07b7ee62d3
Aula 08 - Cluster Kubernetes HA: - Setup interativo com OpenTofu para Talos na Hetzner - CCM, CSI Driver, Cluster Autoscaler, Metrics Server - NGINX Ingress com LoadBalancer (HTTP/HTTPS/SSH) Aula 09 - n8n na Hetzner: - Deploy via Helm com PostgreSQL e Redis - Suporte multi-tenant com add-client.sh - Integração com Hetzner CSI para volumes persistentes Aula 10 - GitLab na Hetzner: - Setup agnóstico: CloudFlare (trusted proxies) ou Let's Encrypt - Anti-affinity para distribuir webservice/sidekiq em nós diferentes - Container Registry e SSH via TCP passthrough - Documentação do erro 422 e solução com trustedCIDRsForXForwardedFor Melhorias gerais: - READMEs atualizados com arquitetura e troubleshooting - Scripts cleanup.sh para todas as aulas - CLAUDE.md atualizado com contexto do projeto
149 lines
4.2 KiB
YAML
149 lines
4.2 KiB
YAML
# =============================================================================
|
|
# n8n Helm Chart - Custom Values
|
|
# =============================================================================
|
|
# Aula 06 - Deploy n8n via Helm
|
|
#
|
|
# Chart: community-charts/n8n
|
|
# Docs: https://community-charts.github.io/docs/charts/n8n/configuration
|
|
# =============================================================================
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Imagem
|
|
# -----------------------------------------------------------------------------
|
|
image:
|
|
repository: n8nio/n8n
|
|
tag: "2.0.3"
|
|
pullPolicy: IfNotPresent
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Chave de Criptografia
|
|
# -----------------------------------------------------------------------------
|
|
encryptionKey: "workshop-n8n-encryption-key-32ch"
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Banco de Dados PostgreSQL
|
|
# -----------------------------------------------------------------------------
|
|
db:
|
|
type: postgresdb
|
|
|
|
postgresql:
|
|
enabled: true
|
|
auth:
|
|
database: n8n
|
|
username: n8n
|
|
password: "n8n-postgres-workshop-2025"
|
|
primary:
|
|
persistence:
|
|
enabled: true
|
|
size: 10Gi # Mínimo Hetzner ($0.0484/GB)
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Redis (necessário para Queue Mode)
|
|
# -----------------------------------------------------------------------------
|
|
redis:
|
|
enabled: true
|
|
architecture: standalone
|
|
auth:
|
|
enabled: true
|
|
password: "n8n-redis-workshop-2025"
|
|
master:
|
|
persistence:
|
|
enabled: true
|
|
size: 10Gi # Mínimo Hetzner ($0.0484/GB)
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Ingress NGINX
|
|
# -----------------------------------------------------------------------------
|
|
# Host e TLS são configurados dinamicamente pelo setup.sh via --set
|
|
ingress:
|
|
enabled: true
|
|
className: nginx
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/proxy-body-size: "50m"
|
|
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
|
|
nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Main Node
|
|
# -----------------------------------------------------------------------------
|
|
# N8N_SECURE_COOKIE é configurado dinamicamente pelo setup.sh via --set
|
|
main:
|
|
persistence:
|
|
enabled: true
|
|
size: 10Gi # Mínimo Hetzner ($0.0484/GB)
|
|
mountPath: "/home/node/.n8n"
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1Gi
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Workers (Queue Mode)
|
|
# -----------------------------------------------------------------------------
|
|
worker:
|
|
mode: queue
|
|
count: 2
|
|
concurrency: 10
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 512Mi
|
|
autoscaling:
|
|
enabled: true
|
|
minReplicas: 2
|
|
maxReplicas: 5
|
|
metrics:
|
|
- type: Resource
|
|
resource:
|
|
name: cpu
|
|
target:
|
|
type: Utilization
|
|
averageUtilization: 70
|
|
- type: Resource
|
|
resource:
|
|
name: memory
|
|
target:
|
|
type: Utilization
|
|
averageUtilization: 80
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Webhooks (Queue Mode)
|
|
# -----------------------------------------------------------------------------
|
|
# URL é configurada dinamicamente pelo setup.sh via --set
|
|
webhook:
|
|
mode: queue
|
|
count: 1
|
|
resources:
|
|
requests:
|
|
cpu: 50m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 250m
|
|
memory: 256Mi
|
|
autoscaling:
|
|
enabled: true
|
|
minReplicas: 1
|
|
maxReplicas: 3
|
|
metrics:
|
|
- type: Resource
|
|
resource:
|
|
name: cpu
|
|
target:
|
|
type: Utilization
|
|
averageUtilization: 70
|
|
|
|
# -----------------------------------------------------------------------------
|
|
# Configurações de Segurança
|
|
# -----------------------------------------------------------------------------
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
seccompProfile:
|
|
type: RuntimeDefault
|