From 6dd457470be4dca67cc5cfd83c4a259f333eb1ba Mon Sep 17 00:00:00 2001 From: Patrick Spek Date: Thu, 6 Apr 2023 17:15:41 +0200 Subject: Redo k3s-master once more --- .../personal-services/keycloak/deployment.yaml | 52 ++++++++++++++++++++++ .../hurzak/personal-services/keycloak/ingress.yaml | 31 +++++++++++++ .../personal-services/keycloak/sealed-secret.yaml | 18 ++++++++ .../hurzak/personal-services/keycloak/service.yaml | 22 +++++++++ .../personal-services/uptime-kuma/deployment.yaml | 36 +++++++++++++++ .../personal-services/uptime-kuma/ingress.yaml | 45 +++++++++++++++++++ .../personal-services/uptime-kuma/service.yaml | 17 +++++++ 7 files changed, 221 insertions(+) create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/deployment.yaml create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/ingress.yaml create mode 100644 data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/service.yaml (limited to 'data.d/k3s-master/manifests.d/hurzak/personal-services') diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml new file mode 100644 index 0000000..5cd9975 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/deployment.yaml @@ -0,0 +1,52 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: keycloak + namespace: personal-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + template: + metadata: + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + spec: + containers: + - name: keycloak + image: quay.io/keycloak/keycloak:21.0.2 + args: ["start-dev"] + env: + - name: KEYCLOAK_ADMIN + valueFrom: + secretKeyRef: + name: keycloak-credentials + key: username + - name: KEYCLOAK_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: keycloak-credentials + key: password + - name: KC_PROXY + value: "edge" + ports: + - name: http + containerPort: 8080 + readinessProbe: + httpGet: + path: /realms/master + port: 8080 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml new file mode 100644 index 0000000..40e6d22 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/ingress.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: keycloak + namespace: personal-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" +spec: + ingressClassName: "traefik" + tls: + - hosts: + - id.tyil.nl + secretName: tls-nl.tyil.id + rules: + - host: id.tyil.nl + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: keycloak + port: + number: 8080 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml new file mode 100644 index 0000000..acda853 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/sealed-secret.yaml @@ -0,0 +1,18 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: keycloak-credentials + namespace: personal-services +spec: + encryptedData: + password: AgCpUewLKDwRembIHJSygOSViDlKDmA0UhKS6xaEWWpSZ2Cc0rJbtQZG6blK5O231wAXiILfCjY9oKAzLaHKQ+gqrmCwMCcYBsBT+r9SUk5iSYHUQW90nCNwgZ9kzCE8erBTFov2qWFLHxCuzhrAp2BlSDP8mAV8OwGuiNFeaqv0yVciaMfz89h+y4O3hJgGIhNZn8Pn/z4KgbP21GwUHf9OYCpkTfLyHFKqkfSUyBivIYlcI4aOL6PEy4PIPbSW0VgtPRwWCSM+/QU8H7MiOn93r9shtDcifp/9irWmd+PHwGE+xaJZLacirRtMcR4Fg9nV5V/AbuDjUokj4hwWyXN7RJBXa7uEhYGOhmGVHEqjuSkXRTxIH0d2xdXRSbKMMVcv1nOytRs2l5e98ggPWq1CwF1XCVnGosAkynlmaB0DKztdRJz3g2FJeFkLjDWOjOMV8iPLHbCrOZeJ59snknzeYaIZ7WZ5BKLRUSXSC7yQvNX6dAD0eSCs1pKb+kFcaBVYi0vjEwIMe4KlSgYcaVXOyte65PCC1GYFgWyjr50g2qDLIJNzEQYj41nsTUwu5r29YRcj8hBX4aVMJO4VMlOMwWbOOvjLZCpFY0wASUoGaM/PEHllHqboVKPIokbZokyAMH6XwGHzy4gybB9OQUSe6+rYjST2CjF+JL0Z50yi0qg0bpnyUJ9GLcTOEY8FGkS241NlInRDGYw= + username: AgA+PP/Nr93rKQix8v9cx4r/LOHfUVjNA+6QEB3ITCbrjpmPC7DlzYtmGVGmIKpTqnzBZZOc1KjdVVgF+YNOZLoulGQOp3cx18LgxbxLU3Uh5kuSKkRDOZzSxe6OpVy0DE5aJXQqB9uzPDs9liIasW6ELbgOcgxOyk/+I0vkYcFpb+J7lbOMsLm4iPW/aY6AV35vmB0QLutDBoBiObfdwI9xJUHCZds9emuPY9wElybzBpsUVDoW9diTu64ePNL55RvTMloShTt4ICVrR/WGIJnOiwtXIMigzzBWPFBPyYIOsjMfBQgquXhpRVksNhSfmVQWwvWaFPb7IjeS1KeyIPl01XeJRej+AodT8n0lmW1YFsUiMj6GRELBNCmeW+r3+vWJlXcaVAN9a8ds8bN3F34iVs/JxVUHVA25T/bdtJY9kS0eM+9Xfli6F5Z61v8jjKS2PfJGAJq1Gly6E5eugzslHVwjmSfkB2mGYL8IJ3SJl93C+CX6l3txKKa+EWN7Sdt0wZpSZKUw4nmiYK8Vt6rvgcKc41obTxSFdQyYpwBtzGINuda5kto92gXvZi/FmBxISP2uCXPpcIHfnFS73xyuLTsRjmHgHr8ss/LGYdBPE7PLihd+av1mMd02X4j+pfT0E11EbHp+sJ47W0UGskYsR24HJw4pXVwYcFA0lfNd8PQgDPOOcxOYz65iFnmnAfeSBJo5 + template: + data: null + metadata: + creationTimestamp: null + name: keycloak-credentials + namespace: personal-services + type: Opaque + diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml new file mode 100644 index 0000000..c9068b7 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/keycloak/service.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + namespace: personal-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: keycloak + app.kubernetes.io/part-of: keycloak + ports: + - name: http + port: 8080 + targetPort: 8080 +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/deployment.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/deployment.yaml new file mode 100644 index 0000000..9553007 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/deployment.yaml @@ -0,0 +1,36 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: uptime-kuma + namespace: personal-services +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: uptime-kuma + app.kubernetes.io/part-of: personal-services + template: + metadata: + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: uptime-kuma + app.kubernetes.io/part-of: personal-services + spec: + containers: + - name: uptime-kuma + image: louislam/uptime-kuma:1 + ports: + - containerPort: 3001 + volumeMounts: + - name: data + mountPath: /app/data + volumes: + - name: data + hostPath: + type: Directory + path: /srv/personal-services/uptime-kuma +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/ingress.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/ingress.yaml new file mode 100644 index 0000000..66eb258 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/ingress.yaml @@ -0,0 +1,45 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: uptime-kuma + namespace: personal-services + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: uptime-kuma + app.kubernetes.io/part-of: personal-services + annotations: + cert-manager.io/cluster-issuer: letsencrypt-production + #nginx.ingress.kubernetes.io/configuration-snippet: | + # proxy_cache_bypass $http_upgrade; + # proxy_set_header Connection "Upgrade"; + # proxy_set_header Host $host; + # proxy_set_header Upgrade $http_upgrade; + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # proxy_set_header X-Forwarded-For $remote_addr; + # proxy_set_header X-Forwarded-Host $http_host; + # proxy_set_header X-Forwarded-Proto $scheme; + # proxy_set_header X-Real-IP $remote_addr; + #nginx.ingress.kubernetes.io/proxy-http-version: "1.1" + #nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" + #nginx.ingress.kubernetes.io/proxy-send-timeout: "3600" + #nginx.ingress.kubernetes.io/ssl-redirect: "true" +spec: + ingressClassName: "traefik" + rules: + - host: uptime.tyil.nl + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: uptime-kuma + port: + number: 80 + tls: + - hosts: + - uptime.tyil.nl + secretName: tls-nl.tyil.uptime +... diff --git a/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/service.yaml b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/service.yaml new file mode 100644 index 0000000..51d6d53 --- /dev/null +++ b/data.d/k3s-master/manifests.d/hurzak/personal-services/uptime-kuma/service.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: uptime-kuma + namespace: personal-services +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: uptime-kuma + app.kubernetes.io/part-of: personal-services + ports: + - protocol: TCP + port: 80 + targetPort: 3001 +... -- cgit v1.1