diff --git a/.env.sample b/.env.sample index ef4c9a9..5d7d411 100644 --- a/.env.sample +++ b/.env.sample @@ -12,6 +12,3 @@ GITEA_ACTIONS_TOKEN=placeholder # Flux Operator Web OIDC 凭据(Gitea 启动后创建 OAuth2 应用获取,Redirect URI: https://cd.dev.cm/oauth2/callback) FLUX_WEB_OIDC_CLIENT_ID=placeholder FLUX_WEB_OIDC_CLIENT_SECRET=placeholder - -# Penpot 凭据 -PENPOT_API_SECRET_KEY=placeholder diff --git a/flux/README.md b/flux/README.md index de81a15..0f87e9e 100644 --- a/flux/README.md +++ b/flux/README.md @@ -18,7 +18,7 @@ flux/ │ ├── kustomization.yaml # 引入 base,并追加 apps / app 依赖层 │ ├── apps-sources.yaml # app HelmRepository 源 │ ├── apps-secrets.yaml # apps namespace 与 app 专属 Secret -│ ├── apps.yaml # Halo / RustDesk / Penpot / Fillcode / SinceAI +│ ├── apps.yaml # Halo / RustDesk / Fillcode / SinceAI │ └── apps-post.yaml # CDN Ingress(依赖 apps) ├── infrastructure/ │ ├── sources/ # 所有 HelmRepository 定义 @@ -39,7 +39,6 @@ flux/ ├── post/ # CDN Ingress(依赖 apps,且引用部分 infra 服务) ├── helmrelease-halo.yaml # Halo ├── helmrelease-rustdesk.yaml # RustDesk - ├── helmrelease-penpot.yaml # Penpot └── ... # app 证书与 Ingress ``` diff --git a/flux/apps/helmrelease-penpot.yaml b/flux/apps/helmrelease-penpot.yaml deleted file mode 100644 index b002f05..0000000 --- a/flux/apps/helmrelease-penpot.yaml +++ /dev/null @@ -1,74 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: penpot - namespace: apps -spec: - interval: 30m - timeout: 15m - chart: - spec: - chart: penpot - version: 0.43.0 - sourceRef: - kind: HelmRepository - name: penpot - namespace: infra-gitops - interval: 12h - postRenderers: - - kustomize: - patches: - - target: - kind: Deployment - name: penpot-backend - patch: | - - op: add - path: /spec/template/spec/containers/0/env/8 - value: - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: valkey-cluster-sh - key: valkey-password - - target: - kind: Deployment - name: penpot-exporter - patch: | - - op: add - path: /spec/template/spec/containers/0/env/2 - value: - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: valkey-cluster-sh - key: valkey-password - values: - global: - postgresqlEnabled: false - valkeyEnabled: false - redisEnabled: false - config: - publicUri: https://penpot.dev.cm - existingSecret: penpot - secretKeys: - apiSecretKey: api-secret-key - postgresql: - host: cnpg17-cluster-sh-rw.infra-data - port: 5432 - database: penpot - existingSecret: cnpg17-cluster-sh-app - secretKeys: - usernameKey: username - passwordKey: password - redis: - host: :$(REDIS_PASSWORD)@valkey-cluster-sh-headless.infra-data - port: 6379 - database: 0 - backend: - podAnnotations: - backup.velero.io/backup-volumes: app-data - ingress: - enabled: true - className: nginx - hosts: - - penpot.dev.cm diff --git a/flux/apps/kustomization.yaml b/flux/apps/kustomization.yaml index 34e8bc7..8527a2c 100644 --- a/flux/apps/kustomization.yaml +++ b/flux/apps/kustomization.yaml @@ -10,4 +10,3 @@ resources: - ingress-sinceai-shop.yaml - helmrelease-whoami.yaml - helmrelease-rustdesk.yaml - - helmrelease-penpot.yaml diff --git a/flux/apps/secrets/kustomization.yaml b/flux/apps/secrets/kustomization.yaml index 51268d8..a1eee58 100644 --- a/flux/apps/secrets/kustomization.yaml +++ b/flux/apps/secrets/kustomization.yaml @@ -2,4 +2,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - namespaces.yaml - - penpot.yaml diff --git a/flux/apps/secrets/penpot.yaml b/flux/apps/secrets/penpot.yaml deleted file mode 100644 index 89769e9..0000000 --- a/flux/apps/secrets/penpot.yaml +++ /dev/null @@ -1,10 +0,0 @@ -# Penpot runtime secrets -apiVersion: v1 -kind: Secret -metadata: - name: penpot - namespace: apps -type: Opaque -stringData: - api-secret-key: |- - ${PENPOT_API_SECRET_KEY} diff --git a/flux/apps/sources/helm-repositories.yaml b/flux/apps/sources/helm-repositories.yaml index 90213c1..a4e6c7f 100644 --- a/flux/apps/sources/helm-repositories.yaml +++ b/flux/apps/sources/helm-repositories.yaml @@ -19,14 +19,3 @@ spec: interval: 168h timeout: 5m url: https://halo-sigs.github.io/charts/ ---- -# penpot -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: penpot - namespace: infra-gitops -spec: - interval: 168h - timeout: 5m - url: https://helm.penpot.app diff --git a/flux/clusters/dev-cm/apps.yaml b/flux/clusters/dev-cm/apps.yaml index afbd6ad..ae07a49 100644 --- a/flux/clusters/dev-cm/apps.yaml +++ b/flux/clusters/dev-cm/apps.yaml @@ -54,57 +54,3 @@ spec: values: nodeSelector: kubernetes.io/hostname: tcd - - target: - kind: HelmRelease - name: penpot - patch: | - apiVersion: helm.toolkit.fluxcd.io/v2 - kind: HelmRelease - metadata: - name: penpot - spec: - values: - backend: - affinity: - nodeAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - preference: - matchExpressions: - - key: kubernetes.io/hostname - operator: In - values: - - homea - frontend: - affinity: - nodeAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - preference: - matchExpressions: - - key: kubernetes.io/hostname - operator: In - values: - - homea - exporter: - affinity: - nodeAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - preference: - matchExpressions: - - key: kubernetes.io/hostname - operator: In - values: - - homea - mcp: - affinity: - nodeAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - preference: - matchExpressions: - - key: kubernetes.io/hostname - operator: In - values: - - homea diff --git a/flux/clusters/dev-cm/infra-data/post-1/databases.yaml b/flux/clusters/dev-cm/infra-data/post-1/databases.yaml index a9fe35c..299885b 100644 --- a/flux/clusters/dev-cm/infra-data/post-1/databases.yaml +++ b/flux/clusters/dev-cm/infra-data/post-1/databases.yaml @@ -11,17 +11,6 @@ spec: --- apiVersion: postgresql.cnpg.io/v1 kind: Database -metadata: - name: cnpg17-cluster-sh-penpot - namespace: infra-data -spec: - name: penpot - owner: app - cluster: - name: cnpg17-cluster-sh ---- -apiVersion: postgresql.cnpg.io/v1 -kind: Database metadata: name: cnpg17-cluster-sh-grafana namespace: infra-data