diff options
Diffstat (limited to 'data.d/k3s-master/manifests.d/hurzak')
27 files changed, 747 insertions, 0 deletions
diff --git a/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-production.yaml b/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-production.yaml new file mode 100644 index 0000000..dbff2c2 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-production.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-production +spec: + acme: + email: root@tyil.net + server: https://acme-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: clusterissuer-letsencrypt-production + solvers: + - http01: + ingress: + class: traefik +... diff --git a/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-staging.yaml b/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-staging.yaml new file mode 100644 index 0000000..9b0a27d --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/base-system/certmanager/letsencrypt-staging.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-staging +spec: + acme: + email: root@tyil.net + server: https://acme-staging-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: clusterissuer-letsencrypt-staging + solvers: + - http01: + ingress: + class: traefik + selector: {} +... diff --git a/data.d/k3s-master/manifests.d/hurzak/namespaces.yaml b/data.d/k3s-master/manifests.d/hurzak/namespaces.yaml new file mode 100644 index 0000000..aab254a --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/namespaces.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: base-system +... +--- +apiVersion: v1 +kind: Namespace +metadata: + name: personal-services +... +--- +apiVersion: v1 +kind: Namespace +metadata: + name: public-services +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml new file mode 100644 index 0000000..5cd9975 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml @@ -0,0 +1,52 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: keycloak + namespace: personal-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + template: + metadata: + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + spec: + containers: + - name: keycloak + image: quay.io/keycloak/keycloak:21.0.2 + args: ["start-dev"] + env: + - name: KEYCLOAK_ADMIN + valueFrom: + secretKeyRef: + name: keycloak-credentials + key: username + - name: KEYCLOAK_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: keycloak-credentials + key: password + - name: KC_PROXY + value: "edge" + ports: + - name: http + containerPort: 8080 + readinessProbe: + httpGet: + path: /realms/master + port: 8080 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml new file mode 100644 index 0000000..40e6d22 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: keycloak + namespace: personal-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" +spec: + ingressClassName: "traefik" + tls: + - hosts: + - id.tyil.nl + secretName: tls-nl.tyil.id + rules: + - host: id.tyil.nl + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: keycloak + port: + number: 8080 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml new file mode 100644 index 0000000..acda853 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml @@ -0,0 +1,18 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: keycloak-credentials + namespace: personal-services +spec: + encryptedData: + password: AgCpUewLKDwRembIHJSygOSViDlKDmA0UhKS6xaEWWpSZ2Cc0rJbtQZG6blK5O231wAXiILfCjY9oKAzLaHKQ+gqrmCwMCcYBsBT+r9SUk5iSYHUQW90nCNwgZ9kzCE8erBTFov2qWFLHxCuzhrAp2BlSDP8mAV8OwGuiNFeaqv0yVciaMfz89h+y4O3hJgGIhNZn8Pn/z4KgbP21GwUHf9OYCpkTfLyHFKqkfSUyBivIYlcI4aOL6PEy4PIPbSW0VgtPRwWCSM+/QU8H7MiOn93r9shtDcifp/9irWmd+PHwGE+xaJZLacirRtMcR4Fg9nV5V/AbuDjUokj4hwWyXN7RJBXa7uEhYGOhmGVHEqjuSkXRTxIH0d2xdXRSbKMMVcv1nOytRs2l5e98ggPWq1CwF1XCVnGosAkynlmaB0DKztdRJz3g2FJeFkLjDWOjOMV8iPLHbCrOZeJ59snknzeYaIZ7WZ5BKLRUSXSC7yQvNX6dAD0eSCs1pKb+kFcaBVYi0vjEwIMe4KlSgYcaVXOyte65PCC1GYFgWyjr50g2qDLIJNzEQYj41nsTUwu5r29YRcj8hBX4aVMJO4VMlOMwWbOOvjLZCpFY0wASUoGaM/PEHllHqboVKPIokbZokyAMH6XwGHzy4gybB9OQUSe6+rYjST2CjF+JL0Z50yi0qg0bpnyUJ9GLcTOEY8FGkS241NlInRDGYw= + username: AgA+PP/Nr93rKQix8v9cx4r/LOHfUVjNA+6QEB3ITCbrjpmPC7DlzYtmGVGmIKpTqnzBZZOc1KjdVVgF+YNOZLoulGQOp3cx18LgxbxLU3Uh5kuSKkRDOZzSxe6OpVy0DE5aJXQqB9uzPDs9liIasW6ELbgOcgxOyk/+I0vkYcFpb+J7lbOMsLm4iPW/aY6AV35vmB0QLutDBoBiObfdwI9xJUHCZds9emuPY9wElybzBpsUVDoW9diTu64ePNL55RvTMloShTt4ICVrR/WGIJnOiwtXIMigzzBWPFBPyYIOsjMfBQgquXhpRVksNhSfmVQWwvWaFPb7IjeS1KeyIPl01XeJRej+AodT8n0lmW1YFsUiMj6GRELBNCmeW+r3+vWJlXcaVAN9a8ds8bN3F34iVs/JxVUHVA25T/bdtJY9kS0eM+9Xfli6F5Z61v8jjKS2PfJGAJq1Gly6E5eugzslHVwjmSfkB2mGYL8IJ3SJl93C+CX6l3txKKa+EWN7Sdt0wZpSZKUw4nmiYK8Vt6rvgcKc41obTxSFdQyYpwBtzGINuda5kto92gXvZi/FmBxISP2uCXPpcIHfnFS73xyuLTsRjmHgHr8ss/LGYdBPE7PLihd+av1mMd02X4j+pfT0E11EbHp+sJ47W0UGskYsR24HJw4pXVwYcFA0lfNd8PQgDPOOcxOYz65iFnmnAfeSBJo5 + template: + data: null + metadata: + creationTimestamp: null + name: keycloak-credentials + namespace: personal-services + type: Opaque + diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml new file mode 100644 index 0000000..c9068b7 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + namespace: personal-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + ports: + - name: http + port: 8080 + targetPort: 8080 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/deployment.yaml new file mode 100644 index 0000000..9553007 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/deployment.yaml @@ -0,0 +1,36 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: uptime-kuma + namespace: personal-services +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: uptime-kuma + app.kubernetes.io/part-of: personal-services + template: + metadata: + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: uptime-kuma + app.kubernetes.io/part-of: personal-services + spec: + containers: + - name: uptime-kuma + image: louislam/uptime-kuma:1 + ports: + - containerPort: 3001 + volumeMounts: + - name: data + mountPath: /app/data + volumes: + - name: data + hostPath: + type: Directory + path: /srv/personal-services/uptime-kuma +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/ingress.yaml new file mode 100644 index 0000000..66eb258 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/ingress.yaml @@ -0,0 +1,45 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: uptime-kuma + namespace: personal-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: uptime-kuma + app.kubernetes.io/part-of: personal-services + annotations: + cert-manager.io/cluster-issuer: letsencrypt-production + #nginx.ingress.kubernetes.io/configuration-snippet: | + # proxy_cache_bypass $http_upgrade; + # proxy_set_header Connection "Upgrade"; + # proxy_set_header Host $host; + # proxy_set_header Upgrade $http_upgrade; + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # proxy_set_header X-Forwarded-For $remote_addr; + # proxy_set_header X-Forwarded-Host $http_host; + # proxy_set_header X-Forwarded-Proto $scheme; + # proxy_set_header X-Real-IP $remote_addr; + #nginx.ingress.kubernetes.io/proxy-http-version: "1.1" + #nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" + #nginx.ingress.kubernetes.io/proxy-send-timeout: "3600" + #nginx.ingress.kubernetes.io/ssl-redirect: "true" +spec: + ingressClassName: "traefik" + rules: + - host: uptime.tyil.nl + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: uptime-kuma + port: + number: 80 + tls: + - hosts: + - uptime.tyil.nl + secretName: tls-nl.tyil.uptime +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/service.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/service.yaml new file mode 100644 index 0000000..51d6d53 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/service.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: uptime-kuma + namespace: personal-services +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: uptime-kuma + app.kubernetes.io/part-of: personal-services + ports: + - protocol: TCP + port: 80 + targetPort: 3001 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/deployment.yaml new file mode 100644 index 0000000..66c7912 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/deployment.yaml @@ -0,0 +1,34 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: invidious + namespace: public-services +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: invidious + app.kubernetes.io/part-of: public-services + template: + metadata: + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: invidious + app.kubernetes.io/part-of: public-services + spec: + containers: + - name: invidious + image: quay.io/invidious/invidious:latest + ports: + - containerPort: 8080 + env: + - name: INVIDIOUS_CONFIG + valueFrom: + secretKeyRef: + name: invidious-config + key: config.yml +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/ingress.yaml new file mode 100644 index 0000000..cb675a9 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/ingress.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: invidious + namespace: public-services + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: invidious + app.kubernetes.io/part-of: public-services +spec: + ingressClassName: "traefik" + tls: + - hosts: + - youtube.alt.tyil.nl + secretName: tls-nl.tyil.alt.youtube + rules: + - host: youtube.alt.tyil.nl + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: invidious-http + port: + number: 80 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/sealed-secret.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/sealed-secret.yaml new file mode 100644 index 0000000..013d172 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/sealed-secret.yaml @@ -0,0 +1,21 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: invidious-config + namespace: public-services +spec: + encryptedData: + config.yml: AgBk+TMQyCIBOJzAx4XOwdbSlwWbcUSMdkxdAOKwZiq67cC/5LHXNgxRooRYVsq9pbul4lE46vkDs1a+VuE7ePEiSCqIFj4kQkqGFot33BBFdw378KrfolOKlcsT0aYpxj4MPIobs2MPLSFTFvf8S/JuBn3b6NFzzYvxteA5ljE0JnTluQhXilevDl81BmmiXBgyJZQEMjz8tLZQVCHWG9hQn+aQc4RVei/M0z4LVhLj4QZ6L315bPoFxLB2O43jWgon5wOirvSvdJzJ/d0laKePq94zu5xrtC/w5zIErlPpDL9oFh9vGHGf790SVc+1HNn7AeRhLPWpHNkmypODqjYjpGoTWoLYz7aU8ie1lNcpE4q752rbYzxS2TQuhlJCVpB55MtZZ9n0JoV3cABZW48VyWqU9g0jFpWF22M8oDDq5Yft58J3aHtZxZmmdCI9SbppWVyuI/WZ5qze3D2RNnDlY4FixZmDum49Ur9IHMpCEz0tOdEnDoyrQZ8LhT7LohewMClB4MuAwJ3ObF8XiLEgRDxFG501tfsK2L27m4PzCS4Zrm5K1u/gaXjWDHQxli/eMZqUXqF4TdTSF15R3XMEnjMxBne88L/DaPboQbtp70WFweazHX6wwST0HiKigwsndOL9o/ynd2TZA3E55EWbtD5mBW8PR3NPAzVg7GomyE71X4y+yMxfGgExfiyffjcP0yT+/BcKby6lsA9pI1OaIQ+Md1s+RnLqcd1gSbuY4n0/hAGTI1kfDVKxwOO+iWaY9RzSEy/qXNoOjhmSaEXVlxVexOnbThY0skxmftQbC4JjD6QJ59H/30ZieyF00obMJ5np4V7ktyewVrEVOx0rxlbf5qZUtQFsOocj7B5Pd9zJNar/OU68WfOZ0QcQxCVlG2ebSc9j+IevS6niW8IaO9mI9z0nhMeS4+a99VjGy7MXzfzmX6OOEilfMGkvIwzz9Ks0FkhgXDXVF9cn5SsYKGGq6bDpAcLG7KNdGNcqiD9tGjx0YlHj18MbLubwszy+qEBuuhMLEcjzUCnxhjjAkq6GJChZ28Xnf5GbzTG4QiCWKJssrIvStDU7Uc0iyh/FP9Hb+XgeliTNjlC2Mc8XEjH8y+pP8jTHzsPYNM0aD3HmKOoSi8yy8GKMGtgX8NHH70HltUek9bHLKL9AjxNJIOhCJ0piJYFf9w== + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: invidious-config + app.kubernetes.io/part-of: invidious + name: invidious-config + namespace: public-services + type: Opaque + diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/service.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/service.yaml new file mode 100644 index 0000000..e4f95be --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/invidious/service.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: v1 +kind: Service +metadata: + # Funfact: if this name is set to "invidious", things will break! + # https://github.com/iv-org/invidious/issues/2970 + name: invidious-http + namespace: public-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: invidious + app.kubernetes.io/part-of: public-services +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: invidious + app.kubernetes.io/part-of: public-services + ports: + - protocol: TCP + port: 80 + targetPort: 3000 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/deployment.yaml new file mode 100644 index 0000000..8ad6401 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/deployment.yaml @@ -0,0 +1,39 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nitter + namespace: public-services +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: nitter + app.kubernetes.io/part-of: public-services + template: + metadata: + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: nitter + app.kubernetes.io/part-of: public-services + spec: + containers: + - name: nitter + image: zedeus/nitter + ports: + - containerPort: 8080 + env: + - name: REDIS_HOST + value: "redis-nitter-master" + volumeMounts: + - name: config + subPath: nitter.conf + mountPath: /src/nitter.conf + volumes: + - name: config + secret: + secretName: nitter-config +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/ingress.yaml new file mode 100644 index 0000000..6c3e671 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/ingress.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: nitter + namespace: public-services + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: nitter + app.kubernetes.io/part-of: public-services +spec: + ingressClassName: "traefik" + tls: + - hosts: + - twitter.alt.tyil.nl + secretName: tls-nl.tyil.alt.twitter + rules: + - host: twitter.alt.tyil.nl + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: nitter + port: + number: 80 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/sealed-secret.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/sealed-secret.yaml new file mode 100644 index 0000000..ab6cf1b --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/sealed-secret.yaml @@ -0,0 +1,21 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: nitter-config + namespace: public-services +spec: + encryptedData: + nitter.conf: AgA/KW9/ptYadmBAk8uwZ4u/OkJqzLg3Cns+XPGKHKii66esMuA9M4EqqB8dMHbI1zZi5wPxcdVBNeEX2cguPv0V9/PYtq24T5HJ2tGiQKKPxi1KqQUJquIxyDYZIzr5qYCu9TQfUSIQg3aGzuKyJTdckG3BJtjnGY8DMU/AIfSeU67ZEyNWSFmUtt80pqCL0oKi+tq7Bngb9jFCJHQv5F0yWF2MehuknNuI++QECAModVtkq/nRViKSGaN8IqVDWnfn71vH7CRsbL5c/Eb9ra7ptAHtLEuC54U5ezDhNEeJt93SGw6yniBy69sBtAauWzGofhK3y+eVAsjZsRZPZGpyyziHl21MHJdaCjvJTvxVp8tJqtD2bwOZTczV2tZO84ES2wftqgZaWBOqewtgPcH/yC4AtHdgK1xlEwNbE8EQ0rCpWdhPTsK4ZB3r9w2xujbQh5DiH7y+D50z4D54BJdvmdC/M/9s4WdSytSGF7fXU9LOfUE4/r9fUDn6vEDe5UYoFY9ej7ObBP6tZ2OFOizmyZ0BbS+IZ+szHHZI3Scgl1nPzUhJ3XcFQC549va5QgWg07ykFZdf/EDypbic/iK2Bke31G9BtP1DCoj34FUh+APIwUKEx9SnXJ732wOo7zPN0JCW32K8+OrStdKCX2K7STLoQ8Tby9Az5H0DSnTaYQvrt+FvRuNX+vriC4u4L8C5rQbRxJi67e1+FDPp8XoxZrhv5UZuS1hA5X2nEL+Q76s1ZdHiokVvBqj82F0fW7Jymt3AeGPqgorWWlmCJrLw7Rqfq3AoRy5QQ94jF4emeMVzZlp5HND0ZaIlajUeNl8R7/qmMgy/BoRnJP+QAhIfX8mwFowRnDY1YASIpt+eNoYf8XLaJO611glOTdUgt3FVNE1+3qbO7agBTx/rX9lfJf2BMwSyEWqsQbM+pnxQZxS36j85deTxTze758raPNgEcT2p4dr0RCWJt0jJchEpWcBLdGNMM+5J+Y5WQOFiA+MyS3R0SlSib+grvoxgFZMDO9UPJvCkijxuAki1n2y5D2S2vbNn2Cnk1gBCFBFbrK2u41i2HXsl1o4YoBTqinaD4SktCnJ1WSXalaVMkBA6FZz9tiyHwbC3LQRy8UoeSEF3cz90jD6JniN2nn5K2CmgSKiJLBNk/UDhiLEicCbVBkwuOxvygc07fTYU/+fWIV0HqkkdhTby3mLL//ylQNB2axlujeQgqfQEcqrkYbQrNaCh+cpQTBy9sV0yVAgXDrrhPjnvTWelp8V6wtUypLFh0CoEZ9qdgUiFPLSy1Jkt72zPiur7Uml6UAPaw5Q4Y5U7rHB530m1XWpfw7xQ43yMTI9P3aBPxgVyz0k0NAdWlCgXpqyH1Lrn/d0LmGRmDhsvJtO6ArJyikO3bbxecYCyOVDNZO4Uglf/vqKbhUtqRgj8xYV6tZqaoNk/AHAMVAncSCas7ffDS9Awx0GNhcPz0Vw5h/VeeuR2HbVcclLZ3hPKQUfGGHdUyO3nxSxyuGdjNiuJjiSsyWRoX57sxpX2DeQyqrxddsL9Hudxc9RMdpkq6YchfoReF3vdDkgENwAYI4A0xFRNgn8I8vDSx9A2UKjahns/aRvRJ6LLrn2KvXW5yQk2Oomdo4ak2Co2HAmVVa/C6WbsnlPzaHLVGupEVwV/aw== + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: nitter-config + app.kubernetes.io/part-of: nitter + name: nitter-config + namespace: public-services + type: Opaque + diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/service.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/service.yaml new file mode 100644 index 0000000..f9bba4b --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/nitter/service.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: nitter + namespace: public-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: nitter + app.kubernetes.io/part-of: public-services +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: nitter + app.kubernetes.io/part-of: public-services + ports: + - protocol: TCP + port: 80 + targetPort: 8080 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/deployment.yaml new file mode 100644 index 0000000..2cef276 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/deployment.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: omgur + namespace: public-services +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: omgur + app.kubernetes.io/part-of: public-services + template: + metadata: + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: omgur + app.kubernetes.io/part-of: public-services + spec: + containers: + - name: omgur + image: registry.gitlab.com/geraldwuhoo/omgur:latest + ports: + - containerPort: 8080 + env: + - name: REDIS_HOST + value: "redis-omgur-master" +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/ingress.yaml new file mode 100644 index 0000000..b8d7e1a --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/ingress.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: omgur + namespace: public-services + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: omgur + app.kubernetes.io/part-of: public-services +spec: + ingressClassName: "traefik" + tls: + - hosts: + - imgur.alt.tyil.nl + secretName: tls-nl.tyil.alt.imgur + rules: + - host: imgur.alt.tyil.nl + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: omgur + port: + number: 80 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/service.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/service.yaml new file mode 100644 index 0000000..f848c14 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/omgur/service.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: omgur + namespace: public-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: omgur + app.kubernetes.io/part-of: public-services +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: omgur + app.kubernetes.io/part-of: public-services + ports: + - protocol: TCP + port: 80 + targetPort: 8080 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/deployment.yaml new file mode 100644 index 0000000..f5f6064 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/deployment.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: searxng + namespace: public-services +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: searxng + app.kubernetes.io/part-of: searxng + template: + metadata: + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: searxng + app.kubernetes.io/part-of: searxng + spec: + containers: + - name: searxng + image: searxng/searxng:2022.08.01-7c9c1124 + ports: + - containerPort: 8080 + env: + - name: BASE_URL + value: https://searxng.tyil.nl +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/ingress.yaml new file mode 100644 index 0000000..0b8fe62 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/ingress.yaml @@ -0,0 +1,26 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: searxng + namespace: public-services + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" +spec: + ingressClassName: "traefik" + tls: + - hosts: + - searxng.tyil.nl + secretName: tls-nl.tyil.searxng + rules: + - host: searxng.tyil.nl + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: searxng + port: + number: 80 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/service.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/service.yaml new file mode 100644 index 0000000..23fb8ac --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/searxng/service.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: searxng + namespace: public-services +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: searxng + app.kubernetes.io/part-of: searxng + ports: + - protocol: TCP + port: 80 + targetPort: 8080 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/deployment.yaml new file mode 100644 index 0000000..9542cde --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/deployment.yaml @@ -0,0 +1,41 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: teddit + namespace: public-services +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: teddit + app.kubernetes.io/part-of: public-services + template: + metadata: + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: teddit + app.kubernetes.io/part-of: public-services + spec: + containers: + - name: teddit + image: teddit/teddit:latest + ports: + - containerPort: 8080 + env: + - name: DOMAIN + value: "reddit.alt.tyil.nl" + - name: REDIS_DB + value: "1" + - name: REDIS_HOST + value: "10.57.100.7" + - name: TRUST_PROXY + value: "true" + - name: USE_HELMET + value: "true" + - name: USE_HELMET_HSTS + value: "true" +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/ingress.yaml new file mode 100644 index 0000000..4830961 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/ingress.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: teddit + namespace: public-services + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: teddit + app.kubernetes.io/part-of: public-services +spec: + ingressClassName: "traefik" + tls: + - hosts: + - reddit.alt.tyil.nl + secretName: tls-nl.tyil.alt.reddit + rules: + - host: reddit.alt.tyil.nl + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: teddit + port: + number: 80 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/service.yaml b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/service.yaml new file mode 100644 index 0000000..b91c1d1 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/public-services/teddit/service.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: teddit + namespace: public-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: teddit + app.kubernetes.io/part-of: public-services +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: teddit + app.kubernetes.io/part-of: public-services + ports: + - protocol: TCP + port: 80 + targetPort: 8080 +... |