Refactor Argus,Gotify,Lighttpd
This commit is contained in:
parent
0c64929fb6
commit
631bc2afce
@ -18,7 +18,7 @@ spec:
|
|||||||
serviceAccountName: argus
|
serviceAccountName: argus
|
||||||
containers:
|
containers:
|
||||||
- name: argus
|
- name: argus
|
||||||
image: bv11-cr01.bessems.eu/proxy/releaseargus/argus:0.13.3
|
image: releaseargus/argus:0.13.3
|
||||||
ports:
|
ports:
|
||||||
- name: web
|
- name: web
|
||||||
containerPort: 8080
|
containerPort: 8080
|
@ -12,8 +12,8 @@ spec:
|
|||||||
flexVolume:
|
flexVolume:
|
||||||
driver: mount/smb
|
driver: mount/smb
|
||||||
secretRef:
|
secretRef:
|
||||||
name: smb-secret
|
name: flexvolsmb-credentials
|
||||||
options:
|
options:
|
||||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
opts: file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
||||||
server: 192.168.11.225
|
server: 192.168.154.225
|
||||||
share: /K3s.Volumes/argus/data
|
share: /K3s.Volumes/argus/data
|
@ -1,17 +0,0 @@
|
|||||||
apiVersion: bitnami.com/v1alpha1
|
|
||||||
kind: SealedSecret
|
|
||||||
metadata:
|
|
||||||
creationTimestamp: null
|
|
||||||
name: smb-secret
|
|
||||||
namespace: argus
|
|
||||||
spec:
|
|
||||||
encryptedData:
|
|
||||||
password: AgBYWANvTuW3Ju9BujDeu/49Gnm0seDpJH8pPOCa1Qaol1cydKRvjZrNmzA3PL33zLCfu4AbvyNfCujkzT7AzhEbwhiSH7aXu8ksJhg6yu4K+xpmt9EhGcFbVjmW7Of/fMFwBARUz3wUwD8K9/OupbTLPOVW0eHyT4Z4uFxgnmsoa7QXT+zbvBxRnoj4XdSE+WYREHxe8JU/ApEwwQODN7nky03ipu+YUbkiGvVYO8jtXPfLKzMt8FaIuszmb8gWH7U8mZfYRbcWP3c5A60RdjgsHl2Md1VrMK0TipiRvNKKeH7bLH1PDVc34Od7ABMP7MYAFZm/1j1PbpQyw9YbGJgV7pfOypkcZSg59DWjwE7apOyZioUXtuxKtJh/h3dFEf07Xpvpv/hjCQFaOUPo6k5Hz5e7FtMRVwp7uwncgBhvHsKdApLsVW6OAPg38bLVw8FG7nAucoye3vaZgymnDerORnMpM14IJZiQ1LSGKKvxHBWR+m+CyhfxpZAuaspb0qnjDJvQopdPiE11JBIfnACsAr3KbrLHCRHe2xIcxGxUOH+EC59Z5c0dEpLph7cGMAEmSqHCa4jm4ImRRPX0pC6zWmJXm01NNrIuJea/M23UrCvmFuu0NfOm1z28bzRANhaQub6DWhId2V9O40q8HFP3tSlrJvbbIx0BdeEKu8mJfq3003A3PITNJu3twQtlsVmBbYKsTu3YPO6dIljpVGNG
|
|
||||||
username: AgCPKfz4Di7U7gnenWAX8pZZPda6taa9QHKtHHXP4ukr1gPXwsm9q+60cjRqOs97G6RAzZfxRIZQi4D4zcjeHj9R9ByoDn/OPQSpDdIenWWZKasECUNRXwNXPH66BJ+TBgxtcsu2TvlQRT4q9l1WdDif0KeNd0hufmFY/xXA3Np6Q5mRukQa4uIXIGOZihxSjbjIpiplKVQsgGhErhfsxUkQVP7v8Z5nr+nOQ+R/SoyE2IbZJWyFIg28lUIGhcFsDJxNdysuPrQ2DclLhgJbOEgjsPp+9wfj+j1EnIVGByGBPYi+ejdX0+dcTiX1j/gSnILe5lH83uLS03Kz2BDPipYSvDQuJWex0ObYAc2XcutJggYSbkXGe8OsHKESgEVEDespaz6wgcpgwnn0nPEd6DmDaSDPH22dlFIpNLJcGB4JCZ5skmUx1JP+bNZGE0Hs/R4t/T2VXYbVRFD1n0AaeZCcsUZpt8FFVYdtqRoJG19JxVqpUkJcXQxy1YiNxlKNtI8eC+BmltOTMMBDCu1osbFyuh6UhK21neUOyFQZ0EsvWBiuNKqjIyibmmEGkDFfGNMliJDGtUXr62WJ1TZfFCifWSofOHOw2ZQNB1m6dC+MlNm4+VmOw+kSTGtFF7kv0+AABv+AJnpPr24OjrYkwnlOsXpD4CIut3ySK0I/PixrxUddS+DB52xguWZedgUuKlU4fLeOpos=
|
|
||||||
template:
|
|
||||||
data: null
|
|
||||||
metadata:
|
|
||||||
creationTimestamp: null
|
|
||||||
name: smb-secret
|
|
||||||
namespace: argus
|
|
||||||
type: mount/smb
|
|
16
services/Argus/sealedsecret-flexvolsmb-credentials.yaml
Normal file
16
services/Argus/sealedsecret-flexvolsmb-credentials.yaml
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
apiVersion: bitnami.com/v1alpha1
|
||||||
|
kind: SealedSecret
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: flexvolsmb-credentials
|
||||||
|
namespace: argus
|
||||||
|
spec:
|
||||||
|
encryptedData:
|
||||||
|
password: AgAs9RV1K8QyPLGXXc0+RBOqY3VKNMa4No51KIOv9keZJavJFSzQPcuaWXqpl0fVI9zYXLyIHdyRbXL0GrvYlWboR1VPskFNcp7MnCkzRpawgo4QfE9Q+WDI4yZg4eK/8XGejAjCQU/KsFU8dVWHuHG1/W8kV2dOvKIhX6FTirKMDedVDmdgojAPMGM8+smPfC8+yBs5O4+IZtGKOe8mEH2c/3dYu6GK5q9N6czBYMuj1E0b+8fHjlWjh6fe5DDCUGUXqY2BZCxMSKOZReUbWEdPNU6MtdTHNglVhRMo//6mlA2VVkAlB9uaCdGmCMs/VJ3pS8NEeTd86zukyoY+j3JHvRrHuxGVEoKqnFE9pEgO/UB4SyuVVWbNQ4+QXdyDTHgmArvd+MfRvtdj9Kkc18CWKXyRTj41lKG+C/vBM0ATt+hk4QvacEt65kZ+fY6TZHYJq6JluuDrwQmDKcuv44uL6t9/aGpzfGTx4OnZqxC/qvX0V4GhkRzwLLxMhqZa1ZbqgRXLHero10f4JvD/usmJcHZP1hgohUXbSlOqNSWIQk0weaZjTabT1xBxXjVzDBywnzcmixmJsOuuZuvYrbrsKaHNC6gcvZArj/no9Rv5V4mVihRfGuxJs++GCAfq3FdseuMCCvLe306henvSftvSjNNodc+JFJaTf3m4PknSYH9uEkV2CXGm2obRUpUNBUiJd9Icr/ug4jOzNmZNOlOC
|
||||||
|
username: AgCHpKikNpk3UAHuBA62jZSTdiVatTI8Qnmiu6LGhZYraks2h9gOtgjg6mukxXcy6IO6LKVr68DaxOfvYE4LdFQdrq0SI2syzofc4n+FCXn6f2HlBVhqOFGrVE9qUE36lKHJEFccvkirzhgpy2M8OX6KtwywTBvsVujzla5OXR19vgNao9jTzsOL98wQfU1TYyaBw9y45kyCB7x8PQNw78GmeWJ5KLVNXN/yHowE8Qmlvh86QV58NuTKC1rVbSqh3VnjnZuz/BSUUDV4GitZLqWKSZ5hZyPWC9DZXzUI85d8+BfHJ7hrPhBd7ehUpbpFQfIQQA1VNAZvOEXU5EClmd6iQ3fWrYo6hOxYZkiE/qcNkSLXmbWYBixq6s7RLJwHlxVNQt9J11XM5DY9OlA7XhPa9zo8FRrYDwkjQGahgA/AzwvIKpOBbVfCMSl+crm3jjQthEL3DN/6ZowYq5NXG9n6rhvOxTjvmqx9FP3RT5OyPFkXGCrTJ8JqPgxyp/Vy6si9bjiqzwJtXY6ZeyCFLW9mOdQmn2vgFxviDM8pxaBmOJFdbJNuiHV5Tc6iM9YBi3n3hTV/tbiMmKeVQSKydm5ZGsgD4/CJT4oDFynjhWObvYPLphb/hccM6m6c7Hf/i9FI1LOCk1cBRbyXRV9Cds92OljAx3YnaumyZ5eRgdROdAbcqqhjR48k/UCsY5tUv+LktyuzVqA=
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: flexvolsmb-credentials
|
||||||
|
namespace: argus
|
||||||
|
type: mount/smb
|
@ -1,9 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
data:
|
|
||||||
password: QmVyQXdyRThFV1J1ZmFXMw==
|
|
||||||
username: enpjaWZz
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: smb-secret
|
|
||||||
namespace: argus
|
|
||||||
type: mount/smb
|
|
4
services/Gotify/_namespace-gotify.yml
Normal file
4
services/Gotify/_namespace-gotify.yml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: gotify
|
@ -1,90 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: gotify
|
|
||||||
spec:
|
|
||||||
ports:
|
|
||||||
- protocol: TCP
|
|
||||||
name: web
|
|
||||||
port: 80
|
|
||||||
selector:
|
|
||||||
app: gotify
|
|
||||||
---
|
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: gotify
|
|
||||||
labels:
|
|
||||||
app: gotify
|
|
||||||
spec:
|
|
||||||
replicas: 1
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: gotify
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: gotify
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: gotify
|
|
||||||
image: bv11-cr01.bessems.eu/proxy/gotify/server
|
|
||||||
ports:
|
|
||||||
- name: web
|
|
||||||
containerPort: 80
|
|
||||||
volumeMounts:
|
|
||||||
- mountPath: /app/data
|
|
||||||
name: flexvolsmb-gotify-data
|
|
||||||
volumes:
|
|
||||||
- name: flexvolsmb-gotify-data
|
|
||||||
persistentVolumeClaim:
|
|
||||||
claimName: flexvolsmb-gotify-data
|
|
||||||
---
|
|
||||||
apiVersion: traefik.containo.us/v1alpha1
|
|
||||||
kind: IngressRoute
|
|
||||||
metadata:
|
|
||||||
name: gotify
|
|
||||||
spec:
|
|
||||||
entryPoints:
|
|
||||||
- websecure
|
|
||||||
routes:
|
|
||||||
- match: Host(`notify.spamasaurus.com`)
|
|
||||||
kind: Rule
|
|
||||||
services:
|
|
||||||
- name: gotify
|
|
||||||
port: 80
|
|
||||||
middlewares:
|
|
||||||
- name: security-headers@file
|
|
||||||
- name: compression@file
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: PersistentVolume
|
|
||||||
metadata:
|
|
||||||
name: flexvolsmb-gotify-data
|
|
||||||
spec:
|
|
||||||
capacity:
|
|
||||||
storage: 1Gi
|
|
||||||
accessModes:
|
|
||||||
- ReadWriteMany
|
|
||||||
storageClassName: flexvolsmb-gotify-data
|
|
||||||
flexVolume:
|
|
||||||
driver: mount/smb
|
|
||||||
secretRef:
|
|
||||||
name: smb-secret
|
|
||||||
options:
|
|
||||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
|
||||||
server: 192.168.11.225
|
|
||||||
share: /K3s.Volumes/gotify/data
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: PersistentVolumeClaim
|
|
||||||
metadata:
|
|
||||||
name: flexvolsmb-gotify-data
|
|
||||||
namespace: default
|
|
||||||
spec:
|
|
||||||
accessModes:
|
|
||||||
- ReadWriteMany
|
|
||||||
storageClassName: flexvolsmb-gotify-data
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 1Gi
|
|
30
services/Gotify/deployment-gotify.yaml
Normal file
30
services/Gotify/deployment-gotify.yaml
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: gotify
|
||||||
|
namespace: gotify
|
||||||
|
labels:
|
||||||
|
app: gotify
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: gotify
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: gotify
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: gotify
|
||||||
|
image: gotify/server
|
||||||
|
ports:
|
||||||
|
- name: web
|
||||||
|
containerPort: 80
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /app/data
|
||||||
|
name: flexvolsmb-gotify-data
|
||||||
|
volumes:
|
||||||
|
- name: flexvolsmb-gotify-data
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: flexvolsmb-gotify-data
|
17
services/Gotify/ingressroute-gotify.yaml
Normal file
17
services/Gotify/ingressroute-gotify.yaml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
apiVersion: traefik.containo.us/v1alpha1
|
||||||
|
kind: IngressRoute
|
||||||
|
metadata:
|
||||||
|
name: gotify
|
||||||
|
namespace: gotify
|
||||||
|
spec:
|
||||||
|
entryPoints:
|
||||||
|
- websecure
|
||||||
|
routes:
|
||||||
|
- match: Host(`notify.spamasaurus.com`)
|
||||||
|
kind: Rule
|
||||||
|
services:
|
||||||
|
- name: gotify
|
||||||
|
port: 80
|
||||||
|
middlewares:
|
||||||
|
- name: security-headers@file
|
||||||
|
- name: compression@file
|
18
services/Gotify/persistentvolume-flexvolsmb-gotify-data.yaml
Normal file
18
services/Gotify/persistentvolume-flexvolsmb-gotify-data.yaml
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolume
|
||||||
|
metadata:
|
||||||
|
name: flexvolsmb-gotify-data
|
||||||
|
spec:
|
||||||
|
capacity:
|
||||||
|
storage: 1Gi
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
storageClassName: flexvolsmb-gotify-data
|
||||||
|
flexVolume:
|
||||||
|
driver: mount/smb
|
||||||
|
secretRef:
|
||||||
|
name: flexvolsmb-credentials
|
||||||
|
options:
|
||||||
|
opts: file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
||||||
|
server: 192.168.154.225
|
||||||
|
share: /K3s.Volumes/gotify/data
|
@ -0,0 +1,12 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: flexvolsmb-gotify-data
|
||||||
|
namespace: gotify
|
||||||
|
spec:
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
storageClassName: flexvolsmb-gotify-data
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 1Gi
|
16
services/Gotify/sealedsecret-flexvolsmb-credentials.yaml
Normal file
16
services/Gotify/sealedsecret-flexvolsmb-credentials.yaml
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
apiVersion: bitnami.com/v1alpha1
|
||||||
|
kind: SealedSecret
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: flexvolsmb-credentials
|
||||||
|
namespace: gotify
|
||||||
|
spec:
|
||||||
|
encryptedData:
|
||||||
|
password: AgCbVh6VlH65jVBXiCQ0Ak3+XI1AyCaTykxDzi6F/4FFnXl5jRmJAGank50t5kt9GLpIqNPdx0ZKxlDgOVEiFjDf6J14jkYMrOP39oYcqDfg6ZHmLAvM1/LzjAnd0pR3C7rDc8TCOUGSjw+j1PjOoqkS0oYPsB7xTBkappF/e8JcmVO6DZwdZDyHMEAd/DgGE+BZNbPC1JPUv4D9l/lSAri7WIMhh9dhcvvvV+KJ/YuAksxLY4ruomtwDmYXNHh3X6BZMbOXwgxmzGU6wtOqxCWC2IcMEMPG5/AaH2A3oXLqMwIcVD+WOb2zHI7dCtDdRVTblh4gqylmm0iCLsFfhztj+1/EPGL4fpiqXgjPs0EjKY1bFndNiKw3d3zK58Id8aHnJWXcdrIuNm0sJlXIt8k6vSZTKcT5WiDeKBgqubCh90MZbixThRTGhZ99CuznvukbCGm0ukL+/s7y+8zN7hRwIQFnUrGFFha951t8SU8JTc56vKhJ+cf036ka3y2fz6zVMFfxp4K5S8RiQ3RS5jWdzmby5KGZvh70WGrbXrWWuEeVlCF1TU3nrzLW2g+eKCn5cRVU8oN2CvWPRIDJQsNNGf5rCc4Zhy7ikjwBWIFg13YjdXL5dXyCHRBwllyZqqlYAvpxxSKexClMip2cvLQ4gTP9saO77+gAYbBKz/x7/xW6ZWH1WqspYTi6K+5zBsgQ+rVuz04sfLp2iRObs+Zp
|
||||||
|
username: AgAoVIGIHXhuW3vITMT24TGVNBKhxHvVqCqNLJwShqA0xqWLfd7DE7YXOe6/RV7bcBIeQOYxNCPDmMhild4tAx9Rd4PLV1c6NQdOUYqiRbIuWS32R74g4njL+7eBkfi8aGZUXm0dLBy1jFNHEUd+XssWIbQDsbu8fbRD1ENgmocc0dAmfDTuiqvZ9hIAZFEOjmjw3PIEgJw1FXFTWOUIc287MEk5kJ+7oYzdA52qBt6nrfGapFCvy1cSmiKhhY1WYEEn6Rd0/XWlMd09YH8rDkt9gkvP3omfVMzJ4WUuFaDlfz4WnWdOSy+XGc39xOsC6zFC9FA0t3FGzyvyucmroabnUI51LGLRQ5LUgmAhTfSliZFZ+nXWa7sSs2N2CtCSJExG3mgZ7js2s53mHM8XkcCYJfsaNuGkVDCzJI/536/3mB7xe292h4DJmOu3JO4cRIivu8Uxva4j+KvByfhnHdhiZUERgJKtljc+32Yg1f6Z37GYbUBjnzmgm/+b5JMpAgEeu+KaTU9QK2WgwlY5pTLle/Q6oyrqB9EsodhosuQvi/mbq0ZwrxCkcrp+IZKJdauFyEuLhO4WEi7zdxFlAAA1bGfepkJC2kV540o7Yy6CfOM22E5XPBlGhCraGVjYvdUfyFxI9bR8HyUv7DjT/oaJmkm13KNsJNn+K72I7YjZDgiqCXsChzdVv7BkySw3glvwXMTCIrs=
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: flexvolsmb-credentials
|
||||||
|
namespace: gotify
|
||||||
|
type: mount/smb
|
12
services/Gotify/service-gotify.yaml
Normal file
12
services/Gotify/service-gotify.yaml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: gotify
|
||||||
|
namespace: gotify
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- protocol: TCP
|
||||||
|
name: web
|
||||||
|
port: 80
|
||||||
|
selector:
|
||||||
|
app: gotify
|
4
services/Lighttpd/_namespace-lighttpd.yml
Normal file
4
services/Lighttpd/_namespace-lighttpd.yml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: lighttpd
|
@ -2,6 +2,7 @@ apiVersion: v1
|
|||||||
kind: ConfigMap
|
kind: ConfigMap
|
||||||
metadata:
|
metadata:
|
||||||
name: configmap-lighttpd-conf
|
name: configmap-lighttpd-conf
|
||||||
|
namespace: lighttpd
|
||||||
data:
|
data:
|
||||||
lighttpd.conf: |
|
lighttpd.conf: |
|
||||||
server.modules = (
|
server.modules = (
|
||||||
@ -37,41 +38,3 @@ data:
|
|||||||
include_shell "cat /etc/lighttpd/vhosts.d/*.conf"
|
include_shell "cat /etc/lighttpd/vhosts.d/*.conf"
|
||||||
.htpasswd: |
|
.htpasswd: |
|
||||||
readaccess:7eds8PvDwgkWvFZRnyKpTUDTzgi87mh4
|
readaccess:7eds8PvDwgkWvFZRnyKpTUDTzgi87mh4
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: configmap-lighttpd-vhosts
|
|
||||||
data:
|
|
||||||
bessems.com.conf: |
|
|
||||||
$HTTP["host"] =~ "^bessems\.(com|eu)$" {
|
|
||||||
server.document-root = "/var/www/bessems.com/"
|
|
||||||
}
|
|
||||||
gabaldon.eu.conf: |
|
|
||||||
$HTTP["host"] =~ "^gabaldon\.(eu|nl)$" {
|
|
||||||
server.document-root = "/var/www/gabaldon.eu/"
|
|
||||||
}
|
|
||||||
sn.itch.fyi.conf: |
|
|
||||||
$HTTP["host"] == "sn.itch.fyi" {
|
|
||||||
server.document-root = "/var/www/sn.itch.fyi/"
|
|
||||||
|
|
||||||
index-file.names += ("/_h5ai/public/index.php")
|
|
||||||
}
|
|
||||||
$HTTP["url"] =~ "^/repository|^/Repository" {
|
|
||||||
auth.require = (
|
|
||||||
"" => (
|
|
||||||
"method" => "basic",
|
|
||||||
"realm" => "Restricted access",
|
|
||||||
"require" => "user=readaccess"
|
|
||||||
)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
spamasaurus.com.conf: |
|
|
||||||
$HTTP["host"] == "spamasaurus.com" {
|
|
||||||
server.document-root = "/var/www/spamasaurus.com/public"
|
|
||||||
|
|
||||||
index-file.names += ("spamasaurusRex.login.php")
|
|
||||||
}
|
|
||||||
$HTTP["url"] =~ "^/.well-known/" {
|
|
||||||
mimetype.assign += ( "server" => "application/json" )
|
|
||||||
}
|
|
38
services/Lighttpd/configmap-configmap-lighttpd-vhosts.yaml
Normal file
38
services/Lighttpd/configmap-configmap-lighttpd-vhosts.yaml
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: configmap-lighttpd-vhosts
|
||||||
|
namespace: lighttpd
|
||||||
|
data:
|
||||||
|
bessems.com.conf: |
|
||||||
|
$HTTP["host"] =~ "^bessems\.(com|eu)$" {
|
||||||
|
server.document-root = "/var/www/bessems.com/"
|
||||||
|
}
|
||||||
|
gabaldon.eu.conf: |
|
||||||
|
$HTTP["host"] =~ "^gabaldon\.(eu|nl)$" {
|
||||||
|
server.document-root = "/var/www/gabaldon.eu/"
|
||||||
|
}
|
||||||
|
sn.itch.fyi.conf: |
|
||||||
|
$HTTP["host"] == "sn.itch.fyi" {
|
||||||
|
server.document-root = "/var/www/sn.itch.fyi/"
|
||||||
|
|
||||||
|
index-file.names += ("/_h5ai/public/index.php")
|
||||||
|
}
|
||||||
|
$HTTP["url"] =~ "^/repository|^/Repository" {
|
||||||
|
auth.require = (
|
||||||
|
"" => (
|
||||||
|
"method" => "basic",
|
||||||
|
"realm" => "Restricted access",
|
||||||
|
"require" => "user=readaccess"
|
||||||
|
)
|
||||||
|
)
|
||||||
|
}
|
||||||
|
spamasaurus.com.conf: |
|
||||||
|
$HTTP["host"] == "spamasaurus.com" {
|
||||||
|
server.document-root = "/var/www/spamasaurus.com/public"
|
||||||
|
|
||||||
|
index-file.names += ("spamasaurusRex.login.php")
|
||||||
|
}
|
||||||
|
$HTTP["url"] =~ "^/.well-known/" {
|
||||||
|
mimetype.assign += ( "server" => "application/json" )
|
||||||
|
}
|
@ -1,141 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: lighttpd
|
|
||||||
spec:
|
|
||||||
ports:
|
|
||||||
- protocol: TCP
|
|
||||||
name: web
|
|
||||||
port: 8080
|
|
||||||
selector:
|
|
||||||
app: lighttpd
|
|
||||||
---
|
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: lighttpd
|
|
||||||
labels:
|
|
||||||
app: lighttpd
|
|
||||||
spec:
|
|
||||||
replicas: 1
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: lighttpd
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: lighttpd
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: lighttpd-php-pwsh
|
|
||||||
image: bv11-cr01.bessems.eu/library/lighttpd-php-powershell
|
|
||||||
ports:
|
|
||||||
- name: web
|
|
||||||
containerPort: 8080
|
|
||||||
volumeMounts:
|
|
||||||
- name: configmap-lighttpd-conf
|
|
||||||
mountPath: /etc/lighttpd/lighttpd.conf
|
|
||||||
subPath: lighttpd.conf
|
|
||||||
- name: configmap-lighttpd-conf
|
|
||||||
mountPath: /etc/lighttpd/.htpasswd
|
|
||||||
subPath: .htpasswd
|
|
||||||
- name: configmap-lighttpd-vhosts
|
|
||||||
mountPath: /etc/lighttpd/vhosts.d
|
|
||||||
- name: flexvolsmb-lighttpd-data
|
|
||||||
mountPath: /data/scripts
|
|
||||||
- name: flexvolsmb-lighttpd-websites
|
|
||||||
mountPath: /var/www/
|
|
||||||
volumes:
|
|
||||||
- name: configmap-lighttpd-conf
|
|
||||||
configMap:
|
|
||||||
name: configmap-lighttpd-conf
|
|
||||||
- name: configmap-lighttpd-vhosts
|
|
||||||
configMap:
|
|
||||||
name: configmap-lighttpd-vhosts
|
|
||||||
- name: flexvolsmb-lighttpd-data
|
|
||||||
persistentVolumeClaim:
|
|
||||||
claimName: flexvolsmb-lighttpd-data
|
|
||||||
- name: flexvolsmb-lighttpd-websites
|
|
||||||
persistentVolumeClaim:
|
|
||||||
claimName: flexvolsmb-lighttpd-websites
|
|
||||||
---
|
|
||||||
apiVersion: traefik.containo.us/v1alpha1
|
|
||||||
kind: IngressRoute
|
|
||||||
metadata:
|
|
||||||
name: lighttpd
|
|
||||||
spec:
|
|
||||||
entryPoints:
|
|
||||||
- websecure
|
|
||||||
routes:
|
|
||||||
- match: Host(`bessems.com`) || Host(`bessems.eu`) || Host(`gabaldon.eu`) || Host(`gabaldon.nl`) || Host(`sn.itch.fyi`) || Host(`spamasaurus.com`)
|
|
||||||
kind: Rule
|
|
||||||
services:
|
|
||||||
- name: lighttpd
|
|
||||||
port: 8080
|
|
||||||
middlewares:
|
|
||||||
- name: security-headers@file
|
|
||||||
- name: compression@file
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: PersistentVolume
|
|
||||||
metadata:
|
|
||||||
name: flexvolsmb-lighttpd-data
|
|
||||||
spec:
|
|
||||||
capacity:
|
|
||||||
storage: 1Gi
|
|
||||||
accessModes:
|
|
||||||
- ReadWriteMany
|
|
||||||
storageClassName: flexvolsmb-lighttpd-data
|
|
||||||
flexVolume:
|
|
||||||
driver: mount/smb
|
|
||||||
secretRef:
|
|
||||||
name: smb-secret
|
|
||||||
options:
|
|
||||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
|
|
||||||
server: 192.168.11.225
|
|
||||||
share: /K3s.Volumes/lighttpd/data
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: PersistentVolume
|
|
||||||
metadata:
|
|
||||||
name: flexvolsmb-lighttpd-websites
|
|
||||||
spec:
|
|
||||||
capacity:
|
|
||||||
storage: 1Gi
|
|
||||||
accessModes:
|
|
||||||
- ReadWriteMany
|
|
||||||
storageClassName: flexvolsmb-lighttpd-websites
|
|
||||||
flexVolume:
|
|
||||||
driver: mount/smb
|
|
||||||
secretRef:
|
|
||||||
name: smb-secret
|
|
||||||
options:
|
|
||||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
|
||||||
server: 192.168.11.225
|
|
||||||
share: /K3s.Volumes/lighttpd/websites
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: PersistentVolumeClaim
|
|
||||||
metadata:
|
|
||||||
name: flexvolsmb-lighttpd-data
|
|
||||||
namespace: default
|
|
||||||
spec:
|
|
||||||
accessModes:
|
|
||||||
- ReadWriteMany
|
|
||||||
storageClassName: flexvolsmb-lighttpd-data
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 1Gi
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: PersistentVolumeClaim
|
|
||||||
metadata:
|
|
||||||
name: flexvolsmb-lighttpd-websites
|
|
||||||
namespace: default
|
|
||||||
spec:
|
|
||||||
accessModes:
|
|
||||||
- ReadWriteMany
|
|
||||||
storageClassName: flexvolsmb-lighttpd-websites
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 1Gi
|
|
49
services/Lighttpd/deployment-lighttpd.yaml
Normal file
49
services/Lighttpd/deployment-lighttpd.yaml
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: lighttpd
|
||||||
|
namespace: lighttpd
|
||||||
|
labels:
|
||||||
|
app: lighttpd
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: lighttpd
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: lighttpd
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: lighttpd-php-pwsh
|
||||||
|
image: djpbessems/lighttpd-php-powershell
|
||||||
|
ports:
|
||||||
|
- name: web
|
||||||
|
containerPort: 8080
|
||||||
|
volumeMounts:
|
||||||
|
- name: configmap-lighttpd-conf
|
||||||
|
mountPath: /etc/lighttpd/lighttpd.conf
|
||||||
|
subPath: lighttpd.conf
|
||||||
|
- name: configmap-lighttpd-conf
|
||||||
|
mountPath: /etc/lighttpd/.htpasswd
|
||||||
|
subPath: .htpasswd
|
||||||
|
- name: configmap-lighttpd-vhosts
|
||||||
|
mountPath: /etc/lighttpd/vhosts.d
|
||||||
|
- name: flexvolsmb-lighttpd-data
|
||||||
|
mountPath: /data/scripts
|
||||||
|
- name: flexvolsmb-lighttpd-websites
|
||||||
|
mountPath: /var/www/
|
||||||
|
volumes:
|
||||||
|
- name: configmap-lighttpd-conf
|
||||||
|
configMap:
|
||||||
|
name: configmap-lighttpd-conf
|
||||||
|
- name: configmap-lighttpd-vhosts
|
||||||
|
configMap:
|
||||||
|
name: configmap-lighttpd-vhosts
|
||||||
|
- name: flexvolsmb-lighttpd-data
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: flexvolsmb-lighttpd-data
|
||||||
|
- name: flexvolsmb-lighttpd-websites
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: flexvolsmb-lighttpd-websites
|
17
services/Lighttpd/ingressroute-lighttpd.yaml
Normal file
17
services/Lighttpd/ingressroute-lighttpd.yaml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
apiVersion: traefik.containo.us/v1alpha1
|
||||||
|
kind: IngressRoute
|
||||||
|
metadata:
|
||||||
|
name: lighttpd
|
||||||
|
namespace: lighttpd
|
||||||
|
spec:
|
||||||
|
entryPoints:
|
||||||
|
- websecure
|
||||||
|
routes:
|
||||||
|
- match: Host(`bessems.com`) || Host(`bessems.eu`) || Host(`gabaldon.eu`) || Host(`gabaldon.nl`) || Host(`sn.itch.fyi`) || Host(`spamasaurus.com`)
|
||||||
|
kind: Rule
|
||||||
|
services:
|
||||||
|
- name: lighttpd
|
||||||
|
port: 8080
|
||||||
|
middlewares:
|
||||||
|
- name: security-headers@file
|
||||||
|
- name: compression@file
|
@ -0,0 +1,18 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolume
|
||||||
|
metadata:
|
||||||
|
name: flexvolsmb-lighttpd-data
|
||||||
|
spec:
|
||||||
|
capacity:
|
||||||
|
storage: 1Gi
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
storageClassName: flexvolsmb-lighttpd-data
|
||||||
|
flexVolume:
|
||||||
|
driver: mount/smb
|
||||||
|
secretRef:
|
||||||
|
name: flexvolsmb-credentials
|
||||||
|
options:
|
||||||
|
opts: file_mode=0777,dir_mode=0777,iocharset=utf8
|
||||||
|
server: 192.168.154.225
|
||||||
|
share: /K3s.Volumes/lighttpd/data
|
@ -0,0 +1,18 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolume
|
||||||
|
metadata:
|
||||||
|
name: flexvolsmb-lighttpd-websites
|
||||||
|
spec:
|
||||||
|
capacity:
|
||||||
|
storage: 1Gi
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
storageClassName: flexvolsmb-lighttpd-websites
|
||||||
|
flexVolume:
|
||||||
|
driver: mount/smb
|
||||||
|
secretRef:
|
||||||
|
name: flexvolsmb-credentials
|
||||||
|
options:
|
||||||
|
opts: file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
||||||
|
server: 192.168.154.225
|
||||||
|
share: /K3s.Volumes/lighttpd/websites
|
@ -0,0 +1,12 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: flexvolsmb-lighttpd-data
|
||||||
|
namespace: lighttpd
|
||||||
|
spec:
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
storageClassName: flexvolsmb-lighttpd-data
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 1Gi
|
@ -0,0 +1,12 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
name: flexvolsmb-lighttpd-websites
|
||||||
|
namespace: lighttpd
|
||||||
|
spec:
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
storageClassName: flexvolsmb-lighttpd-websites
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 1Gi
|
16
services/Lighttpd/sealedsecret-flexvolsmb-credentials.yaml
Normal file
16
services/Lighttpd/sealedsecret-flexvolsmb-credentials.yaml
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
apiVersion: bitnami.com/v1alpha1
|
||||||
|
kind: SealedSecret
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: flexvolsmb-credentials
|
||||||
|
namespace: lighttpd
|
||||||
|
spec:
|
||||||
|
encryptedData:
|
||||||
|
password: AgAc9UFx4rs5SmuntY7dUxf80geDlDc/zn9SaGWu4Z5n9aWJZZWlrAAq081fTeb4jjiR3bjdlKqgwLkKiIgkYlp1nBgfLsLo5rE49c8eo+s0x+0L2gVj9ArqHWD5hw76evnD73AU3zuQGNoHg7x7iUmyCtBk9kLDQTXWsLkSnb0HLB7knOqQjK8C1uC4eTdjQRLmhevQAl/oxiDZ8lf/xkj7GH3o0Gp6DKiGetnKYsaJJGPeImdAQzHMlH7F0ypQGMeyWU9zh4ro8a8G+Sxorjz45ws/ORpN6jWifnDX0xshVjsVM/hD98xui7thsf++B8JxZK0i+sls0zpgtJvKyzJJytOXknPNMyqG+S5QN94iFfoCnP1ZgBGdEJVI7c+RXFekenXSNgrCqjCEHy+L09AjTXOwrtPfQovhw7ai7lAsE6f4N5uU8XbYdbqh6jG442ZowWyl0vpVa1Ea93Fy205vxoncasAiO0UT0UcMxekZ5jzeJU8crxieCtck7Z65GsHWuoWLSH2PX43k1JSKMG5zbZNvOszjR58fXHdj/HjXug9K5hHJekNk0A4+iAY/SwdzxaTCKbQgly4HTHX2JqBHMXRDYGm15qns/R5O48XcEs7aEWWVDvYyeiDrSM0il/29kMNb+vwzaPOdSwfb5GShZcirRWQgAdPdEM36Z6O1h+EoeazO6/Hj+JYf+DcX8/5DuC1nTkhQj9NFmoLzrHtc
|
||||||
|
username: AgDW9pYxGa/I0NBjXWcqcHZY2ZSY9IUd/sOyg40e6T5wPSioUgWqn3tf3EzNqUVJsSJndKWZnagXZGMafkYS3WYOsrIiSR4jyAtHc7t7D9TGw8dEzXeP8UF+ICCpd3YzD7856+Xov9pmXziHS1gT5hqywdFEruoiR9gtbrdEqG0PHFt96Bcve5JillbFWh2VsRBe4gMKoRfjGHd69voGsqkn3H4VwHITRWixNploRXOyq1+hO49Ka+Rs4TbQvXWTVAyqYZEWWKC9W0S8CN3mhzBDg+JNHSzsd1BqQNQ+lJ9S12gaTphWH5v+IUSlCWsIGDjwC5oKTzy5IYcw5V/DcfMl8/vYexb2dB4nQo0vJb1Ip+HPrBSl3HvV/Vz7Tq2fXN0h7QvyUjeEsTQaMrYe47AuMBCiNcmUY5z1KwNMfNjXSYbJEqLZ25ABj2xNq2GefZhWcBOl3zkQExgGfrmfh8eSzThMkfY8NpWho9DfitD44a9B9J2hGn5H/eUKbEJXLYs8JKXXBfSYZQJS7ac/ub/iPDfefSPPXeJFPBZIwnSP/khp9D/6/4tVQyT1XijJBrD2FkcX6nE5fcrnVmJtGEv6YBkOSyszJqtTBjXbHQuNnyCc2R//ybPev+CIyGvD2uZwN5b/8nKbABweLPRKpRJlM2v4e1N/Y70hxSOIN5iFd7FSG/8QV0U8Jm6ZI7xkoHAAitu8A2U=
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
name: flexvolsmb-credentials
|
||||||
|
namespace: lighttpd
|
||||||
|
type: mount/smb
|
12
services/Lighttpd/service-lighttpd.yaml
Normal file
12
services/Lighttpd/service-lighttpd.yaml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: lighttpd
|
||||||
|
namespace: lighttpd
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- protocol: TCP
|
||||||
|
name: web
|
||||||
|
port: 8080
|
||||||
|
selector:
|
||||||
|
app: lighttpd
|
Loading…
Reference in New Issue
Block a user