HGKeeper

imfreedom/k8s-cluster

Move 50-xmpp.imfreedom.org to kustomize

2021-06-17, Gary Kramlich

7a38982c1148

Parents 2a80a8c7c4bd
Children ee34cac9ca24

Move 50-xmpp.imfreedom.org to kustomize

7 files changed, 373 insertions(+), 394 deletions(-)

+0 -394

50-xmpp.imfreedom.org.yaml

+26 -0

50-xmpp.imfreedom.org/files/imfreedom.cfg.lua

+26 -0

50-xmpp.imfreedom.org/files/pidgin.cfg.lua

+11 -0

50-xmpp.imfreedom.org/files/pidginchat.com.cfg.lua

+14 -0

50-xmpp.imfreedom.org/kustomization.yaml

+280 -0

50-xmpp.imfreedom.org/manifest.yaml

+16 -0

50-xmpp.imfreedom.org/prometheus.yaml

~~--- a/50-xmpp.imfreedom.org.yaml Thu Jun 17 04:33:14 2021 -0500~~

+++ /dev/null Thu Jan 01 00:00:00 1970 +0000

@@ -1,394 +0,0 @@

~~-# Prosody is an xmpp server. This manifest creates a deployment for it. It~~

~~-# handles virtualhosts for adium.im, imfreedom.org, as well as pidgin.im.~~

~~----~~

~~-apiVersion: traefik.containo.us/v1alpha1~~

~~-kind: IngressRoute~~

~~-metadata:~~

~~- name: xmpp-imfreedom-http~~

~~- namespace: roost~~

~~-spec:~~

~~- entryPoints:~~

~~- - http~~

~~- routes:~~

~~- - match: Host(`xmpp.imfreedom.org`) || Host(`conference.imfreedom.org`)~~

~~- kind: Rule~~

~~- services:~~

~~- - name: prosody~~

~~- port: 5280~~

~~- middlewares:~~

~~- - name: https-redirect~~

~~----~~

~~-apiVersion: traefik.containo.us/v1alpha1~~

~~-kind: IngressRoute~~

~~-metadata:~~

~~- name: xmpp-imfreedom~~

~~- namespace: roost~~

~~-spec:~~

~~- entryPoints:~~

~~- - https~~

~~- routes:~~

~~- - match: Host(`xmpp.imfreedom.org`) || Host(`conference.imfreedom.org`)~~

~~- kind: Rule~~

~~- services:~~

~~- - name: prosody~~

~~- port: 5280~~

~~- tls:~~

~~- secretName: imfreedom-tls~~

~~----~~

~~-apiVersion: traefik.containo.us/v1alpha1~~

~~-kind: IngressRoute~~

~~-metadata:~~

~~- name: xmpp-pidgin-http~~

~~- namespace: roost~~

~~-spec:~~

~~- entryPoints:~~

~~- - http~~

~~- routes:~~

~~- - match: Host(`xmpp.pidgin.im`) || Host(`conference.pidgin.im`)~~

~~- kind: Rule~~

~~- services:~~

~~- - name: prosody~~

~~- port: 5280~~

~~- middlewares:~~

~~- - name: https-redirect~~

~~----~~

~~-apiVersion: traefik.containo.us/v1alpha1~~

~~-kind: IngressRoute~~

~~-metadata:~~

~~- name: xmpp-pidgin~~

~~- namespace: roost~~

~~-spec:~~

~~- entryPoints:~~

~~- - https~~

~~- routes:~~

~~- - match: Host(`xmpp.pidgin.im`) || Host(`conference.pidgin.im`)~~

~~- kind: Rule~~

~~- services:~~

~~- - name: prosody~~

~~- port: 5280~~

~~- tls:~~

~~- secretName: pidgin-tls~~

~~----~~

~~-apiVersion: traefik.containo.us/v1alpha1~~

~~-kind: IngressRouteTCP~~

~~-metadata:~~

~~- name: prosody-c2s~~

~~- namespace: roost~~

~~-spec:~~

~~- entryPoints:~~

~~- - xmpp-c2s~~

~~- routes:~~

~~- - match: HostSNI(`*`)~~

~~- kind: Rule~~

~~- services:~~

~~- - name: prosody~~

~~- port: 5222~~

~~----~~

~~-apiVersion: traefik.containo.us/v1alpha1~~

~~-kind: IngressRouteTCP~~

~~-metadata:~~

~~- name: prosody-s2s~~

~~- namespace: roost~~

~~-spec:~~

~~- entryPoints:~~

~~- - xmpp-s2s~~

~~- routes:~~

~~- - match: HostSNI(`*`)~~

~~- kind: Rule~~

~~- services:~~

~~- - name: prosody~~

~~- port: 5269~~

~~----~~

~~-apiVersion: v1~~

~~-kind: Service~~

~~-metadata:~~

~~- namespace: roost~~

~~- labels:~~

~~- app: prosody~~

~~- role: app~~

~~- name: prosody~~

~~-spec:~~

~~- ports:~~

~~- - name: c2s~~

~~- port: 5222~~

~~- protocol: TCP~~

~~- - name: s2s~~

~~- port: 5269~~

~~- protocol: TCP~~

~~- - name: http~~

~~- port: 5280~~

~~- protocol: TCP~~

~~- - name: https~~

~~- port: 5281~~

~~- protocol: TCP~~

~~- selector:~~

~~- app: prosody~~

~~- role: app~~

~~----~~

~~-apiVersion: networking.k8s.io/v1~~

~~-kind: NetworkPolicy~~

~~-metadata:~~

~~- namespace: roost~~

~~- name: prosody~~

~~- labels:~~

~~- app: prosody~~

~~- role: app~~

~~-spec:~~

~~- podSelector:~~

~~- matchLabels:~~

~~- app: prosody~~

~~- role: app~~

~~- ingress:~~

~~- - from:~~

~~- - namespaceSelector:~~

~~- matchLabels:~~

~~- name: kube-public~~

~~- podSelector:~~

~~- matchLabels:~~

~~- app: traefik~~

~~- role: controller~~

~~- ports:~~

~~- - port: 5222~~

~~- protocol: TCP~~

~~- - port: 5269~~

~~- protocol: TCP~~

~~- - port: 5280~~

~~- protocol: TCP~~

~~- - from:~~

~~- - namespaceSelector:~~

~~- matchLabels:~~

~~- name: monitoring~~

~~- podSelector:~~

~~- matchLabels:~~

~~- app: prometheus~~

~~- ports:~~

~~- - port: 5280~~

~~- protocol: TCP~~

~~----~~

~~-apiVersion: v1~~

~~-kind: ConfigMap~~

~~-metadata:~~

~~- name: prosody-config~~

~~- namespace: roost~~

~~-data:~~

~~- imfreedom.cfg.lua: |~~

~~- VirtualHost "imfreedom.org"~~

~~- certificate = "imfreedom/tls.crt"~~

~~- jetbrains_hub_groups = { "IMF Board Member", "IMF Officer", "IMF XMPP" }~~

~~- http_host = "xmpp.imfreedom.org"~~

~~- http_interfaces = {"*"}~~

~~- http_external_url = "https://xmpp.imfreedom.org/"~~

~~- ssl = {~~

~~- certificate = "certs/imfreedom/tls.crt";~~

~~- key = "certs/imfreedom/tls.key";~~

~~- }~~

~~- Component "conference.imfreedom.org" "muc"~~

~~- name = "Instant Messaging Freedom MUC"~~

~~- modules_enabled = { "muc_badge", "muc_mam", "muc_mam_hints", "muc_moderation", "muc_occupant_id", "vcard_muc" }~~

~~- http_host = "conference.imfreedom.org"~~

~~- http_external_url = "https://conference.imfreedom.org/"~~

~~- ssl = {~~

~~- certificate = "certs/imfreedom/tls.crt";~~

~~- key = "certs/imfreedom/tls.key";~~

~~- }~~

~~- restrict_room_creation = "local"~~

~~- Component "xmpp.imfreedom.org" "http"~~

~~- http_external_url = "https://xmpp.imfreedom.org/"~~

~~- http_host = "xmpp.imfreedom.org"~~

~~- modules_enabled = {"bosh"}~~

~~- pidgin.cfg.lua: |~~

~~- VirtualHost "pidgin.im"~~

~~- certificate = "pidgin/tls.crt"~~

~~- jetbrains_hub_groups = { "Pidgin Admin", "Pidgin Contributor", "Pidgin XMPP" }~~

~~- http_host = "xmpp.pidgin.im"~~

~~- http_interfaces = {"*"}~~

~~- http_external_url = "https://xmpp.pidgin.im/"~~

~~- ssl = {~~

~~- certificate = "certs/pidgin/tls.crt";~~

~~- key = "certs/pidgin/tls.key";~~

~~- }~~

~~- Component "conference.pidgin.im" "muc"~~

~~- name = "Pidgin Internet Messaging MUC"~~

~~- modules_enabled = { "muc_badge", "muc_mam", "muc_mam_hints", "muc_moderation", "muc_occupant_id", "vcard_muc" }~~

~~- http_host = "conference.pidgin.im"~~

~~- http_external_url = "https://conference.pidgin.im/"~~

~~- ssl = {~~

~~- certificate = "certs/pidgin/tls.crt";~~

~~- key = "certs/pidgin/tls.key";~~

~~- }~~

~~- restrict_room_creation = "local"~~

~~- Component "xmpp.pidgin.im" "http"~~

~~- http_external_url = "https://xmpp.pidgin.im/"~~

~~- http_host = "xmpp.pidgin.im"~~

~~- modules_enabled = {"bosh"}~~

~~- pidginchat.com.cfg.lua: |~~

~~- VirtualHost "pidginchat.com"~~

~~- modules_disabled = {"s2s"}~~

~~- certificate = "pidginchat/tls.crt"~~

~~- jetbrains_hub_groups = { "pidginchat.com XMPP" }~~

~~- http_host = "pidginchat.com"~~

~~- http_interfaces = {"*"}~~

~~- http_external_url = "https://pidginchat.com/"~~

~~- ssl = {~~

~~- certificate = "certs/pidginchat/tls.crt";~~

~~- key = "certs/pidginchat/tls.key";~~

~~- }~~

~~----~~

~~-apiVersion: policy/v1beta1~~

~~-kind: PodDisruptionBudget~~

~~-metadata:~~

~~- namespace: roost~~

~~- name: prosody~~

~~-spec:~~

~~- maxUnavailable: 1~~

~~- selector:~~

~~- matchLabels:~~

~~- app: prosody~~

~~- role: app~~

~~----~~

~~-apiVersion: apps/v1~~

~~-kind: Deployment~~

~~-metadata:~~

~~- namespace: roost~~

~~- name: prosody~~

~~- labels:~~

~~- app: prosody~~

~~- role: app~~

~~-spec:~~

~~- replicas: 1~~

~~- selector:~~

~~- matchLabels:~~

~~- app: prosody~~

~~- role: app~~

~~- strategy:~~

~~- type: Recreate~~

~~- template:~~

~~- metadata:~~

~~- labels:~~

~~- app: prosody~~

~~- role: app~~

~~- spec:~~

~~- containers:~~

~~- - name: prosody~~

~~- image: docker.io/rwgrim/prosody:latest~~

~~- imagePullPolicy: Always~~

~~- ports:~~

~~- - containerPort: 5222~~

~~- name: c2s~~

~~- - containerPort: 5269~~

~~- name: s2s~~

~~- - containerPort: 5280~~

~~- name: http~~

~~- - containerPort: 5281~~

~~- name: https~~

~~- - containerPort: 5582~~

~~- name: telnet~~

~~- resources:~~

~~- limits:~~

~~- cpu: 100m~~

~~- memory: 128Mi~~

~~- requests:~~

~~- cpu: 50m~~

~~- memory: 64Mi~~

~~- volumeMounts:~~

~~- - mountPath: /var/lib/prosody~~

~~- name: homedir~~

~~- readOnly: false~~

~~- subPath: home~~

~~- - mountPath: /etc/prosody/secrets.d/~~

~~- name: secrets~~

~~- readOnly: true~~

~~- - mountPath: /etc/prosody/conf.d/~~

~~- name: config~~

~~- readOnly: true~~

~~- - mountPath: /etc/prosody/certs/imfreedom/~~

~~- name: imfreedom-tls~~

~~- readOnly: true~~

~~- - mountPath: /etc/prosody/certs/pidgin/~~

~~- name: pidgin-tls~~

~~- readOnly: true~~

~~- - mountPath: /etc/prosody/certs/pidginchat/~~

~~- name: pidginchat-tls~~

~~- readOnly: true~~

~~- securityContext:~~

~~- fsGroup: 101~~

~~- runAsUser: 101~~

~~- volumes:~~

~~- - name: homedir~~

~~- persistentVolumeClaim:~~

~~- claimName: prosody~~

~~- - name: secrets~~

~~- secret:~~

~~- secretName: prosody~~

~~- - name: config~~

~~- configMap:~~

~~- name: prosody-config~~

~~- - name: imfreedom-tls~~

~~- secret:~~

~~- secretName: imfreedom-tls~~

~~- - name: pidgin-tls~~

~~- secret:~~

~~- secretName: pidgin-tls~~

~~- - name: pidginchat-tls~~

~~- secret:~~

~~- secretName: pidginchat-tls~~

~~----~~

~~-apiVersion: v1~~

~~-kind: PersistentVolumeClaim~~

~~-metadata:~~

~~- namespace: roost~~

~~- name: prosody~~

~~- labels:~~

~~- app: prosody~~

~~- role: app~~

~~-spec:~~

~~- accessModes:~~

~~- - ReadWriteOnce~~

~~- resources:~~

~~- requests:~~

~~- storage: 2Gi~~

~~- volumeName: pvc-415a206e-5484-4cf0-a655-908d18339f62~~

~~----~~

~~-apiVersion: gemini.fairwinds.com/v1beta1~~

~~-kind: SnapshotGroup~~

~~-metadata:~~

~~- namespace: roost~~

~~- name: prosody~~

~~-spec:~~

~~- persistentVolumeClaim:~~

~~- claimName: prosody~~

~~- schedule:~~

~~- - every: 12 hours~~

~~- keep: 2~~

~~----~~

~~-apiVersion: monitoring.coreos.com/v1~~

~~-kind: ServiceMonitor~~

~~-metadata:~~

~~- namespace: roost~~

~~- name: prosody~~

~~- labels:~~

~~- app: prosody~~

~~-spec:~~

~~- selector:~~

~~- matchLabels:~~

~~- app: prosody~~

~~- endpoints:~~

~~- - port: https~~

~~- interval: 15s~~

~~----~~

~~-apiVersion: monitoring.coreos.com/v1~~

~~-kind: ServiceMonitor~~

~~-metadata:~~

~~- namespace: roost~~

~~- name: prosody~~

~~- labels:~~

~~- app: prosody~~

~~- prometheus: cluster-wide~~

~~-spec:~~

~~- selector:~~

~~- matchLabels:~~

~~- app: prosody~~

~~- endpoints:~~

~~- - port: http~~

~~- interval: 15s~~

~~----~~

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/50-xmpp.imfreedom.org/files/imfreedom.cfg.lua Thu Jun 17 04:47:37 2021 -0500

@@ -0,0 +1,26 @@

+VirtualHost "imfreedom.org"

+certificate = "imfreedom/tls.crt"

+jetbrains_hub_groups = { "IMF Board Member", "IMF Officer", "IMF XMPP" }

+http_host = "xmpp.imfreedom.org"

+http_interfaces = {"*"}

+http_external_url = "https://xmpp.imfreedom.org/"

+ssl = {

+ certificate = "certs/imfreedom/tls.crt";

+ key = "certs/imfreedom/tls.key";

+Component "conference.imfreedom.org" "muc"

+name = "Instant Messaging Freedom MUC"

+modules_enabled = { "muc_badge", "muc_mam", "muc_mam_hints", "muc_moderation", "muc_occupant_id", "vcard_muc" }

+http_host = "conference.imfreedom.org"

+http_external_url = "https://conference.imfreedom.org/"

+ssl = {

+ certificate = "certs/imfreedom/tls.crt";

+ key = "certs/imfreedom/tls.key";

+restrict_room_creation = "local"

+Component "xmpp.imfreedom.org" "http"

+http_external_url = "https://xmpp.imfreedom.org/"

+http_host = "xmpp.imfreedom.org"

+modules_enabled = {"bosh"}

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/50-xmpp.imfreedom.org/files/pidgin.cfg.lua Thu Jun 17 04:47:37 2021 -0500

@@ -0,0 +1,26 @@

+VirtualHost "pidgin.im"

+certificate = "pidgin/tls.crt"

+jetbrains_hub_groups = { "Pidgin Admin", "Pidgin Contributor", "Pidgin XMPP" }

+http_host = "xmpp.pidgin.im"

+http_interfaces = {"*"}

+http_external_url = "https://xmpp.pidgin.im/"

+ssl = {

+ certificate = "certs/pidgin/tls.crt";

+ key = "certs/pidgin/tls.key";

+Component "conference.pidgin.im" "muc"

+name = "Pidgin Internet Messaging MUC"

+modules_enabled = { "muc_badge", "muc_mam", "muc_mam_hints", "muc_moderation", "muc_occupant_id", "vcard_muc" }

+http_host = "conference.pidgin.im"

+http_external_url = "https://conference.pidgin.im/"

+ssl = {

+ certificate = "certs/pidgin/tls.crt";

+ key = "certs/pidgin/tls.key";

+restrict_room_creation = "local"

+Component "xmpp.pidgin.im" "http"

+http_external_url = "https://xmpp.pidgin.im/"

+http_host = "xmpp.pidgin.im"

+modules_enabled = {"bosh"}

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/50-xmpp.imfreedom.org/files/pidginchat.com.cfg.lua Thu Jun 17 04:47:37 2021 -0500

@@ -0,0 +1,11 @@

+VirtualHost "pidginchat.com"

+modules_disabled = {"s2s"}

+certificate = "pidginchat/tls.crt"

+jetbrains_hub_groups = { "pidginchat.com XMPP" }

+http_host = "pidginchat.com"

+http_interfaces = {"*"}

+http_external_url = "https://pidginchat.com/"

+ssl = {

+ certificate = "certs/pidginchat/tls.crt";

+ key = "certs/pidginchat/tls.key";

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/50-xmpp.imfreedom.org/kustomization.yaml Thu Jun 17 04:47:37 2021 -0500

@@ -0,0 +1,14 @@

+---

+namespace: roost

+configMapGenerator:

+ - name: prosody-config

+ files:

+ - files/imfreedom.cfg.lua

+ - files/pidgin.cfg.lua

+ - files/pidginchat.com.cfg.lua

+ options:

+ disableNameSuffixHash: true

+resources:

+ - manifest.yaml

+ - prometheus.yaml

+---

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/50-xmpp.imfreedom.org/manifest.yaml Thu Jun 17 04:47:37 2021 -0500

@@ -0,0 +1,280 @@

+---

+apiVersion: traefik.containo.us/v1alpha1

+kind: IngressRoute

+metadata:

+ name: xmpp-imfreedom-http

+spec:

+ entryPoints:

+ - http

+ routes:

+ - match: Host(`xmpp.imfreedom.org`) || Host(`conference.imfreedom.org`)

+ kind: Rule

+ services:

+ - name: prosody

+ port: 5280

+ middlewares:

+ - name: https-redirect

+---

+apiVersion: traefik.containo.us/v1alpha1

+kind: IngressRoute

+metadata:

+ name: xmpp-imfreedom

+spec:

+ entryPoints:

+ - https

+ routes:

+ - match: Host(`xmpp.imfreedom.org`) || Host(`conference.imfreedom.org`)

+ kind: Rule

+ services:

+ - name: prosody

+ port: 5280

+ tls:

+ secretName: imfreedom-tls

+---

+apiVersion: traefik.containo.us/v1alpha1

+kind: IngressRoute

+metadata:

+ name: xmpp-pidgin-http

+spec:

+ entryPoints:

+ - http

+ routes:

+ - match: Host(`xmpp.pidgin.im`) || Host(`conference.pidgin.im`)

+ kind: Rule

+ services:

+ - name: prosody

+ port: 5280

+ middlewares:

+ - name: https-redirect

+---

+apiVersion: traefik.containo.us/v1alpha1

+kind: IngressRoute

+metadata:

+ name: xmpp-pidgin

+spec:

+ entryPoints:

+ - https

+ routes:

+ - match: Host(`xmpp.pidgin.im`) || Host(`conference.pidgin.im`)

+ kind: Rule

+ services:

+ - name: prosody

+ port: 5280

+ tls:

+ secretName: pidgin-tls

+---

+apiVersion: traefik.containo.us/v1alpha1

+kind: IngressRouteTCP

+metadata:

+ name: prosody-c2s

+spec:

+ entryPoints:

+ - xmpp-c2s

+ routes:

+ - match: HostSNI(`*`)

+ kind: Rule

+ services:

+ - name: prosody

+ port: 5222

+---

+apiVersion: traefik.containo.us/v1alpha1

+kind: IngressRouteTCP

+metadata:

+ name: prosody-s2s

+spec:

+ entryPoints:

+ - xmpp-s2s

+ routes:

+ - match: HostSNI(`*`)

+ kind: Rule

+ services:

+ - name: prosody

+ port: 5269

+---

+apiVersion: v1

+kind: Service

+metadata:

+ labels:

+ app: prosody

+ role: app

+ name: prosody

+spec:

+ ports:

+ - name: c2s

+ port: 5222

+ protocol: TCP

+ - name: s2s

+ port: 5269

+ protocol: TCP

+ - name: http

+ port: 5280

+ protocol: TCP

+ - name: https

+ port: 5281

+ protocol: TCP

+ selector:

+ app: prosody

+ role: app

+---

+apiVersion: networking.k8s.io/v1

+kind: NetworkPolicy

+metadata:

+ name: prosody

+ labels:

+ app: prosody

+ role: app

+spec:

+ podSelector:

+ matchLabels:

+ app: prosody

+ role: app

+ ingress:

+ - from:

+ - namespaceSelector:

+ matchLabels:

+ name: kube-public

+ podSelector:

+ matchLabels:

+ app: traefik

+ role: controller

+ ports:

+ - port: 5222

+ protocol: TCP

+ - port: 5269

+ protocol: TCP

+ - port: 5280

+ protocol: TCP

+ - from:

+ - namespaceSelector:

+ matchLabels:

+ name: monitoring

+ podSelector:

+ matchLabels:

+ app: prometheus

+ ports:

+ - port: 5280

+ protocol: TCP

+---

+apiVersion: policy/v1beta1

+kind: PodDisruptionBudget

+metadata:

+ name: prosody

+spec:

+ maxUnavailable: 1

+ selector:

+ matchLabels:

+ app: prosody

+ role: app

+---

+apiVersion: apps/v1

+kind: Deployment

+metadata:

+ name: prosody

+ labels:

+ app: prosody

+ role: app

+spec:

+ replicas: 1

+ selector:

+ matchLabels:

+ app: prosody

+ role: app

+ strategy:

+ type: Recreate

+ template:

+ metadata:

+ labels:

+ app: prosody

+ role: app

+ spec:

+ containers:

+ - name: prosody

+ image: docker.io/rwgrim/prosody:latest

+ imagePullPolicy: Always

+ ports:

+ - containerPort: 5222

+ name: c2s

+ - containerPort: 5269

+ name: s2s

+ - containerPort: 5280

+ name: http

+ - containerPort: 5281

+ name: https

+ - containerPort: 5582

+ name: telnet

+ resources:

+ limits:

+ cpu: 100m

+ memory: 128Mi

+ requests:

+ cpu: 50m

+ memory: 64Mi

+ volumeMounts:

+ - mountPath: /var/lib/prosody

+ name: homedir

+ readOnly: false

+ subPath: home

+ - mountPath: /etc/prosody/secrets.d/

+ name: secrets

+ readOnly: true

+ - mountPath: /etc/prosody/conf.d/

+ name: config

+ readOnly: true

+ - mountPath: /etc/prosody/certs/imfreedom/

+ name: imfreedom-tls

+ readOnly: true

+ - mountPath: /etc/prosody/certs/pidgin/

+ name: pidgin-tls

+ readOnly: true

+ - mountPath: /etc/prosody/certs/pidginchat/

+ name: pidginchat-tls

+ readOnly: true

+ securityContext:

+ fsGroup: 101

+ runAsUser: 101

+ volumes:

+ - name: homedir

+ persistentVolumeClaim:

+ claimName: prosody

+ - name: secrets

+ secret:

+ secretName: prosody

+ - name: config

+ configMap:

+ name: prosody-config

+ - name: imfreedom-tls

+ secret:

+ secretName: imfreedom-tls

+ - name: pidgin-tls

+ secret:

+ secretName: pidgin-tls

+ - name: pidginchat-tls

+ secret:

+ secretName: pidginchat-tls

+---

+apiVersion: v1

+kind: PersistentVolumeClaim

+metadata:

+ name: prosody

+ labels:

+ app: prosody

+ role: app

+spec:

+ accessModes:

+ - ReadWriteOnce

+ resources:

+ requests:

+ storage: 2Gi

+ volumeName: pvc-415a206e-5484-4cf0-a655-908d18339f62

+---

+apiVersion: gemini.fairwinds.com/v1beta1

+kind: SnapshotGroup

+metadata:

+ name: prosody

+spec:

+ persistentVolumeClaim:

+ claimName: prosody

+ schedule:

+ - every: 12 hours

+ keep: 2

+---

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/50-xmpp.imfreedom.org/prometheus.yaml Thu Jun 17 04:47:37 2021 -0500

@@ -0,0 +1,16 @@

+---

+apiVersion: monitoring.coreos.com/v1

+kind: ServiceMonitor

+metadata:

+ name: prosody

+ labels:

+ app: prosody

+ prometheus: cluster-wide

+spec:

+ selector:

+ matchLabels:

+ app: prosody

+ endpoints:

+ - port: http

+ interval: 15s

+---