chemavx/k8s-manifests
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: export all K8 Plus cluster manifests

Browse Source 
Namespaces: argocd, authentik, backup-system, cloudflare-ddns,
gitea, homarr, monitoring, n8n, openclaw, polymarket-bot, vaultwarden
Cluster-wide: clusterissuers, namespaces
Secrets: redacted (structure only, data=REDACTED)
This commit is contained in:
chemavx
2026-04-10 08:57:02 +00:00
commit ff2e6cc985
163 changed files with 10979 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
monitoring/deployment-kube-prometheus-stack-grafana.yaml
+273
View File
@@ -0,0 +1,273 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: '2'
meta.helm.sh/release-name: kube-prometheus-stack
meta.helm.sh/release-namespace: monitoring
labels:
app.kubernetes.io/instance: kube-prometheus-stack
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: grafana
app.kubernetes.io/version: 12.4.2
helm.sh/chart: grafana-11.5.0
name: kube-prometheus-stack-grafana
namespace: monitoring
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: kube-prometheus-stack
app.kubernetes.io/name: grafana
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
annotations:
checksum/config: b835787868e1c1e3616db22add4a94b4f3a7b8ccedf24d3e48c323334a2b023c
checksum/sc-dashboard-provider-config: e70bf6a851099d385178a76de9757bb0bef8299da6d8443602590e44f05fdf24
checksum/secret: bed677784356b2af7fb0d87455db21f077853059b594101a4f6532bfbd962a7f
kubectl.kubernetes.io/default-container: grafana
kubectl.kubernetes.io/restartedAt: '2026-04-09T07:16:07Z'
labels:
app.kubernetes.io/instance: kube-prometheus-stack
app.kubernetes.io/name: grafana
app.kubernetes.io/version: 12.4.2
helm.sh/chart: grafana-11.5.0
spec:
automountServiceAccountToken: true
containers:
- env:
- name: METHOD
value: WATCH
- name: LABEL
value: grafana_dashboard
- name: LABEL_VALUE
value: '1'
- name: FOLDER
value: /tmp/dashboards
- name: RESOURCE
value: both
- name: NAMESPACE
value: ALL
- name: REQ_USERNAME
valueFrom:
secretKeyRef:
key: admin-user
name: kube-prometheus-stack-grafana
- name: REQ_PASSWORD
valueFrom:
secretKeyRef:
key: admin-password
name: kube-prometheus-stack-grafana
- name: REQ_URL
value: http://localhost:3000/api/admin/provisioning/dashboards/reload
- name: REQ_METHOD
value: POST
image: quay.io/kiwigrid/k8s-sidecar:2.6.0
imagePullPolicy: IfNotPresent
name: grafana-sc-dashboard
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /tmp/dashboards
name: sc-dashboard-volume
- env:
- name: METHOD
value: WATCH
- name: LABEL
value: grafana_datasource
- name: LABEL_VALUE
value: '1'
- name: FOLDER
value: /etc/grafana/provisioning/datasources
- name: RESOURCE
value: both
- name: REQ_USERNAME
valueFrom:
secretKeyRef:
key: admin-user
name: kube-prometheus-stack-grafana
- name: REQ_PASSWORD
valueFrom:
secretKeyRef:
key: admin-password
name: kube-prometheus-stack-grafana
- name: REQ_URL
value: http://localhost:3000/api/admin/provisioning/datasources/reload
- name: REQ_METHOD
value: POST
image: quay.io/kiwigrid/k8s-sidecar:2.6.0
imagePullPolicy: IfNotPresent
name: grafana-sc-datasources
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/grafana/provisioning/datasources
name: sc-datasources-volume
- env:
- name: POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: GF_SECURITY_ADMIN_USER
valueFrom:
secretKeyRef:
key: admin-user
name: kube-prometheus-stack-grafana
- name: GF_SECURITY_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: admin-password
name: kube-prometheus-stack-grafana
- name: GF_PATHS_DATA
value: /var/lib/grafana/
- name: GF_PATHS_LOGS
value: /var/log/grafana
- name: GF_PATHS_PLUGINS
value: /var/lib/grafana/plugins
- name: GF_PATHS_PROVISIONING
value: /etc/grafana/provisioning
- name: GF_UNIFIED_STORAGE_INDEX_PATH
value: /var/lib/grafana-search/bleve
image: docker.io/grafana/grafana:12.4.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 10
httpGet:
path: /api/health
port: grafana
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 30
name: grafana
ports:
- containerPort: 3000
name: grafana
protocol: TCP
- containerPort: 9094
name: gossip-tcp
protocol: TCP
- containerPort: 9094
name: gossip-udp
protocol: UDP
- containerPort: 6060
name: profiling
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /api/health
port: grafana
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/grafana/grafana.ini
name: config
subPath: grafana.ini
- mountPath: /var/lib/grafana
name: storage
- mountPath: /var/lib/grafana-search
name: search
- mountPath: /tmp/dashboards
name: sc-dashboard-volume
- mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml
name: sc-dashboard-provider
subPath: provider.yaml
- mountPath: /etc/grafana/provisioning/datasources
name: sc-datasources-volume
dnsPolicy: ClusterFirst
enableServiceLinks: true
initContainers:
- command:
- chown
- -R
- 472:472
- /var/lib/grafana
image: docker.io/library/busybox:1.37.0
imagePullPolicy: IfNotPresent
name: init-chown-data
resources: {}
securityContext:
capabilities:
add:
- CHOWN
drop:
- ALL
readOnlyRootFilesystem: false
runAsNonRoot: false
runAsUser: 0
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/lib/grafana
name: storage
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
fsGroup: 472
runAsGroup: 472
runAsNonRoot: true
runAsUser: 472
serviceAccount: kube-prometheus-stack-grafana
serviceAccountName: kube-prometheus-stack-grafana
shareProcessNamespace: false
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 420
name: kube-prometheus-stack-grafana
name: config
- name: storage
persistentVolumeClaim:
claimName: kube-prometheus-stack-grafana
- emptyDir: {}
name: search
- emptyDir: {}
name: sc-dashboard-volume
- configMap:
defaultMode: 420
name: kube-prometheus-stack-grafana-config-dashboards
name: sc-dashboard-provider
- emptyDir: {}
name: sc-datasources-volume