change(mqtt): use app-template

2024-07-01 14:03:30 +00:00 · 2023-05-10 11:37:29 +02:00 · 2023-05-10 11:37:29 +02:00 · 0340b67c66
parent dbe013cc4d
commit 0340b67c66
3 changed files with 74 additions and 126 deletions
--- a/projects/mqtt/project.yml
+++ b/projects/mqtt/project.yml
@ -3,6 +3,6 @@ config:

 apps:
 - name: mosquitto
-  repoURL: https://charts.billias.cc
-  chart: mosquitto
-  targetRevision: 2.5.0
+  repo: bjw-s 
+  chart: app-template
+  targetRevision: 1.5.0
--- a/projects/mqtt/values/moquitto.yaml
+++ b/projects/mqtt/values/moquitto.yaml
@ -1,123 +0,0 @@
-replicaCount: 1
-strategyType: Recreate
-
-image:
-  repository: eclipse-mosquitto
-  tag: 2.0.15
-  pullPolicy: IfNotPresent
-
-service:
-  type: LoadBalancer
-  #externalTrafficPolicy: Cluster
-  annotations:
-    metallb.universe.tf/address-pool: iot
-    #metallb.universe.tf/allow-shared-ip: adguard
-
-ports:
-  mqtt:
-    port: 1883
-    # sets consistent nodePort, required to set service.type=NodePort
-    # nodePort: 31883
-    protocol: TCP
-  websocket:
-    port: 9090
-    protocol: TCP
-
-persistence:
-  enabled: true
-  accessMode: ReadWriteOnce
-  existingClaim: ""
-  mountPath: /mosquitto/data
-  subPath: ""
-  # storageClass: "-"
-  size: 1Gi
-
-resources:
-  limits:
-    cpu: 300m
-    memory: 128Mi
-  requests:
-    cpu: 100m
-    memory: 64Mi
-
-podSecurityContext:
-  runAsUser: 1001
-  runAsGroup: 10000
-  fsGroup: 10000
-
-securityContext:
-  runAsUser: 1001
-  fsGroup: 10000
-  runAsNonRoot: true
-  privileged: false
-  readOnlyRootFilesystem: true
-  allowPrivilegeEscalation: false
-  capabilities:
-    drop:
-    - ALL
-
-authentication:
-  passwordEntries: ""
-  # To use authentication with mosquitto, you can set a list of password entries to be used.
-  # reference https://mosquitto.org/man/mosquitto_passwd-1.html to generate these entries.
-  # For example:
-  # passwordEntries: |-
-  #   user1:$6$BKzw0RKerxV4Esbj$Uz5slWGB1TiOtYIEokEl0eR1YSEQAdKpcdRYMsLYbwjktlVzdLyGk41YCPGyMLnBePtdwPhkcm8kjGI0R9s57w==
-  #   user2:$6$b5vYuHrSLj48Ii32$NjlbnatIaUQSsNvxxTpawpav6NPyZ8QhGrdEVGtyU1rgEGjNzVGKlstRg29FV6MFTPs/ugPA8D5I5+qRcIMXSg==
-  passwordFilePath: "/etc/mosquitto/passwordfile"
-
-authorization:
-  acls: ""
-  # To use authorizations with mosquitto, you can set a list of per user or pattern-based rules.
-  # reference https://mosquitto.org/man/mosquitto-conf-5.html for further information.
-  # For example:
-  # acls: |-
-      # zigbee2mqtt ACLs
-      # user zigbee2mqtt
-      # topic readwrite zigbee2mqtt/#
-      # topic readwrite homeassistant/#
-      # Tasmota-compatible ACLs
-      # pattern read cmnd/%u/#
-      # pattern write stat/%u/#
-      # pattern write tele/%u/#
-  aclfilePath: "/etc/mosquitto/aclfile"
-
-existingConfigMap: ""
-config: |
-  persistence true
-  persistence_location /mosquitto/data/
-  log_dest stdout
-  listener 1883
-  listener 9090
-  protocol websockets
-
-## Additional volumes.
-extraVolumes: []
-  # - name: tls
-  #   secret:
-  #     secretName: mosquitto-certs
-
-## Additional volumeMounts to the main container.
-extraVolumeMounts: []
-  # - name: tls
-  #   mountPath: /certs
-  #   subPath: cafile
-
-monitoring:
-  podMonitor:
-    enabled: false
-  sidecar:
-    enabled: false
-    port: 9234
-    # nodePort: 32234
-    image:
-      repository: nolte/mosquitto-exporter
-      tag: v0.6.3
-      pullPolicy: IfNotPresent
-    resources:
-      limits:
-        cpu: 300m
-        memory: 128Mi
-      requests:
-        cpu: 100m
-        memory: 64Mi
--- a/projects/mqtt/values/mosquitto.yaml
+++ b/projects/mqtt/values/mosquitto.yaml
@ -0,0 +1,71 @@
+image:
+  repository: eclipse-mosquitto
+  tag: 2.0.15
+
+service:
+  main:
+    type: LoadBalancer
+    externalTrafficPolicy: Local
+    annotations:
+      #metallb.universe.tf/allow-shared-ip: adguard
+      metallb.universe.tf/address-pool: iot
+    ports:
+      http:
+        enabled: false
+        port: 9090
+      mqtt:
+        enabled: true
+        port: 1883
+
+configMaps:
+  config:
+    enabled: true
+    data:
+      mosquitto.conf: |
+        allow_anonymous true
+        connection_messages false
+        persistence true
+        persistence_location /mosquitto/data/
+        log_dest stdout
+        listener 1883
+        listener 9090
+        protocol websockets
+
+persistence:
+  data:
+    enabled: true
+    type: pvc
+    mountPath: /mosquitto/data
+    accessMode: ReadWriteOnce
+    size: 10Gi
+
+  config:
+    enabled: true
+    type: configMap
+    name: mosquitto-config
+    mountPath: /mosquitto/config/mosquitto.conf
+    subPath: mosquitto.conf
+
+resources:
+  limits:
+    cpu: 100m
+    memory: 64Mi
+  requests:
+    cpu: 10m
+    memory: 32Mi
+
+podSecurityContext:
+  runAsUser: 1001
+  runAsGroup: 10000
+  fsGroup: 10000
+
+securityContext:
+  runAsUser: 1001
+  runAsGroup: 10000
+  runAsNonRoot: true
+  privileged: false
+  readOnlyRootFilesystem: true
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop:
+    - ALL