Delete commit history along with sensitive data
This commit is contained in:
16
services/Adminer/configMap_Adminer.yml
Normal file
16
services/Adminer/configMap_Adminer.yml
Normal file
@ -0,0 +1,16 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: configmap-adminer-conf
|
||||
data:
|
||||
login-password-less.php: |
|
||||
<?php
|
||||
require_once('plugins/login-password-less.php');
|
||||
|
||||
/** Set allowed password
|
||||
* @param string result of password_hash
|
||||
*/
|
||||
return new AdminerLoginPasswordLess(
|
||||
$password_hash = password_hash(rtrim(file_get_contents('/vault/secrets/sqlitepw')), PASSWORD_DEFAULT)
|
||||
);
|
||||
?>
|
112
services/Adminer/deploy-Adminer.yml
Normal file
112
services/Adminer/deploy-Adminer.yml
Normal file
@ -0,0 +1,112 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: adminer
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: web
|
||||
port: 8080
|
||||
selector:
|
||||
app: adminer
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: adminer
|
||||
labels:
|
||||
app: adminer
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: adminer
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
vault.hashicorp.com/agent-inject: "true"
|
||||
vault.hashicorp.com/agent-inject-secret-sqlitepw: "secret/adminer"
|
||||
vault.hashicorp.com/role: "adminer"
|
||||
vault.hashicorp.com/agent-inject-template-sqlitepw: |
|
||||
{{ with secret "secret/adminer" -}}
|
||||
{{ .Data.data.sqlitepw }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app: adminer
|
||||
spec:
|
||||
serviceAccountName: adminer
|
||||
containers:
|
||||
- name: adminer
|
||||
image: adminer
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 8080
|
||||
volumeMounts:
|
||||
- mountPath: /mnt/websites
|
||||
name: flexvolsmb-adminer-websites
|
||||
- name: configmap-adminer-conf
|
||||
mountPath: /var/www/html/plugins-enabled/login-password-less.php
|
||||
subPath: login-password-less.php
|
||||
volumes:
|
||||
- name: flexvolsmb-adminer-websites
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-adminer-websites
|
||||
- name: configmap-adminer-conf
|
||||
configMap:
|
||||
name: configmap-adminer-conf
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: adminer
|
||||
labels:
|
||||
app: adminer
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: adminer
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`sql.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: adminer
|
||||
port: 8080
|
||||
middlewares:
|
||||
- name: 2fa-authentication@file
|
||||
- name: security-headers@file
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-adminer-websites
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-adminer-websites
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/lighttpd/websites
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-adminer-websites
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-adminer-websites
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
142
services/Authelia/deploy-Authelia.yml
Normal file
142
services/Authelia/deploy-Authelia.yml
Normal file
@ -0,0 +1,142 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: authelia
|
||||
labels:
|
||||
app: authelia
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: authelia
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: authelia
|
||||
spec:
|
||||
containers:
|
||||
- name: authelia
|
||||
image: authelia/authelia
|
||||
env:
|
||||
- name: TZ
|
||||
value: Europe/Amsterdam
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 9091
|
||||
volumeMounts:
|
||||
- name: flexvolsmb-authelia-conf
|
||||
mountPath: /config
|
||||
- name: redis
|
||||
image: redis:alpine
|
||||
args:
|
||||
- redis-server
|
||||
- --requirepass authelia
|
||||
- --appendonly yes
|
||||
ports:
|
||||
- name: redis
|
||||
containerPort: 6379
|
||||
volumeMounts:
|
||||
- name: flexvolsmb-authelia-redis
|
||||
mountPath: /data
|
||||
volumes:
|
||||
- name: flexvolsmb-authelia-conf
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-authelia-conf
|
||||
- name: flexvolsmb-authelia-redis
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-authelia-redis
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: authelia
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: web
|
||||
port: 9091
|
||||
- protocol: TCP
|
||||
name: redis
|
||||
port: 6379
|
||||
selector:
|
||||
app: authelia
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: authelia
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`auth.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: authelia
|
||||
port: 9091
|
||||
middlewares:
|
||||
- name: security-headers@file
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-authelia-conf
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-authelia-conf
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0600,dir_mode=0600,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/authelia/conf
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-authelia-conf
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-authelia-conf
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-authelia-redis
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-authelia-redis
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=1000,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/authelia/redis
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-authelia-redis
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-authelia-redis
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
135
services/Bitwarden/deployment_Bitwarden.yml
Normal file
135
services/Bitwarden/deployment_Bitwarden.yml
Normal file
@ -0,0 +1,135 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: bitwarden
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: ui
|
||||
port: 8080
|
||||
- protocol: TCP
|
||||
name: websocket
|
||||
port: 3012
|
||||
selector:
|
||||
app: bitwarden
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: bitwarden
|
||||
labels:
|
||||
app: bitwarden
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: bitwarden
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
vault.hashicorp.com/agent-inject: "true"
|
||||
vault.hashicorp.com/agent-inject-secret-bitwarden: "secret/bitwarden"
|
||||
vault.hashicorp.com/role: "bitwarden"
|
||||
vault.hashicorp.com/agent-inject-template-bitwarden: |
|
||||
{{ with secret "secret/bitwarden" -}}
|
||||
export ADMIN_TOKEN="{{ .Data.data.admintoken }}"
|
||||
export YUBICO_CLIENT_ID="{{ .Data.data.yubicoclientid }}"
|
||||
export YUBICO_SECRET_KEY="{{ .Data.data.yubicosecretkey }}"
|
||||
{{- end }}
|
||||
labels:
|
||||
app: bitwarden
|
||||
spec:
|
||||
serviceAccountName: bitwarden
|
||||
containers:
|
||||
- name: bitwarden
|
||||
image: bitwardenrs/server
|
||||
args: ["sh", "-c", ". /vault/secrets/bitwarden && /start.sh"]
|
||||
env:
|
||||
- name: ENABLE_DB_WAL
|
||||
value: "false"
|
||||
- name: ROCKET_PORT
|
||||
value: "8080"
|
||||
- name: SIGNUPS_ALLOWED
|
||||
value: "false"
|
||||
- name: WEBSOCKET_ENABLED
|
||||
value: "true"
|
||||
- name: WEBSOCKET_PORT
|
||||
value: "3012"
|
||||
- name: LOG_LEVEL
|
||||
value: "debug"
|
||||
- name: EXTENDED_LOGGING
|
||||
value: "true"
|
||||
ports:
|
||||
- name: ui
|
||||
containerPort: 8080
|
||||
- name: websocket
|
||||
containerPort: 3012
|
||||
volumeMounts:
|
||||
- mountPath: /data
|
||||
name: flexvolsmb-bitwarden-data
|
||||
volumes:
|
||||
- name: flexvolsmb-bitwarden-data
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-bitwarden-data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: bitwarden
|
||||
labels:
|
||||
app: bitwarden
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: bitwarden
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`vault.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: bitwarden
|
||||
port: 8080
|
||||
middlewares:
|
||||
- name: security-headers@file
|
||||
- match: Host(`vault.spamasaurus.com`) && Path(`/notifications/hub`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: bitwarden
|
||||
port: 3012
|
||||
middlewares:
|
||||
- name: security-headers@file
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-bitwarden-data
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-bitwarden-data
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/bitwarden/data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-bitwarden-data
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-bitwarden-data
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
26
services/DDclient/deploy-DDclient.yml
Normal file
26
services/DDclient/deploy-DDclient.yml
Normal file
@ -0,0 +1,26 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: ddclient
|
||||
labels:
|
||||
app: ddclient
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: ddclient
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: ddclient
|
||||
spec:
|
||||
containers:
|
||||
- name: ddclient
|
||||
image: linuxserver/ddclient
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: ddclient-secret
|
||||
volumes:
|
||||
- name: ddclient-secret
|
||||
secret:
|
||||
secretName: ddclient-secret
|
35
services/DDclient/secret-DDclient.yml
Normal file
35
services/DDclient/secret-DDclient.yml
Normal file
@ -0,0 +1,35 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: ddclient-secret
|
||||
labels:
|
||||
app: ddclient
|
||||
stringData:
|
||||
ddclient.conf: |
|
||||
daemon=300
|
||||
syslog=yes
|
||||
protocol=cloudflare
|
||||
use=web
|
||||
web=https://domains.google.com/checkip
|
||||
ssl=yes
|
||||
ttl=1
|
||||
login=cloudflare.com.danny@spamasaurus.com
|
||||
password=9ec5ad8d1e8c6240c5488bb61b7bcd7bdc0fc
|
||||
|
||||
zone=bessems.com
|
||||
bessems.com
|
||||
|
||||
zone=bessems.eu
|
||||
bessems.eu,deschakel.bessems.eu
|
||||
|
||||
zone=gabaldon.eu
|
||||
gabaldon.eu
|
||||
|
||||
zone=gabaldon.nl
|
||||
gabaldon.nl
|
||||
|
||||
zone=itch.fyi
|
||||
itch.fyi
|
||||
|
||||
zone=spamasaurus.com
|
||||
spamasaurus.com
|
175
services/DroneCI/deployment_DroneCI.yml
Normal file
175
services/DroneCI/deployment_DroneCI.yml
Normal file
@ -0,0 +1,175 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: drone
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: ui
|
||||
port: 80
|
||||
selector:
|
||||
app: drone
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: drone
|
||||
labels:
|
||||
app: drone
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: drone
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
vault.hashicorp.com/agent-inject: "true"
|
||||
vault.hashicorp.com/agent-inject-secret-drone: "secret/drone"
|
||||
vault.hashicorp.com/role: "drone"
|
||||
vault.hashicorp.com/agent-inject-template-drone: |
|
||||
{{ with secret "secret/drone" -}}
|
||||
export DRONE_RPC_SECRET="{{ .Data.data.rpcsecret }}"
|
||||
export DRONE_GITEA_CLIENT_ID="{{ .Data.data.giteaclientid }}"
|
||||
export DRONE_GITEA_CLIENT_SECRET="{{ .Data.data.giteaclientsecret }}"
|
||||
{{- end }}
|
||||
labels:
|
||||
app: drone
|
||||
spec:
|
||||
# serviceAccountName: drone
|
||||
containers:
|
||||
- name: drone
|
||||
image: drone/drone
|
||||
command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-server"]
|
||||
env:
|
||||
- name: DRONE_SERVER_PROTO
|
||||
value: 'https'
|
||||
- name: DRONE_SERVER_HOST
|
||||
value: 'ci.spamasaurus.com'
|
||||
- name: DRONE_SERVER_PORT
|
||||
value: ':80'
|
||||
- name: DRONE_TLS_AUTOCERT
|
||||
value: 'false'
|
||||
- name: DRONE_GITEA_SERVER
|
||||
value: 'https://code.spamasaurus.com'
|
||||
# - name: DRONE_LOGS_DEBUG
|
||||
# value: 'true'
|
||||
- name: DRONE_GIT_ALWAYS_AUTH
|
||||
value: 'false'
|
||||
- name: DRONE_AGENTS_ENABLED
|
||||
value: 'true'
|
||||
ports:
|
||||
- name: ui
|
||||
containerPort: 80
|
||||
volumeMounts:
|
||||
- mountPath: /data
|
||||
name: flexvolsmb-drone-data
|
||||
- name: drone-runner
|
||||
image: drone/drone-runner-kube:latest
|
||||
command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-runner-kube"]
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
env:
|
||||
- name: DRONE_RPC_HOST
|
||||
value: 'ci.spamasaurus.com'
|
||||
- name: DRONE_RPC_PROTO
|
||||
value: 'https'
|
||||
volumes:
|
||||
- name: flexvolsmb-drone-data
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-drone-data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: drone
|
||||
labels:
|
||||
app: drone
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: drone
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`ci.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: drone
|
||||
port: 80
|
||||
middlewares:
|
||||
- name: security-headers@file
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-drone-data
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-drone-data
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/drone/data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-drone-data
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-drone-data
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
---
|
||||
kind: Role
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
namespace: default
|
||||
name: drone
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- pods
|
||||
- pods/log
|
||||
verbs:
|
||||
- get
|
||||
- create
|
||||
- delete
|
||||
- list
|
||||
- watch
|
||||
- update
|
||||
---
|
||||
kind: RoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: drone
|
||||
namespace: default
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: default
|
||||
namespace: default
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: drone
|
||||
apiGroup: rbac.authorization.k8s.io
|
160
services/Gitea/deployment_Gitea.yml
Normal file
160
services/Gitea/deployment_Gitea.yml
Normal file
@ -0,0 +1,160 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: gitea
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: ui
|
||||
port: 3000
|
||||
- protocol: TCP
|
||||
name: ssh
|
||||
port: 22
|
||||
targetPort: ssh
|
||||
selector:
|
||||
app: gitea
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: gitea
|
||||
labels:
|
||||
app: gitea
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: gitea
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: gitea
|
||||
spec:
|
||||
containers:
|
||||
- name: gitea
|
||||
image: gitea/gitea:1
|
||||
env:
|
||||
- name: DB_TYPE
|
||||
value: 'sqlite3'
|
||||
- name: ROOT_URL
|
||||
value: 'https://code.spamasaurus.com'
|
||||
- name: USER_UID
|
||||
value: "1000"
|
||||
- name: USER_GID
|
||||
value: "1000"
|
||||
ports:
|
||||
- name: ui
|
||||
containerPort: 3000
|
||||
- name: ssh
|
||||
containerPort: 22
|
||||
volumeMounts:
|
||||
- mountPath: /data
|
||||
name: flexvolsmb-gitea-data
|
||||
- mountPath: /data/ssh
|
||||
name: flexvolsmb-gitea-ssh
|
||||
subPath: ssh
|
||||
# securityContext:
|
||||
# runAsUser: 1000
|
||||
# runAsGroup: 1000
|
||||
# fsGroup: 1000
|
||||
volumes:
|
||||
- name: flexvolsmb-gitea-data
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-gitea-data
|
||||
- name: flexvolsmb-gitea-ssh
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-gitea-ssh
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: gitea
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`code.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: gitea
|
||||
port: 3000
|
||||
middlewares:
|
||||
- name: security-headers@file
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRouteTCP
|
||||
metadata:
|
||||
name: gitea
|
||||
spec:
|
||||
entryPoints:
|
||||
- ssh
|
||||
routes:
|
||||
- match: HostSNI(`*`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: gitea
|
||||
port: 22
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-gitea-data
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-gitea-data
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,uid=1000,gid=1000,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/gitea/data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-gitea-data
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-gitea-data
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-gitea-ssh
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-gitea-ssh
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0600,dir_mode=0600,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/gitea/ssh
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-gitea-ssh
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-gitea-ssh
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
89
services/Gotify/deploy-Gotify.yml
Normal file
89
services/Gotify/deploy-Gotify.yml
Normal file
@ -0,0 +1,89 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: gotify
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: web
|
||||
port: 80
|
||||
selector:
|
||||
app: gotify
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: gotify
|
||||
labels:
|
||||
app: gotify
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: gotify
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: gotify
|
||||
spec:
|
||||
containers:
|
||||
- name: gotify
|
||||
image: gotify/server
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 80
|
||||
volumeMounts:
|
||||
- mountPath: /app/data
|
||||
name: flexvolsmb-gotify-data
|
||||
volumes:
|
||||
- name: flexvolsmb-gotify-data
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-gotify-data
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: gotify
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`notify.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: gotify
|
||||
port: 80
|
||||
middlewares:
|
||||
- name: security-headers@file
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-gotify-data
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-gotify-data
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/gotify/data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-gotify-data
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-gotify-data
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
8
services/Guacamole/configMap_Guacamole.yml
Normal file
8
services/Guacamole/configMap_Guacamole.yml
Normal file
@ -0,0 +1,8 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: configmap-guacamole-mysql-conf
|
||||
data:
|
||||
MYSQL_DATABASE: 'guacamole'
|
||||
MYSQL_PASSWORD: 'guacamole'
|
||||
MYSQL_USER: 'guacamole'
|
175
services/Guacamole/deployment_Guacamole.yml
Normal file
175
services/Guacamole/deployment_Guacamole.yml
Normal file
@ -0,0 +1,175 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: guacamole
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: ui
|
||||
port: 8080
|
||||
- protocol: TCP
|
||||
name: proxy
|
||||
port: 4822
|
||||
- protocol: TCP
|
||||
name: db
|
||||
port: 3306
|
||||
selector:
|
||||
app: guacamole
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: guacamole
|
||||
labels:
|
||||
app: guacamole
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: guacamole
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: guacamole
|
||||
spec:
|
||||
hostname: guacamole
|
||||
containers:
|
||||
- name: guacamole
|
||||
image: guacamole/guacamole
|
||||
env:
|
||||
- name: GUACD_HOSTNAME
|
||||
value: 'guacamole.default.svc.cluster.local'
|
||||
- name: MYSQL_HOSTNAME
|
||||
value: 'guacamole.default.svc.cluster.local'
|
||||
- name: GUACAMOLE_HOME
|
||||
value: '/etc/guacamole'
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: configmap-guacamole-mysql-conf
|
||||
volumeMounts:
|
||||
- name: flexvolsmb-guacamole-home
|
||||
mountPath: /etc/guacamole
|
||||
ports:
|
||||
- name: ui
|
||||
containerPort: 8080
|
||||
- name: guacd
|
||||
image: guacamole/guacd
|
||||
env:
|
||||
- name: GUACD_LOG_LEVEL
|
||||
value: 'debug'
|
||||
ports:
|
||||
- name: proxy
|
||||
containerPort: 4822
|
||||
- name: mysql
|
||||
image: mysql:latest
|
||||
securityContext:
|
||||
runAsUser: 999
|
||||
runAsGroup: 999
|
||||
env:
|
||||
- name: MYSQL_RANDOM_ROOT_PASSWORD
|
||||
value: 'true'
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: configmap-guacamole-mysql-conf
|
||||
volumeMounts:
|
||||
- name: flexvolsmb-guacamole-db
|
||||
mountPath: /var/lib/mysql
|
||||
ports:
|
||||
- name: db
|
||||
containerPort: 3306
|
||||
volumes:
|
||||
- name: flexvolsmb-guacamole-db
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-guacamole-db
|
||||
- name: flexvolsmb-guacamole-home
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-guacamole-home
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: prepend-path-guacamole
|
||||
spec:
|
||||
addPrefix:
|
||||
prefix: /guacamole
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: guacamole
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`remote.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: guacamole
|
||||
port: 8080
|
||||
middlewares:
|
||||
- name: prepend-path-guacamole
|
||||
- name: security-headers@file
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-guacamole-db
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-guacamole-db
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0755,dir_mode=0755,uid=999,gid=999,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/guacamole/db
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-guacamole-db
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-guacamole-db
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-guacamole-home
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-guacamole-home
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0755,dir_mode=0755,uid=999,gid=999,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/guacamole/home
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-guacamole-home
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-guacamole-home
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
42
services/Harbor/chart-values.yml
Normal file
42
services/Harbor/chart-values.yml
Normal file
@ -0,0 +1,42 @@
|
||||
expose:
|
||||
ingress:
|
||||
hosts:
|
||||
core: registry.spamasaurus.com
|
||||
notary: notary.spamasaurus.com
|
||||
|
||||
externalURL: https://registry.spamasaurus.com
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
resourcePolicy: "keep"
|
||||
persistentVolumeClaim:
|
||||
registry:
|
||||
existingClaim: "flexvolsmb-harbor-registry"
|
||||
storageClass: "-"
|
||||
accessMode: ReadWriteMany
|
||||
size: 5Gi
|
||||
chartmuseum:
|
||||
existingClaim: "flexvolsmb-harbor-chartmuseum"
|
||||
storageClass: "-"
|
||||
accessMode: ReadWriteMany
|
||||
size: 5Gi
|
||||
jobservice:
|
||||
existingClaim: "flexvolsmb-harbor-jobservice"
|
||||
storageClass: "-"
|
||||
accessMode: ReadWriteMany
|
||||
size: 1Gi
|
||||
database:
|
||||
existingClaim: "flexvolsmb-harbor-database"
|
||||
storageClass: "-"
|
||||
accessMode: ReadWriteMany
|
||||
size: 1Gi
|
||||
redis:
|
||||
existingClaim: "flexvolsmb-harbor-redis"
|
||||
storageClass: "-"
|
||||
accessMode: ReadWriteMany
|
||||
size: 1Gi
|
||||
trivy:
|
||||
existingClaim: "flexvolsmb-harbor-trivy"
|
||||
storageClass: "-"
|
||||
accessMode: ReadWriteMany
|
||||
size: 1Gi
|
33
services/Harbor/ingressRoute-Harbor.yml
Normal file
33
services/Harbor/ingressRoute-Harbor.yml
Normal file
@ -0,0 +1,33 @@
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: harbor
|
||||
namespace: harbor
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`registry.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: harbor-harbor-portal
|
||||
namespace: harbor
|
||||
port: 80
|
||||
middlewares:
|
||||
- name: security-headers@file
|
||||
- match: Host(`registry.spamasaurus.com`) && PathPrefix(`/api/`, `/service/`, `/v2/`, `/chartrepo/`, `/c/`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: harbor-harbor-core
|
||||
namespace: harbor
|
||||
port: 80
|
||||
middlewares:
|
||||
- name: security-headers@file
|
||||
- match: Host(`notary.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: harbor-harbor-notary-server
|
||||
namespace: harbor
|
||||
port: 4443
|
||||
middlewares:
|
||||
- name: security-headers@file
|
204
services/Harbor/persistentVolumeClaim_Harbor.yml
Normal file
204
services/Harbor/persistentVolumeClaim_Harbor.yml
Normal file
@ -0,0 +1,204 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-chartmuseum
|
||||
namespace: harbor
|
||||
spec:
|
||||
capacity:
|
||||
storage: 10Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-chartmuseum
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
namespace: default
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=999,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/harbor/chartmuseum
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-chartmuseum
|
||||
namespace: harbor
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-chartmuseum
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-database
|
||||
namespace: harbor
|
||||
spec:
|
||||
capacity:
|
||||
storage: 10Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-database
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
namespace: default
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=999,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/harbor/database
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-database
|
||||
namespace: harbor
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-database
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-jobservice
|
||||
namespace: harbor
|
||||
spec:
|
||||
capacity:
|
||||
storage: 10Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-jobservice
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
namespace: default
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/harbor/jobservice
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-jobservice
|
||||
namespace: harbor
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-jobservice
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-redis
|
||||
namespace: harbor
|
||||
spec:
|
||||
capacity:
|
||||
storage: 10Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-redis
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
namespace: default
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/harbor/redis
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-redis
|
||||
namespace: harbor
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-redis
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-registry
|
||||
namespace: harbor
|
||||
spec:
|
||||
capacity:
|
||||
storage: 10Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-registry
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
namespace: default
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/harbor/registry
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-registry
|
||||
namespace: harbor
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-registry
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-trivy
|
||||
namespace: harbor
|
||||
spec:
|
||||
capacity:
|
||||
storage: 10Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-trivy
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
namespace: default
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/harbor/trivy
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-harbor-trivy
|
||||
namespace: harbor
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-harbor-trivy
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
|
64
services/Lighttpd/configMap_lighttpd.yml
Normal file
64
services/Lighttpd/configMap_lighttpd.yml
Normal file
@ -0,0 +1,64 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: configmap-lighttpd-conf
|
||||
data:
|
||||
lighttpd.conf: |
|
||||
server.modules = (
|
||||
"mod_access",
|
||||
"mod_alias",
|
||||
"mod_compress",
|
||||
"mod_redirect",
|
||||
"mod_rewrite",
|
||||
)
|
||||
|
||||
server.document-root = "/var/www/html"
|
||||
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
|
||||
server.errorlog = "/var/log/lighttpd/error.log"
|
||||
server.pid-file = "/var/run/lighttpd.pid"
|
||||
server.username = "www-data"
|
||||
server.groupname = "www-data"
|
||||
server.port = 8080
|
||||
|
||||
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
|
||||
url.access-deny = ( "~", ".inc" )
|
||||
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
|
||||
|
||||
compress.cache-dir = "/var/cache/lighttpd/compress/"
|
||||
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
|
||||
|
||||
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
|
||||
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
|
||||
include_shell "cat /etc/lighttpd/vhosts.d/*.conf"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: configmap-lighttpd-vhosts
|
||||
data:
|
||||
bessems.com.conf: |
|
||||
$HTTP["host"] =~ "^bessems\.(com|eu)$" {
|
||||
server.document-root = "/var/www/bessems.com/"
|
||||
}
|
||||
gabaldon.eu.conf: |
|
||||
$HTTP["host"] =~ "^gabaldon\.(eu|nl)$" {
|
||||
server.document-root = "/var/www/gabaldon.eu/"
|
||||
}
|
||||
sn.itch.fyi.conf: |
|
||||
$HTTP["host"] == "sn.itch.fyi" {
|
||||
server.document-root = "/var/www/sn.itch.fyi/"
|
||||
|
||||
index-file.names += ("/_h5ai/public/index.php")
|
||||
}
|
||||
spamasaurus.com.conf: |
|
||||
$HTTP["host"] == "spamasaurus.com" {
|
||||
server.document-root = "/var/www/spamasaurus.com/public"
|
||||
}
|
||||
sw.itch.fyi.conf: |
|
||||
$HTTP["host"] == "sw.itch.fyi" {
|
||||
server.document-root = "/var/www/sw.itch.fyi/"
|
||||
|
||||
url.rewrite-once = (
|
||||
"^/api\?(.*)" => "index.php?page=newznabapi&$1"
|
||||
)
|
||||
}
|
26
services/Lighttpd/cronJob-Spotweb.yml
Normal file
26
services/Lighttpd/cronJob-Spotweb.yml
Normal file
@ -0,0 +1,26 @@
|
||||
apiVersion: batch/v1beta1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: cronjob-spotweb-retrievearticles
|
||||
spec:
|
||||
schedule: "0 * * * *"
|
||||
successfulJobsHistoryLimit: 1
|
||||
jobTemplate:
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: php-retrievearticles
|
||||
image: php:7.4-cli
|
||||
workingDir: /var/www/sw.itch.fyi
|
||||
args:
|
||||
- php
|
||||
- /var/www/sw.itch.fyi/retrieve.php
|
||||
volumeMounts:
|
||||
- name: flexvolsmb-lighttpd-websites
|
||||
mountPath: /var/www/
|
||||
volumes:
|
||||
- name: flexvolsmb-lighttpd-websites
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-lighttpd-websites
|
||||
restartPolicy: OnFailure
|
137
services/Lighttpd/deploy-Lighttpd.yml
Normal file
137
services/Lighttpd/deploy-Lighttpd.yml
Normal file
@ -0,0 +1,137 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: lighttpd
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: web
|
||||
port: 8080
|
||||
selector:
|
||||
app: lighttpd
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: lighttpd
|
||||
labels:
|
||||
app: lighttpd
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: lighttpd
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: lighttpd
|
||||
spec:
|
||||
containers:
|
||||
- name: lighttpd-php-pwsh
|
||||
image: djpbessems/lighttpd-php-powershell
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 8080
|
||||
volumeMounts:
|
||||
- name: configmap-lighttpd-conf
|
||||
mountPath: /etc/lighttpd/lighttpd.conf
|
||||
subPath: lighttpd.conf
|
||||
- name: configmap-lighttpd-vhosts
|
||||
mountPath: /etc/lighttpd/vhosts.d
|
||||
- name: flexvolsmb-lighttpd-data
|
||||
mountPath: /data/scripts
|
||||
- name: flexvolsmb-lighttpd-websites
|
||||
mountPath: /var/www/
|
||||
volumes:
|
||||
- name: configmap-lighttpd-conf
|
||||
configMap:
|
||||
name: configmap-lighttpd-conf
|
||||
- name: configmap-lighttpd-vhosts
|
||||
configMap:
|
||||
name: configmap-lighttpd-vhosts
|
||||
- name: flexvolsmb-lighttpd-data
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-lighttpd-data
|
||||
- name: flexvolsmb-lighttpd-websites
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-lighttpd-websites
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: lighttpd
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`bessems.com`) || Host(`bessems.eu`) || Host(`gabaldon.eu`) || Host(`gabaldon.nl`) || Host(`sn.itch.fyi`) || Host(`sw.itch.fyi`) || Host(`spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: lighttpd
|
||||
port: 8080
|
||||
middlewares:
|
||||
- name: security-headers@file
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-lighttpd-data
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-lighttpd-data
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/lighttpd/data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-lighttpd-websites
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-lighttpd-websites
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/lighttpd/websites
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-lighttpd-data
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-lighttpd-data
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-lighttpd-websites
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-lighttpd-websites
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
110
services/PVR/WIP/deploy-NZBHydra.yml
Normal file
110
services/PVR/WIP/deploy-NZBHydra.yml
Normal file
@ -0,0 +1,110 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: nzbhydra
|
||||
namespace: pvr
|
||||
spec:
|
||||
type: NodePort
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: web
|
||||
port: 5076
|
||||
nodePort: 30010
|
||||
selector:
|
||||
app: nzbhydra
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: nzbhydra
|
||||
namespace: pvr
|
||||
labels:
|
||||
app: nzbhydra
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: nzbhydra
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: nzbhydra
|
||||
spec:
|
||||
containers:
|
||||
- name: nzbhydra
|
||||
image: linuxserver/nzbhydra2
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 5076
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: flexvolsmb-nzbhydra-config
|
||||
- mountPath: /downloads
|
||||
name: flexvolsmb-pvr-downloads
|
||||
subPath: downloads
|
||||
volumes:
|
||||
- name: flexvolsmb-nzbhydra-config
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-nzbhydra-config
|
||||
- name: flexvolsmb-pvr-downloads
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-pvr-downloads
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: nzbhydra
|
||||
namespace: pvr
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`index.pvr.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: nzbhydra
|
||||
port: 5076
|
||||
middlewares:
|
||||
- name: ldap-authentication@file
|
||||
- name: security-headers@file
|
||||
tls:
|
||||
options:
|
||||
name: defaults@file
|
||||
certResolver: default
|
||||
domains:
|
||||
- main: '*.pvr.spamasaurus.com'
|
||||
sans:
|
||||
- 'pvr.spamasaurus.com'
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-nzbhydra-config
|
||||
namespace: pvr
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-nzbhydra-config
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/nzbhydra/config
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-nzbhydra-config
|
||||
namespace: pvr
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-nzbhydra-config
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
115
services/PVR/WIP/deploy-Radarr.yml
Normal file
115
services/PVR/WIP/deploy-Radarr.yml
Normal file
@ -0,0 +1,115 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: radarr
|
||||
namespace: pvr
|
||||
spec:
|
||||
type: NodePort
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: web
|
||||
port: 7878
|
||||
nodePort: 30020
|
||||
selector:
|
||||
app: radarr
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: radarr
|
||||
namespace: pvr
|
||||
labels:
|
||||
app: radarr
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: radarr
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: radarr
|
||||
spec:
|
||||
containers:
|
||||
- name: radarr
|
||||
image: linuxserver/radarr
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 7878
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: flexvolsmb-radarr-config
|
||||
- mountPath: /movies
|
||||
name: flexvolsmb-pvr-movies
|
||||
- mountPath: /downloads
|
||||
name: flexvolsmb-pvr-downloads
|
||||
subPath: downloads
|
||||
volumes:
|
||||
- name: flexvolsmb-radarr-config
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-radarr-config
|
||||
- name: flexvolsmb-pvr-movies
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-pvr-movies
|
||||
- name: flexvolsmb-pvr-downloads
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-pvr-downloads
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: radarr
|
||||
namespace: pvr
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`movies.pvr.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: radarr
|
||||
port: 7878
|
||||
middlewares:
|
||||
- name: ldap-authentication@file
|
||||
- name: security-headers@file
|
||||
tls:
|
||||
options:
|
||||
name: defaults@file
|
||||
certResolver: default
|
||||
domains:
|
||||
- main: '*.pvr.spamasaurus.com'
|
||||
sans:
|
||||
- 'pvr.spamasaurus.com'
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-radarr-config
|
||||
namespace: pvr
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-radarr-config
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/radarr/config
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-radarr-config
|
||||
namespace: pvr
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-radarr-config
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
113
services/PVR/WIP/deploy-SABnzbd.yml
Normal file
113
services/PVR/WIP/deploy-SABnzbd.yml
Normal file
@ -0,0 +1,113 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: sabnzbd
|
||||
namespace: pvr
|
||||
spec:
|
||||
type: NodePort
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: web
|
||||
port: 8080
|
||||
nodePort: 30030
|
||||
selector:
|
||||
app: sabnzbd
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: sabnzbd
|
||||
namespace: pvr
|
||||
labels:
|
||||
app: sabnzbd
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: sabnzbd
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: sabnzbd
|
||||
spec:
|
||||
containers:
|
||||
- name: sabnzbd
|
||||
image: linuxserver/sabnzbd
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 8080
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: flexvolsmb-sabnzbd-config
|
||||
- mountPath: /downloads
|
||||
name: flexvolsmb-pvr-downloads
|
||||
subPath: downloads
|
||||
- mountPath: /incomplete-downloads
|
||||
name: flexvolsmb-pvr-downloads
|
||||
subPath: incomplete-downloads
|
||||
volumes:
|
||||
- name: flexvolsmb-sabnzbd-config
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-sabnzbd-config
|
||||
- name: flexvolsmb-pvr-downloads
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-pvr-downloads
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: sabnzbd
|
||||
namespace: pvr
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`download.pvr.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: sabnzbd
|
||||
port: 8080
|
||||
middlewares:
|
||||
- name: ldap-authentication@file
|
||||
- name: security-headers@file
|
||||
tls:
|
||||
options:
|
||||
name: defaults@file
|
||||
certResolver: default
|
||||
domains:
|
||||
- main: '*.pvr.spamasaurus.com'
|
||||
sans:
|
||||
- 'pvr.spamasaurus.com'
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-sabnzbd-config
|
||||
namespace: pvr
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-sabnzbd-config
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,uid=911,gid=911,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/sabnzbd/config
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-sabnzbd-config
|
||||
namespace: pvr
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-sabnzbd-config
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
115
services/PVR/WIP/deploy-Sonarr.yml
Normal file
115
services/PVR/WIP/deploy-Sonarr.yml
Normal file
@ -0,0 +1,115 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: sonarr
|
||||
namespace: pvr
|
||||
spec:
|
||||
type: NodePort
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: web
|
||||
port: 8989
|
||||
nodePort: 30040
|
||||
selector:
|
||||
app: sonarr
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: sonarr
|
||||
namespace: pvr
|
||||
labels:
|
||||
app: sonarr
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: sonarr
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: sonarr
|
||||
spec:
|
||||
containers:
|
||||
- name: sonarr
|
||||
image: linuxserver/sonarr:preview
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 8989
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: flexvolsmb-sonarr-config
|
||||
- mountPath: /tv
|
||||
name: flexvolsmb-pvr-series
|
||||
- mountPath: /downloads
|
||||
name: flexvolsmb-pvr-downloads
|
||||
subPath: downloads
|
||||
volumes:
|
||||
- name: flexvolsmb-sonarr-config
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-sonarr-config
|
||||
- name: flexvolsmb-pvr-series
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-pvr-series
|
||||
- name: flexvolsmb-pvr-downloads
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-pvr-downloads
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: sonarr
|
||||
namespace: pvr
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`series.pvr.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: sonarr
|
||||
port: 8989
|
||||
middlewares:
|
||||
- name: ldap-authentication@file
|
||||
- name: security-headers@file
|
||||
tls:
|
||||
options:
|
||||
name: defaults@file
|
||||
certResolver: default
|
||||
domains:
|
||||
- main: '*.pvr.spamasaurus.com'
|
||||
sans:
|
||||
- 'pvr.spamasaurus.com'
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-sonarr-config
|
||||
namespace: pvr
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-sonarr-config
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,uid=1000,gid=1000,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/sonarr/config
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-sonarr-config
|
||||
namespace: pvr
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-sonarr-config
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
98
services/PVR/WIP/persistentVolumeClaim_shared.yml
Normal file
98
services/PVR/WIP/persistentVolumeClaim_shared.yml
Normal file
@ -0,0 +1,98 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-pvr-downloads
|
||||
namespace: pvr
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-pvr-downloads
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,cache=none
|
||||
server: 192.168.11.225
|
||||
share: /Volatile/downloads
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-pvr-downloads
|
||||
namespace: pvr
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-pvr-downloads
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-pvr-movies
|
||||
namespace: pvr
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-pvr-movies
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,cache=none
|
||||
server: 192.168.11.225
|
||||
share: /Public/Video's/Films
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-pvr-movies
|
||||
namespace: pvr
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-pvr-movies
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-pvr-series
|
||||
namespace: pvr
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-pvr-series
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,cache=none
|
||||
server: 192.168.11.225
|
||||
share: /Public/Video's/Series
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-pvr-series
|
||||
namespace: pvr
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-pvr-series
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
147
services/PVR/deploy-PVR.yml
Normal file
147
services/PVR/deploy-PVR.yml
Normal file
@ -0,0 +1,147 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: nzbhydra
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 5076
|
||||
targetPort: 5076
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Endpoints
|
||||
metadata:
|
||||
name: nzbhydra
|
||||
subsets:
|
||||
- addresses:
|
||||
- ip: 192.168.11.242
|
||||
ports:
|
||||
- port: 5076
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: nzbhydra
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`index.pvr.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: nzbhydra
|
||||
port: 5076
|
||||
middlewares:
|
||||
- name: 2fa-authentication@file
|
||||
- name: security-headers@file
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: radarr
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 7878
|
||||
targetPort: 7878
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Endpoints
|
||||
metadata:
|
||||
name: radarr
|
||||
subsets:
|
||||
- addresses:
|
||||
- ip: 192.168.11.242
|
||||
ports:
|
||||
- port: 7878
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: radarr
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`movies.pvr.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: radarr
|
||||
port: 7878
|
||||
middlewares:
|
||||
- name: 2fa-authentication@file
|
||||
- name: security-headers@file
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: sabnzbd
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 8080
|
||||
targetPort: 8080
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Endpoints
|
||||
metadata:
|
||||
name: sabnzbd
|
||||
subsets:
|
||||
- addresses:
|
||||
- ip: 192.168.11.242
|
||||
ports:
|
||||
- port: 8080
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: sabnzbd
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`download.pvr.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: sabnzbd
|
||||
port: 8080
|
||||
middlewares:
|
||||
- name: 2fa-authentication@file
|
||||
- name: security-headers@file
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: sonarr
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 8989
|
||||
targetPort: 8989
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Endpoints
|
||||
metadata:
|
||||
name: sonarr
|
||||
subsets:
|
||||
- addresses:
|
||||
- ip: 192.168.11.242
|
||||
ports:
|
||||
- port: 8989
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: sonarr
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`series.pvr.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: sonarr
|
||||
port: 8989
|
||||
middlewares:
|
||||
- name: 2fa-authentication@file
|
||||
- name: security-headers@file
|
134
services/Shaarli/deploy-Shaarli.yml
Normal file
134
services/Shaarli/deploy-Shaarli.yml
Normal file
@ -0,0 +1,134 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: shaarli
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: web
|
||||
port: 80
|
||||
selector:
|
||||
app: shaarli
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: shaarli
|
||||
labels:
|
||||
app: shaarli
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: shaarli
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: shaarli
|
||||
spec:
|
||||
containers:
|
||||
- name: shaarli
|
||||
image: shaarli/shaarli
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 80
|
||||
volumeMounts:
|
||||
- mountPath: /var/www/shaarli/cache
|
||||
name: flexvolsmb-shaarli-cache
|
||||
- mountPath: /var/www/shaarli/data
|
||||
name: flexvolsmb-shaarli-data
|
||||
volumes:
|
||||
- name: flexvolsmb-shaarli-cache
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-shaarli-cache
|
||||
- name: flexvolsmb-shaarli-data
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-shaarli-data
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: shaarli
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`p.itch.fyi`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: shaarli
|
||||
port: 80
|
||||
middlewares:
|
||||
- name: security-headers@file
|
||||
# tls:
|
||||
# options:
|
||||
# name: defaults@file
|
||||
# certResolver: default
|
||||
# domains:
|
||||
# - main: '*.itch.fyi'
|
||||
# sans:
|
||||
# - 'itch.fyi'
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-shaarli-cache
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-shaarli-cache
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/shaarli/cache
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-shaarli-data
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-shaarli-data
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/shaarli/data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-shaarli-cache
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-shaarli-cache
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-shaarli-data
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-shaarli-data
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
132
services/Theia/deploy-Theia.yml
Normal file
132
services/Theia/deploy-Theia.yml
Normal file
@ -0,0 +1,132 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: theia
|
||||
spec:
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: web
|
||||
port: 3000
|
||||
selector:
|
||||
app: theia
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: theia
|
||||
labels:
|
||||
app: theia
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: theia
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: theia
|
||||
spec:
|
||||
containers:
|
||||
- name: theia
|
||||
image: theiaide/theia-full
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: 3000
|
||||
volumeMounts:
|
||||
- mountPath: /home/project/websites
|
||||
name: flexvolsmb-theia-websites
|
||||
- mountPath: /home/project
|
||||
name: flexvolsmb-theia-workspace
|
||||
volumes:
|
||||
- name: flexvolsmb-theia-websites
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-theia-websites
|
||||
- name: flexvolsmb-theia-workspace
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-theia-workspace
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: theia
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`ide.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: theia
|
||||
port: 3000
|
||||
middlewares:
|
||||
- name: security-headers@file
|
||||
- name: 2fa-authentication@file
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-theia-websites
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-theia-websites
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
# opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/lighttpd/websites
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-theia-websites
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-theia-websites
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-theia-workspace
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-theia-workspace
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/theia/workspace
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-theia-workspace
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-theia-workspace
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
104
services/TraefikCertsDumper/deploy-TraefikCertsDumper.yml
Normal file
104
services/TraefikCertsDumper/deploy-TraefikCertsDumper.yml
Normal file
@ -0,0 +1,104 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: traefik-certs-dumper
|
||||
labels:
|
||||
app: traefik-certs-dumper
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: traefik-certs-dumper
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: traefik-certs-dumper
|
||||
spec:
|
||||
containers:
|
||||
- name: traefik-certs-dumper
|
||||
image: ldez/traefik-certs-dumper:latest-amd64
|
||||
command: ['traefik-certs-dumper', 'file']
|
||||
args:
|
||||
- --watch
|
||||
- --version=v2
|
||||
- --source=/data/source/acme.json
|
||||
- --dest=/data/export/
|
||||
- --domain-subdir
|
||||
volumeMounts:
|
||||
- mountPath: /data/source/acme.json
|
||||
name: flexvolsmb-traefikcertsdumper-acmejson
|
||||
subPath: acme.json
|
||||
readOnly: true
|
||||
- mountPath: /data/export
|
||||
name: flexvolsmb-traefikcertsdumper-export
|
||||
volumes:
|
||||
- name: flexvolsmb-traefikcertsdumper-acmejson
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-traefikcertsdumper-acmejson
|
||||
- name: flexvolsmb-traefikcertsdumper-export
|
||||
persistentVolumeClaim:
|
||||
claimName: flexvolsmb-traefikcertsdumper-export
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-traefikcertsdumper-acmejson
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-traefikcertsdumper-acmejson
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0600,dir_mode=0600,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/traefik/data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-traefikcertsdumper-acmejson
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-traefikcertsdumper-acmejson
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-traefikcertsdumper-export
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-traefikcertsdumper-export
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/traefikcertsdumper/export
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: flexvolsmb-traefikcertsdumper-export
|
||||
namespace: default
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-traefikcertsdumper-export
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
10
services/Vault/chart-values.yml
Normal file
10
services/Vault/chart-values.yml
Normal file
@ -0,0 +1,10 @@
|
||||
server:
|
||||
dataStorage:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
storageClass: flexvolsmb-vault-data
|
||||
accessMode: ReadWriteMany
|
||||
priorityClassName: system-cluster-critical
|
||||
|
||||
ui:
|
||||
enabled: true
|
18
services/Vault/ingressRoute_Vault.yaml
Normal file
18
services/Vault/ingressRoute_Vault.yaml
Normal file
@ -0,0 +1,18 @@
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: vault
|
||||
namespace: vault
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`secure.spamasaurus.com`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: vault
|
||||
namespace: vault
|
||||
port: 8200
|
||||
middlewares:
|
||||
# - name: ldap-authentication@file
|
||||
- name: security-headers@file
|
33
services/Vault/persistentVolume_Vault.yml
Normal file
33
services/Vault/persistentVolume_Vault.yml
Normal file
@ -0,0 +1,33 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: flexvolsmb-vault-data
|
||||
namespace: vault
|
||||
spec:
|
||||
capacity:
|
||||
storage: 1Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
storageClassName: flexvolsmb-vault-data
|
||||
flexVolume:
|
||||
driver: mount/smb
|
||||
secretRef:
|
||||
name: smb-secret
|
||||
namespace: default
|
||||
options:
|
||||
opts: domain=bessems.eu,file_mode=0755,dir_mode=0755,uid=100,gid=1000,iocharset=utf8,nobrl
|
||||
server: 192.168.11.225
|
||||
share: /K3s.Volumes/vault/data
|
||||
---
|
||||
#apiVersion: v1
|
||||
#kind: PersistentVolumeClaim
|
||||
#metadata:
|
||||
# name: data-vault-0
|
||||
# namespace: vault
|
||||
#spec:
|
||||
# accessModes:
|
||||
# - ReadWriteMany
|
||||
# storageClassName: flexvolsmb-vault-data
|
||||
# resources:
|
||||
# requests:
|
||||
# storage: 1Gi
|
Reference in New Issue
Block a user