big update for kubernetes and helm templates

kubernetes/certmanager/values.yaml → helm/cert-manager/values.yaml

@@ -10,8 +10,10 @@ cainjector:
   image:
     repository: quay.io/jetstack/cert-manager-cainjector
     tag: v1.16.0
+
 crds: 
   enabled: true
+
 extraArgs:
   - --dns01-recursive-nameservers-only
   - --dns01-recursive-nameservers=1.1.1.1:53,1.0.0.1:53

helm/longhorn/values.yaml

@@ -0,0 +1,53 @@
+---
+image:
+  longhorn:
+    engine:
+      repository: "longhornio/longhorn-engine"
+      tag: "v1.7.2"
+    manager:
+      repository: "longhornio/longhorn-manager"
+      tag: "v1.7.2"
+    ui:
+      repository: "longhornio/longhorn-ui"
+      tag: "v1.7.2"
+    instanceManager:
+      repository: "longhornio/longhorn-instance-manager"
+      tag: "v1.7.2"
+    shareManager:
+      repository: "longhornio/longhorn-share-manager"
+      tag: "v1.7.2"
+    backingImageManager:
+      repository: "longhornio/backing-image-manager"
+      tag: "v1.7.2"
+    supportBundleKit:
+      repository: "longhornio/support-bundle-kit"
+      tag: "v0.0.45"
+  csi:
+    attacher:
+      repository: "longhornio/csi-attacher"
+      tag: "v4.7.0"
+    provisioner:
+      repository: "longhornio/csi-provisioner"
+      tag: "v5.1.0"
+    nodeDriverRegistrar:
+      repository: "longhornio/csi-node-driver-registrar"
+      tag: "v2.12.0"
+    resizer:
+      repository: "longhornio/csi-resizer"
+      tag: "v1.12.0"
+    snapshotter:
+      repository: "longhornio/csi-snapshotter"
+      tag: "v8.1.0"
+    livenessProbe:
+      repository: "longhornio/livenessprobe"
+      tag: "v2.14.0"
+
+# --> (Optional) Reduce the number of replicas of Longhorn UI
+# longhornUI:
+#   replicas: 1
+# <--
+
+# --> (Optional) Change the default settings, like Backup Target here...
+# defaultSettings:
+#   backupTarget: "your-backup-target"  # <-- Replace with your backup target
+# <--

helm/portainer/values.yaml

@@ -0,0 +1,27 @@
+---
+image:
+  repository: portainer/portainer-ce
+  tag: 2.22.0
+  pullPolicy: IfNotPresent
+
+service:
+  type: ClusterIP
+
+# --> (Optional) When you want to automatically create an Ingress
+# ingress:
+#   enabled: true
+#   hosts:
+#     - host: "your-fqdn"  # <-- Replace with your FQDN
+#       paths:
+#         - path: /
+#           port: "9000"
+#   tls:
+#     - secretName: portainer-certificate-secret
+#       hosts:
+#         - "your-fqdn"  # <-- Replace with your FQDN
+# <--
+
+# --> (Optional) When using an existing PVC
+# persistence:
+#   existingClaim: "portainer"
+# <--

helm/traefik/values.yaml

@@ -0,0 +1,19 @@
+image:
+  repository: traefik
+  version: v3.1.4
+  pullPolicy: IfNotPresent
+
+# --> (Optional) Change log settings here...
+# logs:
+#   general:
+#     level: ERROR
+#   access:
+#     enabled: false
+# <--
+
+# --> (Optional) Redirect HTTP to HTTPs by default
+# ports:
+#   web:
+#     redirectTo: 
+#       port: websecure
+# <--

kubernetes/certmanager/examples/clusterissuer.yaml.example → kubernetes/cert-manager/clusterissuer.yaml

@@ -2,16 +2,16 @@
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
-  name: clusterissuer  # <-- Replace with your clsuterissuer name
+  name: cloudflare-clusterissuer
 spec:
   acme:
     email: your-email@address  # <-- Replace with your email address
     server: https://acme-v02.api.letsencrypt.org/directory
     privateKeySecretRef:
-      name: example-clusterissuer-account-key  # <-- Replace with your secret name
+      name: cloudflare-clusterissuer-account-key
     solvers:
       - dns01:
           cloudflare:
             apiTokenSecretRef:
-              name: cloudflare-api-token-secret  # <-- Replace with your secret name
+              name: cloudflare-api-token-secret
               key: api-token        

kubernetes/certmanager/examples/issuer.yaml.example

@@ -1,18 +0,0 @@
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  name: issuer  # <-- Replace with your issuer name
-  namespace: your-namespace  # <-- Replace with your namespace
-spec:
-  acme:
-    email: your-email@address  # <-- Replace with your email address
-    server: https://acme-v02.api.letsencrypt.org/directory
-    privateKeySecretRef:
-      name: example-issuer-account-key  # <-- Replace with your secret name
-    solvers:
-      - dns01:
-          cloudflare:
-            apiTokenSecretRef:
-              name: cloudflare-api-token-secret  # <-- Replace with your secret name
-              key: api-token        

kubernetes/examples/example-deployment.yaml

@@ -1,22 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: example-deployment
-  namespace: your-namespace
-  labels:
-    app: example-app
-spec:
-  replicas: 3  # how many pods?
-  selector:
-    matchLabels:
-      app: example-app
-  template:
-    metadata:
-      labels:
-        app: example-app
-    spec:
-      containers:
-      - name: nginx
-        image: nginx:latest
-        ports:
-        - containerPort: 80

kubernetes/examples/example-service.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: example-service
-  namespace: your-namespace
-spec:
-  selector:
-    app.kubernetes.io/name: MyApp
-  ports:
-    - protocol: TCP
-      port: 80
-      targetPort: 9376

kubernetes/longhorn/certificate.yaml

@@ -0,0 +1,13 @@
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: longhorn-certificate
+  namespace: longhorn-system
+spec:
+  secretName: longhorn-certificate-secret
+  dnsNames:
+    - your-fqdn  # <-- Replace with your FQDN
+  issuerRef:
+    name: cloudflare-clusterissuer
+    kind: ClusterIssuer

kubernetes/longhorn/ingressroute.yaml

@@ -0,0 +1,17 @@
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: longhorn-ingressroute
+  namespace: longhorn-system
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`your-fqdn`)  # <-- Replace with your FQDN
+      kind: Rule
+      services:
+        - name: longhorn-frontend
+          port: 80
+  tls:
+      secretName: longhorn-certificate-secret

kubernetes/portainer/certificate.yaml

@@ -0,0 +1,13 @@
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: portainer-ingressroute-certificate
+  namespace: portainer
+spec:
+  secretName: portainer-certificate-secret
+  issuerRef:
+    name: cloudflare-clusterissuer
+    kind: ClusterIssuer
+  dnsNames:
+    - your-fqdn  # <-- Replace with your FQDN

kubernetes/portainer/ingressroute.yaml

@@ -0,0 +1,17 @@
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: portainer-ingressroute
+  namespace: portainer
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`your-fqdn`)  # <-- Replace with your FQDN
+      kind: Rule
+      services:
+        - name: portainer
+          port: 9000
+  tls:
+    secretName: portainer-certificate-secret

kubernetes/portainer/values.yml

@@ -1,29 +0,0 @@
-# Portainer Helm Chart Values Template
-# ---
-image:
-  repository: portainer/portainer-ce
-  tag: 2.22.0
-  pullPolicy: IfNotPresent
-
-replicas: 1  # Number of replicas
-
-# (Choice) LoadBalancer or ClusterIP with optional Ingress
-service:
-  type: LoadBalancer
-  # -- or --
-  # type: ClusterIP
-
-# (Optional) Add Ingress, when using ClusterIP
-ingress:
-  enabled: true
-  hosts:
-    - host: "portainer-test-1.kube-prod-2.home.clcreative.de"
-      paths: 
-        - path: "/"
-          port: "9000"
-# -- end
-
-persistence:
-  enabled: true
-  # (Optional) Use an existing PVC
-  # existingClaim: portainer

kubernetes/traefik/examples/example-ingressroute.yaml

@@ -1,20 +0,0 @@
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: ingressroute
-  # (Optional) Namespace
-  # namespace: your-namespace
-  # ---
-spec:
-  entryPoints:
-  - web
-  - websecure
-  routes:
-  - match: Host(`your-hostname`)
-    kind: Rule
-    services:
-    - name: your-service
-      port: 80
-  # (Optional) TLS
-  # tls:
-  #   secretName: your-tls-secret

kubernetes/traefik/examples/example-ingressroutetcp.yml

@@ -1,21 +0,0 @@
-apiVersion: traefik.io/v1alpha1
-kind: IngressRouteTCP
-metadata:
-  name: ingressroutetcp
-  # (Optional) Namespace
-  # namespace: your-namespace
-  # ---
-spec:
-  entryPoints:
-  - web
-  - websecure
-  routes:
-  - match: HostSNI(`your-hostname-sni`)
-    priority: 10
-    services:
-    - name: your-service
-      port: 80
-  # (Optional) TLS Passthrough
-  # tls:
-  #   passthrough: true
-  # ---

kubernetes/traefik/ingressroute.yaml.example

@@ -0,0 +1,19 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: your-ingressroute # <-- Replace with your IngressRoute name
+  namespace: your-namespace  # <-- Replace with your namespace
+spec:
+  entryPoints:
+  - web
+  - websecure
+  routes:
+  - match: Host(`your-fqdn`)  # <-- Replace with your FQDN
+    kind: Rule
+    services:
+    - name: your-service  # <-- Replace with your service name
+      port: 80
+  # --> (Optional) Add certificate secret
+  # tls:
+  #   secretName: your-certificate-secret
+  # <--

kubernetes/traefik/ingressroutetcp.yaml.example

@@ -0,0 +1,19 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRouteTCP
+metadata:
+  name: your-ingressroutetcp # <-- Replace with your IngressRouteTCP name
+  namespace: your-namespace  # <-- Replace with your namespace
+spec:
+  entryPoints:
+  - web
+  - websecure
+  routes:
+  - match: HostSNI(`your-sni`)  # <-- Replace with your SNI
+    priority: 10  # <-- (Optional) change rule priority
+    services:
+    - name: your-service  # <-- Replace with your service name
+      port: 80
+  # --> (Optional) Enable TLS Passthrough
+  # tls:
+  #   passthrough: true
+  # <--

kubernetes/traefik/values.yml

@@ -1,54 +0,0 @@
-# Traefik Helm Chart Values Template
-# ---
-image:
-  repository: traefik
-  version: v3.1.4
-  pullPolicy: IfNotPresent
-
-# (Optional) Log settings
-# logs:
-#   general:
-#     level: ERROR
-#   access:
-#     enabled: false
-
-# (Optional) Change number of replicas
-# deployment:
-#   replicas: 1
-
-# (Optional) Enable Prometheus Metrics, requires metrics port to be exposed!
-# metrics:
-#   prometheus:
-#     entryPoint: metrics
-
-# Configure EntryPoints
-ports:
-  web:
-    # StandardHTTP
-    port: 8000
-    exposed: true
-    exposedPort: 80
-    # (Optional) Redirect HTTP to HTTPs by default
-    # redirectTo: 
-    #   port: websecure
-  websecure:
-    # Standard HTTPS
-    port: 8443
-    exposed: true
-    exposedPort: 443
-    tls:
-      enabled: true
-    # (Optional) Enable HTTP3
-    # http3:
-    #   enabled: false
-    # (Optional) When enabled Prometheus Metrics will be exposed on this port
-    # metrics:
-        # Prometheus Metrics
-    #   port: 9100
-    #   exposed: false
-    #   exposedPort: 9100
-
-# Create a default IngressClass
-ingressClass:
-  enabled: true
-  isDefaultClass: true

renovate.json

@@ -110,6 +110,29 @@
       "allowedVersions": "!/^v?2\\.19\\.10$/"
     }
   ],
+  "customManagers": [
+    {
+      "customType": "regex",
+      "description": "Update Longhorn images in Helm",
+      "fileMatch": ["(^|/)helm/longhorn/.+\\.yaml$"],
+      "matchStrings": [
+        "engine:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "manager:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "ui:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "instanceManager:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "shareManager:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "backingImageManager:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "supportBundleKit:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "attacher:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "provisioner:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "nodeDriverRegistrar:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "resizer:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "snapshotter:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
+        "livenessProbe:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?"
+      ],
+      "datasourceTemplate": "docker"
+    }
+  ],
   "separateMinorPatch": true,
   "stopUpdatingLabel": "renovate/stop_updating"
 }