added db config for kubernetes and helm

2025-12-30 12:12:42 +01:00
parent ee0dac91ba
commit c55b1375ad
9 changed files with 97 additions and 1 deletions
--- a/helm/templates/configmap.yaml
+++ b/helm/templates/configmap.yaml
@@ -24,3 +24,6 @@ data:
  {{- if .Values.config.timezone }}
  TIMEZONE: {{ .Values.config.timezone | quote }}
  {{- end }}
+  # Database configuration
+  DATABASE_PATH: {{ .Values.database.path | quote }}
+  DATABASE_RETENTION_DAYS: {{ .Values.database.retentionDays | quote }}
--- a/helm/templates/deployment.yaml
+++ b/helm/templates/deployment.yaml
@@ -54,6 +54,10 @@ spec:
          mountPath: /app/wordlists.json
          subPath: wordlists.json
          readOnly: true
+        {{- if .Values.database.persistence.enabled }}
+        - name: database
+          mountPath: /app/data
+        {{- end }}
        {{- with .Values.resources }}
        resources:
          {{- toYaml . | nindent 12 }}
@@ -62,6 +66,16 @@ spec:
      - name: wordlists
        configMap:
          name: {{ include "krawl.fullname" . }}-wordlists
+      {{- if .Values.database.persistence.enabled }}
+      - name: database
+        {{- if .Values.database.persistence.existingClaim }}
+        persistentVolumeClaim:
+          claimName: {{ .Values.database.persistence.existingClaim }}
+        {{- else }}
+        persistentVolumeClaim:
+          claimName: {{ include "krawl.fullname" . }}-db
+        {{- end }}
+      {{- end }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
--- a/helm/templates/pvc.yaml
+++ b/helm/templates/pvc.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.database.persistence.enabled (not .Values.database.persistence.existingClaim) }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ include "krawl.fullname" . }}-db
+  labels:
+    {{- include "krawl.labels" . | nindent 4 }}
+spec:
+  accessModes:
+    - {{ .Values.database.persistence.accessMode }}
+  {{- if .Values.database.persistence.storageClassName }}
+  storageClassName: {{ .Values.database.persistence.storageClassName }}
+  {{- end }}
+  resources:
+    requests:
+      storage: {{ .Values.database.persistence.size }}
+{{- end }}
--- a/helm/values.yaml
+++ b/helm/values.yaml
@@ -79,6 +79,24 @@ config:
 #  canaryTokenUrl: set-your-canary-token-url-here
 #  timezone: "UTC"  # IANA timezone (e.g., "America/New_York", "Europe/Rome"). If not set, system timezone is used.

+# Database configuration
+database:
+  # Path to the SQLite database file
+  path: "data/krawl.db"
+  # Number of days to retain access logs and attack data
+  retentionDays: 30
+  # Persistence configuration
+  persistence:
+    enabled: true
+    # Storage class name (use default if not specified)
+    # storageClassName: ""
+    # Access mode for the persistent volume
+    accessMode: ReadWriteOnce
+    # Size of the persistent volume
+    size: 1Gi
+    # Optional: Use existing PVC
+    # existingClaim: ""
+
 networkPolicy:
  enabled: true
  policyTypes:
--- a/kubernetes/krawl-all-in-one-deploy.yaml
+++ b/kubernetes/krawl-all-in-one-deploy.yaml
@@ -20,6 +20,9 @@ data:
  CANARY_TOKEN_TRIES: "10"
  PROBABILITY_ERROR_CODES: "0"
 #  CANARY_TOKEN_URL: set-your-canary-token-url-here
+  # Database configuration
+  DATABASE_PATH: "data/krawl.db"
+  DATABASE_RETENTION_DAYS: "30"
 ---
 apiVersion: v1
 kind: ConfigMap
@@ -227,6 +230,20 @@ data:
      ]
    }
 ---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: krawl-db
+  namespace: krawl-system
+  labels:
+    app: krawl-server
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -260,6 +277,8 @@ spec:
          mountPath: /app/wordlists.json
          subPath: wordlists.json
          readOnly: true
+        - name: database
+          mountPath: /app/data
        resources:
          requests:
            memory: "64Mi"
@@ -271,6 +290,9 @@ spec:
      - name: wordlists
        configMap:
          name: krawl-wordlists
+      - name: database
+        persistentVolumeClaim:
+          claimName: krawl-db
 ---
 apiVersion: v1
 kind: Service
--- a/kubernetes/manifests/configmap.yaml
+++ b/kubernetes/manifests/configmap.yaml
@@ -15,4 +15,7 @@ data:
  PROBABILITY_ERROR_CODES: "0"
  SERVER_HEADER: "Apache/2.2.22 (Ubuntu)"
 #  CANARY_TOKEN_URL: set-your-canary-token-url-here
-#  TIMEZONE: "UTC"  # IANA timezone (e.g., "America/New_York", "Europe/Rome")
+#  TIMEZONE: "UTC"  # IANA timezone (e.g., "America/New_York", "Europe/Rome")
+  # Database configuration
+  DATABASE_PATH: "data/krawl.db"
+  DATABASE_RETENTION_DAYS: "30"
--- a/kubernetes/manifests/deployment.yaml
+++ b/kubernetes/manifests/deployment.yaml
@@ -31,6 +31,8 @@ spec:
          mountPath: /app/wordlists.json
          subPath: wordlists.json
          readOnly: true
+        - name: database
+          mountPath: /app/data
        resources:
          requests:
            memory: "64Mi"
@@ -42,3 +44,6 @@ spec:
      - name: wordlists
        configMap:
          name: krawl-wordlists
+      - name: database
+        persistentVolumeClaim:
+          claimName: krawl-db
--- a/kubernetes/manifests/kustomization.yaml
+++ b/kubernetes/manifests/kustomization.yaml
@@ -5,6 +5,7 @@ resources:
  - namespace.yaml
  - configmap.yaml
  - wordlists-configmap.yaml
+  - pvc.yaml
  - deployment.yaml
  - service.yaml
  - network-policy.yaml
--- a/kubernetes/manifests/pvc.yaml
+++ b/kubernetes/manifests/pvc.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: krawl-db
+  namespace: krawl-system
+  labels:
+    app: krawl-server
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi