diff --git a/gitops/home-kubernetes/plane/helmrelease.yaml b/gitops/home-kubernetes/plane/helmrelease.yaml new file mode 100644 index 0000000..b783d95 --- /dev/null +++ b/gitops/home-kubernetes/plane/helmrelease.yaml @@ -0,0 +1,135 @@ +# helmrelease.yaml +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: plane + namespace: plane +spec: + interval: 30m + chart: + spec: + chart: plane-ce + version: "1.16.0" # pin version, avoid 'stable' + sourceRef: + kind: HelmRepository + name: plane + namespace: flux-system + interval: 12h + timeout: 10m + install: + createNamespace: true + remediation: + retries: 3 + upgrade: + remediation: + retries: 3 + values: + planeVersion: "v1.16.0" + + ingress: + enabled: true + appHost: "plane.lab.home.hrajfrisbee.cz" + minioHost: "plane-minio.lab.home.hrajfrisbee.cz" + rabbitmqHost: "plane-mq.lab.home.hrajfrisbee.cz" # optional + ingressClass: nginx + ingress_annotations: + cert-manager.io/cluster-issuer: letsencrypt-production + # nginx.ingress.kubernetes.io/proxy-body-size: "10m" + + # PostgreSQL - local stateful or external + postgres: + local_setup: true + storageClass: freenas-iscsi + volumeSize: 10Gi + # assign_cluster_ip: false + # nodeSelector: {} + # tolerations: [] + # affinity: {} + + # Redis/Valkey + redis: + local_setup: true + storageClass: freenas-iscsi + volumeSize: 2Gi + + # RabbitMQ + rabbitmq: + local_setup: true + storageClass: freenas-iscsi + volumeSize: 1Gi + + # MinIO (S3-compatible storage) + minio: + local_setup: true + storageClass: freenas-iscsi + volumeSize: 10Gi + + env: + # Database credentials (change these!) + pgdb_username: plane + pgdb_password: plane-not-so-secret # TODO: do this properly + pgdb_name: plane + + # Application secret (MUST change - used for encryption) + secret_key: 6u8w9T8P9zolcTMTC1DnErasyHnE6QGyB77tCPPFC/mnbPykb6DfiMW6id3Qy+Ly + + # Storage + docstore_bucket: uploads + doc_upload_size_limit: 5242880 + + # Optional: External services (when local_setup: false) + # pgdb_remote_url: "postgresql://user:pass@host:5432/plane" + # remote_redis_url: "redis://host:6379/" + # aws_access_key: "" + # aws_secret_access_key: "" + # aws_region: "" + # aws_s3_endpoint_url: "" + + # Workload resources (adjust based on cluster capacity) + web: + replicas: 2 + memoryLimit: 1000Mi + cpuLimit: 500m + memoryRequest: 128Mi + cpuRequest: 100m + + api: + replicas: 2 + memoryLimit: 1000Mi + cpuLimit: 500m + memoryRequest: 128Mi + cpuRequest: 100m + + worker: + replicas: 1 + memoryLimit: 1000Mi + cpuLimit: 500m + + beatworker: + replicas: 1 + memoryLimit: 500Mi + cpuLimit: 250m + + space: + replicas: 1 + memoryLimit: 500Mi + cpuLimit: 250m + + admin: + replicas: 1 + memoryLimit: 500Mi + cpuLimit: 250m + + live: + replicas: 1 + memoryLimit: 500Mi + cpuLimit: 250m + + # TLS (requires cert-manager) + ssl: + createIssuer: false + generateCerts: true + issuer: letsencrypt-prod + # email: admin@example.com + # server: https://acme-v02.api.letsencrypt.org/directory + # tls_secret_name: plane-tls # if using existing cert \ No newline at end of file diff --git a/gitops/home-kubernetes/plane/helmrepository.yaml b/gitops/home-kubernetes/plane/helmrepository.yaml new file mode 100644 index 0000000..f99c954 --- /dev/null +++ b/gitops/home-kubernetes/plane/helmrepository.yaml @@ -0,0 +1,8 @@ +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: plane + namespace: flux-system +spec: + interval: 1h + url: https://helm.plane.so/ \ No newline at end of file diff --git a/gitops/home-kubernetes/plane/namespace.yaml b/gitops/home-kubernetes/plane/namespace.yaml new file mode 100644 index 0000000..d510ee8 --- /dev/null +++ b/gitops/home-kubernetes/plane/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: plane \ No newline at end of file