djpbessems/Kubernetes.K3s.installLog
djpbessems
/
Kubernetes.K3s.installLog
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Housekeeping

This commit is contained in:
Danny Bessems 2021-03-11 08:57:52 +01:00
parent 9225b83080
commit 78b47311d0
9 changed files with 426 additions and 191 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
services/DroneCI/deploy-DroneCI.yml
View File

@ -39,7 +39,6 @@ spec:
serviceAccountName: drone serviceAccountName: drone
containers: containers:
- name: drone - name: drone
# image: bv11-cr01.bessems.eu/proxy/drone/drone:latest
image: drone/drone:latest image: drone/drone:latest
command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-server"] command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-server"]
env: env:
@ -61,6 +60,8 @@ spec:
value: 'true' value: 'true'
- name: DRONE_USER_CREATE - name: DRONE_USER_CREATE
value: 'username:djpbessems,admin:true' value: 'username:djpbessems,admin:true'
- name: DRONE_TMATE_ENABLED
value: 'false'
ports: ports:
- name: ui - name: ui
containerPort: 80 containerPort: 80
@ -68,7 +69,6 @@ spec:
- mountPath: /data - mountPath: /data
name: flexvolsmb-drone-data name: flexvolsmb-drone-data
- name: drone-runner - name: drone-runner
# image: bv11-cr01.bessems.eu/proxy/drone/drone-runner-kube:latest
image: drone/drone-runner-kube:latest image: drone/drone-runner-kube:latest
command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-runner-kube"] command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-runner-kube"]
ports: ports:
@ -83,9 +83,6 @@ spec:
- name: DRONE_RUNNER_MAX_PROCS - name: DRONE_RUNNER_MAX_PROCS
value: '3' value: '3'
volumes: volumes:
- name: flexvolsmb-drone-output
persistentVolumeClaim:
claimName: flexvolsmb-drone-output
- name: flexvolsmb-drone-data - name: flexvolsmb-drone-data
persistentVolumeClaim: persistentVolumeClaim:
claimName: flexvolsmb-drone-data claimName: flexvolsmb-drone-data
@ -152,7 +149,7 @@ metadata:
name: flexvolsmb-drone-certs name: flexvolsmb-drone-certs
spec: spec:
capacity: capacity:
storage: 100Gi storage: 10Gi
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany
storageClassName: flexvolsmb-drone-certs storageClassName: flexvolsmb-drone-certs
@ -176,7 +173,7 @@ spec:
storageClassName: flexvolsmb-drone-certs storageClassName: flexvolsmb-drone-certs
resources: resources:
requests: requests:
storage: 100Gi storage: 10Gi
--- ---
apiVersion: v1 apiVersion: v1
kind: PersistentVolume kind: PersistentVolume
@ -184,7 +181,7 @@ metadata:
name: flexvolsmb-drone-output name: flexvolsmb-drone-output
spec: spec:
capacity: capacity:
storage: 100Gi storage: 10Gi
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany
storageClassName: flexvolsmb-drone-output storageClassName: flexvolsmb-drone-output
@ -208,7 +205,39 @@ spec:
storageClassName: flexvolsmb-drone-output storageClassName: flexvolsmb-drone-output
resources: resources:
requests: requests:
storage: 100Gi storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-drone-scratch
spec:
capacity:
storage: 25Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-drone-scratch
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/drone/scratch
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-drone-scratch
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-drone-scratch
resources:
requests:
storage: 25Gi
--- ---
kind: Role kind: Role
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1

1
services/Matrix/configMap-Matrix.yml → services/Matrix.WIP/configMap-Matrix.yml
View File

@ -2,6 +2,7 @@ apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
name: configmap-matrix-config name: configmap-matrix-config
namespace: matrix
data: data:
config.json: | config.json: |
{ {

370
services/Matrix.WIP/deploy-Matrix.yml Normal file
View File

@ -0,0 +1,370 @@
apiVersion: v1
kind: Service
metadata:
name: matrix
namespace: matrix
spec:
ports:
- protocol: TCP
name: synapse
port: 8008
- protocol: TCP
name: db
port: 5432
- protocol: TCP
name: element
port: 80
selector:
app: matrix
---
apiVersion: v1
kind: Service
metadata:
name: identity
namespace: matrix
spec:
ports:
- protocol: TCP
name: identity
port: 8090
- protocol: TCP
name: db
port: 5432
selector:
app: identity
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: matrix
namespace: matrix
labels:
app: matrix
spec:
replicas: 1
selector:
matchLabels:
app: matrix
template:
metadata:
labels:
app: matrix
spec:
containers:
- name: synapse
image: bv11-cr01.bessems.eu/proxy/matrixdotorg/synapse:latest
# args:
# - generate
env:
# - name: SYNAPSE_SERVER_NAME
# value: spamasaurus.com
# - name: SYNAPSE_REPORT_STATS
# value: 'no'
- name: SYNAPSE_CONFIG_PATH
value: /data/homeserver.yaml
ports:
- name: synapse
containerPort: 8008
volumeMounts:
- mountPath: /data
name: flexvolsmb-matrix-data
- name: postgres
image: bv11-cr01.bessems.eu/proxy/library/postgres:alpine
env:
- name: POSTGRES_USER
value: synapse
- name: POSTGRES_PASSWORD
value: synapse
- name: POSTGRES_INITDB_ARGS
value: --encoding=UTF-8 --lc-collate=C --lc-ctype=C
ports:
- name: db
containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: flexvolsmb-matrix-db
- name: element
image: bv11-cr01.bessems.eu/proxy/vectorim/element-web
ports:
- name: element
containerPort: 80
volumeMounts:
- name: configmap-matrix-config
mountPath: /usr/share/nginx/html/config.json
subPath: config.json
volumes:
- name: flexvolsmb-matrix-data
persistentVolumeClaim:
claimName: flexvolsmb-matrix-data
- name: flexvolsmb-matrix-db
persistentVolumeClaim:
claimName: flexvolsmb-matrix-db
- name: configmap-matrix-config
configMap:
name: configmap-matrix-config
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: identity
namespace: matrix
labels:
app: identity
spec:
replicas: 1
selector:
matchLabels:
app: identity
template:
metadata:
labels:
app: identity
spec:
containers:
- name: identity
image: bv11-cr01.bessems.eu/library/matrix-identity
env:
- name: MATRIX_DOMAIN
value: chat.spamasaurus.com
ports:
- name: identity
containerPort: 8090
volumeMounts:
- name: flexvolsmb-identity-etc
mountPath: /etc/ma1sd
- name: flexvolsmb-identity-var
mountPath: /var/ma1sd
- name: postgres
image: bv11-cr01.bessems.eu/proxy/library/postgres:alpine
env:
- name: POSTGRES_USER
value: identity
- name: POSTGRES_PASSWORD
value: identity
- name: POSTGRES_DATABASE
value: identity
ports:
- name: db
containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: flexvolsmb-identity-db
volumes:
- name: flexvolsmb-identity-etc
persistentVolumeClaim:
claimName: flexvolsmb-identity-etc
- name: flexvolsmb-identity-var
persistentVolumeClaim:
claimName: flexvolsmb-identity-var
- name: flexvolsmb-identity-db
persistentVolumeClaim:
claimName: flexvolsmb-identity-db
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: matrix
namespace: matrix
spec:
entryPoints:
- websecure
routes:
- match: Host(`synapse.chat.spamasaurus.com`)
kind: Rule
services:
- name: matrix
namespace: matrix
port: 8008
middlewares:
- name: security-headers@file
- name: compression@file
- name: matrix-cors-headers
- match: Host(`chat.spamasaurus.com`)
kind: Rule
services:
- name: matrix
namespace: matrix
port: 80
middlewares:
- name: security-headers@file
- name: compression@file
- name: matrix-cors-headers
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: identity
namespace: matrix
spec:
entryPoints:
- websecure
routes:
- match: Host(`synapse.chat.spamasaurus.com`) && Path(`/_matrix/identity`)
kind: Rule
services:
- name: identity
namespace: matrix
port: 8090
middlewares:
- name: security-headers@file
- name: compression@file
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-matrix-data
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-data
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/matrix/synapse.data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-matrix-data
namespace: matrix
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-data
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-matrix-db
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-db
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0600,dir_mode=0700,uid=70,gid=70,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/matrix/synapse.db
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-matrix-db
namespace: matrix
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-db
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-identity-etc
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-etc
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/matrix/identity.etc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-identity-etc
namespace: matrix
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-etc
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-identity-var
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-var
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/matrix/identity.var
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-identity-var
namespace: matrix
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-var
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-identity-db
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-db
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0600,dir_mode=0700,uid=70,gid=70,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/matrix/identity.db
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-identity-db
namespace: matrix
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-identity-db
resources:
requests:
storage: 1Gi

1
services/Matrix/middleware-Matrix.yml → services/Matrix.WIP/middleware-Matrix.yml
View File

@ -2,6 +2,7 @@ apiVersion: traefik.containo.us/v1alpha1
kind: Middleware kind: Middleware
metadata: metadata:
name: matrix-cors-headers name: matrix-cors-headers
namespace: matrix
spec: spec:
headers: headers:
accessControlAllowHeaders: accessControlAllowHeaders:

177
services/Matrix/deploy-Matrix.yml
View File

@ -1,177 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: matrix
spec:
ports:
- protocol: TCP
name: synapse
port: 8008
- protocol: TCP
name: db
port: 5432
- protocol: TCP
name: element
port: 80
selector:
app: matrix
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: matrix
labels:
app: matrix
spec:
replicas: 1
selector:
matchLabels:
app: matrix
template:
metadata:
labels:
app: matrix
spec:
containers:
- name: synapse
image: bv11-cr01.bessems.eu/proxy/matrixdotorg/synapse:latest
# args:
# - generate
env:
# - name: SYNAPSE_SERVER_NAME
# value: spamasaurus.com
# - name: SYNAPSE_REPORT_STATS
# value: 'no'
- name: SYNAPSE_CONFIG_PATH
value: /data/homeserver.yaml
ports:
- name: synapse
containerPort: 8008
volumeMounts:
- mountPath: /data
name: flexvolsmb-matrix-data
- name: postgres
image: bv11-cr01.bessems.eu/proxy/library/postgres:alpine
env:
- name: POSTGRES_USER
value: synapse
- name: POSTGRES_PASSWORD
value: synapse
- name: POSTGRES_INITDB_ARGS
value: --encoding=UTF-8 --lc-collate=C --lc-ctype=C
ports:
- name: db
containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: flexvolsmb-matrix-db
- name: element
image: bv11-cr01.bessems.eu/proxy/vectorim/element-web
ports:
- name: element
containerPort: 80
volumeMounts:
- name: configmap-matrix-config
mountPath: /usr/share/nginx/html/config.json
subPath: config.json
volumes:
- name: flexvolsmb-matrix-data
persistentVolumeClaim:
claimName: flexvolsmb-matrix-data
- name: flexvolsmb-matrix-db
persistentVolumeClaim:
claimName: flexvolsmb-matrix-db
- name: configmap-matrix-config
configMap:
name: configmap-matrix-config
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: matrix
spec:
entryPoints:
- websecure
routes:
- match: Host(`synapse.chat.spamasaurus.com`)
kind: Rule
services:
- name: matrix
port: 8008
middlewares:
- name: security-headers@file
- name: compression@file
- name: matrix-cors-headers
- match: Host(`chat.spamasaurus.com`)
kind: Rule
services:
- name: matrix
port: 80
middlewares:
- name: security-headers@file
- name: compression@file
- name: matrix-cors-headers
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-matrix-data
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-data
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/matrix/data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-matrix-data
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-data
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-matrix-db
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-db
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0600,dir_mode=0700,uid=70,gid=70,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/matrix/db
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-matrix-db
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-matrix-db
resources:
requests:
storage: 1Gi

1
services/PVR/deploy-Radarr.yml
View File

@ -31,6 +31,7 @@ spec:
containers: containers:
- name: radarr - name: radarr
image: bv11-cr01.bessems.eu/proxy/linuxserver/radarr:nightly image: bv11-cr01.bessems.eu/proxy/linuxserver/radarr:nightly
imagePullPolicy: Always
ports: ports:
- name: web - name: web
containerPort: 7878 containerPort: 7878

1
services/PVR/deploy-Sonarr.yml
View File

@ -31,6 +31,7 @@ spec:
containers: containers:
- name: sonarr - name: sonarr
image: bv11-cr01.bessems.eu/proxy/linuxserver/sonarr:preview image: bv11-cr01.bessems.eu/proxy/linuxserver/sonarr:preview
imagePullPolicy: Always
ports: ports:
- name: web - name: web
containerPort: 8989 containerPort: 8989

6
services/PVR/namespace-PVR.yml Normal file
View File

@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
annotations:
linkerd.io/inject: enabled
name: pvr

13
services/Shaarli/deploy-Shaarli.yml
View File

@ -13,9 +13,9 @@ spec:
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: shaarli
labels: labels:
app: shaarli app: shaarli
name: shaarli
spec: spec:
replicas: 1 replicas: 1
selector: selector:
@ -23,15 +23,17 @@ spec:
app: shaarli app: shaarli
template: template:
metadata: metadata:
annotations:
linkerd.io/inject: enabled
labels: labels:
app: shaarli app: shaarli
spec: spec:
containers: containers:
- name: shaarli - image: bv11-cr01.bessems.eu/proxy/shaarli/shaarli
image: bv11-cr01.bessems.eu/proxy/shaarli/shaarli name: shaarli
ports: ports:
- name: web - containerPort: 80
containerPort: 80 name: web
volumeMounts: volumeMounts:
- mountPath: /var/www/shaarli/cache - mountPath: /var/www/shaarli/cache
name: flexvolsmb-shaarli-cache name: flexvolsmb-shaarli-cache
@ -125,3 +127,4 @@ spec:
resources: resources:
requests: requests:
storage: 1Gi storage: 1Gi
---