github.com
/
plausible-hosting
mirror of https://github.com/plausible/hosting.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
plausible-hosting/chart/README.org

17 KiB
Raw Blame History

Helm chart

Configuration

Parameter Description Default
disableAuth Disables authentication completely, no registration, login will be shown false
disableRegistration Disables registration of new users, keep your admin credentials handy false
adminUser.email The default ("admin") user email ""
adminUser.name Admin user's name ""
adminUser.password The default ("admin") user password ""
database.enabled Set database URL in env true
database.url The database URL as dictated here postgres://postgres:postgres@postgres/plausible?ssl=off
clickhouse.enabled Set clickhouse URL in env true
clickhouse.url Connection string for Clickhouse in the same format http://plausible-events-db:8123/plausible
smtp.enabled Set SMTP configuration in env true
smtp.mailer.emailAddress The email id to use for as from address of all communications from Plausible ""
smtp.mailer.adapter Instead of the default, replace this with Bamboo.PostmarkAdapter ""
smtp.host The host address of your smtp server ""
smtp.port The port of your smtp server ""
smtp.username The username/email in case SMTP auth is enabled ""
smtp.password The password in case SMTP auth is enabled ""
smtp.ssl.enabled If SSL is enabled for SMTP connection false
smtp.retries Number of retries to make until mailer gives up 2
postmark.apiKey Enter your API key ""
geoliteCountryDB Path to your IP geolocation database in MaxMind's format ""
google.clientID The Client ID from the Google API Console for your Plausible Analytics project ""
google.clientSecret The Client Secret from the Google API Console for your Plausible Analytics project ""
twitter.consumer.key The API key from the Twitter Developer Portal ""
twitter.consumer.secret The API key secret from the Twitter Developer Portal ""
twitter.access.token The access token you generated in the steps above ""
twitter.access.secret The access token secret you generated in the steps above ""
labels Extra labels to add to all managed resources {}
extraEnv Declare extra environment variables []
image.repository The repo where the image lives plausible/analytics
image.tag Specifies a tag of from the image to use ""
image.pullPolicy Pod container pull policy IfNotPresent
imagePullSecrets References for the registry secrets to pull the container images in the Pod with []
nameOverride Expand the name of the chart ""
fullNameOverride Create a FQDN for the app name ""
serviceAccount.create Whether a serviceAccount should be created for the Pod to use false
serviceAccount.name A name to give the servce account nil
podAnnotations Annotations to assign Pods {}
podSecurityContext Set a security context for the Pod {}
securityContext.readOnlyRootFilesystem Mount container filesytem as read only true
securityContext.runAsNonRoot Don't allow the container in the Pod to run as root true
securityContext.runAsUser The user ID to run the container in the Pod as 1000
securityContext.runAsGroup The group ID to run the container in the Pod as 1000
service.type The service type to create ClusterIP
service.port The port to bind the app on and for the service to be set to 8000
ingress.enabled Create an ingress manifests false
ingress.realIPHeader A header to forward, which contains the real client IP address ""
ingress.annotations Set annotations for the ingress manifest {}
ingress.hosts The hosts which the ingress endpoint should be accessed from
ingress.tls References to TLS secrets []
resources Limits and requests for the Pods {}
autoscaling.enabled Enable autoscaling for the deployment false
autoscaling.minReplicas The minimum amount of Pods to run 1
autoscaling.maxReplicas The maximum amount of Pods to run 1
autoscaling.targetCPUUtilizationPercentage The individual Pod CPU amount until autoscaling occurs 80
autoscaling.targetMemoryUtilizationPercentage The individual Pod Memory amount until autoscaling occurs
nodeSelector Declare the node labels for Pod scheduling {}
tolerations Declare the toleration labels for Pod scheduling []
affinity Declare the affinity settings for the Pod scheduling {}

Installation 

  helm install plausible -n plausible \
    --debug \
    --set adminUser.email=myemail@example.com \
    --set adminUser.name="Test User" \
    --set adminUser.password="password" \
    --set database.url="postgres://plausible:plausible@postgres/plausible?ssl=false" \
    --set clickhouse.url="http://plausible-events-db:8123/plausible" \
    --set disableRegistration=true \
    --set disableAuth=true \
    --set image.tag=dev \
    plausible-analytics
  kubectl -n plausible get pods,svc
  helm uninstall plausible -n plausible
apiVersion: helm.fluxcd.io/v1
kind: HelmRelease
metadata:
  name: postgres-operator
  namespace: postgres-operator
spec:
  releaseName: postgres-operator
  chart:
    git: https://github.com/zalando/postgres-operator.git
    ref: v1.6.1
    path: charts/postgres-operator
    values:
      configKubernetes:
        enable_pod_antiaffinity: "true"
kubectl create ns postgres-operator
kubectl apply -f /tmp/postgres-operator.yaml
apiVersion: "acid.zalan.do/v1"
kind: postgresql
metadata:
  name: plausible-db
  namespace: plausible
spec:
  enableConnectionPooler: true
  connectionPooler:
    mode: session
    resources:
      requests:
        cpu: 250m
        memory: 100Mi
      limits:
        cpu: "1"
        memory: 100Mi
  teamId: "plausible"
  volume:
    size: 3Gi
  numberOfInstances: 3
  users:
    plausible:  # database owner
    - superuser
    - createdb
  databases:
    plausible: plausible  # dbname: owner
  postgresql:
    version: "12"
kubectl -n plausible create secret generic plausible.plausible-db.credentials.postgresql.acid.zalan.do --from-literal=password=plausible --from-literal=username=plausible --dry-run=client -o yaml | kubectl apply -f -
kubectl apply -f /tmp/postgresql.yaml

Deploying with Helm-Operator 

apiVersion: helm.fluxcd.io/v1
kind: HelmRelease
metadata:
  name: plausible
  namespace: plausible
spec:
  chart:
    git: https://github.com/BobyMCbobs/plausible-hosting
    path: chart/plausible-analytics
    ref: fffcb3e87395d42e73ccd6034d8008ba68c216b2
  releaseName: plausible
  values:
    replicaCount: 3
    adminUser:
      name: "My Name Here"
      email: "my-email@address.here"
      password: "a-secure-password-here"
    database:
      url: "postgres://plausible:plausible@plausible-db-pooler.plausible/plausible?ssl=true"
    clickhouse:
      url: "http://plausible-events-db:8123/plausible"
    secretKeyBase: "hello-this-is-plausible-analytics-this-value-must-be-at-least-64-bytes-long"
    extraVolumes:
      - name: tmptmp
        emptyDir: {}
    extraVolumeMounts:
      - name: tmptmp
        mountPath: /tmp/tmp
    ingress:
      enabled: true
      hosts:
      - host: plausible.bobymcbobs-weekend.pair.sharing.io
        paths:
        - /
      realIPHeader: X-Real-Ip
      tls:
      - hosts:
        - plausible.bobymcbobs-weekend.pair.sharing.io
        secretName: letsencrypt-prod
kubectl apply -f /tmp/plausible.yaml
kubectl psql -n plausible plausible-db plausible psql -c "UPDATE users SET email_verified = true;"