add agola
This commit is contained in:
parent
042a665401
commit
688d098c55
18
flake.lock
18
flake.lock
|
@ -167,11 +167,11 @@
|
||||||
"utils": "utils_2"
|
"utils": "utils_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1653182293,
|
"lastModified": 1653372067,
|
||||||
"narHash": "sha256-eLl3PHCzpX8eFES+S9WrC8jGhWjczbTvWAPMeuJOd4s=",
|
"narHash": "sha256-1+fD3EHTbUSoKcabe9WadVe9fFnG5f2ODWC+WpR8exc=",
|
||||||
"owner": "jyooru",
|
"owner": "jyooru",
|
||||||
"repo": "nix-minecraft-servers",
|
"repo": "nix-minecraft-servers",
|
||||||
"rev": "f09d761e4063e9158555817d03b0f2a7f2bff709",
|
"rev": "6008e29999eb32bd7880ae53e13f83d9181f04bb",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -218,11 +218,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1653052942,
|
"lastModified": 1653427793,
|
||||||
"narHash": "sha256-Dt0jodCSLHVqE7yVxIoX1q4jA5uAWbVJHnaDa8HkJ4A=",
|
"narHash": "sha256-h6y/I5O/QTawjny6GfovRSUbaEAvswfRXFMuOhVYwBQ=",
|
||||||
"owner": "NULLx76",
|
"owner": "NULLx76",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "3c55de3b23f016898219cf6b02dd5ef365898023",
|
"rev": "bef8053f86b8702d57601972f782186b7269db69",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -285,11 +285,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1653109065,
|
"lastModified": 1653404524,
|
||||||
"narHash": "sha256-E4kflprq80xWtt/ApTP0lAyi4oryFV/FI53S+VmiI0Q=",
|
"narHash": "sha256-Mu3qgXABzAM9T+4dWmV3OOYFydxv28al7cTdiUK6h3s=",
|
||||||
"owner": "serokell",
|
"owner": "serokell",
|
||||||
"repo": "serokell.nix",
|
"repo": "serokell.nix",
|
||||||
"rev": "bbccb5df8013b1bd86b8445bd8e39c396a0521cc",
|
"rev": "3b39a9000c7652cf7693b70c13c7e1564b0cf333",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
83
flux/cluster/apps/gitops/agola/configmap.yaml
Normal file
83
flux/cluster/apps/gitops/agola/configmap.yaml
Normal file
|
@ -0,0 +1,83 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: agola
|
||||||
|
namespace: gitops
|
||||||
|
data:
|
||||||
|
config.yml: |
|
||||||
|
gateway:
|
||||||
|
# The api url that clients will call
|
||||||
|
# Change this to the exposed "agola" service IP
|
||||||
|
apiExposedURL: "https://agola.0x76.dev"
|
||||||
|
# The web interface url that clients will use
|
||||||
|
# Change this to the exposed "agola" service IP
|
||||||
|
webExposedURL: "https://agola.0x76.dev"
|
||||||
|
|
||||||
|
runserviceURL: "http://agola-internal:4000"
|
||||||
|
configstoreURL: "http://agola-internal:4002"
|
||||||
|
gitserverURL: "http://agola-internal:4003"
|
||||||
|
web:
|
||||||
|
listenAddress: ":8000"
|
||||||
|
tokenSigning:
|
||||||
|
# hmac or rsa (it possible use rsa)
|
||||||
|
method: hmac
|
||||||
|
# key to use when signing with hmac
|
||||||
|
key: $SIGNING_KEY
|
||||||
|
adminToken: "$ADMIN_TOKEN"
|
||||||
|
|
||||||
|
scheduler:
|
||||||
|
runserviceURL: "http://agola-internal:4000"
|
||||||
|
|
||||||
|
notification:
|
||||||
|
webExposedURL: "https://agola.0x76.dev"
|
||||||
|
runserviceURL: "http://agola-internal:4000"
|
||||||
|
configstoreURL: "http://agola-internal:4002"
|
||||||
|
db:
|
||||||
|
type: postgres
|
||||||
|
connString: "postgres://agola_notif@database/agola_notif?sslmode=disable"
|
||||||
|
|
||||||
|
configstore:
|
||||||
|
dataDir: /mnt/agola/local/configstore
|
||||||
|
db:
|
||||||
|
type: postgres
|
||||||
|
connString: "postgres://agola_config@database/agola_config?sslmode=disable"
|
||||||
|
objectStorage:
|
||||||
|
type: s3
|
||||||
|
endpoint: "http://minio:9000"
|
||||||
|
bucket: agola-configstore
|
||||||
|
accessKey: $MINIO_ACCESS_KEY
|
||||||
|
secretAccessKey: $MINIO_SECRET_ACCESS_KEY
|
||||||
|
web:
|
||||||
|
listenAddress: ":4002"
|
||||||
|
|
||||||
|
runservice:
|
||||||
|
#debug: true
|
||||||
|
dataDir: /mnt/agola/local/runservice
|
||||||
|
db:
|
||||||
|
type: postgres
|
||||||
|
connString: "postgres://agola_runservice@database/agola_runservice?sslmode=disable"
|
||||||
|
objectStorage:
|
||||||
|
type: s3
|
||||||
|
endpoint: "http://minio:9000"
|
||||||
|
bucket: agola-runservice
|
||||||
|
accessKey: $MINIO_ACCESS_KEY
|
||||||
|
secretAccessKey: $MINIO_SECRET_ACCESS_KEY
|
||||||
|
web:
|
||||||
|
listenAddress: ":4000"
|
||||||
|
|
||||||
|
executor:
|
||||||
|
dataDir: /mnt/agola/local/executor
|
||||||
|
# The directory containing the toolbox compiled for the various supported architectures
|
||||||
|
toolboxPath: ./bin
|
||||||
|
runserviceURL: "http://agola-internal:4000"
|
||||||
|
web:
|
||||||
|
listenAddress: ":4001"
|
||||||
|
activeTasksLimit: 2
|
||||||
|
driver:
|
||||||
|
type: kubernetes
|
||||||
|
|
||||||
|
gitserver:
|
||||||
|
dataDir: /mnt/agola/local/gitserver
|
||||||
|
gatewayURL: "http://agola-internal:8000"
|
||||||
|
web:
|
||||||
|
listenAddress: ":4003"
|
53
flux/cluster/apps/gitops/agola/deployment.yaml
Normal file
53
flux/cluster/apps/gitops/agola/deployment.yaml
Normal file
|
@ -0,0 +1,53 @@
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: agola
|
||||||
|
namespace: gitops
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: agola
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: agola
|
||||||
|
spec:
|
||||||
|
initContainers:
|
||||||
|
- name: config
|
||||||
|
image: 0x76/envsubst
|
||||||
|
args: ["sh", "-c", "cat /mnt/agola/config/config.yml | envsubst > /mnt/agola/local/config.yml"]
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /mnt/agola/local
|
||||||
|
name: agola-localdata
|
||||||
|
- mountPath: /mnt/agola/config
|
||||||
|
name: config-volume
|
||||||
|
envFrom:
|
||||||
|
- secretRef:
|
||||||
|
name: agola
|
||||||
|
containers:
|
||||||
|
- name: agola
|
||||||
|
image: sorintlab/agola:v0.7.0
|
||||||
|
command:
|
||||||
|
- /bin/agola
|
||||||
|
- serve
|
||||||
|
- "--config"
|
||||||
|
- /mnt/agola/local/config.yml
|
||||||
|
- "--components"
|
||||||
|
- all-base,executor
|
||||||
|
ports:
|
||||||
|
- containerPort: 8000
|
||||||
|
- containerPort: 4000
|
||||||
|
- containerPort: 4002
|
||||||
|
- containerPort: 4003
|
||||||
|
volumeMounts:
|
||||||
|
- name: config-volume
|
||||||
|
mountPath: /mnt/agola/config
|
||||||
|
- name: agola-localdata
|
||||||
|
mountPath: /mnt/agola/local
|
||||||
|
volumes:
|
||||||
|
- name: config-volume
|
||||||
|
configMap:
|
||||||
|
name: agola
|
||||||
|
- name: agola-localdata
|
||||||
|
emptyDir: {}
|
30
flux/cluster/apps/gitops/agola/external-secret.yaml
Normal file
30
flux/cluster/apps/gitops/agola/external-secret.yaml
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
apiVersion: external-secrets.io/v1beta1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: agola
|
||||||
|
namespace: gitops
|
||||||
|
spec:
|
||||||
|
refreshInterval: "5m"
|
||||||
|
secretStoreRef:
|
||||||
|
name: vault
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
target:
|
||||||
|
name: authentik
|
||||||
|
data:
|
||||||
|
- secretKey: ADMIN_TOKEN
|
||||||
|
remoteRef:
|
||||||
|
key: gitops/agola
|
||||||
|
property: admin_token
|
||||||
|
- secretKey: SIGNING_KEY
|
||||||
|
remoteRef:
|
||||||
|
key: gitops/agola
|
||||||
|
property: signing_key
|
||||||
|
- secretKey: MINIO_ACCESS_KEY
|
||||||
|
remoteRef:
|
||||||
|
key: gitops/agola
|
||||||
|
property: minio_access_key
|
||||||
|
- secretKey: MINIO_SECRET_ACCESS_KEY
|
||||||
|
remoteRef:
|
||||||
|
key: gitops/agola
|
||||||
|
property: minio_secret_access_key
|
||||||
|
|
18
flux/cluster/apps/gitops/agola/ingress.yaml
Normal file
18
flux/cluster/apps/gitops/agola/ingress.yaml
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: agola
|
||||||
|
namespace: gitops
|
||||||
|
spec:
|
||||||
|
ingressClassName: traefik
|
||||||
|
rules:
|
||||||
|
- host: agola.0x76.dev
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- pathType: Prefix
|
||||||
|
path: "/"
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: agola
|
||||||
|
port:
|
||||||
|
number: 8000
|
8
flux/cluster/apps/gitops/agola/kustomization.yaml
Normal file
8
flux/cluster/apps/gitops/agola/kustomization.yaml
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
resources:
|
||||||
|
- configmap.yaml
|
||||||
|
- deployment.yaml
|
||||||
|
- external-secret.yaml
|
||||||
|
- ingress.yaml
|
||||||
|
- services.yaml
|
36
flux/cluster/apps/gitops/agola/services.yaml
Normal file
36
flux/cluster/apps/gitops/agola/services.yaml
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
# The client service. It's a node port for easier testing on minikube. Change
|
||||||
|
# it to become a LoadBalancer if needed.
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: agola
|
||||||
|
namespace: gitops
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- port: 8000
|
||||||
|
name: api
|
||||||
|
selector:
|
||||||
|
app: agola
|
||||||
|
---
|
||||||
|
# The service for internal components communication.
|
||||||
|
# We are using an headless service since some k8s deployment doesn't have
|
||||||
|
# hairpin mode enabled and pods cannot communicate with themself via a
|
||||||
|
# service
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: agola-internal
|
||||||
|
namespace: gitops
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- port: 8000
|
||||||
|
name: api
|
||||||
|
- port: 4000
|
||||||
|
name: runservice
|
||||||
|
- port: 4002
|
||||||
|
name: configstore
|
||||||
|
- port: 4003
|
||||||
|
name: gitserver
|
||||||
|
selector:
|
||||||
|
app: agola
|
||||||
|
clusterIP: None
|
|
@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- renovate
|
- renovate
|
||||||
|
- agola
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
|
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
let
|
let
|
||||||
databases = [ "authentik" ];
|
databases = [ "authentik" "agola_notif" "agola_config" "agola_runservice"];
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
|
@ -46,10 +46,10 @@ in
|
||||||
# Kubernetes endpoints
|
# Kubernetes endpoints
|
||||||
virtualHosts."0x76.dev" = k8s_proxy;
|
virtualHosts."0x76.dev" = k8s_proxy;
|
||||||
virtualHosts."id.0x76.dev" = k8s_proxy;
|
virtualHosts."id.0x76.dev" = k8s_proxy;
|
||||||
|
virtualHosts."agola.0x76.dev" = k8s_proxy;
|
||||||
virtualHosts."zookeeper.0x76.dev" = k8s_proxy;
|
virtualHosts."zookeeper.0x76.dev" = k8s_proxy;
|
||||||
virtualHosts."wooloofan.club" = k8s_proxy;
|
virtualHosts."wooloofan.club" = k8s_proxy;
|
||||||
virtualHosts."whoami.wooloofan.club" = k8s_proxy;
|
virtualHosts."whoami.wooloofan.club" = k8s_proxy;
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.commonHttpConfig = ''
|
services.nginx.commonHttpConfig = ''
|
||||||
|
|
Loading…
Reference in a new issue