stabify/gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

deleted: apps/outline/Chart.yaml

Browse Source 
modified:   apps/outline/VAULT_SETUP.md
	new file:   apps/outline/dependencies.yaml
	new file:   apps/outline/deployment.yaml
	new file:   apps/outline/ingress.yaml
	deleted:    apps/outline/values.yaml
This commit is contained in:
Ubuntu
2026-01-12 15:50:05 +00:00
parent 04e8701b10
commit b412e3abad
6 changed files with 179 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
apps/outline/Chart.yaml
View File

@@ -1,10 +0,0 @@
apiVersion: v2
name: outline-wrapper
description: Wrapper chart for Outline Wiki
type: application
version: 1.0.0
appVersion: "1.0.0"
dependencies:
- name: outline
repository: https://vic156.github.io/helm-charts
version: 0.2.2 # Eine Version die existiert

6
apps/outline/VAULT_SETUP.md
View File

@@ -18,9 +18,9 @@ SECRET_KEY=$(openssl rand -hex 32)
UTILS_SECRET=$(openssl rand -hex 32)
# 2. Connection Strings bauen (Interner Cluster DNS)
# Hostnames basieren auf dem Release Namen 'outline'
DB_URL="postgres://postgres:$POSTGRES_PASS@outline-postgresql.outline.svc.cluster.local:5432/outline"
REDIS_URL="redis://:$REDIS_PASS@outline-redis-master.outline.svc.cluster.local:6379"
# Achtung: User ist jetzt 'outline' für die DB!
DB_URL="postgres://outline:$POSTGRES_PASS@outline-postgres.outline.svc.cluster.local:5432/outline"
REDIS_URL="redis://:$REDIS_PASS@outline-redis.outline.svc.cluster.local:6379"
# 3. Externe Credentials (BITTE ANPASSEN!)
# Beispiel für MinIO oder AWS S3

97
apps/outline/dependencies.yaml Normal file
View File

@@ -0,0 +1,97 @@
---
# REDIS
apiVersion: apps/v1
kind: Deployment
metadata:
name: outline-redis
namespace: outline
spec:
replicas: 1
selector:
matchLabels:
app: outline-redis
template:
metadata:
labels:
app: outline-redis
spec:
containers:
- name: redis
image: redis:alpine
command: ["redis-server", "--requirepass", "$(REDIS_PASSWORD)"]
ports:
- containerPort: 6379
env:
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: outline-secrets
key: redis-password
---
apiVersion: v1
kind: Service
metadata:
name: outline-redis
namespace: outline
spec:
ports:
- port: 6379
targetPort: 6379
selector:
app: outline-redis
---
# POSTGRES
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: outline-postgres
namespace: outline
spec:
serviceName: outline-postgres
replicas: 1
selector:
matchLabels:
app: outline-postgres
template:
metadata:
labels:
app: outline-postgres
spec:
containers:
- name: postgres
image: postgres:15-alpine
ports:
- containerPort: 5432
env:
- name: POSTGRES_DB
value: outline
- name: POSTGRES_USER
value: outline
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: outline-secrets
key: postgres-password
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
volumeClaimTemplates:
- metadata:
name: postgres-data
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 5Gi
---
apiVersion: v1
kind: Service
metadata:
name: outline-postgres
namespace: outline
spec:
ports:
- port: 5432
targetPort: 5432
selector:
app: outline-postgres

54
apps/outline/deployment.yaml Normal file
View File

@@ -0,0 +1,54 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: outline
namespace: outline
labels:
app: outline
spec:
replicas: 1
selector:
matchLabels:
app: outline
template:
metadata:
labels:
app: outline
spec:
containers:
- name: outline
image: outlinewiki/outline:latest
ports:
- containerPort: 3000
envFrom:
- secretRef:
name: outline-secrets
# Outline braucht spezielle Command/Args manchmal nicht, Docker Image hat Entrypoint.
# Wichtig: Outline braucht URL Config.
env:
- name: URL
value: "https://kb.apps.k3s.stabify.de"
- name: PORT
value: "3000"
- name: FORCE_HTTPS
value: "true"
readinessProbe:
httpGet:
path: /
port: 3000
initialDelaySeconds: 10
periodSeconds: 10
---
apiVersion: v1
kind: Service
metadata:
name: outline
namespace: outline
spec:
ports:
- port: 80
targetPort: 3000
protocol: TCP
name: http
selector:
app: outline

25
apps/outline/ingress.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: outline
namespace: outline
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
spec:
tls:
- hosts:
- kb.apps.k3s.stabify.de
secretName: outline-tls
rules:
- host: kb.apps.k3s.stabify.de
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: outline
port:
number: 80

66
apps/outline/values.yaml
View File

@@ -1,66 +0,0 @@
outline:
image:
repository: outlinewiki/outline
tag: latest
# URL Configuration
url: https://kb.apps.k3s.stabify.de
# Secrets (werden via ExternalSecrets injected)
secret:
existingSecret: "outline-secrets"
# Die Keys im Secret müssen matchen:
# SECRET_KEY, UTILS_SECRET, DATABASE_URL, REDIS_URL
# AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
# OIDC_CLIENT_SECRET, etc.
# Storage (S3) - Diese Werte kommen z.T. aus dem Secret oder hier hardcoded wenn öffentlich
storage:
storageType: s3
s3:
bucket: "outline"
region: "us-east-1" # Bei MinIO/Cloudflare oft egal, aber nötig
# uploadBucketUrl: "https://..." # Optional, falls public access anders ist
# endpoint: "https://..." # Muss in Vault oder hier gesetzt werden. Ich setze es hier als Placeholder.
# Authentication
auth:
oidc:
enabled: true
displayName: "OIDC Login"
# scopes: "openid profile email"
# PostgreSQL Dependency Configuration
postgresql:
enabled: true
auth:
existingSecret: "outline-secrets"
secretKeys:
adminPasswordKey: "postgres-password"
userPasswordKey: "postgres-password"
primary:
persistence:
enabled: true
size: 8Gi
# Redis Dependency Configuration
redis:
enabled: true
architecture: standalone
auth:
existingSecret: "outline-secrets"
existingSecretPasswordKey: "redis-password"
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: kb.apps.k3s.stabify.de
paths:
- path: /
pathType: Prefix
tls:
- secretName: outline-tls
hosts:
- kb.apps.k3s.stabify.de