diff --git a/README.md b/README.md index f60c6df..26e3035 100644 --- a/README.md +++ b/README.md @@ -4,4 +4,8 @@ see `new` for the new infra ## things that shall not be forgotten -there once was some custom k8s cluster setup in `./k8s-cluster`. it was incomplete and pretty cursed. \ No newline at end of file +there once was some custom k8s cluster setup in `./k8s-cluster`. it was incomplete and pretty cursed. + +also some kubernetes config in `./kube`. why. + +gloriously not great docker configs in `./docker`. diff --git a/docker/compose.sh b/docker/compose.sh deleted file mode 100755 index b82a7de..0000000 --- a/docker/compose.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/env bash - -SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) - -if [ "$STAGE" = "prod" ] ; -then - export NGINX_CONF_PATH=../nginx/nginx.conf - EXTRA_ARGS="-f $SCRIPT_DIR/production.yml" -else - export NGINX_CONF_PATH=../nginx/nginx.local.conf -fi - -export REGISTRY_CONF_DIR=../registry - -docker compose -f "$SCRIPT_DIR/docker-compose.yml" $@ up -d \ No newline at end of file diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml deleted file mode 100644 index 1a463a0..0000000 --- a/docker/docker-compose.yml +++ /dev/null @@ -1,24 +0,0 @@ -version: '3.3' -services: - nginx: - container_name: nginx-c - restart: always - image: nginx:latest - ports: - - "80:80" - volumes: - - "${NGINX_CONF_PATH}:/etc/nginx/nginx.conf:ro" - networks: - - internal - registry: - container_name: registry-c - restart: always - image: registry:2 - volumes: - - "${REGISTRY_CONF_DIR}/config.yml:/etc/docker/registry/config.yml" - - "/var/lib/docker/registry:/var/lib/registry" - networks: - - internal - -networks: - internal: \ No newline at end of file diff --git a/docker/production.yml b/docker/production.yml deleted file mode 100644 index 14b41ac..0000000 --- a/docker/production.yml +++ /dev/null @@ -1,17 +0,0 @@ -version: '3.3' -services: - nginx: - volumes: - - "/etc/letsencrypt:/etc/nginx/certs:ro" - ports: - - "443:443" - registry: - volumes: - - "/etc/letsencrypt:/etc/letsencrypt" - - "/etc/htpasswd:/htpasswd" - environment: - - REGISTRY_HTTP_TLS_CERTIFICATE=/etc/letsencrypt/live/nilstrieb.dev/fullchain.pem - - REGISTRY_HTTP_TLS_KEY=/etc/letsencrypt/live/nilstrieb.dev/privkey.pem - - REGISTRY_AUTH=htpasswd - - REGISTRY_AUTH_HTPASSWD_REALM=Realm - - REGISTRY_AUTH_HTPASSWD_PATH=/htpasswd \ No newline at end of file diff --git a/docker/setup_net.sh b/docker/setup_net.sh deleted file mode 100755 index ef50649..0000000 --- a/docker/setup_net.sh +++ /dev/null @@ -1,9 +0,0 @@ -NET_NAME="internal" - -if docker network inspect "$NET_NAME" > /dev/null 2>&1 ; -then - echo "Network $NET_NAME exists already..."; -else - echo "Creating network $NET_NAME..." - docker network create "$NET_NAME" -fi diff --git a/kube/apps/cargo-bisect-rustc.yaml b/kube/apps/cargo-bisect-rustc.yaml deleted file mode 100644 index d491a6d..0000000 --- a/kube/apps/cargo-bisect-rustc.yaml +++ /dev/null @@ -1,68 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cargo-bisect-rustc-config -data: - SQLITE_DB: /app/db/db.sqlite - RUST_LOG: debug ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: cargo-bisect-rustc-volume-claim -spec: - resources: - requests: - storage: "50Mi" - volumeMode: Filesystem - accessModes: - - ReadWriteMany ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cargo-bisect-rustc -spec: - selector: - matchLabels: - app: cargo-bisect-rustc - template: - metadata: - labels: - app: cargo-bisect-rustc - spec: - containers: - - name: cargo-bisect-rustc - image: docker.nilstrieb.dev/cargo-bisect-rustc-service:1.10 - resources: - requests: - memory: "256Mi" - cpu: "200m" - limits: - memory: "1000Mi" - cpu: "2000m" - envFrom: - - configMapRef: - name: cargo-bisect-rustc-config - volumeMounts: - - mountPath: /app/db - name: sqlitedb - ports: - - containerPort: 4000 - imagePullSecrets: - - name: docker-nilstrieb-dev-login - volumes: - - name: sqlitedb - persistentVolumeClaim: - claimName: cargo-bisect-rustc-volume-claim ---- -apiVersion: v1 -kind: Service -metadata: - name: cargo-bisect-rustc-service -spec: - selector: - app: cargo-bisect-rustc - ports: - - port: 80 - targetPort: 4000 diff --git a/kube/apps/hugo-chat-db.yaml b/kube/apps/hugo-chat-db.yaml deleted file mode 100644 index 742cb56..0000000 --- a/kube/apps/hugo-chat-db.yaml +++ /dev/null @@ -1,65 +0,0 @@ -# https://www.containiq.com/post/deploy-postgres-on-kubernetes - -apiVersion: v1 -kind: ConfigMap -metadata: - name: hugo-chat-db-config -data: - POSTGRES_PASSWORD: huGO123.corsBOSS ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: hugo-chat-db-volume-claim -spec: - storageClassName: local-storage - resources: - requests: - storage: 100Mi - volumeMode: Filesystem - accessModes: - - ReadWriteMany ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: hugo-chat-db -spec: - selector: - matchLabels: - app: hugo-chat-db - template: - metadata: - labels: - app: hugo-chat-db - spec: - containers: - - name: hugo-chat-db - image: docker.io/postgres:latest - resources: - limits: - memory: "256Mi" - cpu: "500m" - envFrom: - - configMapRef: - name: hugo-chat-db-config - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgredb - ports: - - containerPort: 5432 - volumes: - - name: postgredb - persistentVolumeClaim: - claimName: hugo-chat-db-volume-claim ---- -apiVersion: v1 -kind: Service -metadata: - name: hugo-chat-db-service -spec: - selector: - app: hugo-chat-db - ports: - - port: 5432 - targetPort: 5432 diff --git a/kube/apps/hugo-chat-frontend.yaml b/kube/apps/hugo-chat-frontend.yaml deleted file mode 100644 index 439b26b..0000000 --- a/kube/apps/hugo-chat-frontend.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: hugo-chat-frontend -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: hugo-chat-frontend - template: - metadata: - labels: - app.kubernetes.io/name: hugo-chat-frontend - spec: - containers: - - name: hugo-chat-frontend - image: docker.nilstrieb.dev/hugo-chat-frontend:1.1 - ports: - - containerPort: 80 - name: http-web-svc - resources: - limits: - cpu: 200m - memory: 300M - imagePullSecrets: - - name: docker-nilstrieb-dev-login ---- -apiVersion: v1 -kind: Service -metadata: - name: hugo-chat-frontend-service -spec: - selector: - app.kubernetes.io/name: hugo-chat-frontend - ports: - - protocol: TCP - port: 8080 - targetPort: http-web-svc diff --git a/kube/cert.yaml b/kube/cert.yaml deleted file mode 100644 index 713d062..0000000 --- a/kube/cert.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: nilstriev-dev-cert -spec: - secretName: nilstrieb-dev-cert-tls - dnsNames: - - nilstrieb.dev - - docker.nilstrieb.dev - - cors-school.nilstrieb.dev - - api.cors-school.nilstrieb.dev - - hugo-chat.nilstrieb.dev - - api.hugo-chat.nilstrieb.dev - - bisect-rustc.nilstrieb.dev - issuerRef: - name: letsencrypt-staging - kind: ClusterIssuer diff --git a/kube/default-volume.yaml b/kube/default-volume.yaml deleted file mode 100644 index 50b3e0b..0000000 --- a/kube/default-volume.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: default-volume - labels: - type: local -spec: - storageClassName: local-storage - capacity: - storage: 500Mi - volumeMode: Filesystem - accessModes: - - ReadWriteMany - local: - path: /mnt/kube-default-volume - nodeAffinity: - required: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/hostname - operator: In - values: - - minikube diff --git a/kube/docker-nilstrieb-dev-image-pull-secret.yaml b/kube/docker-nilstrieb-dev-image-pull-secret.yaml deleted file mode 100644 index 7f4c68f..0000000 --- a/kube/docker-nilstrieb-dev-image-pull-secret.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: docker-nilstrieb-dev-login -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: diff --git a/kube/letsencrypt-cluster-issuer-production.yaml b/kube/letsencrypt-cluster-issuer-production.yaml deleted file mode 100644 index 8300f6e..0000000 --- a/kube/letsencrypt-cluster-issuer-production.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-production -spec: - acme: - server: https://acme-v02.api.letsencrypt.org/directory - email: nilstrieb@gmail.com - privateKeySecretRef: - name: letsencrypt-production - solvers: - - http01: - ingress: - class: nginx diff --git a/kube/letsencrypt-cluster-issuer-staging.yaml b/kube/letsencrypt-cluster-issuer-staging.yaml deleted file mode 100644 index f4b1842..0000000 --- a/kube/letsencrypt-cluster-issuer-staging.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-staging -spec: - acme: - server: https://acme-staging-v02.api.letsencrypt.org/directory - email: nilstrieb@gmail.com - privateKeySecretRef: - name: letsencrypt-staging - solvers: - - http01: - ingress: - class: nginx diff --git a/kube/local-ingress.yaml b/kube/local-ingress.yaml deleted file mode 100644 index c3b1a4e..0000000 --- a/kube/local-ingress.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: main-ingress - annotations: - nginx.ingress.kubernetes.io/rewrite-target: / -spec: - rules: - - host: hugo-chat.nilstrieb.dev - http: - paths: - - pathType: Prefix - path: / - backend: - service: - name: hugo-chat-frontend-service - port: - number: 8080 - - host: bisect-rustc.nilstrieb.dev - http: - paths: - - pathType: Prefix - path: / - backend: - service: - name: cargo-bisect-rustc-service - port: - number: 80 diff --git a/kube/registry/README.md b/kube/registry/README.md deleted file mode 100644 index a0d1472..0000000 --- a/kube/registry/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# Private Docker registry - -https://medium.com/swlh/deploy-your-private-docker-registry-as-a-pod-in-kubernetes-f6a489bf0180 - -You need a `htaccess` file created using `htpasswd`. Use that as the secret. \ No newline at end of file diff --git a/kube/registry/docker-registry-auth-secret.yaml b/kube/registry/docker-registry-auth-secret.yaml deleted file mode 100644 index 2258563..0000000 --- a/kube/registry/docker-registry-auth-secret.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: docker-registry-auth-secret -type: Opaque -data: - htpasswd: SECRET diff --git a/kube/registry/docker-registry-volume.yaml b/kube/registry/docker-registry-volume.yaml deleted file mode 100644 index 8724bcb..0000000 --- a/kube/registry/docker-registry-volume.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: docker-registry-volume -spec: - capacity: - storage: 2Gi - volumeMode: Filesystem - accessModes: - - ReadWriteOnce - persistentVolumeReclaimPolicy: Recycle - local: - path: /mnt/kube-registry-volume - nodeAffinity: - required: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/hostname - operator: In - values: - - minikube ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: docker-registry-pvc -spec: - resources: - requests: - storage: 2Gi - volumeMode: Filesystem - accessModes: - - ReadWriteOnce diff --git a/kube/registry/docker-registry.yaml b/kube/registry/docker-registry.yaml deleted file mode 100644 index 795a246..0000000 --- a/kube/registry/docker-registry.yaml +++ /dev/null @@ -1,61 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: docker-registry -spec: - selector: - matchLabels: - app: docker-registry - template: - metadata: - labels: - app: docker-registry - spec: - containers: - - name: docker-registry - image: registry:latest - resources: - limits: - memory: "128Mi" - cpu: "500m" - env: - - name: REGISTRY_AUTH - value: "htpasswd" - - name: REGISTRY_AUTH_HTPASSWD_REALM - value: "docker.nilstriev.dev" - - name: REGISTRY_AUTH_HTPASSWD_PATH - value: "/auth/htpasswd" - - name: REGISTRY_HTTP_TLS_CERTIFICATE - value: "/certs/tls.crt" - - name: REGISTRY_HTTP_TLS_KEY - value: "/certs/tls.key" - volumeMounts: - - name: repo-vol - mountPath: "/var/lib/registry" - - name: certs-vol - mountPath: "/certs" - readOnly: true - - name: auth-vol - mountPath: "/auth" - readOnly: true - volumes: - - name: repo-vol - persistentVolumeClaim: - claimName: docker-registry-pvc - - name: certs-vol - secret: - secretName: nilstriev-dev-cert - - name: auth-vol - secret: - secretName: docker-registry-auth-secret ---- -apiVersion: v1 -kind: Service -metadata: - name: docker-registry-service -spec: - selector: - app: docker-registry - ports: - - port: 5000 - targetPort: 5000 diff --git a/kube/server-ingress.yaml b/kube/server-ingress.yaml deleted file mode 100644 index ac6416e..0000000 --- a/kube/server-ingress.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: main-ingress - annotations: - nginx.ingress.kubernetes.io/rewrite-target: / - cert-manager.io/cluster-issuer: letsencrypt-staging -spec: - rules: - - host: hugo-chat.nilstrieb.dev - http: - paths: - - pathType: Prefix - path: / - backend: - service: - name: hugo-chat-frontend-service - port: - number: 8080 - - host: bisect-rustc.nilstrieb.dev - http: - paths: - - pathType: Prefix - path: / - backend: - service: - name: cargo-bisect-rustc-service - port: - number: 80 - tls: - - hosts: - - nilstrieb.dev - - docker.nilstrieb.dev - - cors-school.nilstrieb.dev - - api.cors-school.nilstrieb.dev - - hugo-chat.nilstrieb.dev - - api.hugo-chat.nilstrieb.dev - - bisect-rustc.nilstrieb.dev diff --git a/kube/ubuntu-debugger.yaml b/kube/ubuntu-debugger.yaml deleted file mode 100644 index 97884d9..0000000 --- a/kube/ubuntu-debugger.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: ubuntu-debugger - labels: - name: ubuntu-debugger -spec: - containers: - - name: ubuntu-debugger - image: docker.io/ubuntu:latest - resources: - limits: - memory: "128Mi" - cpu: "500m" - command: ["/bin/bash", "-c", "--"] - args: ["while true; do sleep 30; done;"] diff --git a/run_scripts/hugo-chat.sh b/run_scripts/hugo-chat.sh deleted file mode 100644 index f323dc1..0000000 --- a/run_scripts/hugo-chat.sh +++ /dev/null @@ -1,8 +0,0 @@ -docker run --net internal --name hugo-chat-frontend \ - -d --restart=always docker.nilstrieb.dev/hugo-chat-frontend:1.0 - -docker run --net internal --name hugo-chat-db \ - -d -e POSTGRES_PASSWORD=huGO123.corsBOSS postgres - -docker run --net internal --name hugo-chat-backend \ - -d docker.nilstrieb.dev/hugo-chat-backend:1.0 \ No newline at end of file