apiVersion: v1 kind: Secret metadata: name: docker-config namespace: mastodon-digest annotations: kube-1password: i6ngbk5zf4k52xgwdwnfup5bby kube-1password/vault: Kubernetes kube-1password/secret-text-key: .dockerconfigjson type: kubernetes.io/dockerconfigjson data: .dockerconfigjson: e30= --- apiVersion: v1 kind: Secret metadata: name: mastodon-digest-auth namespace: mastodon-digest annotations: kube-1password: mr6spkkx7n3memkbute6ojaarm kube-1password/vault: Kubernetes type: Opaque --- apiVersion: v1 kind: Secret metadata: name: mastodon-digest namespace: mastodon-digest annotations: kube-1password: bfklz3yi3dn4e7xtsbttcvhata kube-1password/vault: Kubernetes kube-1password/secret-text-parse: "true" type: Opaque --- apiVersion: v1 kind: ConfigMap metadata: name: config namespace: mastodon-digest labels: app: mastodon-digest data: config.json: | [ { "timeline": "home", "hours": 12, "scorer": "ExtendedSimpleWeighted", "threshold": "lax", "output": "/usr/share/nginx/html/home/" }, { "timeline": "federated", "hours": 12, "scorer": "ExtendedSimpleWeighted", "threshold": "lax", "output": "/usr/share/nginx/html/federated/" } ] --- apiVersion: v1 kind: ConfigMap metadata: name: index namespace: mastodon-digest labels: app: mastodon-digest data: index.html: | <!DOCTYPE html> <html lang="en"> <head> <meta chartset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1" /> <title>Mastodon Digest</title> <style> body { background-color: #292c36; font-family: "Arial", sans-serif; } div#container { margin: auto; max-width: 640px; padding: 10px; text-align: center; margin: 0 auto; } .links { align: center; } h1 { color: white; } a.button { background: #595aff; color: #fff; line-height: 1.2; min-height: 38px; min-width: 88px; padding: 0 30px; border: 0; border-radius: 6px;; display: inline-flex; justify-content: center; align-items: center; } </style> </head> <body> <div id="container"> <h1>Mastodon Digest</h1> <section class="links"> <a href="home/" class="button">Home</a> <a href="federated/" class="button">Federated</a> </section> </div> </body> </html> --- apiVersion: v1 kind: Service metadata: name: mastodon-digest namespace: mastodon-digest spec: type: ClusterIP ports: - port: 80 targetPort: auth name: web selector: app: mastodon-digest --- apiVersion: apps/v1 kind: Deployment metadata: name: mastodon-digest namespace: mastodon-digest spec: replicas: 1 selector: matchLabels: app: mastodon-digest template: metadata: labels: app: mastodon-digest spec: imagePullSecrets: - name: docker-config containers: - args: - --cookie-secure=false - --provider=oidc - --provider-display-name=Auth0 - --upstream=http://localhost:80 - --http-address=$(HOST_IP):8000 - --redirect-url=https://mastodon-digest.cluster.fun/oauth2/callback - --email-domain=marcusnoble.co.uk - --pass-basic-auth=false - --pass-access-token=false - --oidc-issuer-url=https://marcusnoble.eu.auth0.com/ - --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQNFT env: - name: HOST_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.podIP - name: OAUTH2_PROXY_CLIENT_ID valueFrom: secretKeyRef: key: username name: mastodon-digest-auth - name: OAUTH2_PROXY_CLIENT_SECRET valueFrom: secretKeyRef: key: password name: mastodon-digest-auth image: quay.io/oauth2-proxy/oauth2-proxy:v7.7.1 name: oauth-proxy ports: - containerPort: 8000 protocol: TCP name: auth resources: limits: memory: 50Mi requests: memory: 50Mi - name: web image: nginx:stable imagePullPolicy: IfNotPresent ports: - containerPort: 80 name: web volumeMounts: - name: html mountPath: /usr/share/nginx/html - name: index mountPath: /usr/share/nginx/html/index.html subPath: index.html - name: digest image: rg.fr-par.scw.cloud/averagemarcus-private/mastodon-digest:latest imagePullPolicy: Always env: - name: CONFIG_FILE value: /config.json envFrom: - secretRef: name: mastodon-digest volumeMounts: - name: config mountPath: /config.json subPath: config.json - name: html mountPath: /usr/share/nginx/html volumes: - name: html emptyDir: {} - name: config configMap: name: config - name: index configMap: name: index --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: mastodon-digest namespace: mastodon-digest annotations: cert-manager.io/cluster-issuer: letsencrypt nginx.ingress.kubernetes.io/force-ssl-redirect: "true" spec: ingressClassName: nginx tls: - hosts: - mastodon-digest.cluster.fun secretName: mastodon-digest-ingress rules: - host: mastodon-digest.cluster.fun http: paths: - path: / pathType: ImplementationSpecific backend: service: name: mastodon-digest port: number: 80