Compare commits
	
		
			15 Commits
		
	
	
		
			increase_c
			...
			43aa708e09
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 43aa708e09 | |||
| 52339ccbed | |||
| b08f0892be | |||
| b60c244b8b | |||
| fd26f7b3de | |||
| e00db9e633 | |||
| b35b34bb7a | |||
| 85bd64e87e | |||
| a80346f8e7 | |||
| 53d8bd48bf | |||
| 9c8f29e346 | |||
| ad3fab4cfd | |||
| cf0015d1e2 | |||
| 6ce5744672 | |||
| 3d47bc34da | 
| @@ -47,7 +47,7 @@ spec: | ||||
|     spec: | ||||
|       containers: | ||||
|       - name: git | ||||
|         image: gitea/gitea:1.11 | ||||
|         image: gitea/gitea:1.12.2 | ||||
|         env: | ||||
|         - name: APP_NAME | ||||
|           value: "Git" | ||||
|   | ||||
| @@ -81,7 +81,7 @@ spec: | ||||
| apiVersion: extensions/v1beta1 | ||||
| kind: Ingress | ||||
| metadata: | ||||
|   name: pyload | ||||
|   name: home-assistant | ||||
|   namespace: inlets | ||||
|   annotations: | ||||
|     cert-manager.io/cluster-issuer: letsencrypt | ||||
| @@ -91,13 +91,30 @@ metadata: | ||||
| spec: | ||||
|   tls: | ||||
|   - hosts: | ||||
|     - pyload.cluster.fun | ||||
|     secretName: pyload-ingress | ||||
|     - home.cluster.fun | ||||
|     secretName: home-assistant-ingress | ||||
|   rules: | ||||
|   - host: pyload.cluster.fun | ||||
|   - host: home.cluster.fun | ||||
|     http: | ||||
|       paths: | ||||
|       - path: / | ||||
|         backend: | ||||
|           serviceName: inlets | ||||
|           servicePort: 80 | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: Service | ||||
| metadata: | ||||
|   name: downloads-rpc | ||||
|   namespace: inlets | ||||
|   labels: | ||||
|     app: inlets | ||||
| spec: | ||||
|   type: ClusterIP | ||||
|   ports: | ||||
|     - port: 80 | ||||
|       protocol: TCP | ||||
|       targetPort: 8000 | ||||
|   selector: | ||||
|     app: inlets | ||||
| --- | ||||
|   | ||||
| @@ -88,7 +88,7 @@ spec: | ||||
|           - --interval=15 | ||||
|           - --rules-file=/config/rules.yaml | ||||
|           - --include-namespaces=tekton-pipelines | ||||
|           - --include-resources=pods | ||||
|           - --include-resources=pods,pipelineruns,taskruns | ||||
|         resources: | ||||
|           limits: | ||||
|             memory: 100Mi | ||||
|   | ||||
| @@ -74,7 +74,7 @@ spec: | ||||
|     synapse: | ||||
|       image: | ||||
|         repository: "matrixdotorg/synapse" | ||||
|         tag: v1.12.4 | ||||
|         tag: v1.16.1 | ||||
|         pullPolicy: IfNotPresent | ||||
|       service: | ||||
|         type: ClusterIP | ||||
| @@ -111,7 +111,7 @@ spec: | ||||
|       permalinkPrefix: "https://chat.cluster.fun" | ||||
|       image: | ||||
|         repository: "vectorim/riot-web" | ||||
|         tag: v1.6.0 | ||||
|         tag: v1.6.8 | ||||
|         pullPolicy: IfNotPresent | ||||
|       service: | ||||
|         type: ClusterIP | ||||
|   | ||||
| @@ -73,7 +73,7 @@ spec: | ||||
|             mountPath: /data | ||||
|       containers: | ||||
|       - name: web | ||||
|         image: nodered/node-red:latest-12 | ||||
|         image: nodered/node-red:1.1.2-12 | ||||
|         imagePullPolicy: Always | ||||
|         ports: | ||||
|         - containerPort: 1880 | ||||
|   | ||||
							
								
								
									
										124
									
								
								manifests/outline.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										124
									
								
								manifests/outline.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,124 @@ | ||||
| apiVersion: v1 | ||||
| kind: Namespace | ||||
| metadata: | ||||
|   name: outline | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: Secret | ||||
| metadata: | ||||
|   name: outline | ||||
|   namespace: outline | ||||
|   annotations: | ||||
|     kube-1password: maouivotrbgydslnsukbjrwgja | ||||
|     kube-1password/vault: Kubernetes | ||||
|     kube-1password/secret-text-key: .env | ||||
| type: Opaque | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: Service | ||||
| metadata: | ||||
|   name: outline | ||||
|   namespace: outline | ||||
| spec: | ||||
|   type: ClusterIP | ||||
|   ports: | ||||
|   - port: 80 | ||||
|     targetPort: web | ||||
|     name: web | ||||
|   selector: | ||||
|     app: outline | ||||
| --- | ||||
| apiVersion: apps/v1 | ||||
| kind: StatefulSet | ||||
| metadata: | ||||
|   name: outline | ||||
|   namespace: outline | ||||
| spec: | ||||
|   selector: | ||||
|     matchLabels: | ||||
|       app: outline | ||||
|   serviceName: outline | ||||
|   replicas: 1 | ||||
|   template: | ||||
|     metadata: | ||||
|       labels: | ||||
|         app: outline | ||||
|     spec: | ||||
|       containers: | ||||
|       - name: postgres | ||||
|         image: postgres:9-alpine | ||||
|         imagePullPolicy: IfNotPresent | ||||
|         ports: | ||||
|         - containerPort: 5432 | ||||
|           name: db | ||||
|         env: | ||||
|         - name: POSTGRES_USER | ||||
|           value: user | ||||
|         - name: POSTGRES_PASSWORD | ||||
|           value: pass | ||||
|         - name: POSTGRES_DB | ||||
|           value: outline | ||||
|         - name: PGDATA | ||||
|           value: /var/lib/postgresql/data/outline | ||||
|         volumeMounts: | ||||
|         - name: data | ||||
|           mountPath: /var/lib/postgresql/data | ||||
|       - name: redis | ||||
|         image: redis:6 | ||||
|         imagePullPolicy: IfNotPresent | ||||
|         ports: | ||||
|         - containerPort: 6379 | ||||
|           name: redis | ||||
|       - name: outline | ||||
|         image: docker.cluster.fun/averagemarcus/outline:latest | ||||
|         imagePullPolicy: Always | ||||
|         command: | ||||
|           - sh | ||||
|           - -c | ||||
|           - | | ||||
|             sleep 10 && yarn sequelize db:migrate && yarn build && yarn start | ||||
|         ports: | ||||
|         - containerPort: 3000 | ||||
|           name: web | ||||
|         volumeMounts: | ||||
|           - mountPath: /opt/outline/.env | ||||
|             subPath: .env | ||||
|             name: outline-env | ||||
|             readOnly: true | ||||
|       volumes: | ||||
|         - name: outline-env | ||||
|           secret: | ||||
|             secretName: outline | ||||
|   volumeClaimTemplates: | ||||
|   - metadata: | ||||
|       name: data | ||||
|     spec: | ||||
|       accessModes: | ||||
|       - ReadWriteOnce | ||||
|       resources: | ||||
|         requests: | ||||
|           storage: 5Gi | ||||
| --- | ||||
| apiVersion: extensions/v1beta1 | ||||
| kind: Ingress | ||||
| metadata: | ||||
|   name: outline | ||||
|   namespace: outline | ||||
|   annotations: | ||||
|     cert-manager.io/cluster-issuer: letsencrypt | ||||
|     traefik.ingress.kubernetes.io/frontend-entry-points: http,https | ||||
|     traefik.ingress.kubernetes.io/redirect-entry-point: https | ||||
|     traefik.ingress.kubernetes.io/redirect-permanent: "true" | ||||
| spec: | ||||
|   tls: | ||||
|   - hosts: | ||||
|     - outline.cluster.fun | ||||
|     secretName: outline-ingress | ||||
|   rules: | ||||
|   - host: outline.cluster.fun | ||||
|     http: | ||||
|       paths: | ||||
|       - path: / | ||||
|         backend: | ||||
|           serviceName: outline | ||||
|           servicePort: 80 | ||||
							
								
								
									
										128
									
								
								manifests/paradoxfox.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										128
									
								
								manifests/paradoxfox.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,128 @@ | ||||
| apiVersion: v1 | ||||
| kind: Namespace | ||||
| metadata: | ||||
|   name: paradoxfox | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: Secret | ||||
| metadata: | ||||
|   name: docker-config | ||||
|   namespace: paradoxfox | ||||
|   annotations: | ||||
|     kube-1password: i6ngbk5zf4k52xgwdwnfup5bby | ||||
|     kube-1password/vault: Kubernetes | ||||
|     kube-1password/secret-text-key: .dockerconfigjson | ||||
| type: kubernetes.io/dockerconfigjson | ||||
| data: | ||||
|   .dockerconfigjson: e30= | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: Secret | ||||
| metadata: | ||||
|   name: etsy-token | ||||
|   namespace: paradoxfox | ||||
|   annotations: | ||||
|     kube-1password: akkchysgrvhawconx63plt3xgy | ||||
|     kube-1password/vault: Kubernetes | ||||
|     kube-1password/secret-text-key: password | ||||
| stringData: | ||||
|   password: "" | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: Service | ||||
| metadata: | ||||
|   name: paradoxfox | ||||
|   namespace: paradoxfox | ||||
| spec: | ||||
|   type: ClusterIP | ||||
|   ports: | ||||
|   - port: 80 | ||||
|     targetPort: 443 | ||||
|     name: web | ||||
|   selector: | ||||
|     app: paradoxfox | ||||
| --- | ||||
| apiVersion: apps/v1 | ||||
| kind: Deployment | ||||
| metadata: | ||||
|   name: paradoxfox | ||||
|   namespace: paradoxfox | ||||
| spec: | ||||
|   replicas: 1 | ||||
|   selector: | ||||
|     matchLabels: | ||||
|       app: paradoxfox | ||||
|   template: | ||||
|     metadata: | ||||
|       labels: | ||||
|         app: paradoxfox | ||||
|     spec: | ||||
|       imagePullSecrets: | ||||
|         - name: docker-config | ||||
|       containers: | ||||
|       - name: web | ||||
|         image: docker.cluster.fun/private/paradoxfox:latest | ||||
|         imagePullPolicy: Always | ||||
|         ports: | ||||
|         - containerPort: 443 | ||||
|           name: web | ||||
|         env: | ||||
|           - name: ETSY_TOKEN | ||||
|             valueFrom: | ||||
|               secretKeyRef: | ||||
|                 name: etsy-token | ||||
|                 key: password | ||||
|         resources: | ||||
|           limits: | ||||
|             memory: 200Mi | ||||
|           requests: | ||||
|             memory: 200Mi | ||||
| --- | ||||
| apiVersion: extensions/v1beta1 | ||||
| kind: Ingress | ||||
| metadata: | ||||
|   name: paradoxfox | ||||
|   namespace: paradoxfox | ||||
|   annotations: | ||||
|     cert-manager.io/cluster-issuer: letsencrypt | ||||
|     traefik.ingress.kubernetes.io/frontend-entry-points: http,https | ||||
|     traefik.ingress.kubernetes.io/redirect-entry-point: https | ||||
|     traefik.ingress.kubernetes.io/redirect-permanent: "true" | ||||
| spec: | ||||
|   tls: | ||||
|   - hosts: | ||||
|     - paradoxfox.space | ||||
|     secretName: paradoxfox-ingress | ||||
|   rules: | ||||
|   - host: paradoxfox.space | ||||
|     http: | ||||
|       paths: | ||||
|       - path: / | ||||
|         backend: | ||||
|           serviceName: paradoxfox | ||||
|           servicePort: 80 | ||||
|  | ||||
| --- | ||||
| apiVersion: extensions/v1beta1 | ||||
| kind: Ingress | ||||
| metadata: | ||||
|   name: paradoxfox-www | ||||
|   namespace: paradoxfox | ||||
|   annotations: | ||||
|     cert-manager.io/cluster-issuer: letsencrypt | ||||
|     traefik.ingress.kubernetes.io/frontend-entry-points: http,https | ||||
|     traefik.ingress.kubernetes.io/redirect-entry-point: https | ||||
|     traefik.ingress.kubernetes.io/redirect-permanent: "true" | ||||
| spec: | ||||
|   tls: | ||||
|   - hosts: | ||||
|     - www.paradoxfox.space | ||||
|     secretName: paradoxfox-www-ingress | ||||
|   rules: | ||||
|   - host: www.paradoxfox.space | ||||
|     http: | ||||
|       paths: | ||||
|       - path: / | ||||
|         backend: | ||||
|           serviceName: paradoxfox | ||||
|           servicePort: 80 | ||||
							
								
								
									
										115
									
								
								manifests/printer.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										115
									
								
								manifests/printer.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,115 @@ | ||||
| apiVersion: v1 | ||||
| kind: Namespace | ||||
| metadata: | ||||
|   name: printer | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: Secret | ||||
| metadata: | ||||
|   name: printer-auth | ||||
|   namespace: printer | ||||
|   annotations: | ||||
|     kube-1password: mr6spkkx7n3memkbute6ojaarm | ||||
|     kube-1password/vault: Kubernetes | ||||
| type: Opaque | ||||
| --- | ||||
| apiVersion: apps/v1 | ||||
| kind: Deployment | ||||
| metadata: | ||||
|   name: printer-auth | ||||
|   namespace: printer | ||||
|   labels: | ||||
|     app: printer-auth | ||||
| spec: | ||||
|   replicas: 1 | ||||
|   selector: | ||||
|     matchLabels: | ||||
|       app: printer-auth | ||||
|   template: | ||||
|     metadata: | ||||
|       labels: | ||||
|         app: printer-auth | ||||
|     spec: | ||||
|       containers: | ||||
|       - args: | ||||
|         - --cookie-secure=false | ||||
|         - --provider=oidc | ||||
|         - --provider-display-name=Auth0 | ||||
|         - --upstream=http://inlets.inlets.svc.cluster.local | ||||
|         - --http-address=$(HOST_IP):8080 | ||||
|         - --redirect-url=https://printer.cluster.fun/oauth2/callback | ||||
|         - --email-domain=* | ||||
|         - --pass-basic-auth=false | ||||
|         - --pass-access-token=false | ||||
|         - --oidc-issuer-url=https://marcusnoble.eu.auth0.com/ | ||||
|         - --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQN | ||||
|         env: | ||||
|         - name: HOST_IP | ||||
|           valueFrom: | ||||
|             fieldRef: | ||||
|               apiVersion: v1 | ||||
|               fieldPath: status.podIP | ||||
|         - name: OAUTH2_PROXY_CLIENT_ID | ||||
|           valueFrom: | ||||
|             secretKeyRef: | ||||
|               key: username | ||||
|               name: printer-auth | ||||
|         - name: OAUTH2_PROXY_CLIENT_SECRET | ||||
|           valueFrom: | ||||
|             secretKeyRef: | ||||
|               key: password | ||||
|               name: printer-auth | ||||
|         image: quay.io/oauth2-proxy/oauth2-proxy:v5.1.1 | ||||
|         name: oauth-proxy | ||||
|         ports: | ||||
|         - containerPort: 8080 | ||||
|           protocol: TCP | ||||
|         resources: | ||||
|           limits: | ||||
|             memory: 250Mi | ||||
|           requests: | ||||
|             memory: 250Mi | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: Service | ||||
| metadata: | ||||
|   name: printer-auth | ||||
|   namespace: printer | ||||
|   labels: | ||||
|     app: printer-auth | ||||
| spec: | ||||
|   ports: | ||||
|   - name: http | ||||
|     port: 80 | ||||
|     protocol: TCP | ||||
|     targetPort: 8080 | ||||
|   selector: | ||||
|     app: printer-auth | ||||
|   type: ClusterIP | ||||
| --- | ||||
| apiVersion: extensions/v1beta1 | ||||
| kind: Ingress | ||||
| metadata: | ||||
|   name: printer-auth | ||||
|   namespace: printer | ||||
|   labels: | ||||
|     app: printer-auth | ||||
|   annotations: | ||||
|     cert-manager.io/cluster-issuer: letsencrypt | ||||
|     traefik.ingress.kubernetes.io/frontend-entry-points: http,https | ||||
|     traefik.ingress.kubernetes.io/redirect-entry-point: https | ||||
|     traefik.ingress.kubernetes.io/redirect-permanent: "true" | ||||
| spec: | ||||
|   tls: | ||||
|   - hosts: | ||||
|     - printer.cluster.fun | ||||
|     secretName: printer-ingress | ||||
|   rules: | ||||
|   - host: printer.cluster.fun | ||||
|     http: | ||||
|       paths: | ||||
|       - path: / | ||||
|         backend: | ||||
|           serviceName: printer-auth | ||||
|           servicePort: 80 | ||||
|  | ||||
| @@ -15,3 +15,12 @@ resource "scaleway_object_bucket" "linx" { | ||||
| output "linx-bucket_id" { | ||||
|   value = scaleway_object_bucket.linx.id | ||||
| } | ||||
|  | ||||
| resource "scaleway_object_bucket" "outline" { | ||||
|   name = "cluster.fun-outline" | ||||
|   acl  = "private" | ||||
| } | ||||
|  | ||||
| output "outline-bucket_id" { | ||||
|   value = scaleway_object_bucket.outline.id | ||||
| } | ||||
|   | ||||
		Reference in New Issue
	
	Block a user