valueFrom:
|
|
||||||
configMapKeyRef:
|
|
||||||
key: BASE_URL
|
|
||||||
name: plausible
|
|
||||||
volumeMounts:
|
|
||||||
- name: app-tmp
|
|
||||||
mountPath: /app/tmp
|
|
||||||
ports:
|
|
||||||
- name: http
|
|
||||||
containerPort: 8000
|
|
||||||
resources: {}
|
|
||||||
initContainers:
|
|
||||||
- name: plausible-init
|
|
||||||
image: plausible/analytics:v1.3.0
|
|
||||||
imagePullPolicy: Always
|
|
||||||
securityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
runAsGroup: 1000
|
|
||||||
readOnlyRootFilesystem: true
|
|
||||||
allowPrivilegeEscalation: false
|
|
||||||
command:
|
|
||||||
- sh
|
|
||||||
- -c
|
|
||||||
- /app/createdb.sh && /app/migrate.sh && /app/init-admin.sh
|
|
||||||
env:
|
|
||||||
- name: ADMIN_USER_EMAIL
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: ADMIN_USER_EMAIL
|
|
||||||
name: plausible
|
|
||||||
- name: ADMIN_USER_NAME
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: ADMIN_USER_NAME
|
|
||||||
name: plausible
|
|
||||||
- name: ADMIN_USER_PWD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: ADMIN_USER_PWD
|
|
||||||
name: plausible
|
|
||||||
- name: SECRET_KEY_BASE
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: SECRET_KEY_BASE
|
|
||||||
name: plausible
|
|
||||||
- name: DATABASE_URL
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: DATABASE_URL
|
|
||||||
name: plausible
|
|
||||||
- name: CLICKHOUSE_DATABASE_URL
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
key: CLICKHOUSE_DATABASE_URL
|
|
||||||
name: plausible
|
|
||||||
- name: BASE_URL
|
|
||||||
valueFrom:
|
|
||||||
configMapKeyRef:
|
|
||||||
key: BASE_URL
|
|
||||||
name: plausible
|
|
||||||
volumeMounts:
|
|
||||||
- name: app-tmp
|
|
||||||
mountPath: /app/tmp
|
|
||||||
volumes:
|
|
||||||
- name: app-tmp
|
|
||||||
emptyDir: {}
|
|
|
@ -1,31 +0,0 @@
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: plausible-events-db
|
|
||||||
spec:
|
|
||||||
replicas: 1
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: plausible-events-db
|
|
||||||
strategy:
|
|
||||||
type: Recreate
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: plausible-events-db
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- image: yandex/clickhouse-server:latest
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
name: plausible-events-db
|
|
||||||
ports:
|
|
||||||
- containerPort: 8123
|
|
||||||
resources: {}
|
|
||||||
volumeMounts:
|
|
||||||
- mountPath: /var/lib/clickhouse
|
|
||||||
name: event-data
|
|
||||||
restartPolicy: Always
|
|
||||||
volumes:
|
|
||||||
- name: event-data
|
|
||||||
persistentVolumeClaim:
|
|
||||||
claimName: event-data
|
|
|
@ -1,13 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: plausible-events-db
|
|
||||||
name: plausible-events-db
|
|
||||||
spec:
|
|
||||||
ports:
|
|
||||||
- name: "8123"
|
|
||||||
port: 8123
|
|
||||||
targetPort: 8123
|
|
||||||
selector:
|
|
||||||
app: plausible-events-db
|
|
|
@ -1,20 +0,0 @@
|
||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: plausible
|
|
||||||
spec:
|
|
||||||
rules:
|
|
||||||
- host: plausible.bobymcbobs-weekend.pair.sharing.io
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- backend:
|
|
||||||
service:
|
|
||||||
name: plausible
|
|
||||||
port:
|
|
||||||
number: 8000
|
|
||||||
path: /
|
|
||||||
pathType: ImplementationSpecific
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- plausible.bobymcbobs-weekend.pair.sharing.io
|
|
||||||
secretName: letsencrypt-prod
|
|
|
@ -1,13 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: plausible
|
|
||||||
name: plausible
|
|
||||||
spec:
|
|
||||||
ports:
|
|
||||||
- name: http
|
|
||||||
port: 8000
|
|
||||||
targetPort: 8000
|
|
||||||
selector:
|
|
||||||
app: plausible
|
|
|
@ -1,102 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: postgres
|
|
||||||
spec:
|
|
||||||
type: ClusterIP
|
|
||||||
ports:
|
|
||||||
- port: 5432
|
|
||||||
targetPort: 5432
|
|
||||||
protocol: TCP
|
|
||||||
name: postgres
|
|
||||||
selector:
|
|
||||||
app: postgres
|
|
||||||
---
|
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: StatefulSet
|
|
||||||
metadata:
|
|
||||||
name: postgres
|
|
||||||
spec:
|
|
||||||
replicas: 1
|
|
||||||
serviceName: "postgres"
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: postgres
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: postgres
|
|
||||||
spec:
|
|
||||||
securityContext:
|
|
||||||
fsGroup: 70
|
|
||||||
containers:
|
|
||||||
- name: snoopdb
|
|
||||||
securityContext:
|
|
||||||
allowPrivilegeEscalation: false
|
|
||||||
readOnlyRootFilesystem: true
|
|
||||||
runAsGroup: 70
|
|
||||||
runAsUser: 70
|
|
||||||
image: postgres:12
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
ports:
|
|
||||||
- containerPort: 5432
|
|
||||||
env:
|
|
||||||
- name: POSTGRES_DB
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: postgres-configuration
|
|
||||||
key: POSTGRES_DB
|
|
||||||
- name: POSTGRES_USER
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: postgres-configuration
|
|
||||||
key: POSTGRES_USER
|
|
||||||
- name: POSTGRES_PASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: postgres-configuration
|
|
||||||
key: POSTGRES_PASSWORD
|
|
||||||
- name: PGDATABASE
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: postgres-configuration
|
|
||||||
key: PGDATABASE
|
|
||||||
- name: PGUSER
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: postgres-configuration
|
|
||||||
key: POSTGRES_USER
|
|
||||||
- name: PGPASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: postgres-configuration
|
|
||||||
key: POSTGRES_PASSWORD
|
|
||||||
- name: PGDATA
|
|
||||||
value: /var/lib/postgresql/data/pgdata
|
|
||||||
livenessProbe:
|
|
||||||
exec:
|
|
||||||
command:
|
|
||||||
- "sh"
|
|
||||||
- "-c"
|
|
||||||
- "pg_isready"
|
|
||||||
- "-U"
|
|
||||||
- "$POSTGRES_USER"
|
|
||||||
failureThreshold: 5
|
|
||||||
periodSeconds: 10
|
|
||||||
timeoutSeconds: 5
|
|
||||||
resources:
|
|
||||||
{}
|
|
||||||
volumeMounts:
|
|
||||||
- name: tmp
|
|
||||||
mountPath: /tmp
|
|
||||||
- name: var-lib-postgresql
|
|
||||||
mountPath: /var/lib/postgresql
|
|
||||||
- name: var-run-postgresql
|
|
||||||
mountPath: /var/run/postgresql
|
|
||||||
volumes:
|
|
||||||
- name: tmp
|
|
||||||
emptyDir: {}
|
|
||||||
- name: var-lib-postgresql
|
|
||||||
emptyDir: {}
|
|
||||||
- name: var-run-postgresql
|
|
||||||
emptyDir: {}
|
|
|
@ -1,34 +0,0 @@
|
||||||
apiVersion: "acid.zalan.do/v1"
|
|
||||||
kind: postgresql
|
|
||||||
metadata:
|
|
||||||
name: plausible-db
|
|
||||||
spec:
|
|
||||||
enableConnectionPooler: true
|
|
||||||
connectionPooler:
|
|
||||||
mode: session
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 250m
|
|
||||||
memory: 100Mi
|
|
||||||
limits:
|
|
||||||
cpu: "1"
|
|
||||||
memory: 100Mi
|
|
||||||
teamId: "plausible"
|
|
||||||
volume:
|
|
||||||
size: 1Gi
|
|
||||||
numberOfInstances: 1
|
|
||||||
users:
|
|
||||||
plausible: # database owner
|
|
||||||
- superuser
|
|
||||||
- createdb
|
|
||||||
databases:
|
|
||||||
plausible: plausible # dbname: owner
|
|
||||||
postgresql:
|
|
||||||
version: "12"
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: "100m"
|
|
||||||
memory: "1024Mi"
|
|
||||||
limits:
|
|
||||||
cpu: "1"
|
|
||||||
memory: "1024Mi"
|
|
Loading…
Reference in New Issue