More

2026-01-14 08:45:02 +01:00 · 2023-02-07 21:11:37 +01:00 · 2023-02-07 21:11:37 +01:00 · 4be274f187
commit 4be274f187
parent 1b8879c684
12 changed files with 270 additions and 12 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1 @@
+*.yaml linguist-detectable
--- a/kube/apps/cargo-bisect-rustc.yaml
+++ b/kube/apps/cargo-bisect-rustc.yaml
@ -0,0 +1,68 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: cargo-bisect-rustc-config
+data:
+  SQLITE_DB: /app/db/db.sqlite
+  RUST_LOG: debug
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: cargo-bisect-rustc-volume-claim
+spec:
+  resources:
+    requests:
+      storage: "50Mi"
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteMany
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cargo-bisect-rustc
+spec:
+  selector:
+    matchLabels:
+      app: cargo-bisect-rustc
+  template:
+    metadata:
+      labels:
+        app: cargo-bisect-rustc
+    spec:
+      containers:
+        - name: cargo-bisect-rustc
+          image: docker.nilstrieb.dev/cargo-bisect-rustc-service:1.10
+          resources:
+            requests:
+              memory: "256Mi"
+              cpu: "200m"
+            limits:
+              memory: "1000Mi"
+              cpu: "2000m"
+          envFrom:
+            - configMapRef:
+                name: cargo-bisect-rustc-config
+          volumeMounts:
+            - mountPath: /app/db
+              name: sqlitedb
+          ports:
+            - containerPort: 4000
+      imagePullSecrets:
+        - name: docker-nilstrieb-dev-login
+      volumes:
+        - name: sqlitedb
+          persistentVolumeClaim:
+            claimName: cargo-bisect-rustc-volume-claim
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: cargo-bisect-rustc-service
+spec:
+  selector:
+    app: cargo-bisect-rustc
+  ports:
+    - port: 80
+      targetPort: 4000
--- a/kube/apps/hugo-chat-db.yaml
+++ b/kube/apps/hugo-chat-db.yaml
@ -0,0 +1,65 @@
+# https://www.containiq.com/post/deploy-postgres-on-kubernetes
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: hugo-chat-db-config
+data:
+  POSTGRES_PASSWORD: huGO123.corsBOSS
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: hugo-chat-db-volume-claim
+spec:
+  storageClassName: local-storage
+  resources:
+    requests:
+      storage: 100Mi
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteMany
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: hugo-chat-db
+spec:
+  selector:
+    matchLabels:
+      app: hugo-chat-db
+  template:
+    metadata:
+      labels:
+        app: hugo-chat-db
+    spec:
+      containers:
+        - name: hugo-chat-db
+          image: docker.io/postgres:latest
+          resources:
+            limits:
+              memory: "256Mi"
+              cpu: "500m"
+          envFrom:
+            - configMapRef:
+                name: hugo-chat-db-config
+          volumeMounts:
+            - mountPath: /var/lib/postgresql/data
+              name: postgredb
+          ports:
+            - containerPort: 5432
+      volumes:
+        - name: postgredb
+          persistentVolumeClaim:
+            claimName: hugo-chat-db-volume-claim
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: hugo-chat-db-service
+spec:
+  selector:
+    app: hugo-chat-db
+  ports:
+  - port: 5432
+    targetPort: 5432
--- a/kube/apps/hugo-chat-frontend.yaml
+++ b/kube/apps/hugo-chat-frontend.yaml
--- a/kube/default-volume.yaml
+++ b/kube/default-volume.yaml
@ -0,0 +1,23 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: default-volume
+  labels:
+    type: local
+spec:
+  storageClassName: local-storage
+  capacity:
+    storage: 500Mi
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteMany
+  local:
+    path: /mnt/kube-default-volume
+  nodeAffinity:
+    required:
+      nodeSelectorTerms:
+      - matchExpressions:
+        - key: kubernetes.io/hostname
+          operator: In
+          values:
+          - minikube
--- a/kube/letsencrypt-cluster-issuer-production.yaml
+++ b/kube/letsencrypt-cluster-issuer-production.yaml
@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-production
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: nilstrieb@gmail.com
+    privateKeySecretRef:
+      name: letsencrypt-production
+    solvers:
+      - http01:
+          ingress:
+            class: nginx
--- a/kube/letsencrypt-cluster-issuer-staging.yaml
+++ b/kube/letsencrypt-cluster-issuer-staging.yaml
@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-staging
+spec:
+  acme:
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    email: nilstrieb@gmail.com
+    privateKeySecretRef:
+      name: letsencrypt-staging
+    solvers:
+      - http01:
+          ingress:
+            class: nginx
--- a/kube/local-ingress.yaml
+++ b/kube/local-ingress.yaml
@ -16,3 +16,13 @@ spec:
                name: hugo-chat-frontend-service
                port:
                  number: 8080
+    - host: bisect-rustc.nilstrieb.dev
+      http:
+        paths:
+          - pathType: Prefix
+            path: /
+            backend:
+              service:
+                name: cargo-bisect-rustc-service
+                port:
+                  number: 80
--- a/kube/server-ingress.yaml
+++ b/kube/server-ingress.yaml
@ -0,0 +1,38 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: main-ingress
+  annotations:
+    nginx.ingress.kubernetes.io/rewrite-target: /
+    cert-manager.io/cluster-issuer: letsencrypt-staging
+spec:
+  rules:
+    - host: hugo-chat.nilstrieb.dev
+      http:
+        paths:
+          - pathType: Prefix
+            path: /
+            backend:
+              service:
+                name: hugo-chat-frontend-service
+                port:
+                  number: 8080
+    - host: bisect-rustc.nilstrieb.dev
+      http:
+        paths:
+          - pathType: Prefix
+            path: /
+            backend:
+              service:
+                name: cargo-bisect-rustc-service
+                port:
+                  number: 80
+  tls:
+    - hosts:
+        - nilstrieb.dev
+        - docker.nilstrieb.dev
+        - cors-school.nilstrieb.dev
+        - api.cors-school.nilstrieb.dev
+        - hugo-chat.nilstrieb.dev
+        - api.hugo-chat.nilstrieb.dev
+        - bisect-rustc.nilstrieb.dev
--- a/scripts/cert-manager.sh
+++ b/scripts/cert-manager.sh
@ -0,0 +1,7 @@
+#!/usr/bin/env sh
+
+# https://getbetterdevops.io/k8s-ingress-with-letsencrypt/
+
+helm repo add jetstack https://charts.jetstack.io
+helm repo update
+helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --set installCRDs=true
--- a/scripts/minikube-setup.sh
+++ b/scripts/minikube-setup.sh
@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+
+minikube addons enable ingress
+minikube addons enable ingress-dns
--- a/scripts/setup-env.sh
+++ b/scripts/setup-env.sh
@ -0,0 +1,14 @@
+#!/usr/bin/env sh
+
+if kubectl cert-manager 2>/dev/null >/dev/null ;
+then
+    echo "The cert-manger kubectl plugin is already installed"
+else
+    CERT_MANAGER_KUBECTL_VERSION="v1.6.1"
+
+    echo "Installing the cert-manager kubectl plugin: $CERT_MANAGER_KUBECTL_VERSION"
+
+    curl -L -o kubectl-cert-manager.tar.gz "https://github.com/jetstack/cert-manager/releases/download/$CERT_MANAGER_KUBECTL_VERSION/kubectl-cert_manager-linux-amd64.tar.gz"
+    tar xzf kubectl-cert-manager.tar.gz
+    sudo mv kubectl-cert_manager /usr/local/bin
+fi