v/infrastructure
1
0
Fork 0
Code Issues 13 Pull requests 1 Projects Releases Packages Activity Actions

Add 'flux/' from commit '57e0c3e155'

Browse source 
git-subtree-dir: flux
git-subtree-mainline: 4d0b7496d6
git-subtree-split: 57e0c3e155
This commit is contained in:
Vivian 2021-11-21 13:40:18 +01:00
commit 31529971ea
49 changed files with 7057 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
flux/cluster/apps/kustomization.yaml Normal file
View file

@ -0,0 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- networking
- presidential-paradise

4
flux/cluster/apps/networking/kustomization.yaml Normal file
View file

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- traefik

67
flux/cluster/apps/networking/traefik/helm-release.yaml Normal file
View file

@ -0,0 +1,67 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: traefik
namespace: networking
spec:
interval: 5m
chart:
spec:
# renovate: registryUrl=https://helm.traefik.io/traefik
chart: traefik
version: 10.6.2
sourceRef:
kind: HelmRepository
name: traefik-charts
namespace: flux-system
interval: 5m
values:
image:
name: traefik
deployment:
kind: Deployment
replicas: 2
service:
enabled: true
type: LoadBalancer
spec:
externalIPs:
- 10.42.42.150
externalTrafficPolicy: Local
logs:
general:
level: WARN
ingressClass:
enabled: true
isDefaultClass: true
fallbackApiVersion: v1
globalArguments:
- "--providers.kubernetesingress.ingressclass=traefik"
- "--entryPoints.websecure.forwardedHeaders.trustedIPs=10.42.42.0/23"
additionalArguments:
- "--providers.kubernetesingress.ingressendpoint.ip=10.42.42.150"
ports:
traefik:
port: 9000
expose: true
web:
port: 8000
exposedPort: 8000
expose: true
websecure:
port: 8443
exposedPort: 8443
expose: true
pilot:
enabled: false
experimental:
plugins:
enabled: false
affinity: {}
resources:
requests:
memory: 100Mi
cpu: 500m
limits:
memory: 500Mi

4
flux/cluster/apps/networking/traefik/kustomization.yaml Normal file
View file

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helm-release.yaml

55
flux/cluster/apps/presidential-paradise/0x76dev/0x76.yaml Normal file
View file

@ -0,0 +1,55 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: x76dev
namespace: presidential-paradise
labels:
app: x76dev
spec:
replicas: 1
selector:
matchLabels:
app: x76dev
template:
metadata:
labels:
app: x76dev
spec:
containers:
- name: x76dev
image: registry.xirion.net/library/0x76.dev
ports:
- containerPort: 8080
imagePullSecrets:
- name: xirion-registry-creds
---
apiVersion: v1
kind: Service
metadata:
name: x76dev-service
namespace: presidential-paradise
spec:
selector:
app: x76dev
ports:
- protocol: TCP
port: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: x76dev-ingress
namespace: presidential-paradise
spec:
ingressClassName: "traefik"
rules:
- host: "0x76.dev"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: x76dev-service
port:
number: 8080

4
flux/cluster/apps/presidential-paradise/0x76dev/kustomization.yaml Normal file
View file

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- 0x76.yaml

7
flux/cluster/apps/presidential-paradise/kustomization.yaml Normal file
View file

@ -0,0 +1,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- xirion-registry-creds.yaml
- 0x76dev
- wooloofanclub
- zookeeper

4
flux/cluster/apps/presidential-paradise/wooloofanclub/kustomization.yaml Normal file
View file

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- wooloo.yaml

98
flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml Normal file
View file

@ -0,0 +1,98 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: wooloofan-club
namespace: presidential-paradise
labels:
app: wooloofan-club
spec:
replicas: 1
selector:
matchLabels:
app: wooloofan-club
template:
metadata:
labels:
app: wooloofan-club
spec:
containers:
- name: wooloofan-club
image: 0x76/wooloofan.club
ports:
- containerPort: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: wooloofan-club-whoami
namespace: presidential-paradise
labels:
app: wooloofan-club-whoami
spec:
replicas: 1
selector:
matchLabels:
app: wooloofan-club-whoami
template:
metadata:
labels:
app: wooloofan-club-whoami
spec:
containers:
- name: wooloofan-club-whoami
image: containous/whoami
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: wooloofan-club-service
namespace: presidential-paradise
spec:
selector:
app: wooloofan-club
ports:
- protocol: TCP
port: 80
---
apiVersion: v1
kind: Service
metadata:
name: wooloofan-club-whoami-service
namespace: presidential-paradise
spec:
selector:
app: wooloofan-club-whoami
ports:
- protocol: TCP
port: 80
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: wooloofan-club-ingress
namespace: presidential-paradise
spec:
ingressClassName: "traefik"
rules:
- host: "wooloofan.club"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: wooloofan-club-service
port:
number: 80
- host: "whoami.wooloofan.club"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: wooloofan-club-whoami-service
port:
number: 80

19
flux/cluster/apps/presidential-paradise/xirion-registry-creds.yaml Normal file
View file

@ -0,0 +1,19 @@
apiVersion: external-secrets.io/v1alpha1
kind: ExternalSecret
metadata:
name: xirion-registry-creds
namespace: presidential-paradise
spec:
refreshInterval: "5m"
secretStoreRef:
name: vault
kind: ClusterSecretStore
target:
name: xirion-registry-creds
template:
type: kubernetes.io/dockerconfigjson
data:
- secretKey: .dockerconfigjson
remoteRef:
key: xirion-registry-creds
property: dockerconfigjson

53
flux/cluster/apps/presidential-paradise/zookeeper/deployment.yaml Normal file
View file

@ -0,0 +1,53 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: zookeeper
namespace: presidential-paradise
labels:
app: zookeeper
spec:
replicas: 1
selector:
matchLabels:
app: zookeeper
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 34%
maxUnavailable: 34%
template:
metadata:
name: zookeeper
labels:
app: zookeeper
spec:
imagePullSecrets:
- name: xirion-registry-creds
containers:
- name: zookeeper
image: registry.xirion.net/library/zookeeper:0.3.1 # {"$imagepolicy": "flux-system:zookeeper"}
ports:
- name: web
containerPort: 8085
- name: epmd
containerPort: 4369
envFrom:
- secretRef:
name: zookeeper
env:
- name: LANG
value: C.UTF-8
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: SERVICE_NAME
value: zookeeper-private.presidential-paradise.svc.cluster.local
resources: {}
securityContext:
privileged: false
procMount: Default
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
terminationGracePeriodSeconds: 30

33
flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml Normal file
View file

@ -0,0 +1,33 @@
apiVersion: external-secrets.io/v1alpha1
kind: ExternalSecret
metadata:
name: zookeeper
namespace: presidential-paradise
spec:
refreshInterval: "5m"
secretStoreRef:
name: vault
kind: ClusterSecretStore
target:
name: zookeeper
data:
- secretKey: DISCORD_APP_ID
remoteRef:
key: presidential-paradise/zookeeper
property: discord_app_id
- secretKey: DISCORD_PUBLIC_KEY
remoteRef:
key: presidential-paradise/zookeeper
property: discord_public_key
- secretKey: DISCORD_TOKEN
remoteRef:
key: presidential-paradise/zookeeper
property: discord_token
- secretKey: TWITTER_TOKEN
remoteRef:
key: presidential-paradise/zookeeper
property: twitter_token
- secretKey: RELEASE_COOKIE
remoteRef:
key: presidential-paradise/zookeeper
property: erlang_cookie

18
flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: zookeeper
namespace: presidential-paradise
spec:
rules:
- host: "zookeeper.0x76.dev"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: zookeeper
port:
number: 8085

7
flux/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml Normal file
View file

@ -0,0 +1,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- external-secret.yaml
- deployment.yaml
- svc.yaml
- ingress.yaml

27
flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml Normal file
View file

@ -0,0 +1,27 @@
apiVersion: v1
kind: Service
metadata:
name: zookeeper-private
namespace: presidential-paradise
spec:
clusterIP: None
ports:
- name: epmd
port: 4369
targetPort: epmd
protocol: TCP
selector:
app: zookeeper
---
apiVersion: v1
kind: Service
metadata:
name: zookeeper
namespace: presidential-paradise
spec:
ports:
- name: http
targetPort: web
port: 8085
selector:
app: zookeeper