depaula/workshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Workshop completo: aulas 08-10 com Talos, n8n e GitLab na Hetzner

Browse Source 
Aula 08 - Cluster Kubernetes HA:
- Setup interativo com OpenTofu para Talos na Hetzner
- CCM, CSI Driver, Cluster Autoscaler, Metrics Server
- NGINX Ingress com LoadBalancer (HTTP/HTTPS/SSH)

Aula 09 - n8n na Hetzner:
- Deploy via Helm com PostgreSQL e Redis
- Suporte multi-tenant com add-client.sh
- Integração com Hetzner CSI para volumes persistentes

Aula 10 - GitLab na Hetzner:
- Setup agnóstico: CloudFlare (trusted proxies) ou Let's Encrypt
- Anti-affinity para distribuir webservice/sidekiq em nós diferentes
- Container Registry e SSH via TCP passthrough
- Documentação do erro 422 e solução com trustedCIDRsForXForwardedFor

Melhorias gerais:
- READMEs atualizados com arquitetura e troubleshooting
- Scripts cleanup.sh para todas as aulas
- CLAUDE.md atualizado com contexto do projeto
This commit is contained in:
Allyson de Paula
2025-12-31 17:57:02 -03:00
parent 50dc74c1d8
commit 07b7ee62d3
35 changed files with 4665 additions and 311 deletions
Download Patch File Download Diff File Expand all files Collapse all files

148
aula-09/custom-values.yaml Normal file
View File

@@ -0,0 +1,148 @@
# =============================================================================
# n8n Helm Chart - Custom Values
# =============================================================================
# Aula 06 - Deploy n8n via Helm
#
# Chart: community-charts/n8n
# Docs: https://community-charts.github.io/docs/charts/n8n/configuration
# =============================================================================
# -----------------------------------------------------------------------------
# Imagem
# -----------------------------------------------------------------------------
image:
repository: n8nio/n8n
tag: "2.0.3"
pullPolicy: IfNotPresent
# -----------------------------------------------------------------------------
# Chave de Criptografia
# -----------------------------------------------------------------------------
encryptionKey: "workshop-n8n-encryption-key-32ch"
# -----------------------------------------------------------------------------
# Banco de Dados PostgreSQL
# -----------------------------------------------------------------------------
db:
type: postgresdb
postgresql:
enabled: true
auth:
database: n8n
username: n8n
password: "n8n-postgres-workshop-2025"
primary:
persistence:
enabled: true
size: 10Gi # Mínimo Hetzner ($0.0484/GB)
# -----------------------------------------------------------------------------
# Redis (necessário para Queue Mode)
# -----------------------------------------------------------------------------
redis:
enabled: true
architecture: standalone
auth:
enabled: true
password: "n8n-redis-workshop-2025"
master:
persistence:
enabled: true
size: 10Gi # Mínimo Hetzner ($0.0484/GB)
# -----------------------------------------------------------------------------
# Ingress NGINX
# -----------------------------------------------------------------------------
# Host e TLS são configurados dinamicamente pelo setup.sh via --set
ingress:
enabled: true
className: nginx
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "50m"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
# -----------------------------------------------------------------------------
# Main Node
# -----------------------------------------------------------------------------
# N8N_SECURE_COOKIE é configurado dinamicamente pelo setup.sh via --set
main:
persistence:
enabled: true
size: 10Gi # Mínimo Hetzner ($0.0484/GB)
mountPath: "/home/node/.n8n"
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 1000m
memory: 1Gi
# -----------------------------------------------------------------------------
# Workers (Queue Mode)
# -----------------------------------------------------------------------------
worker:
mode: queue
count: 2
concurrency: 10
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 5
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
# -----------------------------------------------------------------------------
# Webhooks (Queue Mode)
# -----------------------------------------------------------------------------
# URL é configurada dinamicamente pelo setup.sh via --set
webhook:
mode: queue
count: 1
resources:
requests:
cpu: 50m
memory: 128Mi
limits:
cpu: 250m
memory: 256Mi
autoscaling:
enabled: true
minReplicas: 1
maxReplicas: 3
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
# -----------------------------------------------------------------------------
# Configurações de Segurança
# -----------------------------------------------------------------------------
securityContext:
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault