AllardDCS/kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
allard
2025-11-23 18:58:51 +01:00
commit 376a944abc
1553 changed files with 314731 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

386
lp/backstage/configmap.yaml Normal file
View File

@@ -0,0 +1,386 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: app-config
namespace: backstage
data:
app-config.yaml: |
app:
title: Backstage Voorbeeld App
baseUrl: https://backstage-lp.allarddcs.nl
googleAnalyticsTrackingId: # UA-000000-0
#datadogRum:
# clientToken: '123456789'
# applicationId: qwerty
# site: # datadoghq.eu default = datadoghq.com
# env: # optional
support:
url: https://github.com/backstage/backstage/issues # Used by common ErrorPage
items: # Used by common SupportButton component
- title: Issues
icon: github
links:
- url: https://github.com/backstage/backstage/issues
title: GitHub Issues
- title: Discord Chatroom
icon: chat
links:
- url: https://discord.gg/MUpMjP2
title: '#backstage'
backend:
baseUrl: https://backstage-lp.allarddcs.nl
listen:
port: 7000
database:
client: pg
connection:
host: postgres13.postgres
port: 5432
user: backstage
password: backstage
cache:
store: memory
cors:
origin: http://localhost:3000
methods: [GET, POST, PUT, DELETE]
credentials: true
csp:
connect-src: ["'self'", 'http:', 'https:']
# Content-Security-Policy directives follow the Helmet format: https://helmetjs.github.io/#reference
# Default Helmet Content-Security-Policy values can be removed by setting the key to false
reading:
allow:
- host: example.com
- host: '*.mozilla.org'
# workingDirectory: /tmp # Use this to configure a working directory for the scaffolder, defaults to the OS temp-dir
# See README.md in the proxy-backend plugin for information on the configuration format
proxy:
'/circleci/api':
target: https://circleci.com/api/v1.1
headers:
Circle-Token: ${CIRCLECI_AUTH_TOKEN}
'/jenkins/api':
target: http://localhost:8080
headers:
Authorization: ${JENKINS_BASIC_AUTH_HEADER}
'/travisci/api':
target: https://api.travis-ci.com
changeOrigin: true
headers:
Authorization: ${TRAVISCI_AUTH_TOKEN}
travis-api-version: '3'
'/newrelic/apm/api':
target: https://api.newrelic.com/v2
headers:
X-Api-Key: ${NEW_RELIC_REST_API_KEY}
'/pagerduty':
target: https://api.pagerduty.com
headers:
Authorization: Token token=${PAGERDUTY_TOKEN}
'/buildkite/api':
target: https://api.buildkite.com/v2/
headers:
Authorization: ${BUILDKITE_TOKEN}
'/sentry/api':
target: https://sentry.io/api/
allowedMethods: ['GET']
headers:
Authorization: ${SENTRY_TOKEN}
'/ilert':
target: https://api.ilert.com
allowedMethods: ['GET', 'POST', 'PUT']
allowedHeaders: ['Authorization']
headers:
Authorization: ${ILERT_AUTH_HEADER}
organization:
name: AllardDCS
# Reference documentation http://backstage.io/docs/features/techdocs/configuration
# Note: After experimenting with basic setup, use CI/CD to generate docs
# and an external cloud storage when deploying TechDocs for production use-case.
# https://backstage.io/docs/features/techdocs/how-to-guides#how-to-migrate-from-techdocs-basic-to-recommended-deployment-approach
techdocs:
builder: 'local' # Alternatives - 'external'
generator:
runIn: 'docker'
# dockerImage: my-org/techdocs # use a custom docker image
# pullImage: true # or false to disable automatic pulling of image (e.g. if custom docker login is required)
publisher:
type: 'local' # Alternatives - 'googleGcs' or 'awsS3' or 'azureBlobStorage' or 'openStackSwift'. Read documentation for using alternatives.
sentry:
organization: my-company
rollbar:
organization: my-company
# NOTE: The rollbar-backend & accountToken key may be deprecated in the future (replaced by a proxy config)
accountToken: my-rollbar-account-token
lighthouse:
baseUrl: http://localhost:3003
kubernetes:
serviceLocatorMethod:
type: 'multiTenant'
clusterLocatorMethods:
- type: 'config'
clusters: []
kafka:
clientId: backstage
clusters:
- name: cluster
brokers:
- localhost:9092
integrations:
github:
- host: github.com
token:
$env: GITHUB_TOKEN
gitea:
- host: gitea-dev.allarddcs.nl
apiBaseUrl: https://gitea-dev.allarddcs.nl/api/v1
token: "7c289d89b02489984fc9850411bb26f6ee4e9d37"
gitlab:
- host: gitlab.com
token: ${GITLAB_TOKEN}
bitbucket:
- host: bitbucket.org
username: ${BITBUCKET_USERNAME}
appPassword: ${BITBUCKET_APP_PASSWORD}
azure:
- host: dev.azure.com
token: ${AZURE_TOKEN}
# googleGcs:
# clientEmail: 'example@example.com'
# privateKey: ${GCS_PRIVATE_KEY}
catalog:
rules:
- allow:
- Component
- API
- Resource
- Group
- User
- Template
- System
- Domain
- Location
processors:
githubOrg:
providers:
- target: https://github.com
token:
$env: GITHUB_TOKEN
gitea:
- host: gitea-dev.allarddcs.nl
apiBaseUrl: https://gitea-dev.allarddcs.nl/api/v1
#### Example for how to add your GitHub Enterprise instance using the API:
# - target: https://ghe.example.net
# apiBaseUrl: https://ghe.example.net/api
# token: ${GHE_TOKEN}
ldapOrg:
### Example for how to add your enterprise LDAP server
# providers:
# - target: ldaps://ds.example.net
# bind:
# dn: uid=ldap-reader-user,ou=people,ou=example,dc=example,dc=net
# secret: ${LDAP_SECRET}
# users:
# dn: ou=people,ou=example,dc=example,dc=net
# options:
# filter: (uid=*)
# map:
# description: l
# groups:
# dn: ou=access,ou=groups,ou=example,dc=example,dc=net
# options:
# filter: (&(objectClass=some-group-class)(!(groupType=email)))
microsoftGraphOrg:
### Example for how to add your Microsoft Graph tenant
#providers:
# - target: https://graph.microsoft.com/v1.0
# authority: https://login.microsoftonline.com
# tenantId: ${MICROSOFT_GRAPH_TENANT_ID}
# clientId: ${MICROSOFT_GRAPH_CLIENT_ID}
# clientSecret: ${MICROSOFT_GRAPH_CLIENT_SECRET_TOKEN}
# userFilter: accountEnabled eq true and userType eq 'member'
# groupFilter: securityEnabled eq false and mailEnabled eq true and groupTypes/any(c:c+eq+'Unified')
locations:
- type: url
target: https://gitea-dev.allarddcs.nl/allard/kubernetes/raw/branch/master/group.yaml
rules:
- allow: [Group]
- type: url
target: https://gitea-dev.allarddcs.nl/allard/kubernetes/raw/branch/master/system.yaml
rules:
- allow: [System]
- type: url
target: https://gitea-dev.allarddcs.nl/allard/kubernetes/raw/branch/master/catalog-info.yaml
rules:
- allow: [Component]
scaffolder:
# Use to customize default commit author info used when new components are created
# defaultAuthor:
# name: Scaffolder
# email: scaffolder@backstage.io
# Use to customize the default commit message when new components are created
# defaultCommitMessage: 'Initial commit'
github:
token:
$env: GITHUB_TOKEN
visibility: public # or 'internal' or 'private'
gitea:
api:
baseUrl: https://gitea-dev.allarddcs.nl
token: ${GITEA_TOKEN}
visibility: public # or 'internal' or 'private'
gitlab:
api:
baseUrl: https://gitlab.com
token: ${GITLAB_TOKEN}
visibility: public # or 'internal' or 'private'
azure:
baseUrl: https://dev.azure.com/{your-organization}
api:
token: ${AZURE_TOKEN}
bitbucket:
api:
host: https://bitbucket.org
username: ${BITBUCKET_USERNAME}
token: ${BITBUCKET_TOKEN}
visibility: public # or or 'private'
auth:
environment: development
### Providing an auth.session.secret will enable session support in the auth-backend
# session:
# secret: custom session secret
providers:
google:
development:
clientId: arbitrary-value
clientSecret: arbitrary-value
github:
development:
clientId: arbitrary-value
clientSecret: arbitrary-value
enterpriseInstanceUrl: arbitrary-value
gitlab:
development:
clientId: arbitrary-value
clientSecret: arbitrary-value
audience: arbitrary-value
saml:
entryPoint: 'http://localhost:7001/'
issuer: 'passport-saml'
okta:
development:
clientId: arbitrary-value
clientSecret: arbitrary-value
audience: arbitrary-value
oauth2:
development:
clientId: arbitrary-value
clientSecret: arbitrary-value
authorizationUrl: arbitrary-value
tokenUrl: arbitrary-value
###
# provide a list of scopes as needed for your OAuth2 Server:
#
# scope: saml-login-selector openid profile email
oidc:
# Note that you must define a session secret (see above) since the oidc provider requires session support.
# Note that by default, this provider will use the 'none' prompt which assumes that your are already logged on in the IDP.
# You should set prompt to:
# - auto: will let the IDP decide if you need to log on or if you can skip login when you have an active SSO session
# - login: will force the IDP to always present a login form to the user
development:
metadataUrl: arbirarty-value
clientId: arbirarty-value
clientSecret: arbirarty-value
authorizationUrl: arbirarty-value
tokenUrl: arbirarty-value
tokenSignedResponseAlg: arbirarty-value
scope: arbirarty-value # default='openid profile email'
prompt: arbirarty-value # default=none (allowed values: auto, none, consent, login)
auth0:
development:
clientId: arbirarty-value
clientSecret: arbirarty-value
domain: arbirarty-value
microsoft:
development:
clientId: arbirarty-value
clientSecret: arbirarty-value
tenantId: arbirarty-value
onelogin:
development:
clientId: arbirarty-value
clientSecret: arbirarty-value
issuer: arbirarty-value
costInsights:
engineerCost: 200000
products:
computeEngine:
name: Compute Engine
icon: compute
cloudDataflow:
name: Cloud Dataflow
icon: data
cloudStorage:
name: Cloud Storage
icon: storage
bigQuery:
name: BigQuery
icon: search
events:
name: Events
icon: data
metrics:
DAU:
name: Daily Active Users
default: true
MSC:
name: Monthly Subscribers
homepage:
clocks:
- label: UTC
timezone: UTC
- label: NYC
timezone: 'America/New_York'
- label: STO
timezone: 'Europe/Stockholm'
- label: TYO
timezone: 'Asia/Tokyo'
pagerduty:
eventsBaseUrl: 'https://events.pagerduty.com/v2'
jenkins:
instances:
- name: default
baseUrl: https://jenkins.example.com
username: backstage-bot
apiKey: 123456789abcdef0123456789abcedf012