futureporn
/
fp
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

switch to letsencrypt staging for argo
ci / build (push) Failing after 8s Details

This commit is contained in:
Chris Grimmett 2024-04-22 15:57:57 +00:00
parent 432480a2aa
commit 322141dd33
59 changed files with 3 additions and 1393 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Makefile
View File

@ -12,8 +12,8 @@ cert-manager:
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.yaml kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.yaml
argocd: argo:
helmsman --apply -f ./helmsman.argocd.yaml
namespaces: namespaces:
kubectl create namespace cert-manager kubectl create namespace cert-manager

2
charts/argodeps/templates/ingress.yaml
View File

@ -4,7 +4,7 @@ metadata:
name: argocd-server-ingress name: argocd-server-ingress
namespace: argocd namespace: argocd
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod" cert-manager.io/cluster-issuer: "letsencrypt-staging"
nginx.ingress.kubernetes.io/ssl-passthrough: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "true"
# If you encounter a redirect loop or are getting a 307 response code # If you encounter a redirect loop or are getting a 307 response code
# then you need to force the nginx ingress to connect to the backend using HTTPS. # then you need to force the nginx ingress to connect to the backend using HTTPS.

3
charts/fp/templates-old/argo-ingress/Chart.yaml
View File

@ -1,3 +0,0 @@
apiVersion: v2
name: argo-ingress
version: "1.0.0"

29
charts/fp/templates-old/argo-ingress/templates/ingress.yaml
View File

@ -1,29 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argocd-server-ingress
namespace: argocd
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
# If you encounter a redirect loop or are getting a 307 response code
# then you need to force the nginx ingress to connect to the backend using HTTPS.
#
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
ingressClassName: nginx
rules:
- host: argo.sbtp.xyz
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: argocd-server
port:
name: https
tls:
- hosts:
- argo.sbtp.xyz
secretName: argocd-server-tls # as expected by argocd-server

29
charts/fp/templates-old/argocd.yaml
View File

@ -1,29 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argocd-server-ingress
namespace: argocd
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
# If you encounter a redirect loop or are getting a 307 response code
# then you need to force the nginx ingress to connect to the backend using HTTPS.
#
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
ingressClassName: nginx
rules:
- host: argo.sbtp.xyz
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: argocd-server
port:
name: https
tls:
- hosts:
- argo.sbtp.xyz
secretName: argocd-server-tls # as expected by argocd-server

26
charts/fp/templates-old/bar.yaml
View File

@ -1,26 +0,0 @@
kind: Pod
apiVersion: v1
metadata:
name: bar-app
labels:
app: bar
spec:
containers:
- name: bar-app
image: 'kicbase/echo-server:1.0'
resources:
limits:
cpu: 200m
memory: 512Mi
---
kind: Service
apiVersion: v1
metadata:
name: bar-service
annotations:
external-dns.alpha.kubernetes.io/hostname: foo.disaster.futureporn.net
spec:
selector:
app: bar
ports:
- port: 8080

14
charts/fp/templates-old/bot-claim0-persistentvolumeclaim.yaml
View File

@ -1,14 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
labels:
io.kompose.service: bot-claim0
name: bot-claim0
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
status: {}

14
charts/fp/templates-old/bot-claim1-persistentvolumeclaim.yaml
View File

@ -1,14 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
labels:
io.kompose.service: bot-claim1
name: bot-claim1
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
status: {}

38
charts/fp/templates-old/bot-pod.yaml
View File

@ -1,38 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: bot
name: bot
spec:
containers:
- env:
- name: DISCORD_GUILD_ID
- name: DISCORD_TOKEN
- name: REST_HOST
value: localhost
- name: REST_PORT
value: "8888"
image: bot
name: fp-bot
ports:
- containerPort: 8888
resources: {}
volumeMounts:
- mountPath: /app/package.json
name: bot-claim0
- mountPath: /app/src
name: bot-claim1
restartPolicy: OnFailure
volumes:
- name: bot-claim0
persistentVolumeClaim:
claimName: bot-claim0
- name: bot-claim1
persistentVolumeClaim:
claimName: bot-claim1
status: {}

19
charts/fp/templates-old/bot-service.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: bot
name: bot
spec:
ports:
- name: "8888"
port: 8888
targetPort: 8888
selector:
io.kompose.service: bot
status:
loadBalancer: {}

22
charts/fp/templates-old/chisel-pod.yaml
View File

@ -1,22 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: chisel
spec:
containers:
- args:
- client
- --auth=
- R:8899:cluster0:9094
- R:8901:link2cid:3939
- R:8900:strapi:1337
- R:8902:next:3000
- R:8903:uppy:3020
- R:8904:uppy:8888
image: jpillora/chisel
name: fp-chisel
ports:
- containerPort: 9312
resources: {}
restartPolicy: OnFailure
status: {}

19
charts/fp/templates-old/chisel-service.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: chisel
name: chisel
spec:
ports:
- name: "9312"
port: 9312
targetPort: 9312
selector:
io.kompose.service: chisel
status:
loadBalancer: {}

14
charts/fp/templates-old/cluster0-claim0-persistentvolumeclaim.yaml
View File

@ -1,14 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
labels:
io.kompose.service: cluster0-claim0
name: cluster0-claim0
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
status: {}

39
charts/fp/templates-old/cluster0-pod.yaml
View File

@ -1,39 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: cluster0
name: cluster0
spec:
containers:
- env:
- name: CLUSTER_CRDT_TRUSTEDPEERS
value: '*'
- name: CLUSTER_IPFSHTTP_NODEMULTIADDRESS
value: /dns4/ipfs0/tcp/5001
- name: CLUSTER_MONITORPINGINTERVAL
value: 2s
- name: CLUSTER_PEERNAME
value: cluster0
- name: CLUSTER_RESTAPI_BASICAUTHCREDENTIALS
- name: CLUSTER_RESTAPI_HTTPLISTENMULTIADDRESS
value: /ip4/0.0.0.0/tcp/9094
- name: CLUSTER_SECRET
image: ipfs/ipfs-cluster:latest
name: fp-cluster0
ports:
- containerPort: 9094
resources: {}
volumeMounts:
- mountPath: /data/ipfs-cluster
name: cluster0-claim0
restartPolicy: OnFailure
volumes:
- name: cluster0-claim0
persistentVolumeClaim:
claimName: cluster0-claim0
status: {}

19
charts/fp/templates-old/cluster0-service.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: cluster0
name: cluster0
spec:
ports:
- name: "9094"
port: 9094
targetPort: 9094
selector:
io.kompose.service: cluster0
status:
loadBalancer: {}

14
charts/fp/templates-old/db-claim0-persistentvolumeclaim.yaml
View File

@ -1,14 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
labels:
io.kompose.service: db-claim0
name: db-claim0
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
status: {}

33
charts/fp/templates-old/db-pod.yaml
View File

@ -1,33 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: db
name: db
spec:
containers:
- env:
- name: PGDATA
value: /var/lib/postgresql/data
- name: PGPORT
- name: POSTGRES_DB
- name: POSTGRES_PASSWORD
- name: POSTGRES_USER
image: postgres:16
name: fp-db
ports:
- containerPort: 15432
resources: {}
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: db-claim0
restartPolicy: OnFailure
volumes:
- name: db-claim0
persistentVolumeClaim:
claimName: db-claim0
status: {}

19
charts/fp/templates-old/db-service.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: db
name: db
spec:
ports:
- name: "15432"
port: 15432
targetPort: 15432
selector:
io.kompose.service: db
status:
loadBalancer: {}

62
charts/fp/templates-old/external-dns.yaml
View File

@ -1,62 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: external-dns
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: external-dns
rules:
- apiGroups: [""]
resources: ["services","endpoints","pods"]
verbs: ["get","watch","list"]
- apiGroups: ["extensions","networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get","watch","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: external-dns-viewer
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: external-dns
subjects:
- kind: ServiceAccount
name: external-dns
namespace: default
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: external-dns
spec:
strategy:
type: Recreate
selector:
matchLabels:
app: external-dns
template:
metadata:
labels:
app: external-dns
spec:
serviceAccountName: external-dns
containers:
- name: external-dns
image: registry.k8s.io/external-dns/external-dns:v0.14.1
args:
- --source=ingress
- --domain-filter=sbtp.xyz
- --provider=vultr
env:
- name: VULTR_API_KEY
valueFrom:
secretKeyRef:
name: vultr
key: apiKey

26
charts/fp/templates-old/foo-bar-ingress.yaml
View File

@ -1,26 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: foo-bar-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- host: disaster.futureporn.com
http:
paths:
- pathType: Prefix
path: /foo
backend:
service:
name: foo-service
port:
number: 8080
- pathType: Prefix
path: /bar
backend:
service:
name: bar-service
port:
number: 8080

26
charts/fp/templates-old/foo.yaml
View File

@ -1,26 +0,0 @@
kind: Pod
apiVersion: v1
metadata:
name: foo-app
labels:
app: foo
spec:
containers:
- name: foo-app
image: 'kicbase/echo-server:1.0'
resources:
limits:
cpu: 200m
memory: 512Mi
---
kind: Service
apiVersion: v1
metadata:
name: foo-service
annotations:
external-dns.alpha.kubernetes.io/hostname: foo.disaster.futureporn.net
spec:
selector:
app: foo
ports:
- port: 8080

20
charts/fp/templates-old/helloworldy.yaml
View File

@ -1,20 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: helloworldy
labels:
app.kubernetes.io/name: helloworldy
spec:
containers:
- name: helloworldy
image: {{ .Values.helloworldy.containerName }}
ports:
- containerPort: 3000
resources: {}
livenessProbe:
httpGet:
path: /
port: 3000
initialDelaySeconds: 3
periodSeconds: 3
restartPolicy: OnFailure

15
charts/fp/templates-old/httpd-pod.yaml.noexec
View File

@ -1,15 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: httpd-pod
spec:
containers:
- name: httpd-pod
image: httpd
ports:
- containerPort: 80
resources:
limits:
cpu: 500m
memory: 128Mi
restartPolicy: OnFailure

35
charts/fp/templates-old/ipfs-deployment.yaml
View File

@ -1,35 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: ipfs-deployment
labels:
app: ipfs
app.kubernetes.io/name: ipfs
spec:
replicas: 1
selector:
matchLabels:
app: ipfs
template:
metadata:
labels:
app: ipfs
spec:
containers:
- name: ipfs
image: ipfs/kubo:release
livenessProbe:
httpGet:
path: /version
port: 5001
initialDelaySeconds: 3
periodSeconds: 3
resources:
limits:
cpu: 500m
memory: 512Mi
imagePullSecrets:
- name: regcred
ports:
- containerPort: 5001
- containerPort: 8080

14
charts/fp/templates-old/ipfs0-claim0-persistentvolumeclaim.yaml
View File

@ -1,14 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
labels:
io.kompose.service: ipfs0-claim0
name: ipfs0-claim0
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
status: {}

19
charts/fp/templates-old/ipfs0-service.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: ipfs0
name: ipfs0
spec:
ports:
- name: "5001"
port: 5001
targetPort: 5001
selector:
io.kompose.service: ipfs0
status:
loadBalancer: {}

16
charts/fp/templates-old/issuer-lets-encrypt-staging.yaml
View File

@ -1,16 +0,0 @@
# issuer-lets-encrypt-staging.yaml
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: letsencrypt-staging
spec:
acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory
preferredChain: "ISRG Root X1"
email: cj@futureporn.net
privateKeySecretRef:
name: letsencrypt-staging
solvers:
- http01:
ingress:
name: web-ingress

47
charts/fp/templates-old/letsencrypt-prod.yaml
View File

@ -1,47 +0,0 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: cert-manager-webhook-vultr-secret-reader
namespace: cert-manager
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "watch", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: cert-manager-webhook-vultr-secret-reader-binding
namespace: cert-manager
subjects:
- kind: ServiceAccount
name: cert-manager-webhook-vultr
namespace: cert-manager
roleRef:
kind: Role
name: cert-manager-webhook-vultr-secret-reader
apiGroup: rbac.authorization.k8s.io
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
# server: https://acme-staging-v02.api.letsencrypt.org/directory
server: https://acme-v02.api.letsencrypt.org/directory
email: {{ .Values.adminEmail }}
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- dns01:
webhook:
groupName: acme.vultr.com
solverName: vultr
config:
apiKeySecretRef:
key: apiKey
name: vultr

14
charts/fp/templates-old/link2cid-claim0-persistentvolumeclaim.yaml
View File

@ -1,14 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
labels:
io.kompose.service: link2cid-claim0
name: link2cid-claim0
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
status: {}

18
charts/fp/templates-old/link2cid-lb.yaml
View File

@ -1,18 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations:
service.beta.kubernetes.io/vultr-loadbalancer-protocol: "http"
service.beta.kubernetes.io/vultr-loadbalancer-https-ports: "443"
# You will need to have created a TLS Secret and pass in the name as the value
service.beta.kubernetes.io/vultr-loadbalancer-ssl: "ssl-secret"
name: vultr-lb-https
spec:
type: LoadBalancer
selector:
app: link2cid-service
ports:
- port: 80
name: "http"
- port: 443
name: "https"

29
charts/fp/templates-old/link2cid-pod.yaml
View File

@ -1,29 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: link2cid-pod
labels:
app.kubernetes.io/name: link2cid
spec:
containers:
- name: link2cid-pod
image: {{ .Values.link2cid.containerName }}
ports:
- containerPort: 3939
env:
- name: IPFS_URL
value: http://ipfs-service:5001
- name: PORT
value: '3939'
- name: API_KEY
valueFrom:
secretKeyRef:
name: link2cid
key: apiKey
resources:
limits:
cpu: 500m
memory: 1024Mi
imagePullSecrets:
- name: regcred
restartPolicy: OnFailure

14
charts/fp/templates-old/link2cid-pv.yaml
View File

@ -1,14 +0,0 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: link2cid-pv
spec:
type:
accessModes:
- ReadWriteOnce
storageClassName: {{ .Values.storageClassName }}
capacity:
storage: 40Gi
claimRef:
name: link2cid-pvc
namespace: default

13
charts/fp/templates-old/link2cid-pvc.yaml
View File

@ -1,13 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: link2cid-pvc
annotations:
meta.helm.sh/release-name: fp
meta.helm.sh/release-namespace: default
labels:
app.kubernetes.io/managed-by: {{ .Values.managedBy }}
spec:
accessModes:
- ReadWriteOnce
storageClassName: {{ .Values.storageClassName }}

19
charts/fp/templates-old/link2cid-service.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: link2cid
name: link2cid
spec:
ports:
- name: "3939"
port: 3939
targetPort: 3939
selector:
io.kompose.service: link2cid
status:
loadBalancer: {}

13
charts/fp/templates-old/loadbalancer.yaml
View File

@ -1,13 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: loadbalancer
spec:
type: LoadBalancer
selector:
app: next-service
ports:
- protocol: TCP
port: 3000
targetPort: 3000
name: next-service

14
charts/fp/templates-old/next-claim0-persistentvolumeclaim.yaml
View File

@ -1,14 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
labels:
io.kompose.service: next-claim0
name: next-claim0
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
status: {}

23
charts/fp/templates-old/next-ingress.yaml
View File

@ -1,23 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: next-ingress
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: letsencrypt-staging
spec:
tls:
- secretName: next-tls
hosts:
- fp.sbtp.xyz
rules:
- host: fp.sbtp.xyz
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: next-service
port:
number: 80

33
charts/fp/templates-old/nginx.yaml
View File

@ -1,33 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- image: nginx
name: nginx
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx
annotations:
external-dns.alpha.kubernetes.io/hostname: nginx.sbtp.xyz
spec:
selector:
app: nginx
type: LoadBalancer
ports:
- protocol: TCP
port: 80
targetPort: 80

26
charts/fp/templates-old/org-chart-deployment.yaml
View File

@ -1,26 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: orgchart
labels:
app: orgchart
spec:
selector:
matchLabels:
app: orgchart
replicas: 1
template:
metadata:
annotations:
vault.hashicorp.com/agent-inject: "true"
vault.hashicorp.com/agent-inject-status: 'update'
vault.hashicorp.com/role: "internal-app"
vault.hashicorp.com/agent-inject-secret-database-config.txt: "internal/data/database/config"
labels:
app: orgchart
spec:
serviceAccountName: internal-app
containers:
- name: orgchart
image: jweissig/app:0.0.1

26
charts/fp/templates-old/pgadmin-pod.yaml
View File

@ -1,26 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: pgadmin
name: pgadmin
spec:
containers:
- env:
- name: GUNICORN_ACCESS_LOGFILE
value: /tmp/pgadmin-gunicorn-access.log
- name: PGADMIN_DEFAULT_EMAIL
- name: PGADMIN_DEFAULT_PASSWORD
- name: PGADMIN_DISABLE_POSTFIX
value: yessir
image: dpage/pgadmin4:8
name: fp-pgadmin
ports:
- containerPort: 80
resources: {}
restartPolicy: OnFailure
status: {}

19
charts/fp/templates-old/pgadmin-service.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: pgadmin
name: pgadmin
spec:
ports:
- name: "5050"
port: 5050
targetPort: 80
selector:
io.kompose.service: pgadmin
status:
loadBalancer: {}

13
charts/fp/templates-old/strapi-claim0-persistentvolumeclaim.yaml
View File

@ -1,13 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
name: strapi-claim0
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 40Gi
storageClassName: vultr-block-storage-hdd
status: {}

20
charts/fp/templates-old/strapi-ingress.yaml
View File

@ -1,20 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: strapi-ingress
namespace: fp
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- host: disaster.futureporn.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: strapi-service
port:
number: 80

66
charts/fp/templates-old/strapi-pod.yaml
View File

@ -1,66 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
labels:
io.kompose.service: strapi
name: strapi
spec:
containers:
- env:
- name: ADMIN_JWT_SECRET
- name: API_TOKEN_SALT
- name: APP_KEYS
- name: AWS_ACCESS_KEY_ID
- name: AWS_SECRET_ACCESS_KEY
- name: BASE_URL
- name: CDN_BUCKET_URL
- name: CDN_BUCKET_USC_URL
- name: DATABASE_CLIENT
value: postgres
- name: DATABASE_HOST
value: db
- name: DATABASE_NAME
- name: DATABASE_PASSWORD
- name: DATABASE_PORT
- name: DATABASE_USERNAME
- name: JWT_SECRET
- name: MUX_PLAYBACK_RESTRICTION_ID
- name: MUX_SIGNING_KEY_ID
- name: MUX_SIGNING_KEY_PRIVATE_KEY
- name: NODE_ENV
- name: S3_USC_BUCKET_APPLICATION_KEY
- name: S3_USC_BUCKET_ENDPOINT
- name: S3_USC_BUCKET_KEY_ID
- name: S3_USC_BUCKET_NAME
- name: S3_USC_BUCKET_REGION
- name: SENDGRID_API_KEY
- name: SMTP_AUTH_STRATEGY
value: NONE
- name: SMTP_FROM_EMAIL
value: sender@example.com
- name: SMTP_HOST
value: 172.17.0.1
- name: SMTP_PORT
value: "25"
- name: STRAPI_URL
- name: TRANSFER_TOKEN_SALT
image: fp-strapi:14
name: fp-strapi
ports:
- containerPort: 1337
resources:
limits:
cpu: 500m
memory: 1Gi
volumeMounts:
- mountPath: /opt/app
name: strapi-claim0
restartPolicy: OnFailure
volumes:
- name: strapi-claim0
persistentVolumeClaim:
claimName: strapi-claim0
status: {}

19
charts/fp/templates-old/strapi-service.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: strapi
name: strapi
spec:
ports:
- name: "1337"
port: 1337
targetPort: 1337
selector:
io.kompose.service: strapi
status:
loadBalancer: {}

14
charts/fp/templates-old/uppy-claim0-persistentvolumeclaim.yaml
View File

@ -1,14 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
labels:
io.kompose.service: uppy-claim0
name: uppy-claim0
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
status: {}

47
charts/fp/templates-old/uppy-pod.yaml
View File

@ -1,47 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: uppy
name: uppy
spec:
containers:
- env:
- name: B2_BUCKET
- name: B2_ENDPOINT
- name: B2_KEY
- name: B2_REGION
- name: B2_SECRET
- name: DRIVE_KEY
- name: DRIVE_SECRET
- name: DROPBOX_KEY
- name: DROPBOX_SECRET
- name: FILEPATH
- name: HOST
- name: JWT_SECRET
- name: NEXT_PUBLIC_SITE_URL
- name: PORT
- name: SECRET
- name: SERVER_BASE_URL
- name: SESSION_SECRET
- name: STRAPI_API_KEY
- name: STRAPI_URL
- name: UPLOAD_URLS
image: uppy
name: fp-uppy
ports:
- containerPort: 3020
resources: {}
volumeMounts:
- mountPath: /app/index.js
name: uppy-claim0
restartPolicy: OnFailure
volumes:
- name: uppy-claim0
persistentVolumeClaim:
claimName: uppy-claim0
status: {}

19
charts/fp/templates-old/uppy-service.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert --file compose.yml -c --out ./charts
kompose.version: 1.26.0 (40646f47)
creationTimestamp: null
labels:
io.kompose.service: uppy
name: uppy
spec:
ports:
- name: "3020"
port: 3020
targetPort: 3020
selector:
io.kompose.service: uppy
status:
loadBalancer: {}

23
charts/fp/templates-old/vultr-cert-issuer.yaml
View File

@ -1,23 +0,0 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
spec:
acme:
# You must replace this email address with your own.
# Let's Encrypt will use this to contact you about expiring
# certificates, and issues related to your account.
email: cj@futureporn.net
server: https://acme-staging-v02.api.letsencrypt.org/directory
privateKeySecretRef:
# Secret resource that will be used to store the account's private key.
name: letsencrypt-staging
solvers:
- dns01:
webhook:
groupName: acme.vultr.com
solverName: vultr
config:
apiKeySecretRef:
key: apiKey
name: vultr-credentials

8
charts/fp/templates-old/vultr-credentials-provider.yaml
View File

@ -1,8 +0,0 @@
apiVersion: kubelet.config.k8s.io/v1
kind: CredentialProviderConfig
providers:
- name: vultr-credential-provider
matchImages:
- "sjc.vultrcr.com/*"
defaultCacheDuration: "12h"
apiVersion: credentialprovider.kubelet.k8s.io/v1

21
charts/fp/templates-staging/next-pod.yaml
View File

@ -1,21 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: next-pod
labels:
app.kubernetes.io/name: next
spec:
containers:
- name: next
image: {{ .Values.next.containerName }}
env:
- name: HOSTNAME
value: 0.0.0.0
ports:
- containerPort: 3000
resources: {}
restartPolicy: OnFailure
resources:
limits:
cpu: 500m
memory: 1Gi

16
charts/fp/templates-staging/next-service.yaml
View File

@ -1,16 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: next-service
annotations:
service.beta.kubernetes.io/vultr-loadbalancer-protocol: "http"
service.beta.kubernetes.io/vultr-loadbalancer-algorithm: "least_connections"
spec:
type: LoadBalancer
selector:
name: next
ports:
- name: http
protocol: TCP
port: 3000
targetPort: 3000

35
charts/fp/templates-staging/pgadmin-pod.yaml
View File

@ -1,35 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: pgadmin-pod
labels:
app.kubernetes.io/name: pgadmin
spec:
containers:
- name: pgadmin
image: dpage/pgadmin4
ports:
- containerPort: 5050
resources:
limits:
cpu: 500m
memory: 1Gi
env:
- name: PGADMIN_LISTEN_PORT
value: '5050'
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres
key: password
- name: PGADMIN_DEFAULT_PASSWORD
valueFrom:
secretKeyRef:
name: pgadmin
key: defaultPassword
- name: PGADMIN_DEFAULT_EMAIL
valueFrom:
secretKeyRef:
name: pgadmin
key: defaultEmail
restartPolicy: OnFailure

12
charts/fp/templates-staging/pgadmin-service.yaml
View File

@ -1,12 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: pgadmin-service
spec:
selector:
app.kubernetes.io/name: pgadmin
ports:
- name: web
protocol: TCP
port: 5050
targetPort: 5050

30
charts/fp/templates-staging/postgres-pod.yaml
View File

@ -1,30 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: postgres-pod
labels:
app.kubernetes.io/name: postgres
spec:
containers:
- name: postgres
image: postgres:16.0
env:
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres
key: password
ports:
- containerPort: 5432
resources:
limits:
cpu: 500m
memory: 1Gi
volumeMounts:
- name: postgres-pvc
mountPath: /data/postgres
restartPolicy: OnFailure
volumes:
- name: postgres-pvc
persistentVolumeClaim:
claimName: postgres-pvc

17
charts/fp/templates-staging/postgres-pvc.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-pvc
annotations:
meta.helm.sh/release-name: fp
meta.helm.sh/release-namespace: default
labels:
app.kubernetes.io/managed-by: {{ .Values.managedBy }}
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 40Gi
storageClassName: {{ .Values.storageClassName }}

14
charts/fp/templates-staging/postgres-service.yaml
View File

@ -1,14 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: postgres-service
spec:
selector:
app.kubernetes.io/name: postgres
ports:
- name: db
protocol: TCP
port: 5432
targetPort: 5432
status:
loadBalancer: {}

108
charts/fp/templates-staging/strapi-pod.yaml
View File

@ -1,108 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: strapi-pod
spec:
containers:
- name: strapi-pod
image: {{ .Values.strapi.containerName }}
ports:
- containerPort: 1337
env:
- name: ADMIN_JWT_SECRET
valueFrom:
secretKeyRef:
name: strapi
key: adminJwtSecret
- name: API_TOKEN_SALT
valueFrom:
secretKeyRef:
name: strapi
key: apiTokenSalt
- name: APP_KEYS
valueFrom:
secretKeyRef:
name: strapi
key: appKeys
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: strapi
key: databaseUrl
- name: CDN_BUCKET_USC_URL
valueFrom:
secretKeyRef:
name: strapi
key: cdnBucketUscUrl
- name: DATABASE_CLIENT
value: postgres
- name: DATABASE_HOST
value: postgres-service
- name: DATABASE_NAME
value: futureporn-strapi
- name: JWT_SECRET
valueFrom:
secretKeyRef:
name: strapi
key: jwtSecret
- name: MUX_PLAYBACK_RESTRICTION_ID
valueFrom:
secretKeyRef:
name: strapi
key: muxPlaybackRestrictionId
- name: MUX_SIGNING_KEY_ID
valueFrom:
secretKeyRef:
name: strapi
key: muxSigningKeyId
- name: MUX_SIGNING_KEY_PRIVATE_KEY
valueFrom:
secretKeyRef:
name: strapi
key: muxSigningKeyPrivateKey
- name: NODE_ENV
value: production
- name: S3_USC_BUCKET_APPLICATION_KEY
valueFrom:
secretKeyRef:
name: strapi
key: s3UscBucketApplicationKey
- name: S3_USC_BUCKET_ENDPOINT
valueFrom:
secretKeyRef:
name: strapi
key: s3UscBucketEndpoint
- name: S3_USC_BUCKET_KEY_ID
valueFrom:
secretKeyRef:
name: strapi
key: s3UscBucketKeyId
- name: S3_USC_BUCKET_NAME
valueFrom:
secretKeyRef:
name: strapi
key: s3UscBucketName
- name: S3_USC_BUCKET_REGION
valueFrom:
secretKeyRef:
name: strapi
key: s3UscBucketRegion
- name: SENDGRID_API_KEY
valueFrom:
secretKeyRef:
name: strapi
key: sendgridApiKey
- name: STRAPI_URL
value: {{ .Values.strapi.url }}
- name: TRANSFER_TOKEN_SALT
valueFrom:
secretKeyRef:
name: strapi
key: transferTokenSalt
- name: PORT
value: "{{ .Values.strapi.port }}"
resources:
limits:
cpu: 500m
memory: 1Gi
restartPolicy: OnFailure

16
charts/fp/templates-staging/strapi-service.yaml
View File

@ -1,16 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: strapi-service
annotations:
service.beta.kubernetes.io/vultr-loadbalancer-protocol: "http"
service.beta.kubernetes.io/vultr-loadbalancer-algorithm: "least_connections"
spec:
type: LoadBalancer
selector:
app.kubernetes.io/name: strapi
ports:
- name: web
protocol: TCP
port: 80
targetPort: 1337