From 86e736a0c95c9d9ced0b919b980488368017820f Mon Sep 17 00:00:00 2001 From: Anton Livaja Date: Sat, 11 Nov 2023 13:12:42 -0500 Subject: [PATCH] inital commit --- infra/main/main.tf | 3 + kustomizations/nextcloud/env-vars-patch.yaml | 14 ++++ kustomizations/nextcloud/ingress.yaml | 24 +++++++ kustomizations/nextcloud/kustomization.yaml | 9 +++ kustomizations/nextcloud/namespace.yaml | 4 ++ kustomizations/nextcloud/pvc.yaml | 10 +++ kustomizations/nextcloud/resources.yaml | 75 ++++++++++++++++++++ kustomizations/nextcloud/service.yaml | 8 +++ kustomizations/redis/kustomization.yaml | 7 ++ kustomizations/redis/namespace.yaml | 4 ++ kustomizations/redis/resources.yaml | 22 ++++++ kustomizations/redis/services.yaml | 11 +++ 12 files changed, 191 insertions(+) create mode 100644 kustomizations/nextcloud/env-vars-patch.yaml create mode 100644 kustomizations/nextcloud/ingress.yaml create mode 100644 kustomizations/nextcloud/kustomization.yaml create mode 100644 kustomizations/nextcloud/namespace.yaml create mode 100644 kustomizations/nextcloud/pvc.yaml create mode 100644 kustomizations/nextcloud/resources.yaml create mode 100644 kustomizations/nextcloud/service.yaml create mode 100644 kustomizations/redis/kustomization.yaml create mode 100644 kustomizations/redis/namespace.yaml create mode 100644 kustomizations/redis/resources.yaml create mode 100644 kustomizations/redis/services.yaml diff --git a/infra/main/main.tf b/infra/main/main.tf index 80be87e..4fb2bb2 100644 --- a/infra/main/main.tf +++ b/infra/main/main.tf @@ -63,6 +63,9 @@ module "digitalocean_database_cluster" { }, { name = "forgejo", create_default_superuser = true, + }, { + name = "nextcloud", + create_default_superuser = true, }] vpc_id = digitalocean_vpc.main.id diff --git a/kustomizations/nextcloud/env-vars-patch.yaml b/kustomizations/nextcloud/env-vars-patch.yaml new file mode 100644 index 0000000..e519160 --- /dev/null +++ b/kustomizations/nextcloud/env-vars-patch.yaml @@ -0,0 +1,14 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: app +spec: + template: + spec: + containers: + - name: app + env: + - name: PG_HOST + value: $(DB_SERVICE) + - name: REDIS_HOST + value: $(REDIS_SERVICE) \ No newline at end of file diff --git a/kustomizations/nextcloud/ingress.yaml b/kustomizations/nextcloud/ingress.yaml new file mode 100644 index 0000000..b5b1a79 --- /dev/null +++ b/kustomizations/nextcloud/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: nextcloud + annotations: + cert-manager.io/cluster-issuer: letsencrypt + external-dns.alpha.kubernetes.io/hostname: nextcloud.distrust.co +spec: + ingressClassName: nginx + rules: + - host: nextcloud.distrust.co + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: nextcloud + port: + number: 80 + tls: + - hosts: + - nextcloud.distrust.co + secretName: website-tls diff --git a/kustomizations/nextcloud/kustomization.yaml b/kustomizations/nextcloud/kustomization.yaml new file mode 100644 index 0000000..acef6ff --- /dev/null +++ b/kustomizations/nextcloud/kustomization.yaml @@ -0,0 +1,9 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: nextcloud +resources: +- resources.yaml +- ingress.yaml +- namespace.yaml +- pvc.yaml +- service.yaml \ No newline at end of file diff --git a/kustomizations/nextcloud/namespace.yaml b/kustomizations/nextcloud/namespace.yaml new file mode 100644 index 0000000..bc64f64 --- /dev/null +++ b/kustomizations/nextcloud/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: nextcloud \ No newline at end of file diff --git a/kustomizations/nextcloud/pvc.yaml b/kustomizations/nextcloud/pvc.yaml new file mode 100644 index 0000000..2b9ce7d --- /dev/null +++ b/kustomizations/nextcloud/pvc.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: app-pvc +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 500Gi \ No newline at end of file diff --git a/kustomizations/nextcloud/resources.yaml b/kustomizations/nextcloud/resources.yaml new file mode 100644 index 0000000..dbc3c73 --- /dev/null +++ b/kustomizations/nextcloud/resources.yaml @@ -0,0 +1,75 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nextcloud + labels: + app: nextcloud +spec: + ports: + - name: http + port: 80 + targetPort: 8080 + selector: + app: nextcloud + type: ClusterIP +... +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nextcloud + labels: + app: nextcloud +spec: + replicas: 1 + selector: + matchLabels: + app: nextcloud + template: + metadata: + labels: + app: nextcloud + spec: + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containers: + - name: nextcloud + image: nextcloud:apache + securityContext: + allowPrivilegedEscalation: false + capabilities: + drop: + - ALL + args: ["start"] + env: + - name: NC_PROXY + value: "edge" + - name: NC_HEALTH_ENABLED + value: "true" + - name: NC_PG_DATABASE + valueFrom: + secretKeyRef: + key: NC_PG_DATABASE + name: nc-db-secret + volumeMounts: + - mountPath: /var/www/html + name: app-persistent-storage + restartPolicy: Always + volumes: + - name: app-persistent-storage + persistentVolumeClaim: + claimName: app-pvc + ports: + - name: http + containerPort: 8080 + readinessProbe: + httpGet: + path: /health/ready + port: 8080 + initialDelaySeconds: 60 + livenessProbe: + httpGet: + path: /health/live + port: 8080 + initialDelaySeconds: 60 \ No newline at end of file diff --git a/kustomizations/nextcloud/service.yaml b/kustomizations/nextcloud/service.yaml new file mode 100644 index 0000000..09cc554 --- /dev/null +++ b/kustomizations/nextcloud/service.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Service +... +spec: + ports: + - port: 80 + selector: + component: app \ No newline at end of file diff --git a/kustomizations/redis/kustomization.yaml b/kustomizations/redis/kustomization.yaml new file mode 100644 index 0000000..4bfd854 --- /dev/null +++ b/kustomizations/redis/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: redis +resources: +- resources.yaml +- namespace.yaml +- services.yaml diff --git a/kustomizations/redis/namespace.yaml b/kustomizations/redis/namespace.yaml new file mode 100644 index 0000000..7b5a5b5 --- /dev/null +++ b/kustomizations/redis/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: redis diff --git a/kustomizations/redis/resources.yaml b/kustomizations/redis/resources.yaml new file mode 100644 index 0000000..1dd79ff --- /dev/null +++ b/kustomizations/redis/resources.yaml @@ -0,0 +1,22 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + component: redis + name: redis +spec: + selector: + matchLabels: + component: redis + replicas: 1 + template: + metadata: + labels: + component: redis + spec: + containers: + - image: redis:alpine + name: redis + ports: + - containerPort: 6379 + restartPolicy: Always \ No newline at end of file diff --git a/kustomizations/redis/services.yaml b/kustomizations/redis/services.yaml new file mode 100644 index 0000000..7540666 --- /dev/null +++ b/kustomizations/redis/services.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: redis + labels: + component: redis +spec: + ports: + - port: 6379 + selector: + component: redis \ No newline at end of file -- 2.40.1