feat: Kibana | add ingress route for kibana

This reverts commit faa5a74702.

core-services/cert-manager/values.yaml

@@ -6,3 +6,6 @@ prometheus:
 webhook:
   timeoutSeconds: 4
 enableCertificateOwnerRef: true
+extraArgs:
+  - "--dns01-recursive-nameservers-only"
+  - "--dns01-recursive-nameservers=1.1.1.1:53"

core-services/traefik/values.yaml

@@ -6,8 +6,6 @@ providers:
 ingress:
   ingressClass:
     enabled: false
-    isDefaultClass: true
-    name: traefik
 deployment:
   replicas: 1
   podLabels:

elasticsearch/cluster.yaml

@@ -0,0 +1,41 @@
+---
+apiVersion: elasticsearch.k8s.elastic.co/v1
+kind: Elasticsearch
+metadata:
+  name: elasticsearch
+  namespace: elastic-system
+spec:
+  version: 8.15.2
+  http:
+    tls:
+      certificate:
+        secretName: elasticsearch-es-http-tls-internal
+  nodeSets:
+  - name: master
+    count: 3
+    volumeClaimTemplates:
+    - metadata:
+        name: elasticsearch-data
+      spec:
+        accessModes:
+        - ReadWriteOnce
+        resources:
+          requests:
+            storage: 10Gi
+        storageClassName: longhorn
+    config:
+      node.roles: ["master"]
+  - name: data
+    count: 3
+    volumeClaimTemplates:
+    - metadata:
+        name: elasticsearch-data
+      spec:
+        accessModes:
+        - ReadWriteOnce
+        resources:
+          requests:
+            storage: 50Gi
+        storageClassName: longhorn
+    config:
+      node.roles: ["data", "ingest"]

elasticsearch/kibana.yaml

@@ -0,0 +1,16 @@
+---
+apiVersion: kibana.k8s.elastic.co/v1beta1
+kind: Kibana
+metadata:
+  name: kibana
+  namespace: elastic-system
+spec:
+  version: 8.15.2
+  count: 1
+  elasticsearchRef:
+    name: elasticsearch
+  http:
+    tls:
+      certificate:
+        secretName: kibana-kb-http-tls-internal
+

gaming-services/minecraft/index.ts

@@ -3,8 +3,8 @@ import { TerraformStack } from "cdktf";
 import { KubernetesProvider } from "@cdktf/provider-kubernetes/lib/provider";
 import { NamespaceV1 } from "@cdktf/provider-kubernetes/lib/namespace-v1";
 import { OnePasswordSecret } from "../../utils";
-import { TerraFirmaGreg } from "./tfg";
-import { GTNH } from "./gtnh";
+// import { TerraFirmaGreg } from "./tfg";
+// import { GTNH } from "./gtnh";
 
 export class GamingServices extends TerraformStack {
   constructor(scope: Construct, id: string) {
@@ -29,7 +29,7 @@ export class GamingServices extends TerraformStack {
       itemPath: "vaults/Lab/items/curseforge",
     });
 
-    new TerraFirmaGreg(this, "tfg", provider, namespace);
-    new GTNH(this, "gtnh", provider, namespace);
+    // new TerraFirmaGreg(this, "tfg", provider, namespace);
+    // new GTNH(this, "gtnh", provider, namespace);
   }
 }

utility-services/index.ts

@@ -8,6 +8,7 @@ import { GiteaRunner, GiteaServer } from "./gitea";
 import { AuthentikServer } from "./authentik";
 import { PostgresCluster } from "./postgres";
 import { DynamicDNS } from "./dynamic-dns";
+import { PublicIngressRoute } from "../utils";
 
 export class UtilityServices extends TerraformStack {
   constructor(scope: Construct, id: string) {
@@ -72,6 +73,7 @@ export class UtilityServices extends TerraformStack {
         "npm.dogar.dev",
         "go.dogar.dev",
         "elastic.dogar.dev",
+        "kibana.dogar.dev",
       ],
     });
 
@@ -115,5 +117,25 @@ export class UtilityServices extends TerraformStack {
       name: "gitea-runner",
       replicas: 3,
     });
+
+    new PublicIngressRoute(this, "elasticsearch", {
+      provider: kubernetes,
+      namespace: "elastic-system",
+      name: "elasticsearch",
+      host: "elastic.dogar.dev",
+      serviceName: "elasticsearch-es-http",
+      servicePort: 9200,
+      serviceProtocol: "https",
+    });
+
+    new PublicIngressRoute(this, "kibana", {
+      provider: kubernetes,
+      namespace: "elastic-system",
+      name: "kibana",
+      host: "kibana.dogar.dev",
+      serviceName: "kibana-kb-http",
+      servicePort: 5601,
+      serviceProtocol: "https",
+    });
   }
 }