Refactor Argus,Gotify,Lighttpd

This commit is contained in:
Danny Bessems 2024-01-02 17:31:53 +11:00
parent 0c64929fb6
commit 631bc2afce
31 changed files with 326 additions and 299 deletions

View File

@ -18,7 +18,7 @@ spec:
serviceAccountName: argus serviceAccountName: argus
containers: containers:
- name: argus - name: argus
image: bv11-cr01.bessems.eu/proxy/releaseargus/argus:0.13.3 image: releaseargus/argus:0.13.3
ports: ports:
- name: web - name: web
containerPort: 8080 containerPort: 8080

View File

@ -12,8 +12,8 @@ spec:
flexVolume: flexVolume:
driver: mount/smb driver: mount/smb
secretRef: secretRef:
name: smb-secret name: flexvolsmb-credentials
options: options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl opts: file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
server: 192.168.11.225 server: 192.168.154.225
share: /K3s.Volumes/argus/data share: /K3s.Volumes/argus/data

View File

@ -1,17 +0,0 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: smb-secret
namespace: argus
spec:
encryptedData:
password: AgBYWANvTuW3Ju9BujDeu/49Gnm0seDpJH8pPOCa1Qaol1cydKRvjZrNmzA3PL33zLCfu4AbvyNfCujkzT7AzhEbwhiSH7aXu8ksJhg6yu4K+xpmt9EhGcFbVjmW7Of/fMFwBARUz3wUwD8K9/OupbTLPOVW0eHyT4Z4uFxgnmsoa7QXT+zbvBxRnoj4XdSE+WYREHxe8JU/ApEwwQODN7nky03ipu+YUbkiGvVYO8jtXPfLKzMt8FaIuszmb8gWH7U8mZfYRbcWP3c5A60RdjgsHl2Md1VrMK0TipiRvNKKeH7bLH1PDVc34Od7ABMP7MYAFZm/1j1PbpQyw9YbGJgV7pfOypkcZSg59DWjwE7apOyZioUXtuxKtJh/h3dFEf07Xpvpv/hjCQFaOUPo6k5Hz5e7FtMRVwp7uwncgBhvHsKdApLsVW6OAPg38bLVw8FG7nAucoye3vaZgymnDerORnMpM14IJZiQ1LSGKKvxHBWR+m+CyhfxpZAuaspb0qnjDJvQopdPiE11JBIfnACsAr3KbrLHCRHe2xIcxGxUOH+EC59Z5c0dEpLph7cGMAEmSqHCa4jm4ImRRPX0pC6zWmJXm01NNrIuJea/M23UrCvmFuu0NfOm1z28bzRANhaQub6DWhId2V9O40q8HFP3tSlrJvbbIx0BdeEKu8mJfq3003A3PITNJu3twQtlsVmBbYKsTu3YPO6dIljpVGNG
username: AgCPKfz4Di7U7gnenWAX8pZZPda6taa9QHKtHHXP4ukr1gPXwsm9q+60cjRqOs97G6RAzZfxRIZQi4D4zcjeHj9R9ByoDn/OPQSpDdIenWWZKasECUNRXwNXPH66BJ+TBgxtcsu2TvlQRT4q9l1WdDif0KeNd0hufmFY/xXA3Np6Q5mRukQa4uIXIGOZihxSjbjIpiplKVQsgGhErhfsxUkQVP7v8Z5nr+nOQ+R/SoyE2IbZJWyFIg28lUIGhcFsDJxNdysuPrQ2DclLhgJbOEgjsPp+9wfj+j1EnIVGByGBPYi+ejdX0+dcTiX1j/gSnILe5lH83uLS03Kz2BDPipYSvDQuJWex0ObYAc2XcutJggYSbkXGe8OsHKESgEVEDespaz6wgcpgwnn0nPEd6DmDaSDPH22dlFIpNLJcGB4JCZ5skmUx1JP+bNZGE0Hs/R4t/T2VXYbVRFD1n0AaeZCcsUZpt8FFVYdtqRoJG19JxVqpUkJcXQxy1YiNxlKNtI8eC+BmltOTMMBDCu1osbFyuh6UhK21neUOyFQZ0EsvWBiuNKqjIyibmmEGkDFfGNMliJDGtUXr62WJ1TZfFCifWSofOHOw2ZQNB1m6dC+MlNm4+VmOw+kSTGtFF7kv0+AABv+AJnpPr24OjrYkwnlOsXpD4CIut3ySK0I/PixrxUddS+DB52xguWZedgUuKlU4fLeOpos=
template:
data: null
metadata:
creationTimestamp: null
name: smb-secret
namespace: argus
type: mount/smb

View File

@ -0,0 +1,16 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: flexvolsmb-credentials
namespace: argus
spec:
encryptedData:
password: AgAs9RV1K8QyPLGXXc0+RBOqY3VKNMa4No51KIOv9keZJavJFSzQPcuaWXqpl0fVI9zYXLyIHdyRbXL0GrvYlWboR1VPskFNcp7MnCkzRpawgo4QfE9Q+WDI4yZg4eK/8XGejAjCQU/KsFU8dVWHuHG1/W8kV2dOvKIhX6FTirKMDedVDmdgojAPMGM8+smPfC8+yBs5O4+IZtGKOe8mEH2c/3dYu6GK5q9N6czBYMuj1E0b+8fHjlWjh6fe5DDCUGUXqY2BZCxMSKOZReUbWEdPNU6MtdTHNglVhRMo//6mlA2VVkAlB9uaCdGmCMs/VJ3pS8NEeTd86zukyoY+j3JHvRrHuxGVEoKqnFE9pEgO/UB4SyuVVWbNQ4+QXdyDTHgmArvd+MfRvtdj9Kkc18CWKXyRTj41lKG+C/vBM0ATt+hk4QvacEt65kZ+fY6TZHYJq6JluuDrwQmDKcuv44uL6t9/aGpzfGTx4OnZqxC/qvX0V4GhkRzwLLxMhqZa1ZbqgRXLHero10f4JvD/usmJcHZP1hgohUXbSlOqNSWIQk0weaZjTabT1xBxXjVzDBywnzcmixmJsOuuZuvYrbrsKaHNC6gcvZArj/no9Rv5V4mVihRfGuxJs++GCAfq3FdseuMCCvLe306henvSftvSjNNodc+JFJaTf3m4PknSYH9uEkV2CXGm2obRUpUNBUiJd9Icr/ug4jOzNmZNOlOC
username: AgCHpKikNpk3UAHuBA62jZSTdiVatTI8Qnmiu6LGhZYraks2h9gOtgjg6mukxXcy6IO6LKVr68DaxOfvYE4LdFQdrq0SI2syzofc4n+FCXn6f2HlBVhqOFGrVE9qUE36lKHJEFccvkirzhgpy2M8OX6KtwywTBvsVujzla5OXR19vgNao9jTzsOL98wQfU1TYyaBw9y45kyCB7x8PQNw78GmeWJ5KLVNXN/yHowE8Qmlvh86QV58NuTKC1rVbSqh3VnjnZuz/BSUUDV4GitZLqWKSZ5hZyPWC9DZXzUI85d8+BfHJ7hrPhBd7ehUpbpFQfIQQA1VNAZvOEXU5EClmd6iQ3fWrYo6hOxYZkiE/qcNkSLXmbWYBixq6s7RLJwHlxVNQt9J11XM5DY9OlA7XhPa9zo8FRrYDwkjQGahgA/AzwvIKpOBbVfCMSl+crm3jjQthEL3DN/6ZowYq5NXG9n6rhvOxTjvmqx9FP3RT5OyPFkXGCrTJ8JqPgxyp/Vy6si9bjiqzwJtXY6ZeyCFLW9mOdQmn2vgFxviDM8pxaBmOJFdbJNuiHV5Tc6iM9YBi3n3hTV/tbiMmKeVQSKydm5ZGsgD4/CJT4oDFynjhWObvYPLphb/hccM6m6c7Hf/i9FI1LOCk1cBRbyXRV9Cds92OljAx3YnaumyZ5eRgdROdAbcqqhjR48k/UCsY5tUv+LktyuzVqA=
template:
metadata:
creationTimestamp: null
name: flexvolsmb-credentials
namespace: argus
type: mount/smb

View File

@ -1,9 +0,0 @@
apiVersion: v1
data:
password: QmVyQXdyRThFV1J1ZmFXMw==
username: enpjaWZz
kind: Secret
metadata:
name: smb-secret
namespace: argus
type: mount/smb

View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: gotify

View File

@ -1,90 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: gotify
spec:
ports:
- protocol: TCP
name: web
port: 80
selector:
app: gotify
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gotify
labels:
app: gotify
spec:
replicas: 1
selector:
matchLabels:
app: gotify
template:
metadata:
labels:
app: gotify
spec:
containers:
- name: gotify
image: bv11-cr01.bessems.eu/proxy/gotify/server
ports:
- name: web
containerPort: 80
volumeMounts:
- mountPath: /app/data
name: flexvolsmb-gotify-data
volumes:
- name: flexvolsmb-gotify-data
persistentVolumeClaim:
claimName: flexvolsmb-gotify-data
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: gotify
spec:
entryPoints:
- websecure
routes:
- match: Host(`notify.spamasaurus.com`)
kind: Rule
services:
- name: gotify
port: 80
middlewares:
- name: security-headers@file
- name: compression@file
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-gotify-data
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-gotify-data
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/gotify/data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-gotify-data
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-gotify-data
resources:
requests:
storage: 1Gi

View File

@ -0,0 +1,30 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: gotify
namespace: gotify
labels:
app: gotify
spec:
replicas: 1
selector:
matchLabels:
app: gotify
template:
metadata:
labels:
app: gotify
spec:
containers:
- name: gotify
image: gotify/server
ports:
- name: web
containerPort: 80
volumeMounts:
- mountPath: /app/data
name: flexvolsmb-gotify-data
volumes:
- name: flexvolsmb-gotify-data
persistentVolumeClaim:
claimName: flexvolsmb-gotify-data

View File

@ -0,0 +1,17 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: gotify
namespace: gotify
spec:
entryPoints:
- websecure
routes:
- match: Host(`notify.spamasaurus.com`)
kind: Rule
services:
- name: gotify
port: 80
middlewares:
- name: security-headers@file
- name: compression@file

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-gotify-data
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-gotify-data
flexVolume:
driver: mount/smb
secretRef:
name: flexvolsmb-credentials
options:
opts: file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
server: 192.168.154.225
share: /K3s.Volumes/gotify/data

View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-gotify-data
namespace: gotify
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-gotify-data
resources:
requests:
storage: 1Gi

View File

@ -0,0 +1,16 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: flexvolsmb-credentials
namespace: gotify
spec:
encryptedData:
password: AgCbVh6VlH65jVBXiCQ0Ak3+XI1AyCaTykxDzi6F/4FFnXl5jRmJAGank50t5kt9GLpIqNPdx0ZKxlDgOVEiFjDf6J14jkYMrOP39oYcqDfg6ZHmLAvM1/LzjAnd0pR3C7rDc8TCOUGSjw+j1PjOoqkS0oYPsB7xTBkappF/e8JcmVO6DZwdZDyHMEAd/DgGE+BZNbPC1JPUv4D9l/lSAri7WIMhh9dhcvvvV+KJ/YuAksxLY4ruomtwDmYXNHh3X6BZMbOXwgxmzGU6wtOqxCWC2IcMEMPG5/AaH2A3oXLqMwIcVD+WOb2zHI7dCtDdRVTblh4gqylmm0iCLsFfhztj+1/EPGL4fpiqXgjPs0EjKY1bFndNiKw3d3zK58Id8aHnJWXcdrIuNm0sJlXIt8k6vSZTKcT5WiDeKBgqubCh90MZbixThRTGhZ99CuznvukbCGm0ukL+/s7y+8zN7hRwIQFnUrGFFha951t8SU8JTc56vKhJ+cf036ka3y2fz6zVMFfxp4K5S8RiQ3RS5jWdzmby5KGZvh70WGrbXrWWuEeVlCF1TU3nrzLW2g+eKCn5cRVU8oN2CvWPRIDJQsNNGf5rCc4Zhy7ikjwBWIFg13YjdXL5dXyCHRBwllyZqqlYAvpxxSKexClMip2cvLQ4gTP9saO77+gAYbBKz/x7/xW6ZWH1WqspYTi6K+5zBsgQ+rVuz04sfLp2iRObs+Zp
username: AgAoVIGIHXhuW3vITMT24TGVNBKhxHvVqCqNLJwShqA0xqWLfd7DE7YXOe6/RV7bcBIeQOYxNCPDmMhild4tAx9Rd4PLV1c6NQdOUYqiRbIuWS32R74g4njL+7eBkfi8aGZUXm0dLBy1jFNHEUd+XssWIbQDsbu8fbRD1ENgmocc0dAmfDTuiqvZ9hIAZFEOjmjw3PIEgJw1FXFTWOUIc287MEk5kJ+7oYzdA52qBt6nrfGapFCvy1cSmiKhhY1WYEEn6Rd0/XWlMd09YH8rDkt9gkvP3omfVMzJ4WUuFaDlfz4WnWdOSy+XGc39xOsC6zFC9FA0t3FGzyvyucmroabnUI51LGLRQ5LUgmAhTfSliZFZ+nXWa7sSs2N2CtCSJExG3mgZ7js2s53mHM8XkcCYJfsaNuGkVDCzJI/536/3mB7xe292h4DJmOu3JO4cRIivu8Uxva4j+KvByfhnHdhiZUERgJKtljc+32Yg1f6Z37GYbUBjnzmgm/+b5JMpAgEeu+KaTU9QK2WgwlY5pTLle/Q6oyrqB9EsodhosuQvi/mbq0ZwrxCkcrp+IZKJdauFyEuLhO4WEi7zdxFlAAA1bGfepkJC2kV540o7Yy6CfOM22E5XPBlGhCraGVjYvdUfyFxI9bR8HyUv7DjT/oaJmkm13KNsJNn+K72I7YjZDgiqCXsChzdVv7BkySw3glvwXMTCIrs=
template:
metadata:
creationTimestamp: null
name: flexvolsmb-credentials
namespace: gotify
type: mount/smb

View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: gotify
namespace: gotify
spec:
ports:
- protocol: TCP
name: web
port: 80
selector:
app: gotify

View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: lighttpd

View File

@ -2,6 +2,7 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
name: configmap-lighttpd-conf name: configmap-lighttpd-conf
namespace: lighttpd
data: data:
lighttpd.conf: | lighttpd.conf: |
server.modules = ( server.modules = (
@ -37,41 +38,3 @@ data:
include_shell "cat /etc/lighttpd/vhosts.d/*.conf" include_shell "cat /etc/lighttpd/vhosts.d/*.conf"
.htpasswd: | .htpasswd: |
readaccess:7eds8PvDwgkWvFZRnyKpTUDTzgi87mh4 readaccess:7eds8PvDwgkWvFZRnyKpTUDTzgi87mh4
---
apiVersion: v1
kind: ConfigMap
metadata:
name: configmap-lighttpd-vhosts
data:
bessems.com.conf: |
$HTTP["host"] =~ "^bessems\.(com|eu)$" {
server.document-root = "/var/www/bessems.com/"
}
gabaldon.eu.conf: |
$HTTP["host"] =~ "^gabaldon\.(eu|nl)$" {
server.document-root = "/var/www/gabaldon.eu/"
}
sn.itch.fyi.conf: |
$HTTP["host"] == "sn.itch.fyi" {
server.document-root = "/var/www/sn.itch.fyi/"
index-file.names += ("/_h5ai/public/index.php")
}
$HTTP["url"] =~ "^/repository|^/Repository" {
auth.require = (
"" => (
"method" => "basic",
"realm" => "Restricted access",
"require" => "user=readaccess"
)
)
}
spamasaurus.com.conf: |
$HTTP["host"] == "spamasaurus.com" {
server.document-root = "/var/www/spamasaurus.com/public"
index-file.names += ("spamasaurusRex.login.php")
}
$HTTP["url"] =~ "^/.well-known/" {
mimetype.assign += ( "server" => "application/json" )
}

View File

@ -0,0 +1,38 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: configmap-lighttpd-vhosts
namespace: lighttpd
data:
bessems.com.conf: |
$HTTP["host"] =~ "^bessems\.(com|eu)$" {
server.document-root = "/var/www/bessems.com/"
}
gabaldon.eu.conf: |
$HTTP["host"] =~ "^gabaldon\.(eu|nl)$" {
server.document-root = "/var/www/gabaldon.eu/"
}
sn.itch.fyi.conf: |
$HTTP["host"] == "sn.itch.fyi" {
server.document-root = "/var/www/sn.itch.fyi/"
index-file.names += ("/_h5ai/public/index.php")
}
$HTTP["url"] =~ "^/repository|^/Repository" {
auth.require = (
"" => (
"method" => "basic",
"realm" => "Restricted access",
"require" => "user=readaccess"
)
)
}
spamasaurus.com.conf: |
$HTTP["host"] == "spamasaurus.com" {
server.document-root = "/var/www/spamasaurus.com/public"
index-file.names += ("spamasaurusRex.login.php")
}
$HTTP["url"] =~ "^/.well-known/" {
mimetype.assign += ( "server" => "application/json" )
}

View File

@ -1,141 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: lighttpd
spec:
ports:
- protocol: TCP
name: web
port: 8080
selector:
app: lighttpd
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: lighttpd
labels:
app: lighttpd
spec:
replicas: 1
selector:
matchLabels:
app: lighttpd
template:
metadata:
labels:
app: lighttpd
spec:
containers:
- name: lighttpd-php-pwsh
image: bv11-cr01.bessems.eu/library/lighttpd-php-powershell
ports:
- name: web
containerPort: 8080
volumeMounts:
- name: configmap-lighttpd-conf
mountPath: /etc/lighttpd/lighttpd.conf
subPath: lighttpd.conf
- name: configmap-lighttpd-conf
mountPath: /etc/lighttpd/.htpasswd
subPath: .htpasswd
- name: configmap-lighttpd-vhosts
mountPath: /etc/lighttpd/vhosts.d
- name: flexvolsmb-lighttpd-data
mountPath: /data/scripts
- name: flexvolsmb-lighttpd-websites
mountPath: /var/www/
volumes:
- name: configmap-lighttpd-conf
configMap:
name: configmap-lighttpd-conf
- name: configmap-lighttpd-vhosts
configMap:
name: configmap-lighttpd-vhosts
- name: flexvolsmb-lighttpd-data
persistentVolumeClaim:
claimName: flexvolsmb-lighttpd-data
- name: flexvolsmb-lighttpd-websites
persistentVolumeClaim:
claimName: flexvolsmb-lighttpd-websites
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: lighttpd
spec:
entryPoints:
- websecure
routes:
- match: Host(`bessems.com`) || Host(`bessems.eu`) || Host(`gabaldon.eu`) || Host(`gabaldon.nl`) || Host(`sn.itch.fyi`) || Host(`spamasaurus.com`)
kind: Rule
services:
- name: lighttpd
port: 8080
middlewares:
- name: security-headers@file
- name: compression@file
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-lighttpd-data
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-lighttpd-data
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/lighttpd/data
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-lighttpd-websites
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-lighttpd-websites
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/lighttpd/websites
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-lighttpd-data
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-lighttpd-data
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-lighttpd-websites
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-lighttpd-websites
resources:
requests:
storage: 1Gi

View File

@ -0,0 +1,49 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: lighttpd
namespace: lighttpd
labels:
app: lighttpd
spec:
replicas: 1
selector:
matchLabels:
app: lighttpd
template:
metadata:
labels:
app: lighttpd
spec:
containers:
- name: lighttpd-php-pwsh
image: djpbessems/lighttpd-php-powershell
ports:
- name: web
containerPort: 8080
volumeMounts:
- name: configmap-lighttpd-conf
mountPath: /etc/lighttpd/lighttpd.conf
subPath: lighttpd.conf
- name: configmap-lighttpd-conf
mountPath: /etc/lighttpd/.htpasswd
subPath: .htpasswd
- name: configmap-lighttpd-vhosts
mountPath: /etc/lighttpd/vhosts.d
- name: flexvolsmb-lighttpd-data
mountPath: /data/scripts
- name: flexvolsmb-lighttpd-websites
mountPath: /var/www/
volumes:
- name: configmap-lighttpd-conf
configMap:
name: configmap-lighttpd-conf
- name: configmap-lighttpd-vhosts
configMap:
name: configmap-lighttpd-vhosts
- name: flexvolsmb-lighttpd-data
persistentVolumeClaim:
claimName: flexvolsmb-lighttpd-data
- name: flexvolsmb-lighttpd-websites
persistentVolumeClaim:
claimName: flexvolsmb-lighttpd-websites

View File

@ -0,0 +1,17 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: lighttpd
namespace: lighttpd
spec:
entryPoints:
- websecure
routes:
- match: Host(`bessems.com`) || Host(`bessems.eu`) || Host(`gabaldon.eu`) || Host(`gabaldon.nl`) || Host(`sn.itch.fyi`) || Host(`spamasaurus.com`)
kind: Rule
services:
- name: lighttpd
port: 8080
middlewares:
- name: security-headers@file
- name: compression@file

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-lighttpd-data
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-lighttpd-data
flexVolume:
driver: mount/smb
secretRef:
name: flexvolsmb-credentials
options:
opts: file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.154.225
share: /K3s.Volumes/lighttpd/data

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-lighttpd-websites
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-lighttpd-websites
flexVolume:
driver: mount/smb
secretRef:
name: flexvolsmb-credentials
options:
opts: file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
server: 192.168.154.225
share: /K3s.Volumes/lighttpd/websites

View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-lighttpd-data
namespace: lighttpd
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-lighttpd-data
resources:
requests:
storage: 1Gi

View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-lighttpd-websites
namespace: lighttpd
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-lighttpd-websites
resources:
requests:
storage: 1Gi

View File

@ -0,0 +1,16 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: flexvolsmb-credentials
namespace: lighttpd
spec:
encryptedData:
password: AgAc9UFx4rs5SmuntY7dUxf80geDlDc/zn9SaGWu4Z5n9aWJZZWlrAAq081fTeb4jjiR3bjdlKqgwLkKiIgkYlp1nBgfLsLo5rE49c8eo+s0x+0L2gVj9ArqHWD5hw76evnD73AU3zuQGNoHg7x7iUmyCtBk9kLDQTXWsLkSnb0HLB7knOqQjK8C1uC4eTdjQRLmhevQAl/oxiDZ8lf/xkj7GH3o0Gp6DKiGetnKYsaJJGPeImdAQzHMlH7F0ypQGMeyWU9zh4ro8a8G+Sxorjz45ws/ORpN6jWifnDX0xshVjsVM/hD98xui7thsf++B8JxZK0i+sls0zpgtJvKyzJJytOXknPNMyqG+S5QN94iFfoCnP1ZgBGdEJVI7c+RXFekenXSNgrCqjCEHy+L09AjTXOwrtPfQovhw7ai7lAsE6f4N5uU8XbYdbqh6jG442ZowWyl0vpVa1Ea93Fy205vxoncasAiO0UT0UcMxekZ5jzeJU8crxieCtck7Z65GsHWuoWLSH2PX43k1JSKMG5zbZNvOszjR58fXHdj/HjXug9K5hHJekNk0A4+iAY/SwdzxaTCKbQgly4HTHX2JqBHMXRDYGm15qns/R5O48XcEs7aEWWVDvYyeiDrSM0il/29kMNb+vwzaPOdSwfb5GShZcirRWQgAdPdEM36Z6O1h+EoeazO6/Hj+JYf+DcX8/5DuC1nTkhQj9NFmoLzrHtc
username: AgDW9pYxGa/I0NBjXWcqcHZY2ZSY9IUd/sOyg40e6T5wPSioUgWqn3tf3EzNqUVJsSJndKWZnagXZGMafkYS3WYOsrIiSR4jyAtHc7t7D9TGw8dEzXeP8UF+ICCpd3YzD7856+Xov9pmXziHS1gT5hqywdFEruoiR9gtbrdEqG0PHFt96Bcve5JillbFWh2VsRBe4gMKoRfjGHd69voGsqkn3H4VwHITRWixNploRXOyq1+hO49Ka+Rs4TbQvXWTVAyqYZEWWKC9W0S8CN3mhzBDg+JNHSzsd1BqQNQ+lJ9S12gaTphWH5v+IUSlCWsIGDjwC5oKTzy5IYcw5V/DcfMl8/vYexb2dB4nQo0vJb1Ip+HPrBSl3HvV/Vz7Tq2fXN0h7QvyUjeEsTQaMrYe47AuMBCiNcmUY5z1KwNMfNjXSYbJEqLZ25ABj2xNq2GefZhWcBOl3zkQExgGfrmfh8eSzThMkfY8NpWho9DfitD44a9B9J2hGn5H/eUKbEJXLYs8JKXXBfSYZQJS7ac/ub/iPDfefSPPXeJFPBZIwnSP/khp9D/6/4tVQyT1XijJBrD2FkcX6nE5fcrnVmJtGEv6YBkOSyszJqtTBjXbHQuNnyCc2R//ybPev+CIyGvD2uZwN5b/8nKbABweLPRKpRJlM2v4e1N/Y70hxSOIN5iFd7FSG/8QV0U8Jm6ZI7xkoHAAitu8A2U=
template:
metadata:
creationTimestamp: null
name: flexvolsmb-credentials
namespace: lighttpd
type: mount/smb

View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: lighttpd
namespace: lighttpd
spec:
ports:
- protocol: TCP
name: web
port: 8080
selector:
app: lighttpd