From e1e0e4669b4ca07be0916a668e637aed0b1ea560 Mon Sep 17 00:00:00 2001 From: "ryan-distrust.co" Date: Sun, 20 Aug 2023 02:03:06 -0500 Subject: [PATCH] k/milksad-website: initial commit --- kustomizations/milksad-website/ingress.yaml | 39 +++++++++++++++++++ kustomizations/milksad-website/issuer.yaml | 14 +++++++ .../milksad-website/kustomization.yaml | 8 ++++ kustomizations/milksad-website/namespace.yaml | 4 ++ kustomizations/milksad-website/website.yaml | 34 ++++++++++++++++ 5 files changed, 99 insertions(+) create mode 100644 kustomizations/milksad-website/ingress.yaml create mode 100644 kustomizations/milksad-website/issuer.yaml create mode 100644 kustomizations/milksad-website/kustomization.yaml create mode 100644 kustomizations/milksad-website/namespace.yaml create mode 100644 kustomizations/milksad-website/website.yaml diff --git a/kustomizations/milksad-website/ingress.yaml b/kustomizations/milksad-website/ingress.yaml new file mode 100644 index 0000000..69d9d2b --- /dev/null +++ b/kustomizations/milksad-website/ingress.yaml @@ -0,0 +1,39 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: website + annotations: + cert-manager.io/issuer: letsencrypt-milksad-http01 + nginx.ingress.kubernetes.io/enable-cors: "true" + external-dns.alpha.kubernetes.io/hostname: milksad-web.distrust.co +spec: + ingressClassName: nginx + rules: + - host: milksad.info + http: + paths: + - path: /.well-known/openpgpkey + pathType: Prefix + backend: + service: + name: wellknown-openpgp + port: + number: 80 + - path: /.well-known/matrix + pathType: Prefix + backend: + service: + name: wellknown-matrix + port: + number: 80 + - path: / + pathType: Prefix + backend: + service: + name: website + port: + number: 80 + tls: + - hosts: + - milksad.info + secretName: website-tls diff --git a/kustomizations/milksad-website/issuer.yaml b/kustomizations/milksad-website/issuer.yaml new file mode 100644 index 0000000..9e05ac0 --- /dev/null +++ b/kustomizations/milksad-website/issuer.yaml @@ -0,0 +1,14 @@ +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: letsencrypt-milksad-http01 +spec: + acme: + email: team@distrust.co + privateKeySecretRef: + name: letsencrypt + server: https://acme-v02.api.letsencrypt.org/directory + solvers: + - http01: + ingress: + class: nginx diff --git a/kustomizations/milksad-website/kustomization.yaml b/kustomizations/milksad-website/kustomization.yaml new file mode 100644 index 0000000..146b098 --- /dev/null +++ b/kustomizations/milksad-website/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: milksad-website +resources: +- namespace.yaml +- ingress.yaml +- website.yaml +- issuer.yaml diff --git a/kustomizations/milksad-website/namespace.yaml b/kustomizations/milksad-website/namespace.yaml new file mode 100644 index 0000000..19085f0 --- /dev/null +++ b/kustomizations/milksad-website/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: milksad-website diff --git a/kustomizations/milksad-website/website.yaml b/kustomizations/milksad-website/website.yaml new file mode 100644 index 0000000..c290bf6 --- /dev/null +++ b/kustomizations/milksad-website/website.yaml @@ -0,0 +1,34 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: website +spec: + replicas: 2 + selector: + matchLabels: + app: website + template: + metadata: + labels: + app: website + annotations: + pod.kubernetes.io/lifetime: 300s + spec: + containers: + - name: website + image: codeberg.org/distrust/milksad-distrust-co + imagePullPolicy: Always + ports: + - containerPort: 80 +--- +apiVersion: v1 +kind: Service +metadata: + name: website +spec: + ports: + - name: http + port: 80 + targetPort: 80 + selector: + app: website