From 3224a51727ae101af2b30e727fc1748e60b755be Mon Sep 17 00:00:00 2001 From: = <=> Date: Fri, 24 Apr 2026 06:24:51 +0000 Subject: [PATCH] Added bookstack and phpmyadmin --- kubernetes-templates/bookstack.yml | 118 ++++++++++++++++++++++++++++ kubernetes-templates/phpmyadmin.yml | 100 +++++++---------------- 2 files changed, 147 insertions(+), 71 deletions(-) create mode 100644 kubernetes-templates/bookstack.yml diff --git a/kubernetes-templates/bookstack.yml b/kubernetes-templates/bookstack.yml new file mode 100644 index 0000000..8c7af2f --- /dev/null +++ b/kubernetes-templates/bookstack.yml @@ -0,0 +1,118 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: bookstack +--- +apiVersion: v1 +kind: Secret +metadata: + name: bookstack-secrets + namespace: bookstack +type: Opaque +data: + APP_KEY: YmFzZTY0Ojd2VW8zL2w4SXFRN0w5VTZ5K1cxTTB2WDJaNEg2SjhLOUwwTTFOMk8zUDQ9 + DB_PASS: NmtFZlJENUVpVmpqMTA= +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: bookstack-config + namespace: bookstack +data: + APP_URL: "https://notes.khongisa.co.za" + DB_HOST: "192.168.1.180" + DB_PORT: "3306" + DB_USER: "bookstack_user" + DB_DATABASE: "bookstackapp" + DRAWIO_URL: "https://drawio.khongisa.co.za/?embed=1&proto=json&spin=1&configure=1" +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: bookstack-app-pvc + namespace: bookstack +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bookstack + namespace: bookstack +spec: + replicas: 1 + selector: + matchLabels: + app: bookstack + template: + metadata: + labels: + app: bookstack + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: DoesNotExist + containers: + - name: bookstack + image: lscr.io/linuxserver/bookstack:latest + ports: + - containerPort: 80 + env: + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: APP_KEY + valueFrom: + secretKeyRef: { name: bookstack-secrets, key: APP_KEY } + - name: APP_URL + valueFrom: + configMapKeyRef: { name: bookstack-config, key: APP_URL } + - name: DB_HOST + valueFrom: + configMapKeyRef: { name: bookstack-config, key: DB_HOST } + - name: DB_PORT + valueFrom: + configMapKeyRef: { name: bookstack-config, key: DB_PORT } + - name: DB_USER + valueFrom: + configMapKeyRef: { name: bookstack-config, key: DB_USER } + - name: DB_PASS + valueFrom: + secretKeyRef: { name: bookstack-secrets, key: DB_PASS } + - name: DB_DATABASE + valueFrom: + configMapKeyRef: { name: bookstack-config, key: DB_DATABASE } + - name: DRAWIO_URL + valueFrom: + configMapKeyRef: { name: bookstack-config, key: DRAWIO_URL } + volumeMounts: + - name: app-data + mountPath: /config + volumes: + - name: app-data + persistentVolumeClaim: + claimName: bookstack-app-pvc +--- +apiVersion: v1 +kind: Service +metadata: + name: bookstack-service + namespace: bookstack +spec: + type: NodePort + selector: + app: bookstack + ports: + - protocol: TCP + port: 80 + targetPort: 80 + nodePort: 33007 \ No newline at end of file diff --git a/kubernetes-templates/phpmyadmin.yml b/kubernetes-templates/phpmyadmin.yml index 01f84c2..fb64e3e 100644 --- a/kubernetes-templates/phpmyadmin.yml +++ b/kubernetes-templates/phpmyadmin.yml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Namespace metadata: @@ -10,48 +9,11 @@ metadata: name: phpmyadmin-config namespace: phpmyadmin data: - database.address: "192.168.1.137" - database.port: "3306" ---- -apiVersion: v1 -kind: Secret -metadata: - name: mysql-secret - namespace: phpmyadmin -type: Opaque -data: - username: cm9vdA== - password: QmxhY2tzdGFyMkBob21l ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: phpmyadmin-sa - namespace: phpmyadmin ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: phpmyadmin-role - namespace: phpmyadmin -rules: -- apiGroups: [""] - resources: ["pods", "services", "configmaps", "secrets"] - verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: phpmyadmin-rolebinding - namespace: phpmyadmin -subjects: -- kind: ServiceAccount - name: phpmyadmin-sa - namespace: phpmyadmin -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: phpmyadmin-role + PMA_HOST: "192.168.1.180" + PMA_PORT: "3306" + PMA_USER: "root" + PMA_ABSOLUTE_URI: "https://phpmyadmin.khongisa.co.za/" + ALLOW_NO_PASSWORD: "true" --- apiVersion: apps/v1 kind: Deployment @@ -68,7 +30,13 @@ spec: labels: app: phpmyadmin spec: - serviceAccountName: phpmyadmin-sa + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: DoesNotExist containers: - name: phpmyadmin image: phpmyadmin/phpmyadmin:latest @@ -79,48 +47,38 @@ spec: valueFrom: configMapKeyRef: name: phpmyadmin-config - key: database.address + key: PMA_HOST - name: PMA_PORT valueFrom: configMapKeyRef: name: phpmyadmin-config - key: database.port + key: PMA_PORT - name: PMA_USER valueFrom: - secretKeyRef: - name: mysql-secret - key: username - - name: PMA_PASSWORD + configMapKeyRef: + name: phpmyadmin-config + key: PMA_USER + - name: ALLOW_NO_PASSWORD valueFrom: - secretKeyRef: - name: mysql-secret - key: password + configMapKeyRef: + name: phpmyadmin-config + key: ALLOW_NO_PASSWORD + - name: PMA_ABSOLUTE_URI + valueFrom: + configMapKeyRef: + name: phpmyadmin-config + key: PMA_ABSOLUTE_URI --- apiVersion: v1 kind: Service metadata: - name: phpmyadmin + name: phpmyadmin-service namespace: phpmyadmin spec: - type: ClusterIP + type: NodePort selector: app: phpmyadmin ports: - port: 80 targetPort: 80 ---- -apiVersion: traefik.io/v1alpha1 -kind: IngressRoute -metadata: - name: phpmyadmin-ingress - namespace: phpmyadmin -spec: - entryPoints: - - websecure - routes: - - match: Host(`phpmyadmin.apps.mngoma.lab`) - kind: Rule - services: - - name: phpmyadmin - port: 80 - tls: {} \ No newline at end of file + nodePort: 33006 \ No newline at end of file