diff --git a/kubernetes-templates/mariadb.yml b/kubernetes-templates/mariadb.yml deleted file mode 100644 index 5c45218..0000000 --- a/kubernetes-templates/mariadb.yml +++ /dev/null @@ -1,156 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: mariadb ---- -apiVersion: v1 -kind: Secret -metadata: - name: mariadb-secret - namespace: mariadb -type: Opaque -data: - root.password: UDRvMzBB - database.username: cm9vdA== - database.password: NXBFMjZa ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mariadb-sa - namespace: mariadb ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: mariadb-role - namespace: mariadb -rules: -- apiGroups: [""] - resources: ["pods", "services", "persistentvolumeclaims", "configmaps", "secrets"] - verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: mariadb-rolebinding - namespace: mariadb -subjects: -- kind: ServiceAccount - name: mariadb-sa - namespace: mariadb -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: mariadb-role ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: mariadb-pv -spec: - capacity: - storage: 10Gi - accessModes: - - ReadWriteOnce - storageClassName: local-pvs - local: - path: /home/ansible/k3s/makhiwane/mariadb - nodeAffinity: - required: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/hostname - operator: In - values: - - lead - persistentVolumeReclaimPolicy: Retain ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: mariadb-pvc - namespace: mariadb -spec: - accessModes: - - ReadWriteOnce - storageClassName: local-pvs - resources: - requests: - storage: 10Gi ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mariadb - namespace: mariadb -spec: - replicas: 1 - selector: - matchLabels: - app: mariadb - template: - metadata: - labels: - app: mariadb - spec: - serviceAccountName: mariadb-sa - containers: - - name: mariadb - image: mariadb:11 - restartPolicy: Always - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: mariadb-secret - key: root.password - - name: MYSQL_USER - valueFrom: - secretKeyRef: - name: mariadb-secret - key: database.username - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: mariadb-secret - key: database.password - ports: - - containerPort: 3306 - volumeMounts: - - mountPath: /var/lib/mysql - name: mariadb-data - volumes: - - name: mariadb-data - persistentVolumeClaim: - claimName: mariadb-pvc ---- -apiVersion: v1 -kind: Service -metadata: - name: mariadb - namespace: mariadb -spec: - type: ClusterIP - selector: - app: mariadb - ports: - - port: 3306 - targetPort: 3306 ---- -apiVersion: traefik.io/v1alpha1 -kind: IngressRoute -metadata: - name: mariadb-ingress - namespace: mariadb -spec: - entryPoints: - - websecure - routes: - - match: Host(`mariadb.database.mngoma.lab`) - kind: Rule - services: - - name: mariadb - port: 3306 - tls: {} \ No newline at end of file diff --git a/kubernetes-templates/nextcloud.yml b/kubernetes-templates/nextcloud.yml deleted file mode 100644 index c3391ea..0000000 --- a/kubernetes-templates/nextcloud.yml +++ /dev/null @@ -1,196 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: nextcloud ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: nextcloud-config - namespace: nextcloud -data: - server.trusteddomains: "nextcloud.apps.mngoma.lab" - database.createdbuser: "false" - database.host: "192.168.1.137" - database.name: "nextcloudm" ---- -apiVersion: v1 -kind: Secret -metadata: - name: nextcloud-secret - namespace: nextcloud -type: Opaque -data: - root.username: a2h3ZXpp - root.password: QmxhY2tzdGFyMkBob21l - database.username: YXBwX3VzZXI= - database.password: MTIzNDU= ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: nextcloud-sa - namespace: nextcloud ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: nextcloud-role - namespace: nextcloud -rules: -- apiGroups: [""] - resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "configmaps", "secrets"] - verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: nextcloud-rolebinding - namespace: nextcloud -subjects: -- kind: ServiceAccount - name: nextcloud-sa -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: nextcloud-role ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: nextcloud-pv - labels: - type: local -spec: - capacity: - storage: 5Gi - accessModes: - - ReadWriteOnce - storageClassName: local-pvs - local: - path: /home/ansible/k3s/makhiwane/nextcloud - nodeAffinity: - required: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/hostname - operator: In - values: - - lead - persistentVolumeReclaimPolicy: Retain ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: nextcloud-pvc - namespace: nextcloud -spec: - accessModes: - - ReadWriteOnce - storageClassName: local-pvs - resources: - requests: - storage: 5Gi ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nextcloud - namespace: nextcloud -spec: - replicas: 1 - selector: - matchLabels: - app: nextcloud - template: - metadata: - labels: - app: nextcloud - spec: - serviceAccountName: nextcloud-sa - containers: - - name: nextcloud - image: nextcloud:27.1.7 - ports: - - containerPort: 80 - volumeMounts: - - name: nextcloud-data - mountPath: /var/www/html - env: - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - name: nextcloud-secret - key: root.username - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: nextcloud-secret - key: root.password - - name: NEXTCLOUD_TRUSTED_DOMAINS - valueFrom: - configMapKeyRef: - name: nextcloud-config - key: server.trusteddomains - - name: POSTGRES_HOST - valueFrom: - configMapKeyRef: - name: nextcloud-config - key: database.host - - name: POSTGRES_DB - valueFrom: - configMapKeyRef: - name: nextcloud-config - key: database.name - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: nextcloud-secret - key: database.username - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: nextcloud-secret - key: database.password - - name: NC_SETUP_CREATE_DB_USER - valueFrom: - configMapKeyRef: - name: nextcloud-config - key: database.createdbuser - volumes: - - name: nextcloud-data - persistentVolumeClaim: - claimName: nextcloud-pvc ---- -apiVersion: v1 -kind: Service -metadata: - name: nextcloud - namespace: nextcloud -spec: - type: ClusterIP - selector: - app: nextcloud - ports: - - name: http - protocol: TCP - port: 80 - targetPort: 80 ---- -apiVersion: traefik.io/v1alpha1 -kind: IngressRoute -metadata: - name: nextcloud-web - namespace: nextcloud -spec: - entryPoints: - - websecure - routes: - - match: Host(`nextcloud.apps.mngoma.lab`) - kind: Rule - services: - - name: nextcloud - port: 80 - scheme: http - tls: {} \ No newline at end of file diff --git a/kubernetes-templates/nosqlclient.yml b/kubernetes-templates/nosqlclient.yml deleted file mode 100644 index b490035..0000000 --- a/kubernetes-templates/nosqlclient.yml +++ /dev/null @@ -1,101 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: nosqlclient ---- -apiVersion: v1 -kind: Secret -metadata: - name: nosqlclient-secret - namespace: nosqlclient -type: Opaque -data: - mongodb-uri: bW9uZ29kYjovL2FkbWluOkJsYWNrc3RhcjIlNDBob21lQGRhdGFiYXNlLm1uZ29tYS5sYWI6MjcwMTcvYWRtaW4= ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: nosqlclient-sa - namespace: nosqlclient ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: nosqlclient-role - namespace: nosqlclient -rules: -- apiGroups: [""] - resources: ["pods", "services", "persistentvolumeclaims", "configmaps", "secrets"] - verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: nosqlclient-rolebinding - namespace: nosqlclient -subjects: -- kind: ServiceAccount - name: nosqlclient-sa - namespace: nosqlclient -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: nosqlclient-role ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nosqlclient - namespace: nosqlclient -spec: - replicas: 1 - selector: - matchLabels: - app: nosqlclient - template: - metadata: - labels: - app: nosqlclient - spec: - serviceAccountName: nosqlclient-sa - containers: - - name: nosqlclient - image: mongoclient/mongoclient:latest - env: - - name: MONGO_URL - valueFrom: - secretKeyRef: - name: nosqlclient-secret - key: mongodb-uri - ports: - - containerPort: 3000 ---- -apiVersion: v1 -kind: Service -metadata: - name: nosqlclient - namespace: nosqlclient -spec: - type: ClusterIP - selector: - app: nosqlclient - ports: - - port: 3000 - targetPort: 3000 ---- -apiVersion: traefik.io/v1alpha1 -kind: IngressRoute -metadata: - name: nosqlclient-ingress - namespace: nosqlclient -spec: - entryPoints: - - websecure - routes: - - match: Host(`mongodb.apps.mngoma.lab`) - kind: Rule - services: - - name: nosqlclient - port: 3000 - tls: {} \ No newline at end of file diff --git a/kubernetes-templates/uptime-kuma.yml b/kubernetes-templates/uptime-kuma.yml index 3a283f3..cd2e08c 100644 --- a/kubernetes-templates/uptime-kuma.yml +++ b/kubernetes-templates/uptime-kuma.yml @@ -4,56 +4,22 @@ metadata: name: uptimekuma --- apiVersion: v1 -kind: ConfigMap -metadata: - name: uptimekuma-config - namespace: uptimekuma -data: - server.port: "3001" - server.disableusageanalytics: "true" ---- -apiVersion: v1 kind: Secret metadata: - name: uptimekuma-secret + name: uptimekuma-auth namespace: uptimekuma type: Opaque data: - password: MWhEMjBn ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: uptimekuma-pv - labels: - type: local -spec: - capacity: - storage: 2Gi - accessModes: - - ReadWriteOnce - storageClassName: local-pvs - local: - path: /home/ansible/k3s/makhiwane/uptimekuma - nodeAffinity: - required: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/hostname - operator: In - values: - - lead - persistentVolumeReclaimPolicy: Retain + password: QmxhY2tzdGFyMkBob21l --- apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: uptimekuma-data + name: uptimekuma-data-pvc namespace: uptimekuma spec: - accessModes: - - ReadWriteOnce - storageClassName: local-pvs + accessModes: ["ReadWriteMany"] + storageClassName: nfs-storage resources: requests: storage: 2Gi @@ -73,69 +39,50 @@ spec: labels: app: uptimekuma spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: DoesNotExist containers: - - name: uptimekuma - image: louislam/uptime-kuma:latest - imagePullPolicy: IfNotPresent - ports: - - containerPort: 3001 - volumeMounts: - - mountPath: /app/data - name: uptimekuma-data - env: - - name: PORT - valueFrom: - configMapKeyRef: - name: uptimekuma-config - key: server.port - - name: server.disableusageanalytics - valueFrom: - configMapKeyRef: - name: uptimekuma-config - key: server.disableusageanalytics - - name: password - valueFrom: - secretKeyRef: - name: uptimekuma-secret - key: password - resources: - requests: - memory: "256Mi" - cpu: "250m" - limits: - memory: "512Mi" - cpu: "500m" + - name: uptimekuma + image: louislam/uptime-kuma:2.2.1 + ports: + - containerPort: 3001 + env: + - name: PORT + value: "3001" + - name: UPTIME_KUMA_PORT + value: "3001" + - name: server.disableusageanalytics + value: "true" + - name: password + valueFrom: + secretKeyRef: + name: uptimekuma-auth + key: password + volumeMounts: + - name: data + mountPath: /app/data volumes: - - name: uptimekuma-data - persistentVolumeClaim: - claimName: uptimekuma-data + - name: data + persistentVolumeClaim: + claimName: uptimekuma-data-pvc --- apiVersion: v1 kind: Service metadata: - name: uptimekuma + name: uptimekuma-service namespace: uptimekuma spec: - type: ClusterIP + type: NodePort selector: app: uptimekuma ports: - name: http + protocol: TCP port: 3001 targetPort: 3001 ---- -apiVersion: traefik.io/v1alpha1 -kind: IngressRoute -metadata: - name: uptimekuma-ingress - namespace: uptimekuma -spec: - entryPoints: - - websecure - routes: - - match: Host(`uptimekuma.apps.mngoma.lab`) - kind: Rule - services: - - name: uptimekuma - port: 3001 - tls: {} \ No newline at end of file + nodePort: 33004