jleechpe/k3s
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Diun uses noservice kustomization

Browse source
This commit is contained in:
JLP 2025-02-05 16:26:51 -05:00
parent 5709d758dd
commit 1d2c18ee64
No known key found for this signature in database
GPG key ID: 414E00D1FF7519DC
10 changed files with 133 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
charts/traefik.yaml
View file

@ -29,6 +29,11 @@ spec:
default: true
port: 6379
exposedPort: 6379
forgejo-ssh:
expose:
default: true
port: 2222
exposedPort: 2222
tolerations:
- key: "public"
value: "true"

5
kustomize/noservice/configmap.yaml Normal file
View file

@ -0,0 +1,5 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: config
data:

11
kustomize/noservice/deployment.yaml Normal file
View file

@ -0,0 +1,11 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: app
spec:
replicas: 1
strategy:
type: Recreate
template:
spec:

20
kustomize/noservice/httproute-http.yaml Normal file
View file

@ -0,0 +1,20 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http
spec:
parentRefs:
- name: homelab-gateway
sectionName: web
kind: Gateway
namespace: homelab
hostnames:
- web.leechpepin.com
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: web
port: 80

20
kustomize/noservice/httproute-https.yaml Normal file
View file

@ -0,0 +1,20 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: https
spec:
parentRefs:
- name: homelab-gateway
sectionName: websecure
kind: Gateway
namespace: homelab
hostnames:
- web.leechpepin.com
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: web
port: 80

14
kustomize/noservice/kustomization.yaml Normal file
View file

@ -0,0 +1,14 @@
### deployment/kustomization.yaml ###
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
# Define resources:
resources:
- deployment.yaml
- pvc.yaml
- secret.yaml
# - configmap.yaml
labels:
- includeSelectors: true
pairs:
app.kubernetes.io/managed-by: kustomize

11
kustomize/noservice/pvc.yaml Normal file
View file

@ -0,0 +1,11 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc
spec:
storageClassName: longhorn-private
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi

27
kustomize/noservice/secret.yaml Normal file
View file

@ -0,0 +1,27 @@
apiVersion: secrets.infisical.com/v1alpha1
kind: InfisicalSecret
metadata:
name: secrets
namespace: infisical
labels:
label-to-be-passed-to-managed-secret: homelab
annotations:
example.com/annotation-to-be-passed-to-managed-secret: "homelab"
spec:
hostAPI: https://app.infisical.com/api
resyncInterval: 10
authentication:
# Universal Auth
universalAuth:
secretsScope:
projectSlug: homelab-n-f-yj
envSlug: prod
secretsPath: "/apps/appname" # Root is "/"
recursive: false # Whether or not to use recursive mode (Fetches all secrets in an environment from a given secret path, and all folders inside the path) / defaults to false
credentialsRef:
secretName: universal-auth-credentials
secretNamespace: infisical
managedSecretReference:
secretName: app-secrets
secretNamespace: ns
creationPolicy: "Orphan" ## Owner | Orphan

11
kustomize/noservice/service.yaml Normal file
View file

@ -0,0 +1,11 @@
apiVersion: v1
kind: Service
metadata:
name: svc
spec:
type: ClusterIP
ports:
- port: 80
name: test
targetPort: test
protocol: TCP

9
namespaces/homelab/gateway.yaml
View file

@ -62,3 +62,12 @@ spec:
certificateRefs:
- kind: Secret
name: wildcard-leechpepin-tls
- allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
homelab-access: "true"
name: forgejo-ssh
port: 2222
protocol: TCP