michael_dileo/Keybard-Vagabond-Demo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more redaction

Browse Source
This commit is contained in:
Michael DiLeo
2025-12-24 14:39:47 +01:00
parent 74324d5a1b
commit 91e6e2e502
10 changed files with 19 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
manifests/infrastructure/celery-monitoring/flower-deployment.yaml
View File

@@ -26,13 +26,13 @@ spec:
- containerPort: 5555
env:
- name: CELERY_BROKER_URL
value: "redis://:9EE33616C76D42A68442228B918F0A7D@redis-ha-haproxy.redis-system.svc.cluster.local:6379/0"
value: "redis://:<REDIS_PASSWORD>@redis-ha-haproxy.redis-system.svc.cluster.local:6379/0"
- name: FLOWER_PORT
value: "5555"
# FLOWER_BASIC_AUTH removed - authentication handled by NGINX Ingress
# This allows Kubernetes health checks to work properly
- name: FLOWER_BROKER_API
value: "redis://:9EE33616C76D42A68442228B918F0A7D@redis-ha-haproxy.redis-system.svc.cluster.local:6379/0,redis://:9EE33616C76D42A68442228B918F0A7D@redis-ha-haproxy.redis-system.svc.cluster.local:6379/3"
value: "redis://:<REDIS_PASSWORD>@redis-ha-haproxy.redis-system.svc.cluster.local:6379/0,redis://:<REDIS_PASSWORD>@redis-ha-haproxy.redis-system.svc.cluster.local:6379/3"
resources:
requests:
cpu: 100m

2
manifests/infrastructure/longhorn/S3-API-OPTIMIZATION.md
View File

@@ -141,7 +141,7 @@ kubectl get networkpolicy -n longhorn-system longhorn-block-s3-access
kubectl get cronjobs -n longhorn-system | grep longhorn-.*-s3-access
# 3. Test: S3 access should be blocked
kubectl exec -n longhorn-system deploy/longhorn-ui -- curl -I https://eu-central-003.backblazeb2.com
kubectl exec -n longhorn-system deploy/longhorn-ui -- curl -I https://<B2_ENDPOINT>
# Expected: Connection timeout or network error
```

4
manifests/infrastructure/longhorn/S3-API-SOLUTION-FINAL.md
View File

@@ -36,7 +36,7 @@ Longhorn's `backupstore-poll-interval` setting controls how frequently Longhorn
```yaml
data:
default-resource.yaml: |-
"backup-target": "s3://longhorn-keyboard-vagabond@eu-central-003.backblazeb2.com/longhorn-backup"
"backup-target": "s3://<BUCKET_NAME>@<B2_ENDPOINT>/longhorn-backup"
"backup-target-credential-secret": "backblaze-credentials"
"backupstore-poll-interval": "86400" # 24 hours
"virtual-hosted-style": "true"
@@ -164,7 +164,7 @@ kubectl get jobs -n longhorn-system | grep backup
# Check backup target connectivity (should work anytime)
MANAGER_POD=$(kubectl get pods -n longhorn-system -l app=longhorn-manager --no-headers | head -1 | awk '{print $1}')
kubectl exec -n longhorn-system "$MANAGER_POD" -c longhorn-manager -- curl -I https://eu-central-003.backblazeb2.com
kubectl exec -n longhorn-system "$MANAGER_POD" -c longhorn-manager -- curl -I https://<B2_ENDPOINT>
```
## References

6
manifests/infrastructure/redis/bitnami/secret.yaml
View File

@@ -5,6 +5,6 @@ metadata:
namespace: redis-system
type: Opaque
stringData:
REDIS_PASSWORD: 9EE33616C76D42A68442228B918F0A7D
redis-password: 9EE33616C76D42A68442228B918F0A7D
redis-replica-password: 9EE33616C76D42A68442228B918F0A7D
REDIS_PASSWORD: <REDACTED>
redis-password: <REDACTED>
redis-replica-password: <REDACTED>

4
manifests/infrastructure/redis/secret.yaml
View File

@@ -5,5 +5,5 @@ metadata:
namespace: redis-system
type: Opaque
stringData:
redis-password: 9EE33616C76D42A68442228B918F0A7D
redis-replica-password: 9EE33616C76D42A68442228B918F0A7D
redis-password: <REDACTED>
redis-replica-password: <REDACTED>

6
manifests/infrastructure/renovate/renovate.yaml
View File

@@ -39,9 +39,9 @@ spec:
"extends": ["config:recommended"],
"labels": ["renovate", "dependencies"],
"platform": "gitea",
"endpoint": "https://source.michaeldileo.org/",
"repositories": ["michael_dileo/keyboard-vagabond"],
"gitAuthor": "Renovate Bot <renovate@michaeldileo.org>",
"endpoint": "https://<GITEA_INSTANCE>/",
"repositories": ["<USERNAME>/keyboard-vagabond"],
"gitAuthor": "Renovate Bot <renovate@<DOMAIN>>",
"kubernetes": {
"fileMatch": ["^manifests/.+\\.yaml$"]
},