From 86378358d604c32cc53e3a5477f8aa192a39dc1e Mon Sep 17 00:00:00 2001 From: Danny Bessems Date: Tue, 13 Jun 2023 14:31:25 +0200 Subject: [PATCH] Mastodon++ --- services/Mastodon/_namespace-mastodon.yml | 4 + .../Mastodon/configMap-Mastodon.yml | 0 services/Mastodon/deployment-mastodon.yaml | 93 ++++++++ services/Mastodon/ingressroute-mastodon.yaml | 17 ++ ...rsistentvolume-flexvolsmb-mastodon-db.yaml | 19 ++ ...stentvolume-flexvolsmb-mastodon-redis.yaml | 19 ++ ...tentvolume-flexvolsmb-mastodon-system.yaml | 19 ++ ...entvolumeclaim-flexvolsmb-mastodon-db.yaml | 12 + ...volumeclaim-flexvolsmb-mastodon-redis.yaml | 12 + ...olumeclaim-flexvolsmb-mastodon-system.yaml | 12 + .../sealedsecret-secret-mastodon.yaml | 30 +++ .../Mastodon/sealedsecret-smb-secret.yaml | 17 ++ services/Mastodon/service-mastodon.yaml | 21 ++ .../_archived/Mastodon/deploy-Mastodon.yml | 225 ------------------ 14 files changed, 275 insertions(+), 225 deletions(-) create mode 100644 services/Mastodon/_namespace-mastodon.yml rename services/{_archived => }/Mastodon/configMap-Mastodon.yml (100%) create mode 100644 services/Mastodon/deployment-mastodon.yaml create mode 100644 services/Mastodon/ingressroute-mastodon.yaml create mode 100644 services/Mastodon/persistentvolume-flexvolsmb-mastodon-db.yaml create mode 100644 services/Mastodon/persistentvolume-flexvolsmb-mastodon-redis.yaml create mode 100644 services/Mastodon/persistentvolume-flexvolsmb-mastodon-system.yaml create mode 100644 services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-db.yaml create mode 100644 services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-redis.yaml create mode 100644 services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-system.yaml create mode 100644 services/Mastodon/sealedsecret-secret-mastodon.yaml create mode 100644 services/Mastodon/sealedsecret-smb-secret.yaml create mode 100644 services/Mastodon/service-mastodon.yaml delete mode 100644 services/_archived/Mastodon/deploy-Mastodon.yml diff --git a/services/Mastodon/_namespace-mastodon.yml b/services/Mastodon/_namespace-mastodon.yml new file mode 100644 index 0000000..1bef519 --- /dev/null +++ b/services/Mastodon/_namespace-mastodon.yml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: mastodon diff --git a/services/_archived/Mastodon/configMap-Mastodon.yml b/services/Mastodon/configMap-Mastodon.yml similarity index 100% rename from services/_archived/Mastodon/configMap-Mastodon.yml rename to services/Mastodon/configMap-Mastodon.yml diff --git a/services/Mastodon/deployment-mastodon.yaml b/services/Mastodon/deployment-mastodon.yaml new file mode 100644 index 0000000..0571fb9 --- /dev/null +++ b/services/Mastodon/deployment-mastodon.yaml @@ -0,0 +1,93 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mastodon + namespace: mastodon + labels: + app: mastodon +spec: + replicas: 1 + selector: + matchLabels: + app: mastodon + template: + metadata: + labels: + app: mastodon + spec: + containers: + - name: web + image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon + args: + - bash + - -c + - 'rm -f /mastodon/tmp/pids/server.pid; bundle exec rails db:migrate; bundle exec rails s -p 3000' + envFrom: + - secretRef: + name: secret-mastodon + ports: + - name: web + containerPort: 3000 + volumeMounts: + - mountPath: /mastodon/public/system + name: flexvolsmb-mastodon-system + - name: api + image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon + args: + - node + - ./streaming + envFrom: + - secretRef: + name: secret-mastodon + ports: + - name: api + containerPort: 4000 + - name: backend + image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon + args: + - bundle + - exec + - sidekiq + envFrom: + - secretRef: + name: secret-mastodon + volumeMounts: + - mountPath: /mastodon/public/system + name: flexvolsmb-mastodon-system + - name: postgres + image: bv11-cr01.bessems.eu/proxy/library/postgres:14-alpine + env: + - name: POSTGRES_USER + value: mastodon + - name: POSTGRES_PASSWORD + value: mastodon + - name: POSTGRES_DB + value: mastodon + ports: + - name: db + containerPort: 5432 + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: flexvolsmb-mastodon-db + - name: redis + image: bv11-cr01.bessems.eu/proxy/library/redis:alpine +# args: +# - redis-server +# - --requirepass +# - --appendonly yes + ports: + - name: redis + containerPort: 6379 + volumeMounts: + - name: flexvolsmb-mastodon-redis + mountPath: /data + volumes: + - name: flexvolsmb-mastodon-system + persistentVolumeClaim: + claimName: flexvolsmb-mastodon-system + - name: flexvolsmb-mastodon-db + persistentVolumeClaim: + claimName: flexvolsmb-mastodon-db + - name: flexvolsmb-mastodon-redis + persistentVolumeClaim: + claimName: flexvolsmb-mastodon-redis diff --git a/services/Mastodon/ingressroute-mastodon.yaml b/services/Mastodon/ingressroute-mastodon.yaml new file mode 100644 index 0000000..821c8ff --- /dev/null +++ b/services/Mastodon/ingressroute-mastodon.yaml @@ -0,0 +1,17 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: mastodon + namespace: mastodon +spec: + entryPoints: + - websecure + routes: + - match: Host(`st.itch.fyi`) + kind: Rule + services: + - name: mastodon + port: 3000 + middlewares: + - name: security-headers@file + - name: compression@file diff --git a/services/Mastodon/persistentvolume-flexvolsmb-mastodon-db.yaml b/services/Mastodon/persistentvolume-flexvolsmb-mastodon-db.yaml new file mode 100644 index 0000000..59fd92c --- /dev/null +++ b/services/Mastodon/persistentvolume-flexvolsmb-mastodon-db.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: flexvolsmb-mastodon-db + namespace: mastodon +spec: + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-mastodon-db + flexVolume: + driver: mount/smb + secretRef: + name: smb-secret + options: + opts: domain=bessems.eu,file_mode=0600,dir_mode=0700,uid=70,gid=70,iocharset=utf8,nobrl + server: 192.168.11.225 + share: /K3s.Volumes/mastodon/db diff --git a/services/Mastodon/persistentvolume-flexvolsmb-mastodon-redis.yaml b/services/Mastodon/persistentvolume-flexvolsmb-mastodon-redis.yaml new file mode 100644 index 0000000..c27513f --- /dev/null +++ b/services/Mastodon/persistentvolume-flexvolsmb-mastodon-redis.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: flexvolsmb-mastodon-redis + namespace: mastodon +spec: + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-mastodon-redis + flexVolume: + driver: mount/smb + secretRef: + name: smb-secret + options: + opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=1000,iocharset=utf8,nobrl + server: 192.168.11.225 + share: /K3s.Volumes/mastodon/redis diff --git a/services/Mastodon/persistentvolume-flexvolsmb-mastodon-system.yaml b/services/Mastodon/persistentvolume-flexvolsmb-mastodon-system.yaml new file mode 100644 index 0000000..e40c459 --- /dev/null +++ b/services/Mastodon/persistentvolume-flexvolsmb-mastodon-system.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: flexvolsmb-mastodon-system + namespace: mastodon +spec: + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-mastodon-system + flexVolume: + driver: mount/smb + secretRef: + name: smb-secret + options: + opts: domain=bessems.eu,file_mode=0755,dir_mode=0755,uid=991,gid=991,iocharset=utf8 + server: 192.168.11.225 + share: /K3s.Volumes/mastodon/system diff --git a/services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-db.yaml b/services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-db.yaml new file mode 100644 index 0000000..e9def46 --- /dev/null +++ b/services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-db.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: flexvolsmb-mastodon-db + namespace: mastodon +spec: + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-mastodon-db + resources: + requests: + storage: 1Gi diff --git a/services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-redis.yaml b/services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-redis.yaml new file mode 100644 index 0000000..21d9e2f --- /dev/null +++ b/services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-redis.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: flexvolsmb-mastodon-redis + namespace: mastodon +spec: + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-mastodon-redis + resources: + requests: + storage: 1Gi diff --git a/services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-system.yaml b/services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-system.yaml new file mode 100644 index 0000000..3152dd4 --- /dev/null +++ b/services/Mastodon/persistentvolumeclaim-flexvolsmb-mastodon-system.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: flexvolsmb-mastodon-system + namespace: mastodon +spec: + accessModes: + - ReadWriteMany + storageClassName: flexvolsmb-mastodon-system + resources: + requests: + storage: 1Gi diff --git a/services/Mastodon/sealedsecret-secret-mastodon.yaml b/services/Mastodon/sealedsecret-secret-mastodon.yaml new file mode 100644 index 0000000..203a17b --- /dev/null +++ b/services/Mastodon/sealedsecret-secret-mastodon.yaml @@ -0,0 +1,30 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: secret-mastodon + namespace: mastodon +spec: + encryptedData: + DB_HOST: AgDIxKNDQYb4MAnPXF8Nz3h4Uyy3B3usHDgtLOC8fYhCOS6plJTr4j3NLqe7DG35bAh0RQbNgIrn7PkmL8w4t1IdWcIHqck6PIZdYJs7Ttuu1WEe2/UBJ499kv2/F4d+6AL8/DgDftM5sWLP3G4kbbtbxbEJIPDtBPAYBxir5+gEAN/hwj/A+wdL810aa0ZIohWR7U2TdknryEXUWIPjJPzpRtwMxlmp6OZpeheBMD9wMB+XXxZBgnRduZbkxM322dS/joiMVoguGBeFyE5X77fWDuPYDj5VgQIig1+4Mr3veRBYScyopX7OKEaQsU4McCj+we6c1DsPof+mVi41cb0UmAkzZw1qtPEOYr1miw1MYHM6XRSR+TMdk8ABmSxukNN/NcijCJ+USm9dfo4snnlfS9OSoNcSqYOp81YyrOHzrBZi+Z3jVWQ5KvdCtn5PJbhIWBAslx7I6nUiCCO3bpSiVn42BMZFrbUZUU/ZXnErokEPmL/gJJZI+g2KDleC/9/RNn8FPuqXNz9SbLPUd0mo71J36BWzJW7hacS4fQxHy1gm36xXh8EhSucD9bmUjo+vINzHhdteb8Z1c5UHSsBK+G5A1QK3OBFtQk193i3ybYoXT95epIJoP0rXLZho62YsFjValnQ8pFQR4nv6rAYGCuJWql9Q8qEvwuUcCuuo7II0SjSzpRmq4Tig1kwJoh9berJw6d3FvTT+uDeTYwqEE/vMKtpwCRHHpRstW3JoHcSWRQ== + DB_NAME: AgAZyX0h2/80TFOgBPuTQkODq1VSWFhZvTUJG8Z7NhtrUC3Lda/Nxu1FIa96Nd5dYlr4HzW1E9cn0HkGzXHG+ogL6679yKtJpbhxRfyVWqsaia1r6mir4Xge6TNkj2zqOZ6Efk4L1oLH7r3ffwTnkfRXdGogpFj+pZOqYINeeT+3mi7Hws8mlSzjI+yPXNOxtMzO+gluksRAJW9f21qNmiHdXXlrB3U889A92ReECWQ0uEk28y4CqEcheACOTa2ukXkiNWUe+z5UUxjzISTvnknNtdvhxZJrFM4VtscKEumiF5Y2OrOBRhHZ22NBSsFrbiLsL82O8+OkzZKW2VPgDj+UM79EJE7jpzhDkaP083HiY0h7u/9kBQcGiiSV+7rfIyZPyyOyRzSHLg2TOl8RerF6pl7ivFZYMgwhFPcx7Q3FTMbOim8a14UB3wDK1T9cVZ3YN9OkQRa95fGkXrRDBOYZar3/YkxdBrDTWO1i22SYbnzhxsNL04+Y5gIxWew2RNKYbxt4b6XkMjeUIrwi/EtkCnHq4J+YsVTga0yLaXyhSqHYNLHD6CwapZ9S+92C1v486kZ6r+TxETnRsoieP5Qk01JA7PZLXX6Idc81S43Dsh3ynm0DOTx+C651hJT/3GMllqqdPF/eU2dtoSDfyuW5am/9Xrow5QOnTn/bOLUZpJXmTD1gN+7974ENWrMe6sC/EPG+mMc0bQ== + DB_PASS: AgASA2FdM6PTzTHtoac7CETfQgHO7zaO+eziAiiza/k+yveXSUst+H3pX0sZYwv5fSfYXQ64rHDDjkK37R+kGyIf5WWjturBXoSUX2HNM2S4pKmWivr+4Xj44A+M0FKTxPDNv6zgfiEER+z3y/Qrp0TZwNjR/judCsN4+0QlKJEkl/DfiXK/oAMvmKsSElb1NhAYy8Z/9VO8d73Utx2fPfwnipA2S8Na37SwYzsxlif1Sigrhj8SmKGfAQikR+AbxNmjcZUBl9ByJgvTLHBl+J9vv1QNnBfWV8M4yyJSAXR8FPrunnCecEeN4VpYIQ72P9K9OCra6aErV6pKUs760+rkEhvk4bI+xydqu5Fg31Poqna5+LHGz/Pvnyiv4vqbIWJ5SNhYB/rG3YL49hu4LAQ50sniRoxxbZUaSVz4ck6SuEmtbCZtOqpXJ+Oh1CINKo129AylqDKU3IjeGhuihSGcCYpPeQVmhzW4Z2mLap/2WNi3HmgVQ9CO5pKQgAED/Oayqj50iZAcqoBV0XGIx/pE8kZosdahriaeM31CPaX2nX3zu/wAGcK4S0FSIgm6CZhAq7c/CwnT3eCXAu7kxCK2KkaUM4oTd60jfxA6wMf4BgjLNinqUZkiR4pvGXEl85a6vViKGQveIlGeCpKKWTtSgJweVv+HruvkisIziBbRiH4x8E/a5iO67rDrmfgKoqmBwfPFbUjJiQ== + DB_PORT: AgBcWLrp+m98+eQ3ujmlM/zoOpq1S1rkZ9BELOpnvRUTeBiDgbf5/dc5847IDW1XMqCZnLrSUutD06ruXOgp5kiDkJRBhLGJO+7mBitGLjyRpvJthit+G2svQ+gTex4xjUHW/wU/JeW8UMNRnsyopOa73/c25Iv7nKIrzYQjtyeMLy5RwFcnkhJENhh5u63M+o+FeL8eI1AvSzUQCJWP75FP89Q2quWnYAFTHhis8CLMmLIfWcOCJcXEX6YHFrvqn2NI6L66rhDyouw8LJGy/fQkoAoGP1sROSNmIpHalM4aztP8V4VnzdegSHxutxx/a3RqRyZ30XVKxEx7+c1Y9heVCd/hNFeLPbLgU0/JnenG4CraimN3QQ6MlAfYdOm7xyrJsgKp8j7pFXsxxlHl6gMoDvYMuO4iJoZE/SePQ0RkB1ryGaRV6Bazc+68JRA4q2jIKF97LQaI21OfCx0U3vYIsgniT4eWeZ/ctJkSbr5wC6Vkvp66CycW1EEupuuB8wIOW8r4fKXgTybc6D7t+Wl5qfB7sckUOj3adiQoEQfnDGmIjQcTiVjdAalBjl3JWSrzK6xXaerejV6AO1tC3HRPvaXHJowrI8jl1NpZUXhlBGu9kj4ywft93LaDdf8qpBpS70E9/chCxim7nc9iuVKbyK/AQSB1PN8z88X+7DBzosx3Be047gVSDA6dChiR01d1/Qiu + DB_USER: AgAXW3Bz1rJxaP44r1K1HQhoLTwHPzr2C8GdOOoPwsmhMR/4Ub5zIvR4G8ESCmwX2OUyhamqqhLJDaGxmGp94p/gQFH9BLg9421dO5f7rC52ySiN30NW7tkY33q/dE59Dbpd/SGCoRJwbqv438OH1twO06stv5twnDJ9EI86aF4w5FZUCjN8JdiYS3iZea74eRDdcjcdKKceGDq5CmL02cJ1MMg/wuO4CNz9QJEacJewblGymq625qoIQ005JN/j70vXkJH30PlQzEWzVUvHTY9AKtzbq8/M8bT8eeoF050sNFfh1dcOu2HXD0pKPnNjEvoH4rFz2hop4/Znk5N4E6bBQr8FJ6/QX8C1lzqYPQLQFJoqL9Qp/2h9Q+NxZhluqCZ/1BqenwQ2SUeaEPUQAAff1nW6lzWecltWNCXc4jlGMDxFn9TV6uHYDrDUUVYEfWn0/GaH2DYGJZkBa3JWcB5V51tKgkgkao99bp8XCaGj/MC0sprCoKsKIFul65u2HVJ1jzuzfO7tGQz+F7DY/P7YK3veRY3E4tWGifSKuCnApqDo1FDD8WXWowqVifr4zaTM8xwFGzAnoQh2bcguvkl4CikCmqw/uvmFfdVTBg1q4LZJ30d06jUqyiaDFw+0l80WV10uiac3Nk8hI1E9MU59RXs+CZMYX05+PeovW6jfbp9do2dVSaoC5npu5RdudGKjN8KKvJFoVA== + LOCAL_DOMAIN: AgAO+oTfJ6mJdFZ6UJC3ONykzHY3Evss/6d9DibR6yH4zXCyDfnaODDWy2x0VxiX2a6Cyy/DWIBnIgc/85QUMxgyF9leLdn8rflVh07zS1ipy9mM42fXDYFYkMquN3BWSB+SRQYmHetfNzdEtOwA1GQ27C+5GoBEmgxQ+GK0FTaete3wr/PzKTXGdkr1GzfDsGqiN3vPUKthhVMKz96JyUsae/dtpJilqGRdS+OX+y4GyIzP97OH+P31eMAISzE+x7qKkF577wZPhSeQIsEkWVNZxhQ4PqTw7hHXG8hLwLiw97mioMtYPHaiTkE9jsm9iqHmBuzFlSNbQQcPQ9kCyQ3Lf2HXd2ymTwMMiy9R9SIyB+zXDzHPStgAzthGF+1mmPMGg/dYXtl7PwP+Pb5HSHnslLRo/pkK9gvc3aGR8hmgOK0gj19TBRVPcAyZWVbjVVV7LjYBvH1oxrCcm6m9fuL3nGid5wW4cLbWx0hxKQa+wjgUYkgCszlFy3N16i58S+MTtOoGufg3wUaqbSLlT0JQ4DxMOaTEIuhtZt2QRl4zEe5UfVvC3YI/mownJHIHndZxpTzCyHsWKKKdQ5fVqbj+vn1TLkvgPvZEJJSYHKt4AXBZgXP1KlhLceZOXvsWIeY+x+fzOv72arvKcIY0nzEH0syt8c2Ypf63KjRLjtRUofMMotGWJUVp9ro/rGB0HVzPb0NCo8YygNOSbw== + OTP_SECRET: AgAbCdxbWq9m/Yi7nzRy09an8WPKtIhY1aVKeDcjVb1ip1tLJRmU+v2QTgt/hu1AKIxlt/ZG7eAi5j0tHBix9pvbtoPqdgmeDZj2s2sT7n8a4+e7mLBrVmigbLrttbvNFYWdvXgbNyhz/lxpY0+DAmE80l65LP1oQiPE3Y/WxmKut6f/fWdLdzZxSTBu5+0dBfkMSIF6U/pGAfB8MnyjatNW5HdqmwGpW0TSzPo3jKw0ukdhT9va3eM13W0Sqq3C1QrkYzRVefINilb9BRj/PqAWMouE0+HgsvuQ7KlzdMrtsUT7eYnIOY3gFf6OL+iGTudgPN5nkvCdcUZoJSEnPf5hQrU1tPbMlHV7t2YIDwB95O5EaiNgAcZZD6iiWXxBdERkfuBS7BdrBkQBcsZz5fsWaNzsXkYM9gTk3laiUT7VeeCs0JAV0hK5P2UDc6zxVzOsX+lZUs4bFNVKqwTnVnhA/ywrLvGy5r+A/9UAwNaymUYTfhnhT1H7sYw1iorulLM5SOvaSL1Y/toVuLMvN+YpTlfNOGFST08jrXEu3iiHYOup0BzRBX4BxfSvETdzgPX5SSMqXmk61Z3jc0LEbh3yGVKFEWCkORi84WQlFvUwFr4zcEKUq99aF1O4nADvWu2evzOy9oRm+i0AyI/KFMRM78y+cT8oTzTP0yziinwbaqQDoJnnk5Hu9pXWF2HQh/Jq4JLq1wYOdZczjGBOiKb1RMx8NDUaQ2cHPoPaRr7VDQ== + REDIS_HOST: AgC94swqxJTF0BmkwtiTf/nHDQifNGjB3t9aEWMjIy3E5by+Fa/cnc4nu9vjF4IrL9IRyoowi22qovr1PapPTpW8QDL64FZ35ekhdCYAeHjvRX8eYs9YOLz1lu4UqLdpt96Bhjdla7wVP+Yi+d/uriGOzBZv+iDCx4mw3cRwry7a08CBEwoiT8c0zHdqaykgk2HXompEVLuWpa7Nq+JpMVa9fhPK5zovV8FcBeUn0qeMSN8fx9dyr31PTYNFOVVUeg0yp80xA8nPQH0VxB3PFdF97JppZUGr64Cesi1vmwOCldCub1Y59RSL78QLDz+afAGJg5yb5pdco+ghenna89c76O2s6j1+/2xHLuANoGV5MKvdSRv5GFnq6o/BRJ+JdDQO9DCVJvcM2K5ezFwrcCXdEDmsarG9y20nvxForFnlqN/l3HqxuMc/r49FZU3zt0m6C9+NYCcpZ+4G/XcmMK/cfKYqmkUD3/9JTfZF5gaRuLoqT3bavylQJoqxm6eR2EHCN/2vvYunVs/28p46Z+N/qg8S6NRD5ZG3/HzFUPes8qTJ1j3WeT60o3cWAQlpKXHnJVzWj+11B3DeuJV4TleeAOAx47CYWBTGgDIv8likLFGz+EKce/T7DN7cJv752PNeIrG62CUIx70MlbONDgCYk3HDGl30tH4QU2Cf/i52ayJkwn4MDIvHM6phflHAoxdOd1PJ6yvNMf0JBxYFMjNDhfS+vQ0WwdwaQo/hhOxFwR6xxw== + REDIS_PORT: AgBkak0jNU2DYiysYWiUzNCRUTRxqSBizXIp+is1pUfYOP2Hnu6henEDA+Ggl6G2VSAAz6Z/wOh+CYYrfoEghr1VBcLrjYmKqsIlOZNujK6ZZ0Rw5iYgZvZla901O2zB+QVEASv3/Qz/k2VRwe2uqomliCs23JK8s3LwoNWWikrryjY9UTl656FeFKit//dRocdET+xsCrWcUBLgzcjo2Q/fN91zS6/HIuS3HNR7fEzfuNzGEqg8CgiN0Jp10HNM11lX9OBBSOPEzQMl5LxruPHYi2oq6xEXJ2cloHSUlq7s0ekCsFV8UOlEQigEx/Z4n1xbKRWcbEpAgNMSrEBbZAYUzht+6ApCBwSbOa15GqCjX7yxpvi0S6mxg1MfqUVH9ZRusCjVJNZCw6fak/nXIYqcpgnxN61SFqVZfNp5gB/l+rUVT/aVa4FD8iG1AgEnlZkIN8FswPXpcrA0blKpNUhfU0SB2w+mUYvoaheE2X6prYVmtVIyp26R/P8p/Jx72lvZMavrC299tcQp0lXgCrIKb4p358lIUiTzISzA5cWGmj1C4ZTY+IzvnOqtCvlVCbXuMp5Ei9wW9B5DD7EqI06JYIgTCl/vnY3DcLGVC7B5aI5e87WqJFxAIIRRW1NEujaENAb+xokZbKnAV/cZfAMl3YgmxxkqEHCGQM45d7t9pziPuhczzjTsF8Lld2P8xsh1EkkQ + SECRET_KEY_BASE: AgCnrVN8zn4OnEvgs/5v9ymZpQPInfRzpnTCSSqzV4SJfw8Wnhm+Pwl8rSbQmSoHj36EADnas07u/5sXPHnzsbxyXx8KCM2rRdsRMVrn1iEs/sF0VRvjQ86bNMXiuM09tfsVVcH4yL3nqv+x8h+FsFizigflQ34paYXSdp5zzYO5oxJNdHaUL4scD7cE3E/Mcu1ZvxiZfliGWBCgWhipssYnmVnV1b5au7yjp2Js3TxW8RnGndByn8JtLGt2jrWc577F4j/KTiizhZ7x4Kn7TnQw4c6U/WBl149Z6ENyrhy+IwDH1g+YbOnQMsgr4P5hl2Q4+swWVNwb5jU7rNFxLetgQuhExpNvcmOju6cttTWZqLddOstMpr6INaOIpQYuTdEUAOjdXj9eXwiWrfyFtgJXLx16V9LAijMPPkWCYQu6/gY+GPuCaxi74HQCKpKQ5WSmc0/RDQAKz9ttWRRDx6Afl9ov2fDvYJG29LjLq+8ko+0oVCj7xV0uBFpyPqvApGHeA75080YyhcJPH8w3LKFS2gqlOh3ve3oSK5d91MUPZPJKymA3wrCa2Q+0rc8BYKor7jFkZy8kfSeS9u7mpRK4XR8VbNKEAE4FYT0mh/q3T+6tMM/0r7TJBCPBOpmu1OKROmi92G2BFKQEgvMCUDUHDyA/J3MwjxjS3egp6rWFLU62WLudpX183xtmW39RLHrcPJxJjkxoUfpnA43O2JkbqH9evybN7MbKWMSSxhDlVA== + SMTP_FROM_ADDRESS: AgBG1HDftpjE7c5LZnCAVwp+4r3dp5flpYK6evg1udggbBbk59C0NFBF3C7QBILzRhQz0VCavn5XgneZaygsYApFWkkwylsG7fc3hSus4Gt+3RG/Z1XJZx5ur0fzb27Y4utZf7yhn8tosvlmrGDQ3/2LkXC2S9fxCBrosF69ATqC+w5NgdNpr7OVm1BT6VIQIscdStNrjBc+5QA+PeMn//PEafqviZ580XLMVziHna3bZgnlO7oR9hbC2PhnNFtFKUH2c7TCx8EfrEnsKgYbFEjGGheLDqqVELpt0a2jcnLE33aeWn2qgjNKXwbVB8f/3ne2dIEPh3QLux3Kd2LzmeVP8rSLZ/CYir/nDwSG8osxELL2PwXx44NKj0fDzxQ+6gxJpbbz/Q79QUdE+20jRRHqVkLxUkzFunrbpFtdwnS15QzfaDIsY7tBTQYTO7ziT95sW/ZXOX390FwBIP8QPA8ImxpQ9/SCdaSD45DzGljgKuKwqjl9x03IDe4ApLmODYW12BgQT5fCweZLAw/niKI77bfjXWMUsj0uWojasOpUTsCaQMi4KAM/hEBzuzSNg9Kgup2gWdyrd0EFXg7gC/ioECH2IEO0dvybU+Mg6KixJleKJIPEe3bbL/b3n0MLOBYgK5KRtWE55km0E/X4ZipEqwhMn5+95AhepjB4viAhWpTZ6sviPbTvWIh3M/cmrWGw8byYCT+XBd0KSHNXQduVTAiEdBo4O/V8cw8uN2U= + SMTP_LOGIN: AgAXrOTanJPxa+FXard7uXCB8WImMhSht1SbFnUfQ8P/QLcBEuPqFh1UAqapzaLRM6YgZLv5ZM9jsCMPIue6QXry2JZL/+qn5z4nw2HurI2CyGhEusK8EM6u5isBzXlUspvjL8Yp89zMbUuHBgzln7xzSDgll8tK3rvtRpHUYvkqQOrzFaSlmG5c+d0uJamKiGy9+ztLV0Fuxq9OEfjKJ/Id1TQA2jNuLjsC9rnHDXfODTDnYWskNMuzxRTOATU7HpI94tLDHXwYd2e9W8hOFV6/bOMDfHRxfRfHTguVDQKVmi5h9mPlp9wjD6VaoLlUrOawjDbpgXhL83jKlO8IV/HLZaSFpSe4X5Whs2tvjVspO9w50bwWyVoJPkrHnRMjn95ITqSIoyovynuFjyzELBXaiOPLNr12DFTTYDvlnvBKDGlgUpqs275pGMKddHbcVE59ST4Z/kl5Cyfoit1BjDYGe7sftAaAPtlwkC0l+1UhOblqKINrdcDXS/jsUePVVFRoNPYXqtCe2MlXG6zwhRDYwiHdkoUu5UpC+s0BsbobBKH9pU0wT/rZ8egxXARMh8DQ4lh0bNk/G0QE9T8jylL2aJSlEs/gUW54z/ovRwKludcXiqmVOZ3jnfcLB5i3typ9F+hJ5ZF+iKlbiP14++jVfsjOQ08TLeDfOlDk+nhBL1EBO6kEIK0e7y70aCtqwg/5dMSwe+Q= + SMTP_PASSWORD: AgCocp+me+sFU5MSv3cVLnBQOEy885j+oamI6c1o278qncuc9jNA5FU4aHD0OMRJoHqyWkIAut+rcZSVEpasak7nAIOYRMMtXSDpEOcoCfaHONtVA4dY8aTP1ckfYS+Mn2NZ+7KNHgIKdESf6TOIcxgnL7lcCmLP6gLFgWqpWE5v/48X8TFpCr01XABkxz/ccQG3EU26Es633tPDU5gFySNmkhao2EVNyDkMTjWPgD5cHUlPgP6UDcqO/4R4BzdDDpUsqhyueGnZHweNcgtR82oY4fL9UYG29mwRyschlI/Vs78GiVP/fDUfyo1k3fc0qwt3BM2RDjyD9bvGfzWj9dAS8xS/+FPT87+eSrPXz5kXS3hg0dNM8OFhAdj5+LBXYj/O6z4o8tcktgTBC8EL00CvCDCfi2cFIw+pLYDWsM2aWpkws6QHnQeszUbDvxuDzvyDXPGFd3fHCozOvPSFC6xczSypv7FohUiuwJKhP9xDZkEK4+k670XrYaDkdW754gxxtJM7dcsUWHZ0q0OiR+gCrictuA24KhOyUInYT4gSxnuHRzx7RVHHyU1HGpOMLQa+lawHbLiCpPt8IV+Q7MSmZrelvy3u6SdVlUGh1Fx+nvIQl2oOVU6UOSXZEeSOI8/iNmKn43Xqu3lm2iEmiWJtmmrCofTuWaXKeGBs4uzQz9IyQ/y/1M4ANR/pYtMZXWLKXlYIVkGGC8yejgDuHyYvbeK2UwoXQyNf9BMANSWVmKOK+0qu1vthIOjGCThctTOgdtQCIouaHJSlhq79gjOvZnekjp0= + SMTP_PORT: AgCDfTFY0C3NRfP4sasLGJoVyUyiReuSHKDn3/w8auIGS+D+0A7msaVTjP1zMA1DxYo1ZMd/0OmBB7JJlSqNJP9NKaIBWYRV4h7897JbKvPuzcixGtcF/pUKsfuao2awOwVHB7ukTDNr1jGFQFcs5ixLGvVb/wCMlR1onak0Swq5oNrWQJjMQSprTcs9iWB4NyGt2zONlhCoE5gYqXY3Md4ERlhk82OXIGhz02hGQTQ8HR6U8P25IjQ5R/NuoKmjE/NMNOAtPmZTaA67FcmuzbJKZUch+Kweqig7FTi7pQV9thXdC/aLXhVcKc5GGUiABz2pRXV2BCefGa2IgvcN+on2aRzuM3SASTC0eBFv0K/HiqL4vB2z5/WKxSvEyARny8cqPZGQ/ZmA5lp90Nei2NYUTP5xjkyV9PhpuWu0g7vjeaZNm/jM+fEaZ3wgWrw3iMsE854G1EX7PzbAoejVtK7T27TQbjxPbfgUiqB2mOW5clOnq6Nush+mLN+gKdsajuWeK8qM+UsBzPH1jpVt0Rgdb4Zr+C9zjIG1w6aTq9NfLrlhsd9iepYaKjfWgX+oyaQMk2Hn3DBT47kZsQArzBeFQVePhcS9T7F0SvL2LfBWuiGAmMvvljUATNryO4fp/6YPVeigFDEZ1Eoob2Es/uhxWiZ+6mKP85UbgcndBQnGo3kOgsBhKzxFgsVKmtFPDY+D6Vg= + SMTP_SERVER: AgBxNbDvUQFy3JSKFFC8F/A40UUQFrxchsOR5zpFeD7NQ7BG/IY+imJX0wO/cp+0P/6yHE85Abm24iNPM1CdgaVCaay3OJer2K1aps6Jv3KeQ2dE0bQdQ1FzQEpQsvThsljn+VBJKl774DVvwipk2cWlDDJn2PkMpvNa0muilcBFKv/HSx6/NZkCd1ZdrwCO3wgkzddvPevfnsXqSdLC+i9PlB9Ss2b/XBviCeYrKhI0D+M0sPIZKHlou9WHP7/vz9T8/X6188eZEDijEsTxxDPZr6Sq1P9S56GIzCb1A1aOsKfnvcXrvMZiPz5WpSS+2BzWTN8QWbno+FMhwV8xm0AfwQ0sLeOiV5DAs9CReWpHbr6EEucKdFDBM04FzUzWFfqxNu+4C2ahDUt1JW0HwyfWWD9t5ObfH6UbJY4iIbDUbG6pnyndzQyvdrXh3yU9ZTwbub45SAwYiPIwdw2KI8hBWs+Gj8ThR4fzNSLtiRdJRfoVuuIXjemFUV0N6pr0l4EE3jMp7X9VGmNf0rK7d7+cuBS6EoRaz9TwR1sWjOs3QswMJEPJsIVPOlxVMvZ78fnbvWT84HTyAYw+dYvjxszt6IUh1YZHW3K73eeu9t4Aa5X0qvLUpleaxWl7HNLK5i12/hUOV9t6VSx52JnzCtEOAnLg0Vhcf+Aoj4M3yC7WRSEFySHoG9DnTH51q1YYmKoG9Uk9FmCguCjMkuTWfDK47w== + template: + data: null + metadata: + creationTimestamp: null + name: secret-mastodon + namespace: mastodon + type: Opaque diff --git a/services/Mastodon/sealedsecret-smb-secret.yaml b/services/Mastodon/sealedsecret-smb-secret.yaml new file mode 100644 index 0000000..839f1fc --- /dev/null +++ b/services/Mastodon/sealedsecret-smb-secret.yaml @@ -0,0 +1,17 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: smb-secret + namespace: mastodon +spec: + encryptedData: + password: AgBZSPIydfdGcXrQAOaLR7TfVaKz31G7/SSPQJAbM3mojZS43HqyFlqb3+J0MHdRsf9tSCAm8fORzl1fxXOE41GhfeBHK2spGiS+Vi46oviMiPflkypR2Vj4S6CL3BnH731DzqtnvlvvHwzOy7DeF5Ol28XrwuUVJRd4YYN29y5Tb7aKjLyGCCNFlPAb5jJaCJI4kiRmpU/Bv/De1AZE+kUu1Bcb+fdkRBNSsjK1iWcn7orE16SkLVdonZdY+p7VBhrtK1p5reKe71YE6zDPuQQSvholTsT8puq9tBff8ceCsllYIW7K2nMpO8bgtSV5PN6Lh85UEEExDuCuJ8+5DBtV+46bGUdKcIS1M1VvlhC4eGgOv/dswp3DMRtqU6hWoPdU+ed6lCSF9e+3HguAKEj+dq+ZO7Zi6IDHOyGqtNrXh17LuCUTeJKuFkdTdGQTgVW+4qv8l5Zig8h/iOleeqq4EqSYr57lJ000OKVSNSblo2DscVcC+yQuVezBD4RSZrjBl3B2QHkjq4mQjjEYmSN1QWNOb58rWZ23qV86TXaw5ndT2Wg5eIJzDD904dIoMtqXkCnCRaZo1yOc+7n5hdjZzl70JcB6YXEA+nwpv54ax9BLsWkh8N81n2CNPwdLU/agD4hHeo0Sh+woMx8rA9R1gLCvQ3V+RLNnnWZwn6YFvFJhyGfr5G4XJRlVrqhnjGx39MfVd+ODHFwwcF4yTmi9 + username: AgCa/tvefVNuiukzvdQpXbLfECL6bslEBg3pYVIDAh/jalNv/eTtihk/E/KSN0ZxJSpcn7GgFDSoL28p+xM1AMiaWus1iuEj7kXVJrqtIpj3AQ5xqjT/d+0YYdz6hsvNNyW3tPzWFJ0Kg9wyxCaxvJGDbblWnvpzjRFfuapruKUzyeuhsnUDZkI+KA+k4cNY3TROt7G+eDus3edkd/hUYwr+XH23+dCb8qXN8vD7rAZFgBP7QBT48nDzWLWSLRLFsgS9KuqmlQCfGnE5BCYRVPtc0DACrOaPjvyeQJMmdZEbIMwlUBXOrx/faAgV+40uSw/4fhNIv0WxJ3cpC3n/PwkrBBHOR5nAkLBgIOvPzTcLEasQ27wOkvhXnRnfROGub35bHZ0amMb4ciaSOTCdIQNDI6IBoLlbauRKZZIbUshk8LqQIYOr/fVg5s9xUf2K3WLVjLtiiLIO9Zv999PO3ZUcjXov+btFjQximbkUXBWloaVJnp4dsw6RKh3D9c5K6wwldPTyDSu5etfC+QJuemeAVLfX2mlE+zI7K/9U7ZJZzcSbUdAObiR9lH4pG+to8x8g+6XTJPOxTctDfmK8ItHTHECRH+cTiMQPCVw/lN3zJHrZ74rch3Gneq5pf89evYEH3oF+gd4ey5V5yUjPx1v9+rtGi4gz4AleT2af49xBasRcCJ8RYI+HHqFuEaB+JAcvUeBRWWs= + template: + data: null + metadata: + creationTimestamp: null + name: smb-secret + namespace: mastodon + type: mount/smb diff --git a/services/Mastodon/service-mastodon.yaml b/services/Mastodon/service-mastodon.yaml new file mode 100644 index 0000000..3794ac4 --- /dev/null +++ b/services/Mastodon/service-mastodon.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: mastodon + namespace: mastodon +spec: + ports: + - protocol: TCP + name: web + port: 3000 + - protocol: TCP + name: api + port: 4000 + - protocol: TCP + name: db + port: 5432 + - protocol: TCP + name: redis + port: 6379 + selector: + app: mastodon diff --git a/services/_archived/Mastodon/deploy-Mastodon.yml b/services/_archived/Mastodon/deploy-Mastodon.yml deleted file mode 100644 index 7a91f40..0000000 --- a/services/_archived/Mastodon/deploy-Mastodon.yml +++ /dev/null @@ -1,225 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mastodon -spec: - ports: - - protocol: TCP - name: web - port: 3000 - - protocol: TCP - name: api - port: 4000 - - protocol: TCP - name: db - port: 5432 - - protocol: TCP - name: redis - port: 6379 - selector: - app: mastodon ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mastodon - labels: - app: mastodon -spec: - replicas: 1 - selector: - matchLabels: - app: mastodon - template: - metadata: - labels: - app: mastodon - spec: - containers: - - name: web - image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon - args: - - bash - - -c - - 'rm -f /mastodon/tmp/pids/server.pid; bundle exec rails db:migrate; bundle exec rails s -p 3000' - envFrom: - - configMapRef: - name: configmap-mastodon - ports: - - name: web - containerPort: 3000 - volumeMounts: - - mountPath: /mastodon/public/system - name: flexvolsmb-mastodon-system - - name: api - image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon - args: - - node - - ./streaming - envFrom: - - configMapRef: - name: configmap-mastodon - ports: - - name: api - containerPort: 4000 - - name: backend - image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon - args: - - bundle - - exec - - sidekiq - envFrom: - - configMapRef: - name: configmap-mastodon - volumeMounts: - - mountPath: /mastodon/public/system - name: flexvolsmb-mastodon-system - - name: postgres - image: bv11-cr01.bessems.eu/proxy/library/postgres:14-alpine - env: - - name: POSTGRES_USER - value: mastodon - - name: POSTGRES_PASSWORD - value: mastodon - - name: POSTGRES_DB - value: mastodon - ports: - - name: db - containerPort: 5432 - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: flexvolsmb-mastodon-db - - name: redis - image: bv11-cr01.bessems.eu/proxy/library/redis:alpine -# args: -# - redis-server -# - --requirepass mastodon -# - --appendonly yes - ports: - - name: redis - containerPort: 6379 - volumeMounts: - - name: flexvolsmb-mastodon-redis - mountPath: /data - volumes: - - name: flexvolsmb-mastodon-system - persistentVolumeClaim: - claimName: flexvolsmb-mastodon-system - - name: flexvolsmb-mastodon-db - persistentVolumeClaim: - claimName: flexvolsmb-mastodon-db - - name: flexvolsmb-mastodon-redis - persistentVolumeClaim: - claimName: flexvolsmb-mastodon-redis ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRoute -metadata: - name: mastodon -spec: - entryPoints: - - websecure - routes: - - match: Host(`st.itch.fyi`) - kind: Rule - services: - - name: mastodon - port: 3000 - middlewares: - - name: security-headers@file - - name: compression@file ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: flexvolsmb-mastodon-db -spec: - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-mastodon-db - flexVolume: - driver: mount/smb - secretRef: - name: smb-secret - options: - opts: domain=bessems.eu,file_mode=0600,dir_mode=0700,uid=70,gid=70,iocharset=utf8,nobrl - server: 192.168.11.225 - share: /K3s.Volumes/mastodon/db ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: flexvolsmb-mastodon-db -spec: - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-mastodon-db - resources: - requests: - storage: 1Gi ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: flexvolsmb-mastodon-redis -spec: - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-mastodon-redis - flexVolume: - driver: mount/smb - secretRef: - name: smb-secret - options: - opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=1000,iocharset=utf8,nobrl - server: 192.168.11.225 - share: /K3s.Volumes/mastodon/redis ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: flexvolsmb-mastodon-redis - namespace: default -spec: - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-mastodon-redis - resources: - requests: - storage: 1Gi ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: flexvolsmb-mastodon-system -spec: - capacity: - storage: 1Gi - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-mastodon-system - flexVolume: - driver: mount/smb - secretRef: - name: smb-secret - options: - opts: domain=bessems.eu,file_mode=0755,dir_mode=0755,uid=991,gid=991,iocharset=utf8 - server: 192.168.11.225 - share: /K3s.Volumes/mastodon/system ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: flexvolsmb-mastodon-system - namespace: default -spec: - accessModes: - - ReadWriteMany - storageClassName: flexvolsmb-mastodon-system - resources: - requests: - storage: 1Gi