diff --git a/manifests/_apps/paradoxfox.yaml b/manifests/_apps/paradoxfox.yaml new file mode 100644 index 0000000..84bb2df --- /dev/null +++ b/manifests/_apps/paradoxfox.yaml @@ -0,0 +1,24 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: paradoxfox + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: cluster.fun + destination: + namespace: paradoxfox + name: cluster-fun (scaleway) + source: + path: manifests/paradoxfox + repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git" + targetRevision: HEAD + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + ignoreDifferences: + - kind: Secret + jsonPointers: + - /data diff --git a/manifests/paradoxfox/db.yaml b/manifests/paradoxfox/db.yaml new file mode 100644 index 0000000..ca912dc --- /dev/null +++ b/manifests/paradoxfox/db.yaml @@ -0,0 +1,195 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: paradoxfox-mariadb + namespace: paradoxfox + labels: + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: paradoxfox +automountServiceAccountToken: false + +--- + +apiVersion: v1 +kind: Secret +metadata: + name: paradoxfox-mariadb + namespace: paradoxfox + labels: + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: paradoxfox + annotations: + kube-1password: mo3bsobixz4dsy5jlwfkadjprm + kube-1password/vault: Kubernetes + kube-1password/secret-text-parse: "true" +type: Opaque + +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: paradoxfox-mariadb + namespace: paradoxfox + labels: + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: paradoxfox + app.kubernetes.io/component: primary +data: + my.cnf: |- + [mysqld] + skip-name-resolve + explicit_defaults_for_timestamp + basedir=/opt/bitnami/mariadb + plugin_dir=/opt/bitnami/mariadb/plugin + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + tmpdir=/opt/bitnami/mariadb/tmp + max_allowed_packet=16M + bind-address=* + pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid + log-error=/opt/bitnami/mariadb/logs/mysqld.log + character-set-server=UTF8 + collation-server=utf8_general_ci + slow_query_log=0 + slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log + long_query_time=10.0 + + [client] + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + default-character-set=UTF8 + plugin_dir=/opt/bitnami/mariadb/plugin + + [manager] + port=3306 + socket=/opt/bitnami/mariadb/tmp/mysql.sock + pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid + +--- + +apiVersion: v1 +kind: Service +metadata: + name: paradoxfox-mariadb + namespace: paradoxfox + labels: + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: paradoxfox + app.kubernetes.io/component: primary + annotations: +spec: + type: ClusterIP + sessionAffinity: None + ports: + - name: mysql + port: 3306 + protocol: TCP + targetPort: mysql + selector: + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: paradoxfox + app.kubernetes.io/component: primary + +--- + +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: paradoxfox-mariadb + namespace: paradoxfox + labels: + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: paradoxfox + app.kubernetes.io/component: primary +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: paradoxfox + app.kubernetes.io/component: primary + serviceName: paradoxfox-mariadb + updateStrategy: + type: RollingUpdate + template: + metadata: + labels: + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: paradoxfox + app.kubernetes.io/component: primary + spec: + serviceAccountName: paradoxfox-mariadb + securityContext: + fsGroup: 1001 + containers: + - name: mariadb + image: docker.io/bitnami/mariadb:10.6.9-debian-11-r0 + imagePullPolicy: "IfNotPresent" + securityContext: + runAsNonRoot: true + runAsUser: 1001 + envFrom: + - secretRef: + name: paradoxfox-mariadb + ports: + - name: mysql + containerPort: 3306 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 120 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + exec: + command: + - /bin/bash + - -ec + - | + password_aux="${MARIADB_ROOT_PASSWORD:-}" + if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then + password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE") + fi + mysqladmin status -uroot -p"${password_aux}" + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + exec: + command: + - /bin/bash + - -ec + - | + password_aux="${MARIADB_ROOT_PASSWORD:-}" + if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then + password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE") + fi + mysqladmin status -uroot -p"${password_aux}" + resources: + limits: {} + requests: {} + volumeMounts: + - name: data + mountPath: /bitnami/mariadb + - name: config + mountPath: /opt/bitnami/mariadb/conf/my.cnf + subPath: my.cnf + volumes: + - name: config + configMap: + name: paradoxfox-mariadb + volumeClaimTemplates: + - metadata: + name: data + labels: + app.kubernetes.io/name: mariadb + app.kubernetes.io/instance: paradoxfox + app.kubernetes.io/component: primary + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "8Gi" diff --git a/manifests/paradoxfox/paradoxfox.yaml b/manifests/paradoxfox/paradoxfox.yaml new file mode 100644 index 0000000..c5f441d --- /dev/null +++ b/manifests/paradoxfox/paradoxfox.yaml @@ -0,0 +1,198 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: paradoxfox-prestashop + namespace: paradoxfox + labels: + app.kubernetes.io/name: prestashop + app.kubernetes.io/instance: paradoxfox +data: + BITNAMI_DEBUG: "false" + ALLOW_EMPTY_PASSWORD: "no" + APACHE_HTTP_PORT_NUMBER: "8080" + PRESTASHOP_COOKIE_CHECK_IP: "no" + PRESTASHOP_LANGUAGE: "en" + PRESTASHOP_SKIP_BOOTSTRAP: "no" + PRESTASHOP_HOST: "paradoxfox.shop" + PRESTASHOP_ENABLE_HTTPS: "true" + +--- + +apiVersion: v1 +kind: Secret +metadata: + name: paradoxfox-prestashop + namespace: paradoxfox + labels: + app.kubernetes.io/name: prestashop + app.kubernetes.io/instance: paradoxfox + annotations: + kube-1password: 7clcafpfqzivl2v5feqla6rsjm + kube-1password/vault: Kubernetes + kube-1password/secret-text-parse: "true" +type: Opaque + +--- + +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: paradoxfox-prestashop + namespace: paradoxfox + labels: + app.kubernetes.io/name: prestashop + app.kubernetes.io/instance: paradoxfox +spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "8Gi" + storageClassName: scw-bssd-retain + +--- + +apiVersion: v1 +kind: Service +metadata: + name: paradoxfox-prestashop + namespace: paradoxfox + labels: + app.kubernetes.io/name: prestashop + app.kubernetes.io/instance: paradoxfox + annotations: +spec: + type: ClusterIP + sessionAffinity: None + ports: + - name: http + port: 80 + targetPort: http + selector: + app.kubernetes.io/name: prestashop + app.kubernetes.io/instance: paradoxfox + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: paradoxfox-prestashop + namespace: paradoxfox + labels: + app.kubernetes.io/name: prestashop + app.kubernetes.io/instance: paradoxfox +spec: + selector: + matchLabels: + app.kubernetes.io/name: prestashop + app.kubernetes.io/instance: paradoxfox + strategy: + type: RollingUpdate + replicas: 1 + template: + metadata: + labels: + app.kubernetes.io/name: prestashop + app.kubernetes.io/instance: paradoxfox + spec: + securityContext: + fsGroup: 1001 + initContainers: + - name: volume-permissions + image: docker.io/bitnami/bitnami-shell:11-debian-11-r23 + imagePullPolicy: "IfNotPresent" + command: + - sh + - -c + - | + mkdir -p "/bitnami/prestashop" + chown -R "1001:1001" "/bitnami/prestashop" + securityContext: + runAsUser: 0 + volumeMounts: + - name: prestashop-data + mountPath: /bitnami/prestashop + subPath: prestashop + containers: + - name: paradoxfox-prestashop + image: docker.io/bitnami/prestashop:1.7.8-7-debian-11-r3 + imagePullPolicy: "IfNotPresent" + securityContext: + runAsNonRoot: true + runAsUser: 1001 + envFrom: + - configMapRef: + name: paradoxfox-prestashop + - secretRef: + name: paradoxfox-prestashop + ports: + - name: http + containerPort: 8080 + livenessProbe: + httpGet: + path: / + port: http + httpHeaders: + - name: Host + value: "paradoxfox.shop" + initialDelaySeconds: 600 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + readinessProbe: + httpGet: + path: / + port: http + httpHeaders: + - name: Host + value: "paradoxfox.shop" + initialDelaySeconds: 30 + periodSeconds: 5 + timeoutSeconds: 3 + successThreshold: 1 + failureThreshold: 6 + resources: + requests: + cpu: 300m + memory: 512Mi + volumeMounts: + - name: prestashop-data + mountPath: /bitnami/prestashop + subPath: prestashop + volumes: + - name: prestashop-data + persistentVolumeClaim: + claimName: paradoxfox-prestashop + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: paradoxfox-prestashop + namespace: paradoxfox + labels: + app.kubernetes.io/name: prestashop + app.kubernetes.io/instance: paradoxfox + annotations: + cert-manager.io/cluster-issuer: letsencrypt + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" +spec: + ingressClassName: "nginx" + tls: + - hosts: + - paradoxfox.shop + secretName: paradoxfox.shop-tls + rules: + - host: paradoxfox.shop + http: + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: paradoxfox-prestashop + port: + name: http