From 9c48734f33a2a6ee0d09ead1cffe82971e4a5e5f Mon Sep 17 00:00:00 2001 From: The Ephemeral Force Date: Tue, 18 Feb 2025 16:16:31 -0500 Subject: [PATCH] initial --- blog.yaml | 101 +++++++++++++++++++++++++++++++++++++ clarkeis.yaml | 64 ++++++++++++++++++++++++ deadlyboringmath.yaml | 64 ++++++++++++++++++++++++ docker-registry.yaml | 97 +++++++++++++++++++++++++++++++++++ gitea-runner.yaml | 59 ++++++++++++++++++++++ gitea.yaml | 114 ++++++++++++++++++++++++++++++++++++++++++ mysql.yaml | 85 +++++++++++++++++++++++++++++++ nextcloud.yaml | 82 ++++++++++++++++++++++++++++++ swaous.yaml | 64 ++++++++++++++++++++++++ tardiggas.yaml | 64 ++++++++++++++++++++++++ tls.yaml | 30 +++++++++++ 11 files changed, 824 insertions(+) create mode 100644 blog.yaml create mode 100644 clarkeis.yaml create mode 100644 deadlyboringmath.yaml create mode 100644 docker-registry.yaml create mode 100644 gitea-runner.yaml create mode 100644 gitea.yaml create mode 100644 mysql.yaml create mode 100644 nextcloud.yaml create mode 100644 swaous.yaml create mode 100644 tardiggas.yaml create mode 100644 tls.yaml diff --git a/blog.yaml b/blog.yaml new file mode 100644 index 0000000..94c14e3 --- /dev/null +++ b/blog.yaml @@ -0,0 +1,101 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: wp-pv-claim + labels: + app: wordpress +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: blog + labels: + app: blog +spec: + selector: + matchLabels: + app: blog + template: + metadata: + labels: + app: blog + spec: + containers: + - name: blog-container + image: wordpress:6.2.1-apache + ports: + - containerPort: 80 + env: + - name: WORDPRESS_DB_HOST + value: mysql.default + - name: WORDPRESS_DB_PASSWORD + value: password + - name: WORDPRESS_DB_USER + value: chyrp + - name: WORDPRESS_DB_NAME + value: chyrp + volumeMounts: + - name: wordpress-persistent-storage + mountPath: /var/www/html + volumes: + - name: wordpress-persistent-storage + persistentVolumeClaim: + claimName: wp-pv-claim + +--- + +apiVersion: v1 +kind: Service +metadata: + name: blog-svc +spec: + selector: + app: blog + ports: + - port: 80 + +--- + +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: strip-prefix +spec: + stripPrefixRegex: + regex: + - ^/[^/]+ + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-issuer + kubernetes.io/ingress.class: traefik +# traefik.ingress.kubernetes.io/router.middlewares: default-strip-prefix@kubernetescrd + name: blog +spec: + rules: + - host: swaous.asuscomm.com + http: + paths: + - path: /blog + pathType: Prefix + backend: + service: + name: blog-svc + port: + number: 80 + tls: + - hosts: + - swaous.asuscomm.com + secretName: swaous-tls diff --git a/clarkeis.yaml b/clarkeis.yaml new file mode 100644 index 0000000..7aee062 --- /dev/null +++ b/clarkeis.yaml @@ -0,0 +1,64 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: clarkeis-com + annotations: + keel.sh/policy: all + keel.sh/trigger: poll +spec: + replicas: 2 + selector: + matchLabels: + app: clarkeis.com + template: + metadata: + labels: + app: clarkeis.com + spec: + containers: + - name: clarkeis-container + image: swaous.asuscomm.com/clarkeis.com:latest + imagePullPolicy: Always + ports: + - containerPort: 80 + imagePullSecrets: + - name: regcred + +--- + +apiVersion: v1 +kind: Service +metadata: + name: clarkeis-service +spec: + selector: + app: clarkeis.com + ports: + - port: 80 + targetPort: 80 + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-issuer + kubernetes.io/ingress.class: traefik + name: clarkeis +spec: + rules: + - host: www.clarkeis.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: clarkeis-service + port: + number: 80 + tls: + - hosts: + - www.clarkeis.com + secretName: clarkeis-tls diff --git a/deadlyboringmath.yaml b/deadlyboringmath.yaml new file mode 100644 index 0000000..4d751a6 --- /dev/null +++ b/deadlyboringmath.yaml @@ -0,0 +1,64 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: deadlyboringmath-com + annotations: + keel.sh/policy: all + keel.sh/trigger: poll +spec: + replicas: 1 + selector: + matchLabels: + app: deadlyboringmath.us + template: + metadata: + labels: + app: deadlyboringmath.us + spec: + containers: + - name: dbmus-container + image: swaous.asuscomm.com/deadlyboringmath.us:latest + imagePullPolicy: Always + ports: + - containerPort: 80 + imagePullSecrets: + - name: regcred + +--- + +apiVersion: v1 +kind: Service +metadata: + name: dbmus-service +spec: + selector: + app: deadlyboringmath.us + ports: + - port: 80 + targetPort: 80 + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-issuer + kubernetes.io/ingress.class: traefik + name: deadlyboringmath +spec: + rules: + - host: deadlyboringmath.us + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: dbmus-service + port: + number: 80 + tls: + - hosts: + - deadlyboringmath.us + secretName: dbmus-tls diff --git a/docker-registry.yaml b/docker-registry.yaml new file mode 100644 index 0000000..82d19b9 --- /dev/null +++ b/docker-registry.yaml @@ -0,0 +1,97 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: docker-registry-pv-claim + namespace: docker-registry +spec: + accessModes: + - ReadWriteOnce + volumeMode: Filesystem + resources: + requests: + storage: 100Gi + storageClassName: csi-cinder-classic + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: docker-registry + labels: + app: docker-registry +spec: + replicas: 1 + selector: + matchLabels: + app: docker-registry + template: + metadata: + labels: + app: docker-registry + spec: + containers: + - name: docker-registry + image: registry + ports: + - containerPort: 5000 + volumeMounts: + - name: storage + mountPath: /var/lib/registry + - name: htpasswd + mountPath: /auth + readOnly: true + env: + - name: REGISTRY_AUTH + value: htpasswd + - name: REGISTRY_AUTH_HTPASSWD_REALM + value: Docker Registry + - name: REGISTRY_AUTH_HTPASSWD_PATH + value: /auth/htpasswd + - name: REGISTRY_STORAGE_DELETE_ENABLED + value: "true" + volumes: + - name: storage + emptyDir: {} # FIXME -make this more permanent later + - name: htpasswd + secret: + secretName: docker-registry-htpasswd + +--- + +apiVersion: v1 +kind: Service +metadata: + name: docker-registry-service +spec: + selector: + app: docker-registry + ports: + - protocol: TCP + port: 5000 + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-issuer + kubernetes.io/ingress.class: traefik + name: docker-registry +spec: + rules: + - host: swaous.asuscomm.com + http: + paths: + - path: /v2 + pathType: Prefix + backend: + service: + name: docker-registry-service + port: + number: 5000 + tls: + - hosts: + - swaous.asuscomm.com + secretName: swaous-tls diff --git a/gitea-runner.yaml b/gitea-runner.yaml new file mode 100644 index 0000000..5bcbe34 --- /dev/null +++ b/gitea-runner.yaml @@ -0,0 +1,59 @@ +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: act-runner-vol +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +data: + token: QU1MV2hMWmYwSVBIV2VJYUtwbmgwdTFnc0VwSUtDN3QxbzI3dTRPQgo= +kind: Secret +metadata: + name: runner-secret +type: Opaque +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: act-runner + name: act-runner +spec: + replicas: 1 + selector: + matchLabels: + app: act-runner + strategy: {} + template: + metadata: + creationTimestamp: null + labels: + app: act-runner + spec: + restartPolicy: Always + volumes: + - name: runner-data + persistentVolumeClaim: + claimName: act-runner-vol + containers: + - name: runner + image: gitea/act_runner:latest-dind-rootless + imagePullPolicy: Always + # command: ["sh", "-c", "while ! nc -z localhost 2376