djpbessems/Kubernetes.K3s.installLog
djpbessems
/
Kubernetes.K3s.installLog
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Housekeeping

This commit is contained in:
Danny Bessems 2021-03-11 08:57:52 +01:00
parent 9225b83080
commit 78b47311d0
9 changed files with 426 additions and 191 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
services/DroneCI/deploy-DroneCI.yml
View File

@ -39,7 +39,6 @@ spec:
serviceAccountName: drone
containers:
- name: drone
# image: bv11-cr01.bessems.eu/proxy/drone/drone:latest
image: drone/drone:latest
command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-server"]
env:
@ -61,6 +60,8 @@ spec:
value: 'true'
- name: DRONE_USER_CREATE
value: 'username:djpbessems,admin:true'
- name: DRONE_TMATE_ENABLED
value: 'false'
ports:
- name: ui
containerPort: 80
@ -68,7 +69,6 @@ spec:
- mountPath: /data
name: flexvolsmb-drone-data
- name: drone-runner
# image: bv11-cr01.bessems.eu/proxy/drone/drone-runner-kube:latest
image: drone/drone-runner-kube:latest
command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-runner-kube"]
ports:
@ -83,9 +83,6 @@ spec:
- name: DRONE_RUNNER_MAX_PROCS
value: '3'
volumes:
- name: flexvolsmb-drone-output
persistentVolumeClaim:
claimName: flexvolsmb-drone-output
- name: flexvolsmb-drone-data
persistentVolumeClaim:
claimName: flexvolsmb-drone-data
@ -152,7 +149,7 @@ metadata:
name: flexvolsmb-drone-certs
spec:
capacity:
storage: 100Gi
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-drone-certs
@ -176,7 +173,7 @@ spec:
storageClassName: flexvolsmb-drone-certs
resources:
requests:
storage: 100Gi
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
@ -184,7 +181,7 @@ metadata:
name: flexvolsmb-drone-output
spec:
capacity:
storage: 100Gi
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-drone-output
@ -208,7 +205,39 @@ spec:
storageClassName: flexvolsmb-drone-output
resources:
requests:
storage: 100Gi
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-drone-scratch
spec:
capacity:
storage: 25Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-drone-scratch
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/drone/scratch
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-drone-scratch
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-drone-scratch
resources:
requests:
storage: 25Gi
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1

1
services/Matrix/configMap-Matrix.yml → services/Matrix.WIP/configMap-Matrix.yml
View File

@ -2,6 +2,7 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: configmap-matrix-config
namespace: matrix
data:
config.json: |
{

370
services/Matrix.WIP/deploy-Matrix.yml Normal file
View File

@ -0,0 +1,370 @@
apiVersion: v1
kind: Service
metadata:
name: matrix
namespace: matrix
spec:
ports:
- protocol: TCP
name: synapse
port: 8008
- protocol: TCP
name: db
port: 5432
- protocol: TCP
name: element
port: 80
selector:
app: matrix
---
apiVersion: v1
kind: Service
metadata:
name: identity
namespace: matrix
spec:
ports:
- protocol: TCP
name: identity
port: 8090
- protocol: TCP
name: db
port: 5432
selector:
app: identity
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: matrix
namespace: matrix
labels:
app: matrix
spec:
replicas: 1
selector:
matchLabels:
app: matrix
template:
metadata:
labels:
app: matrix
spec:
containers:
- name: synapse
image: bv11-cr01.bessems.eu/proxy/matrixdotorg/synapse:latest
# args:
# - generate
env:
# - name: SYNAPSE_SERVER_NAME
# value: spamasaurus.com
# - name: SYNAPSE_REPORT_STATS
# value: 'no'
- name: SYNAPSE_CONFIG_PATH
value: /data/homeserver.yaml
ports:
- name: synapse
containerPort: 8008
volumeMounts:
- mountPath: /data
name: flexvolsmb-matrix-data
- name: postgres
image: bv11-cr01.bessems.eu/proxy/library/postgres:alpine
env:
- name: POSTGRES_USER
value: synapse
- name: POSTGRES_PASSWORD
value: synapse
- name: POSTGRES_INITDB_ARGS
value: --encoding=UTF-8 --lc-collate=C --lc-ctype=C
ports:
- name: db
containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: flexvolsmb-matrix-db
- name: element
image: bv11-cr01.bessems.eu/proxy/vectorim/element-web
ports:
- name: element
containerPort: 80
volumeMounts:
- name: configmap-matrix-config
mountPath: /usr/share/nginx/html/config.json
subPath: config.json
volumes:
- name: flexvolsmb-matrix-data
persistentVolumeClaim:
claimName: flexvolsmb-matrix-data
- name: flexvolsmb-matrix-db
persistentVolumeClaim:
claimName: flexvolsmb-matrix-db
- name: configmap-matrix-config
configMap:
name: configmap-matrix-config
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: identity
namespace: matrix
labels:
app: identity
spec:
replicas: 1
selector:
matchLabels:
app: identity
template:
metadata:
labels:
app: identity
spec:
containers:
- name: identity
image: bv11-cr01.bessems.eu/library/matrix-identity
env:
- name: MATRIX_DOMAIN
value: chat.spamasaurus.com
ports:
- name: identity
containerPort: 8090
volumeMounts:
- name: flexvolsmb-identity-etc
mountPath: /etc/ma1sd
- name: flexvolsmb-identity-var
mountPath: /var/ma1sd
- name: postgres
image: bv11-cr01.bessems.eu/proxy/library/postgres:alpine
env:
- name: POSTGRES_USER
value: identity
- name: POSTGRES_PASSWORD
value: identity
- name: POSTGRES_DATABASE
value: identity
ports:
- name: db
containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: flexvolsmb-identity-db
volumes:
- name: flexvolsmb-identity-etc
persistentVolumeClaim:
claimName: flexvolsmb-identity-etc
- name: flexvolsmb-identity-var
persistentVolumeClaim:
claimName: flexvolsmb-identity-var
- name: flexvolsmb-identity-db
persistentVolumeClaim:
claimName: flexvolsmb-identity-db
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: matrix
namespace: matrix
spec:
entryPoints:
- websecure
routes:
- match: Host(`synapse.chat.spamasaurus.com`)
kind: Rule
services:
- name: matrix
namespace: matrix
port: 8008
middlewares:
- name: security-headers@file
- name: compression@file
- name: matrix-cors-headers
- match: Host(`chat.spamasaurus.com`)
kind: Rule
services:
- name: matrix
namespace: matrix
port: 80
middlewares:
- name: security-headers@file
- name: compression@file
- name: matrix-cors-headers
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: identity
namespace: matrix
spec:
entryPoints:
- websecure
routes:
- match: Host(`synapse.chat.spamasaurus.com`) && Path(`/_matrix/identity`)
kind: Rule
services:
- name: identity
namespace: matrix
port: 8090
middlewares:
- name: security-headers@file
- name: compression@file
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-matrix-data
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-data
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/matrix/synapse.data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-matrix-data
namespace: matrix
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-data
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-matrix-db
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-db
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0600,dir_mode=0700,uid=70,gid=70,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/matrix/synapse.db
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-matrix-db
namespace: matrix
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-db
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-identity-etc
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-etc
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/matrix/identity.etc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-identity-etc
namespace: matrix
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-etc
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-identity-var
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-var
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/matrix/identity.var
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-identity-var
namespace: matrix
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-var
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-identity-db
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-db
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0600,dir_mode=0700,uid=70,gid=70,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/matrix/identity.db
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-identity-db
namespace: matrix
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-db
resources:
requests:
storage: 1Gi

1
services/Matrix/middleware-Matrix.yml → services/Matrix.WIP/middleware-Matrix.yml
View File

@ -2,6 +2,7 @@ apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: matrix-cors-headers
namespace: matrix
spec:
headers:
accessControlAllowHeaders:

177
services/Matrix/deploy-Matrix.yml
View File

@ -1,177 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: matrix
spec:
ports:
- protocol: TCP
name: synapse
port: 8008
- protocol: TCP
name: db
port: 5432
- protocol: TCP
name: element
port: 80
selector:
app: matrix
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: matrix
labels:
app: matrix
spec:
replicas: 1
selector:
matchLabels:
app: matrix
template:
metadata:
labels:
app: matrix
spec:
containers:
- name: synapse
image: bv11-cr01.bessems.eu/proxy/matrixdotorg/synapse:latest
# args:
# - generate
env:
# - name: SYNAPSE_SERVER_NAME
# value: spamasaurus.com
# - name: SYNAPSE_REPORT_STATS
# value: 'no'
- name: SYNAPSE_CONFIG_PATH
value: /data/homeserver.yaml
ports:
- name: synapse
containerPort: 8008
volumeMounts:
- mountPath: /data
name: flexvolsmb-matrix-data
- name: postgres
image: bv11-cr01.bessems.eu/proxy/library/postgres:alpine
env:
- name: POSTGRES_USER
value: synapse
- name: POSTGRES_PASSWORD
value: synapse
- name: POSTGRES_INITDB_ARGS
value: --encoding=UTF-8 --lc-collate=C --lc-ctype=C
ports:
- name: db
containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: flexvolsmb-matrix-db
- name: element
image: bv11-cr01.bessems.eu/proxy/vectorim/element-web
ports:
- name: element
containerPort: 80
volumeMounts:
- name: configmap-matrix-config
mountPath: /usr/share/nginx/html/config.json
subPath: config.json
volumes:
- name: flexvolsmb-matrix-data
persistentVolumeClaim:
claimName: flexvolsmb-matrix-data
- name: flexvolsmb-matrix-db
persistentVolumeClaim:
claimName: flexvolsmb-matrix-db
- name: configmap-matrix-config
configMap:
name: configmap-matrix-config
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: matrix
spec:
entryPoints:
- websecure
routes:
- match: Host(`synapse.chat.spamasaurus.com`)
kind: Rule
services:
- name: matrix
port: 8008
middlewares:
- name: security-headers@file
- name: compression@file
- name: matrix-cors-headers
- match: Host(`chat.spamasaurus.com`)
kind: Rule
services:
- name: matrix
port: 80
middlewares:
- name: security-headers@file
- name: compression@file
- name: matrix-cors-headers
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-matrix-data
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-data
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/matrix/data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-matrix-data
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-data
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-matrix-db
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-db
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0600,dir_mode=0700,uid=70,gid=70,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/matrix/db
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-matrix-db
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-db
resources:
requests:
storage: 1Gi

1
services/PVR/deploy-Radarr.yml
View File

@ -31,6 +31,7 @@ spec:
containers:
- name: radarr
image: bv11-cr01.bessems.eu/proxy/linuxserver/radarr:nightly
imagePullPolicy: Always
ports:
- name: web
containerPort: 7878

1
services/PVR/deploy-Sonarr.yml
View File

@ -31,6 +31,7 @@ spec:
containers:
- name: sonarr
image: bv11-cr01.bessems.eu/proxy/linuxserver/sonarr:preview
imagePullPolicy: Always
ports:
- name: web
containerPort: 8989

6
services/PVR/namespace-PVR.yml Normal file
View File

@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
annotations:
linkerd.io/inject: enabled
name: pvr

13
services/Shaarli/deploy-Shaarli.yml
View File

@ -13,9 +13,9 @@ spec:
apiVersion: apps/v1
kind: Deployment
metadata:
name: shaarli
labels:
app: shaarli
name: shaarli
spec:
replicas: 1
selector:
@ -23,15 +23,17 @@ spec:
app: shaarli
template:
metadata:
annotations:
linkerd.io/inject: enabled
labels:
app: shaarli
spec:
containers:
- name: shaarli
image: bv11-cr01.bessems.eu/proxy/shaarli/shaarli
- image: bv11-cr01.bessems.eu/proxy/shaarli/shaarli
name: shaarli
ports:
- name: web
containerPort: 80
- containerPort: 80
name: web
volumeMounts:
- mountPath: /var/www/shaarli/cache
name: flexvolsmb-shaarli-cache
@ -125,3 +127,4 @@ spec:
resources:
requests:
storage: 1Gi
---