From 8f7311ec80537ad9b685007005b5e5d8a9f9c780 Mon Sep 17 00:00:00 2001
From: Michele Cereda <michele.cereda@protonmail.com>
Date: Sun, 17 Oct 2021 00:29:00 +0200
Subject: [PATCH] Imported usable examples from the private temporary
 repository

---
 examples/archlinux/install-on-crypted-boot.sh | 499 ++++++++++++++++++
 examples/keda/grafana.bash                    | 126 +++++
 examples/keda/nextcloud.bash                  | 217 ++++++++
 3 files changed, 842 insertions(+)
 create mode 100644 examples/archlinux/install-on-crypted-boot.sh
 create mode 100644 examples/keda/grafana.bash
 create mode 100644 examples/keda/nextcloud.bash

diff --git a/examples/archlinux/install-on-crypted-boot.sh b/examples/archlinux/install-on-crypted-boot.sh
new file mode 100644
index 0000000..24ca835
--- /dev/null
+++ b/examples/archlinux/install-on-crypted-boot.sh
@@ -0,0 +1,499 @@
+## in live
+
+$ loadkeys it
+$ timedatectl set-ntp true
+
+$ cgdisk /dev/sda
+# sda1 (gpt) +1MiB ef02
+# sda2 (efi) +512MiB ef00
+# sda3 (os) +30GiB 8300
+# sda4 (data) -2M 8300
+# sda5 (gpt) +1MiB ef02
+
+# cifratura
+$ cryptsetup --hash sha512 --key-size 512 --use-random --verbose --verify-passphrase luksFormat /dev/sda3
+$ cryptsetup --hash sha512 --key-size 512 --use-random --verbose --verify-passphrase luksFormat /dev/sda4
+$ cryptsetup --allow-discards luksOpen /dev/sda3 localsysvg
+$ cryptsetup --allow-discards luksOpen /dev/sda4 localdatavg
+
+# lvm
+$ pvcreate --verbose /dev/mapper/localsysvg
+$ pvcreate --verbose /dev/mapper/localdatavg
+$ vgcreate --verbose localsysvg /dev/mapper/localsysvg
+$ vgcreate --verbose localdatavg /dev/mapper/localdatavg
+$ lvcreate --name system --size 10G --verbose localsysvg
+$ lvcreate --name recovery --size 4G --verbose localsysvg
+$ lvcreate --name swap --extents 100%FREE --verbose localsysvg
+$ lvcreate --name data --extents 100%FREE --verbose localdatavg
+
+# filesystem
+$ mkfs.fat -n "EFI SYSTEM PARTITION" -F 32 /dev/sda2
+$ mkfs.ext4 -E discard -L "System" /dev/localsysvg/system
+$ mkfs.ext4 -E discard -L "Recovery" /dev/localsysvg/recovery
+$ mkswap --check --label "Swap" /dev/localsysvg/swap
+$ mkfs.btrfs -L "Data" /dev/localdatavg/data
+$ swapon /dev/localsysvg/swap
+$ mount -o discard /dev/localsysvg/system /mnt
+$ mkdir -p /mnt/boot/efi
+$ mount /dev/sda2 /mnt/boot/efi
+$ mkdir /mnt/data
+
+$ vim /etc/pacman.conf
+$ vim /etc/pacman.d/mirrorlist
+$ pacstrap -i /mnt base bash-completion git dnsmasq efibootmgr fakeroot grub intel-ucode multilib-devel networkmanager pv sudo vim
+
+$ genfstab -p /mnt | tee -a /mnt/etc/fstab
+$ vim /mnt/etc/fstab
+
+# per inserire una password di meno al boot
+$ dd bs=512 count=4 if=/dev/urandom of=/crypto_keyfile.bin
+$ chmod 000 /mnt/crypto_keyfile.bin
+$ chmod 600 /mnt/boot/initramfs-linux*
+$ cryptsetup luksAddKey /dev/sda3 /mnt/crypto_keyfile.bin
+$ cryptsetup luksAddKey /dev/sda4 /mnt/crypto_keyfile.bin
+
+$ vim /mnt/etc/mkinitcpio.conf
+# HOOKS=(... encrypt lvm2 ...)
+# FILES=(/crypto_keyfile.bin)
+
+$ vim /mnt/etc/lvm/lvm.conf
+# issue_discards = 1
+
+$ vim /mnt/etc/default/grub
+# GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda3:localsysvg"
+# GRUB_CMDLINE_LINUX_DEFAULT="resume=/dev/mapper/localsysvg-swap quiet"
+# GRUB_PRELOAD_MODULES="... lvm"
+# GRUB_ENABLE_CRYPTODISK=y
+# GRUB_DISABLE_LINUX_UUID=true
+# GRUB_DISABLE_RECOVERY=false
+# GRUB_GFXMODE=auto
+# GRUB_GFXPAYLOAD_LINUX=keep
+
+$ vim /mnt/etc/locale.gen
+# en_US.UTF-8 UTF-8
+# it_IT.UTF-8 UTF-8
+
+$ echo LANG=it_IT.UTF-8 | tee /mnt/etc/locale.conf
+$ echo KEYMAP=it | tee /mnt/etc/vconsole.conf
+$ echo faraday | tee /mnt/etc/hostname
+$ vim /mnt/etc/hosts [127.0.1.1    faraday.localdomain faraday]
+$ arch-chroot /mnt
+
+## in chroot
+
+$ ln -sf /usr/share/zoneinfo/Europe/Rome /etc/localtime
+$ hwclock --systohc
+$ locale-gen
+$ mkinitcpio -p linux
+
+# utenza personale
+$ useradd --create-home --groups wheel --user-group mek
+$ passwd mek
+$ visudo
+
+# grub
+$ grub-install --bootloader-id Archlinux --efi-directory /boot/efi --target x86_64-efi
+$ grub-mkconfig -o /boot/grub/grub.cfg
+$ exit
+
+## in live
+$ umount --recursive /mnt
+$ reboot
+
+## come utente
+# aur
+$ for PKG in {aic94xx,b43,wd719x}-firmware
+do
+  cd
+  git clone https://aur.archlinux.org/${PKG}.git
+  cd ${PKG}
+  makepkg -si
+  cd
+done
+
+## da root
+$ mkinitcpio -p linux
+
+# gui
+$ pacman -S breeze-gtk dolphin-plugins drkonqi firefox kde-gtk-config kgamma5 kinfocenter konsole kscreen ksshaskpass kwrite libnotify libva-intel-driver plasma-desktop plasma-nm plasma-pa plasma-wayland-session plasma5-applets-active-window-control plasma5-applets-redshift-control plasma5-applets-thermal-monitor plasma5-applets-weather-widget powerdevil pulseaudio-alsa sddm-kcm ttf-roboto usb_modeswitch vlc xorg
+
+# login grafico
+$ systemctl enable sddm
+$ mkdir /etc/sddm.conf.d
+$ sddm --example-config | tee /etc/sddm.conf.d/sddm.conf
+$ vim /etc/sddm.conf.d/sddm.conf
+# Current=breeze  CursorTheme=breeze_cursors  MinimumVT=7
+
+# altro
+$ systemctl enable NetworkManager
+$ localectl set-keymap it
+$ timedatectl set-ntp true
+$ reboot
+
+
+---
+
+#  ________________________________________________________________________
+# |                                                                            |
+# |                                                     .:: BOOT & PREPARE ::. |
+# |____________________________________________________________________________|
+
+
+
+# increase font size due to 4k display
+setfont latarcyrheb-sun32
+
+# connect to wifi network
+wifi-menu
+
+# test connection
+ping -c 3 github.com
+
+
+
+#  ________________________________________________________________________
+# |                                                                            |
+# |                                                        .:: FORMAT DISK ::. |
+# |____________________________________________________________________________|
+
+
+
+# this laptop has an nvme disk, so the disk will most likely be "nvme0n1".
+# however, you can verify by issuing the command:
+lsblk
+
+# create 2 partitions:
+# partition 1: 
+#   - EFI
+#   - size 512 MiB
+#   - hex code ef00
+# partition 2:
+#   - Linux/data
+#   - size 100%
+#   - hex code 8300
+cgdisk /dev/nvme0n1
+
+# format EFI partition
+mkfs.vfat -F32 /dev/nvme0n1p1
+
+# create and open encrypted Linux/data partition
+cryptsetup luksFormat /dev/nvme0n1p2
+cryptsetup open /dev/nvme0n1p2 luks
+
+# create partitions on encrypted disk
+# we have 2: root and swap
+# for swap we use 16 GiB, as the XPS has 16 GiB of memory
+pvcreate /dev/mapper/luks
+vgcreate vg0 /dev/mapper/luks
+lvcreate --size 16G vg0 --name swap
+lvcreate -l +100%FREE vg0 --name root
+
+# format encrypted partition
+mkfs.ext4 /dev/mapper/vg0-root
+mkswap /dev/mapper/vg0-swap
+
+# mount system
+mount /dev/mapper/vg0-root /mnt
+swapon /dev/mapper/vg0-swap
+mkdir /mnt/boot
+mount /dev/nvme0n1p1 /mnt/boot
+
+
+
+#  ________________________________________________________________________
+# |                                                                            |
+# |                                                .:: INSTALL BASE SYSTEM ::. |
+# |____________________________________________________________________________|
+
+
+
+# select mirror
+# uncomment the mirror closest to you
+vim /etc/pacman.d/mirrorlist
+
+# install base packages
+# NOTE: as of recently, the base package doesn't include linux anymore!
+pacstrap -i /mnt base base-devel linux linux-headers zsh vim git sudo efibootmgr dialog iw wpa_supplicant
+
+# generate fstab
+genfstab -pU /mnt >> /mnt/etc/fstab
+
+# verify and adjust /mnt/etc/fstab
+# change "relatime" on all non-boot partitions to "noatime" to reduce wear on the SSD
+vim /mnt/etc/fstab
+
+# enter the new system
+arch-chroot /mnt /bin/bash
+
+
+
+#  ________________________________________________________________________
+# |                                                                            |
+# |                                                   .:: CONFIGURE SYSTEM ::. |
+# |____________________________________________________________________________|
+
+
+
+# configure locale
+# uncomment "en_US.UTF-8"
+vim /etc/locale.gen
+echo LANG=en_US.UTF-8 > /etc/locale.conf
+export LANG=en_US.UTF-8
+echo LC_ALL= >> /etc/locale.conf
+locale-gen
+
+# configure timezone
+tzselect
+ln -s /usr/share/zoneinfo/Europe/Brussels /etc/localtime
+hwclock --systohc --utc
+
+# configure font for 4k display
+echo 'FONT=latarcyrheb-sun32' >> /etc/vconsole.conf
+
+# configure hostname
+# change "<my_hostname>" to one of your choosing
+echo '<my_hostname>' > /etc/hostname
+echo '127.0.1.1 <my_hostname>.localdomain <my_hostname>' >> /etc/hosts
+
+# configure root password
+passwd
+
+# add and configure your user
+# change "<my_username>" to one of your choosing
+useradd -m -g users -G wheel -s /bin/zsh <my_username>
+passwd <my_username>
+echo '<my_username> ALL=(ALL) ALL' > /etc/sudoers.d/<my_username>
+EDITOR=vim visudo
+
+
+
+#  ________________________________________________________________________
+# |                                                                            |
+# |                                                .:: INSTALL BOOT LOADER ::. |
+# |____________________________________________________________________________|
+
+
+
+# install Intel's microcode updates
+pacman -S intel-ucode
+
+# configure mkinitcpio with modules needed for the initrd image
+# add or update the following to or in /etc/mkinitcpio.conf:
+#
+#   MODULES="i915 ext4 nvme intel_agp"
+#   BINARIES=""
+#   FILES="/etc/modprobe.d/modprobe.conf"
+#   HOOKS="systemd autodetect modconf block keymap sd-encrypt sd-lvm2 filesystems keyboard"
+#
+vim /etc/mkinitcpio.conf
+
+# regenerate initrd image
+mkinitcpio -p linux
+
+# setup systembootd
+bootctl --path=/boot install
+
+# get your LUKS UUID
+cryptsetup luksUUID /dev/nvme0n1p2
+
+# create bootloader entry with powersaving
+# replace <UUID> with the output of the previous command
+# add the following lines to /boot/loader/entries/arch.conf:
+#
+#   title Arch Linux
+#   linux /vmlinuz-linux
+#   initrd /intel-ucode.img
+#   initrd /initramfs-linux.img
+#   options luks.uuid=<UUID> luks.name=<UUID>=luks root=/dev/mapper/vg0-root resume=/dev/mapper/vg0-swap rw nvme_core.default_ps_max_latency_us=170000
+#
+vim /boot/loader/entries/arch.conf
+
+# create loader.conf file, and add the following content:
+#
+#   default arch
+#   timeout 0
+#   editor  0
+#
+vim /boot/loader/loader.conf
+
+# enable Intel GPU and powersaving options needed for tear free operation, and battery life
+# create the i915 modprobe file (Intel graphics powersaving options), and add the following content:
+#
+#   options i915 enable_rc6=1 enable_fbc=1 semaphores=1 modeset=1 enable_guc_loading=1 enable_guc_submission=1 enable_huc=1 disable_power_well=0 enable_psr=1
+#
+vim /etc/modprobe.d/i915.conf
+
+# create the X11 Intel config file, and add the following content:
+#
+#   Section "Device"
+#      Identifier  "Intel Graphics"
+#      Driver      "intel"
+#      Option      "AccelMethod"
+#   EndSection
+#
+vim /etc/X11/xorg.conf.d/20-intel.conf
+
+# update bootloader
+bootctl update
+
+
+
+#  ________________________________________________________________________
+# |                                                                            |
+# |                                .:: INSTALL DESKTOP ENVIRONMENT & TOOLS ::. |
+# |____________________________________________________________________________|
+
+
+
+# install GNOME & GDM & networking tools
+pacman -S gnome gdm network-manager-applet networkmanager gnome-clocks gnome-software gnome-boxes gnome-calendar gnome-maps gnome-bluetooth gnome-user-share gnome-characters gnome-color-manager gnome-documents gnome-logs gnome-music gnome-photos gnome-todo seahorse file-roller
+
+# install touchpad & graphics
+pacman -S xf86-input-libinput xf86-video-intel mesa-libgl vulkan-intel libva-intel-driver
+
+# start GNOME on boot
+systemctl enable NetworkManager.service
+systemctl enable gdm.service
+
+# reboot and start using Arch
+exit
+umount -R /mnt
+swapoff -a
+reboot
+
+
+
+#  ________________________________________________________________________
+# |                                                                            |
+# |                                             .:: POST INSTALL UTILITIES ::. |
+# |____________________________________________________________________________|
+
+
+
+# update system
+sudo pacman -Syyu
+
+# check if NVME (Toshiba) SSD has powersaving mode enabled
+sudo nvme get-feature -f 0x0c -H /dev/nvme0
+
+# ensure Intel Video drivers are used
+sudo lspci -s 00:02 -vk
+
+# ensure the following options are set in i915 config:
+#
+#   options i915 modeset=1 enable_rc6=1 enable_fbc=1
+#
+sudo vim /etc/modprobe.d/i915.conf
+
+# install utilities:
+#   - basic tools such as bluetooth
+#   - printing tools
+#   - dmidecode: for dumping DMI/SMBIOS in human readable format
+sudo pacman -Syu terminator gnome-tweak-tool systemd-swap util-linux dosfstools lshw \
+                 bluez bluez-utils bluez-libs bluez-firmware \
+                 cups cups-pdf gtk3-print-backends \
+                 dmidecode \
+                 xdotool wmctrl ffmpeg pulseaudio-alsa pulseaudio-bluetooth alsa-utils
+
+# enable and start Bluetooth
+sudo modprobe btusb
+sudo systemctl start bluetooth.service
+sudo systemctl enable bluetooth.service
+
+# auto enable Bluetooth 
+# change AutoEnable to true in the [Policy] section:
+#
+#SET AutoEnable=True
+#
+sudo vim /etc/bluetooth/main.conf
+
+# enable and start printing service
+sudo systemctl start org.cups.cupsd.service
+sudo systemctl enable org.cups.cupsd.service
+
+# enable SWAP service
+sudo systemctl enable systemd-swap.service
+
+# enable SSD TRIM
+sudo systemctl enable fstrim.timer
+
+# install yay
+cd <YOUR_DIRECTORY>
+git clone https://aur.archlinux.org/yay.git
+cd yay
+makepkg -si
+
+# install fonts
+sudo pacman -S adobe-source-code-pro-fonts adobe-source-han-sans-cn-fonts adobe-source-han-sans-jp-fonts adobe-source-han-sans-kr-fonts adobe-source-han-sans-otc-fonts adobe-source-han-sans-tw-fonts adobe-source-sans-pro-fonts noto-fonts-emoji otf-ipafont ttf-dejavu ttf-hanazono ttf-inconsolata ttf-liberation ttf-roboto ttf-ubuntu-font-family 
+yay -S ttf-google-fonts-git ttf-ms-fonts
+
+# install some more QOL utilities
+sudo pacman -S neofetch etcher steam vlc firefox qt4 thunderbird libreoffice ufw gnome-clocks gnome-software gnome-boxes gnome-calendar gnome-maps gnome-bluetooth gnome-user-share gnome-characters gnome-color-manager gnome-documents gnome-logs gnome-music gnome-photos gnome-todo seahorse file-roller
+yay -S etcher-bin brave-bin spotify skypeforlinux-stable-bin timeshift
+
+# hide unwanted desktop file icons
+# create a script with the following content:
+#
+#   #!/bin/sh
+#   
+#   APPLICATION_PATH="/usr/share/applications"
+#   USER_APPLICATION_PATH="${HOME}/.local/share/applications"
+#   
+#   for FILE in cat $1; do
+#       if [ -e "${APPLICATION_PATH}/${FILE}" ]; then
+#           echo "Creating file ${USER_APPLICATION_PATH}/${FILE}"
+#           echo "NoDisplay=true" > "${USER_APPLICATION_PATH}/${FILE}"
+#       elif [ ! -e "${APPLICATION_PATH}/${FILE}" ] && [ -e "${USER_APPLICATION_PATH}/${FILE}" ]; then
+#           echo "Deleting unnecessary file ${USER_APPLICATION_PATH}/${FILE}"
+#           rm "${USER_APPLICATION_PATH}/${FILE}"
+#       fi
+#   done    
+#
+vim ~/hide_desktop_icons.sh
+
+# create a list if icons you want to hide with the following content:
+#
+#   assistant-qt4.desktop
+#   avahi-discover.desktop
+#   bssh.desktop
+#   bvnc.desktop
+#   CMake.desktop
+#   designer-qt4.desktop
+#   ipython-qtconsole.desktop
+#   jconsole.desktop
+#   linguist-qt4.desktop
+#   policytool.desktop
+#   qdbusviewer-qt4.desktop
+#   qtconfig-qt4.desktop
+#   qv4l2.desktop
+#   gda-control-center-5.0.desktop
+#   gda-browser-5.0.desktop
+#   nvidia-settings.desktop
+#   hplip.desktop
+#   ipython.desktop
+#   zenmap.desktop
+#   zenmap-root.desktop
+#   designer.desktop
+#   qdbusviewer.desktop
+#   assistant.desktop
+#   linguist.desktop
+#
+vim ~/hide_desktop_icons_list.txt
+
+# execute script
+chmod +x hide-icon.sh
+./hide-icon.sh list_of_desktop_file_names.txt
+
+
+
+#  ________________________________________________________________________
+# |                                                                            |
+# |                                                         .:: REFERENCES ::. |
+# |____________________________________________________________________________|
+
+
+
+https://wiki.archlinux.org/index.php/Dell_XPS_13_2-in-1_(7390)
+https://gist.github.com/huntrar/e42aee630bee3295b2c671d098c81268
+https://gist.github.com/chrisleekr/a23e93edc3b0795d8d95f9c70d93eedd
+https://gist.github.com/ymatsiuk/1181b514a9c1979088bd2423a24928cf
diff --git a/examples/keda/grafana.bash b/examples/keda/grafana.bash
new file mode 100644
index 0000000..8324472
--- /dev/null
+++ b/examples/keda/grafana.bash
@@ -0,0 +1,126 @@
+#!/usr/bin/env bash
+
+## tested on macosx using minikube 1.17.0 and k8s v1.20.2 on Docker 20.10.2
+
+set -ex
+
+minikube start --cpus 4 --memory 4GiB --vm
+minikube addons enable metrics-server
+minikube addons enable ingress
+
+kubectl patch deployments.apps --namespace kube-system ingress-nginx-controller --patch '
+spec:
+  template:
+    metadata:
+      annotations:
+        prometheus.io/port: "10254"
+        prometheus.io/scrape: "true"
+'
+
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo add grafana https://grafana.github.io/helm-charts
+helm repo add kedacore https://kedacore.github.io/charts
+helm repo update
+
+cat > /tmp/demo.keda.grafana.values.yaml <<EOF
+adminPassword: qwerty
+ingress:
+  enabled: true
+  hosts:
+    - grafana
+EOF
+
+helm upgrade --install --namespace monitoring --create-namespace prometheus prometheus-community/prometheus --wait
+helm upgrade --install --namespace monitoring --create-namespace grafana grafana/grafana --values /tmp/demo.keda.grafana.values.yaml --wait
+helm upgrade --install --namespace scaling --create-namespace keda kedacore/keda --version 2.0.0 --wait
+
+cat > /tmp/demo.keda.scaledobject.yaml <<EOF
+apiVersion: keda.sh/v1alpha1
+kind: ScaledObject
+metadata:
+  name: grafana
+  namespace: monitoring
+spec:
+  scaleTargetRef:
+    name: grafana
+  minReplicaCount: 1
+  maxReplicaCount: 5
+  pollingInterval: 2
+  advanced:
+    restoreToOriginalReplicaCount: true
+    horizontalPodAutoscalerConfig:
+      behavior:
+        scaleDown:
+          stabilizationWindowSeconds: 3
+          policies:
+          - type: Percent
+            value: 100
+            periodSeconds: 5
+        scaleUp:
+          stabilizationWindowSeconds: 3
+          policies:
+          - type: Percent
+            value: 100
+            periodSeconds: 5
+  triggers:
+  - type: prometheus
+    metadata:
+      serverAddress: http://prometheus-server.monitoring
+      metricName: nginx_ingress_controller_requests
+      query: sum(rate(nginx_ingress_controller_requests{ingress="grafana"}[2m]))
+      threshold: '10'
+EOF
+# HPA behavior is available from K8S v1.18.0. Delete the
+# spec.advanced.horizontalPodAutoscalerConfig key if using a previous version
+if [[ $(kubectl version --short --output json | jq -r '.serverVersion.minor' -) -lt 18 ]]; then
+  yq -y 'del(.spec.advanced.horizontalPodAutoscalerConfig)' /tmp/demo.keda.scaledobject.yaml | kubectl apply --filename -
+else
+  kubectl apply --filename /tmp/demo.keda.scaledobject.yaml
+fi
+watch "kubectl get scaledobject.keda.sh/grafana --namespace monitoring"
+watch "kubectl get horizontalpodautoscalers.autoscaling --namespace monitoring keda-hpa-grafana"
+
+echo "$(minikube ip) grafana" | sudo tee -a /etc/hosts
+while true; do ab -n 750 -c 1 http://grafana/; sleep 10; done
+
+exit 0
+
+# ---------------
+# troubleshooting
+# ---------------
+
+# check the query on prometheus
+kubectl apply --filename - <<EOF
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: prometheus
+  namespace: monitoring
+spec:
+  rules:
+  - host: prometheus
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: prometheus-server
+            port:
+              number: 80
+EOF
+open http://prometheus
+
+# check the deployment is being watched
+kubectl logs --namespace scaling $(kubectl get pods --namespace scaling | grep -v metrics-apiserver | sed 1d | cut -d ' ' -f 1)
+
+# check grafana's ingress stats
+curl "http://grafana/api/datasources" --request POST --user admin:qwerty --header "Content-Type: application/json" --data '{
+  "name": "Prometheus",
+  "type": "prometheus",
+  "access": "proxy",
+  "url": "http://prometheus-server"
+}'
+curl "https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/grafana/dashboards/nginx.json" | pbcopy
+open http://grafana/
+# import a dashboard pasting the clipboard's content
diff --git a/examples/keda/nextcloud.bash b/examples/keda/nextcloud.bash
new file mode 100644
index 0000000..3927da8
--- /dev/null
+++ b/examples/keda/nextcloud.bash
@@ -0,0 +1,217 @@
+#!/usr/bin/env bash
+
+set -ex
+
+# minikube start --cpus 4 --memory 4GiB --vm
+# minikube addons enable ingress
+# minikube addons enable metrics-server
+
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo add kedacore https://kedacore.github.io/charts
+helm repo add nextcloud https://nextcloud.github.io/helm/
+helm repo update
+
+helm upgrade --install --namespace monitoring --create-namespace prometheus prometheus-community/prometheus --values <(
+ingress:
+  enabled: true
+  hosts:
+    - prometheus
+)
+helm upgrade --install --namespace scaling --create-namespace keda kedacore/keda --set prometheus.enabled=true
+helm upgrade --install --namespace nextcloud --create-namespace nextcloud nextcloud/nextcloud \
+  --set ingress.enabled=true \
+  --set metrics.enabled=true \
+  --set nextcloud.host=nextcloud \
+  --set nextcloud.password=qwerty \
+  --set-string service.port=80
+
+kubectl patch service --namespace monitoring prometheus-server --patch '{
+  "spec": {
+    "type": "NodePort"
+  }
+}'
+kubectl patch deployments.apps --namespace kube-system ingress-nginx-controller --patch '{
+  "spec": {
+    "template": {
+      "metadata": {
+        "annotations": {
+          "prometheus.io/port": "10254",
+          "prometheus.io/scrape": "true"
+        }
+      }
+    }
+  }
+}'
+# minikube service --namespace monitoring prometheus-server
+
+# kubectl patch service --namespace monitoring grafana --patch '{
+#   "spec": {
+#     "type": "NodePort"
+#   }
+# }'
+# curl "$(minikube service --namespace monitoring grafana --url)/api/datasources" --request POST --user admin:qwerty --header "Content-Type: application/json" --data '{
+#   "name": "Prometheus",
+#   "type": "prometheus",
+#   "access": "proxy",
+#   "url": "http://prometheus-server"
+# }'
+
+# echo "$(minikube ip)  nextcloud" | sudo tee -a /etc/hosts
+# minikube service --namespace nextcloud nextcloud
+
+kubectl apply --filename - <<EOF
+apiVersion: keda.sh/v1alpha1
+kind: ScaledObject
+metadata:
+  name: grafana
+  namespace: monitoring
+spec:
+  scaleTargetRef:
+    name: grafana
+  minReplicaCount: 1
+  maxReplicaCount: 5
+  pollingInterval: 5
+  advanced:
+    restoreToOriginalReplicaCount: true
+  triggers:
+  - type: prometheus
+    metadata:
+      serverAddress: http://prometheus-server.monitoring
+      metricName: nginx_ingress_controller_requests
+      query: sum(rate(nginx_ingress_controller_requests{ingress="grafana"}[2m]))
+      threshold: '1000'
+EOF
+
+ab -n 100000 -c 10 http://grafana/
+
+
+
+
+
+
+
+------
+
+
+#!/usr/bin/env bash
+
+## tested on macosx using minikube 1.17.0 and k8s v1.20.2 on Docker 20.10.2
+
+set -ex
+
+# minikube start --cpus 4 --memory 4GiB --vm
+# minikube addons enable ingress
+# minikube addons enable metrics-server
+
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo add grafana https://grafana.github.io/helm-charts
+helm repo add kedacore https://kedacore.github.io/charts
+helm repo update
+
+cat > /tmp/values.demo.grafana.yaml <<EOF
+adminPassword: qwerty
+ingress:
+  enabled: true
+  hosts:
+    - grafana
+EOF
+
+# echo "$(minikube ip)  grafana prometheus" | sudo tee -a /etc/hosts
+
+helm upgrade --install --namespace monitoring --create-namespace prometheus prometheus-community/prometheus
+helm upgrade --install --namespace monitoring --create-namespace grafana grafana/grafana --values /tmp/values.demo.grafana.yaml
+helm upgrade --install --namespace scaling --create-namespace keda kedacore/keda
+
+kubectl patch service --namespace monitoring prometheus-server --patch '{
+  "spec": {
+    "type": "NodePort"
+  }
+}'
+minikube service --namespace monitoring prometheus-server
+
+kubectl patch deployments.apps --namespace kube-system ingress-nginx-controller --patch '{
+  "spec": {
+    "template": {
+      "metadata": {
+        "annotations": {
+          "prometheus.io/port": "10254",
+          "prometheus.io/scrape": "true"
+        }
+      }
+    }
+  }
+}'
+
+curl "http://grafana/api/datasources" --request POST --user admin:qwerty --header "Content-Type: application/json" --data '{
+  "name": "Prometheus",
+  "type": "prometheus",
+  "access": "proxy",
+  "url": "http://prometheus-server"
+}'
+curl "https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/grafana/dashboards/nginx.json" | pbcopy
+open http://grafana/
+# import a dashboard pasting the clipboard's content
+
+kubectl apply --filename - <<EOF
+apiVersion: keda.sh/v1alpha1
+kind: ScaledObject
+metadata:
+  name: grafana
+  namespace: monitoring
+spec:
+  scaleTargetRef:
+    name: grafana
+  minReplicaCount: 1
+  maxReplicaCount: 5
+  pollingInterval: 2
+  advanced:
+    restoreToOriginalReplicaCount: true
+  triggers:
+  - type: prometheus
+    metadata:
+      serverAddress: http://prometheus-server.monitoring
+      metricName: nginx_ingress_controller_requests
+      query: sum(rate(nginx_ingress_controller_requests{ingress="grafana"}[2m]))
+      threshold: '10'
+EOF
+
+# HPA behavior is available from K8S v1.18.0
+# ---
+kubectl apply --filename - <<EOF
+apiVersion: keda.sh/v1alpha1
+kind: ScaledObject
+metadata:
+  name: grafana
+  namespace: monitoring
+spec:
+  scaleTargetRef:
+    name: grafana
+  minReplicaCount: 1
+  maxReplicaCount: 5
+  pollingInterval: 2
+  advanced:
+    restoreToOriginalReplicaCount: true
+    horizontalPodAutoscalerConfig:
+      behavior:
+        scaleDown:
+          stabilizationWindowSeconds: 3
+          policies:
+          - type: Percent
+            value: 100
+            periodSeconds: 5
+        scaleUp:
+          stabilizationWindowSeconds: 3
+          policies:
+          - type: Percent
+            value: 100
+            periodSeconds: 5
+  triggers:
+  - type: prometheus
+    metadata:
+      serverAddress: http://prometheus-server.monitoring
+      metricName: nginx_ingress_controller_requests
+      query: sum(rate(nginx_ingress_controller_requests{ingress="grafana"}[2m]))
+      threshold: '10'
+EOF
+
+ab -n 750 -c 1 http://grafana/