diff --git a/manifests/_apps/notea.yaml b/manifests/_apps/notea.yaml new file mode 100644 index 0000000..c09432d --- /dev/null +++ b/manifests/_apps/notea.yaml @@ -0,0 +1,24 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: notea + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: cluster.fun + destination: + namespace: notea + name: cluster-fun (scaleway) + source: + path: manifests/notea + repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git" + targetRevision: HEAD + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + ignoreDifferences: + - kind: Secret + jsonPointers: + - /data diff --git a/manifests/notea/notea.yaml b/manifests/notea/notea.yaml new file mode 100644 index 0000000..1cadcdc --- /dev/null +++ b/manifests/notea/notea.yaml @@ -0,0 +1,127 @@ +apiVersion: v1 +kind: Secret +metadata: + name: notea-auth + namespace: notea + annotations: + kube-1password: mr6spkkx7n3memkbute6ojaarm + kube-1password/vault: Kubernetes +type: Opaque +--- +apiVersion: v1 +kind: Secret +metadata: + name: notea + namespace: notea + annotations: + kube-1password: byogprhrrm5k47sppmeubb7vba + kube-1password/vault: Kubernetes + kube-1password/secret-text-parse: "true" +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + name: notea + namespace: notea +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 8000 + name: web + selector: + app: notea +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: notea + namespace: notea +spec: + selector: + matchLabels: + app: notea + replicas: 1 + template: + metadata: + labels: + app: notea + spec: + containers: + - args: + - --cookie-secure=false + - --provider=oidc + - --provider-display-name=Auth0 + - --upstream=http://localhost:3000 + - --http-address=$(HOST_IP):8000 + - --redirect-url=https://notea.cluster.fun/oauth2/callback + - --email-domain=marcusnoble.co.uk + - --pass-basic-auth=false + - --pass-access-token=false + - --oidc-issuer-url=https://marcusnoble.eu.auth0.com/ + - --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQN + env: + - name: HOST_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: OAUTH2_PROXY_CLIENT_ID + valueFrom: + secretKeyRef: + key: username + name: notea-auth + - name: OAUTH2_PROXY_CLIENT_SECRET + valueFrom: + secretKeyRef: + key: password + name: notea-auth + image: quay.io/oauth2-proxy/oauth2-proxy:v5.1.1 + name: oauth-proxy + ports: + - containerPort: 8000 + protocol: TCP + resources: + limits: + memory: 125Mi + requests: + memory: 125Mi + - name: notea + image: cinwell/notea:0.1 + imagePullPolicy: Always + ports: + - containerPort: 3000 + name: web + envFrom: + - secretRef: + name: notea + env: + - name: BASE_URL + value: notea.cluster.fun + - name: DISABLE_PASSWORD + value: "true" +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: notea + namespace: notea + annotations: + cert-manager.io/cluster-issuer: letsencrypt + traefik.ingress.kubernetes.io/frontend-entry-points: http,https + traefik.ingress.kubernetes.io/redirect-entry-point: https + traefik.ingress.kubernetes.io/redirect-permanent: "true" +spec: + tls: + - hosts: + - notea.cluster.fun + secretName: notea-ingress + rules: + - host: notea.cluster.fun + http: + paths: + - path: / + backend: + serviceName: notea + servicePort: 80 diff --git a/terraform/bucket.tf b/terraform/bucket.tf index 5b9df27..292e437 100644 --- a/terraform/bucket.tf +++ b/terraform/bucket.tf @@ -15,3 +15,12 @@ resource "scaleway_object_bucket" "outline" { output "outline-bucket_id" { value = scaleway_object_bucket.outline.id } + +resource "scaleway_object_bucket" "notea" { + name = "cluster.fun-notea" + acl = "private" +} + +output "notea-bucket_id" { + value = scaleway_object_bucket.notea.id +} diff --git a/terraform/kubernetes-cluster.tf b/terraform/kubernetes-cluster.tf index 5a34820..693dfb3 100644 --- a/terraform/kubernetes-cluster.tf +++ b/terraform/kubernetes-cluster.tf @@ -1,7 +1,7 @@ resource "scaleway_k8s_cluster_beta" "k8s-cluster" { name = "cluster-fun" description = "" - version = "1.20" + version = "1.20.3" cni = "weave" enable_dashboard = false ingress = "traefik"