From ca0ce8cdaad8eb0df380a4de4362bde06f4ef95c Mon Sep 17 00:00:00 2001 From: Aner Zakobar Date: Wed, 8 Sep 2021 10:18:11 +0300 Subject: [PATCH] Continue --- templates/homey.yaml | 335 +++++++++++++++++++++++++++++++++++++++++-- values.yaml | 3 +- 2 files changed, 329 insertions(+), 9 deletions(-) diff --git a/templates/homey.yaml b/templates/homey.yaml index f5426a5..a93a3e1 100644 --- a/templates/homey.yaml +++ b/templates/homey.yaml @@ -1,5 +1,5 @@ #_STORAGE______________ - +--- apiVersion: v1 kind: PersistentVolume metadata: @@ -8,14 +8,14 @@ metadata: isbackup: "true" spec: capacity: - storage: {{ .Values.homey.homeyStorage.backupStorageCapacity }} + storage: {{ .Values.homey.storage.backupStorageCapacity }} storageClassName: standard accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Recycle nfs: path: /homey-backup - server: {{ .Values.homey.homeyStorage.ip }} + server: {{ .Values.homey.storage.ip }} readOnly: false --- apiVersion: v1 @@ -27,7 +27,7 @@ spec: - ReadWriteMany resources: requests: - storage: {{ .Values.homey.homeyStorage.backupStorageCapacity }} + storage: {{ .Values.homey.storage.backupStorageCapacity }} storageClassName: standard selector: matchLabels: @@ -41,14 +41,14 @@ metadata: isbackup: "false" spec: capacity: - storage: {{ .Values.homey.homeyStorage.nobackupStorageCapacity }} + storage: {{ .Values.homey.storage.nobackupStorageCapacity }} storageClassName: standard accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Recycle nfs: path: /homey-nobackup - server: {{ .Values.homey.homeyStorage.ip }} + server: {{ .Values.homey.storage.ip }} readOnly: false --- apiVersion: v1 @@ -60,11 +60,55 @@ spec: - ReadWriteMany resources: requests: - storage: {{ .Values.homey.homeyStorage.nobackupStorageCapacity }} + storage: {{ .Values.homey.storage.nobackupStorageCapacity }} storageClassName: standard selector: matchLabels: isbackup: "false" +#_DNS_ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bind + labels: + app: bind +spec: + selector: + matchLabels: + app: bind + replicas: 1 + template: + metadata: + labels: + app: bind + spec: + containers: + - name: bind + image: cytopia/bind + imagePullPolicy: "Always" + env: + - name: WILDCARD_DNS + value: "{{ .Values.homey.url }}={{ .Values.homey.ip }}" +--- +apiVersion: v1 +kind: Service +metadata: + name: bind-dns +spec: + selector: + app: bind + ports: + - port: 53 + targetPort: 53 + protocol: TCP + name: dns-tcp + - port: 53 + targetPort: 53 + protocol: UDP + name: dns-udp + externalIPs: + - {{ .Values.homey.ip }} --- #_LDAP______ apiVersion: v1 @@ -114,7 +158,7 @@ spec: - name: LDAP_ORGANISATION value: {{ .Values.homey.organization }} - name: LDAP_DOMAIN - value: {{ .Values.homey.url }} + value: {{ .Values.homey.url | quote}} - name: LDAP_ADMIN_USERNAME value: "admin" - name: LDAP_READONLY_USER @@ -168,6 +212,57 @@ spec: targetPort: ssl-ldap selector: app.kubernetes.io/name: openldap +#--- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: ldap-auth +# namespace: homecenter +# labels: +# app: ldap-auth +# spec: +# replicas: 1 +# selector: +# matchLabels: +# app: ldap-auth +# template: +# metadata: +# labels: +# app: ldap-auth +# name: ldap-auth +# spec: +# containers: +# - name: ldap-auth +# image: dignajar/another-ldap-auth:latest +# imagePullPolicy: Always +# env: +# - name: LDAP_ENDPOINT +# value: "ldap://openldap:389" +# - name: LDAP_MANAGER_DN_USERNAME +# value: "cn=readonly,dc=homecenter,dc=zakobar,dc=io" +# - name: LDAP_MANAGER_PASSWORD +# valueFrom: +# secretKeyRef: +# name: openldap-ro-pass +# key: password +# - name: LDAP_SEARCH_BASE +# value: "ou=users,dc=homecenter,dc=zakobar,dc=io" +# - name: LDAP_SEARCH_FILTER +# value: "(objectClass=inetOrgPerson)" +# - name: LDAP_BIND_DN +# value: "uid={username},ou=users,dc=homecenter,dc=zakobar,dc=io" +# --- +# apiVersion: v1 +# kind: Service +# metadata: +# name: ldap-auth +# spec: +# selector: +# app: ldap-auth +# ports: +# - port: 80 +# targetPort: 9000 +# name: ldap-auth-port --- #_PHPADMIN________ apiVersion: apps/v1 @@ -224,3 +319,227 @@ spec: - backend: serviceName: phpldapadmin servicePort: 80 +#_GIT___ +--- +apiVersion: v1 +kind: Secret +metadata: + name: gitea-postgres-pass + annotations: + secret-generator.v1.mittwald.de/autogenerate: password +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: gitea-postgres-config + labels: + app: gitea-postgres +data: + POSTGRES_DB: gitea + POSTGRES_USER: gitea +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gitea-postgres + labels: + app: gitea-postgres +spec: + replicas: 1 + selector: + matchLabels: + app: gitea-postgres + template: + metadata: + labels: + app: gitea-postgres + name: gitea-postgres + spec: + containers: + - name: gitea-postgres + image: postgres:10.4 + imagePullPolicy: "IfNotPresent" + ports: + - containerPort: 5432 + envFrom: + - configMapRef: + name: gitea-postgres-config + env: + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: gitea-postgres-pass + key: password + volumeMounts: + - mountPath: /var/lib/postgresql/data + subPath: gitea/db + name: gitea-postgredb + volumes: + - name: gitea-postgredb + persistentVolumeClaim: + claimName: homey-pvc-nfs-a +--- +apiVersion: v1 +kind: Service +metadata: + name: gitea-postgres-service + labels: + app: gitea-postgres +spec: + ports: + - port: 5432 + selector: + app: gitea-postgres +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gitea +spec: + replicas: 1 + selector: + matchLabels: + app: gitea + template: + metadata: + labels: + app: gitea + spec: + containers: + - name: gitea + image: gitea/gitea + ports: + - containerPort: 22 + name: ssh + - containerPort: 3000 + name: http + env: + - name: GITEA_database_DB_TYPE + value: "postgres" + - name: GITEA_database_HOST + value: "gitea-postgres-service:5432" + - name: GITEA_database_NAME + value: "gitea" + - name: GITEA_database_USER + value: "gitea" + - name: GITEA_database_PASSWD + valueFrom: + secretKeyRef: + name: gitea-postgres-pass + key: password + volumeMounts: + - name: gitea-persistent-storage + mountPath: /data + subPath: gitea/gitea/data + volumes: + - name: gitea-persistent-storage + persistentVolumeClaim: + claimName: homey-pvc-nfs-a +--- +apiVersion: v1 +kind: Service +metadata: + name: gitea-svc +spec: + type: NodePort + selector: + app: gitea + ports: + - name: ssh + protocol: TCP + port: 2222 + targetPort: ssh + - name: http + protocol: TCP + port: 3000 + targetPort: 3000 + selector: + app: gitea +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: gitea-ingress +spec: + rules: + - host: git.{{ .Values.homey.url }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: gitea-svc + port: + number: 3000 +--- +apiVersion: v1 +kind: Secret +metadata: + name: gitea-postgres-pass + annotations: + secret-generator.v1.mittwald.de/autogenerate: password +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: gitea-postgres-config + labels: + app: gitea-postgres +data: + POSTGRES_DB: gitea + POSTGRES_USER: gitea +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gitea-postgres + labels: + app: gitea-postgres +spec: + replicas: 1 + selector: + matchLabels: + app: gitea-postgres + template: + metadata: + labels: + app: gitea-postgres + name: gitea-postgres + spec: + containers: + - name: gitea-postgres + image: postgres:10.4 + imagePullPolicy: "IfNotPresent" + ports: + - containerPort: 5432 + envFrom: + - configMapRef: + name: gitea-postgres-config + env: + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: gitea-postgres-pass + key: password + volumeMounts: + - mountPath: /var/lib/postgresql/data + subPath: gitea/db + name: gitea-postgredb + volumes: + - name: gitea-postgredb + persistentVolumeClaim: + claimName: homey-pvc-nfs-a +--- +apiVersion: v1 +kind: Service +metadata: + name: gitea-postgres-service + labels: + app: gitea-postgres +spec: + ports: + - port: 5432 + selector: + app: gitea-postgres + diff --git a/values.yaml b/values.yaml index b5fc726..40e879e 100644 --- a/values.yaml +++ b/values.yaml @@ -81,9 +81,10 @@ affinity: {} homey: organization: "Zakobar Home Server" - homeyStorage: + storage: ip: "192.168.0.101" backupStorageCapacity: 30Gi nobackupStorageCapacity: 400Gi url: "home.zakobar.io" + ip: 192.168.0.101