prskr/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat: add skooner, upgrade a few things
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse source
This commit is contained in:
Peter 2023-07-19 18:55:17 +00:00
parent 62b5b303a9
commit 831a85436f
12 changed files with 112 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
k8s/configure_cluster.yaml
View file

@ -1,14 +1,15 @@
- name: Configure cluster - name: Configure cluster
hosts: localhost hosts: localhost
roles: roles:
- role: cifs-csi # - role: cifs-csi
- role: coder # - role: skooner
- role: codimd # - role: coder
- role: prometheus # - role: codimd
- role: postgres # - role: prometheus
# - role: postgres
- role: hcloud - role: hcloud
- role: minio # - role: minio
- role: gitea # - role: gitea
- role: drone # - role: drone
- role: fider # - role: fider
- role: nextcloud # - role: nextcloud

3
k8s/roles/coder/templates/values.coder.yml.j2
View file

@ -52,3 +52,6 @@ coder:
secretKeyRef: secretKeyRef:
name: coder-secrets name: coder-secrets
key: OIDC_CLIENT_SECRET key: OIDC_CLIENT_SECRET
service:
type: ClusterIP

4
k8s/roles/drone/tasks/main.yml
View file

@ -80,7 +80,7 @@
kubernetes.io/service-account.name: drone-deploy kubernetes.io/service-account.name: drone-deploy
type: kubernetes.io/service-account-token type: kubernetes.io/service-account-token
- name: Create Drone service account - name: Create Drone deployment cluster role
kubernetes.core.k8s: kubernetes.core.k8s:
state: present state: present
definition: definition:
@ -129,7 +129,7 @@
verbs: ["*"] verbs: ["*"]
- name: Create Drone service account - name: Create Drone deploy role bindings
kubernetes.core.k8s: kubernetes.core.k8s:
state: present state: present
definition: definition:

15
k8s/roles/hcloud/tasks/main.yml
View file

@ -18,11 +18,18 @@
definition: "{{ item }}" definition: "{{ item }}"
loop: "{{ lookup('ansible.builtin.template', 'hcloud-csi.yml.j2') | ansible.builtin.from_yaml_all | list }}" loop: "{{ lookup('ansible.builtin.template', 'hcloud-csi.yml.j2') | ansible.builtin.from_yaml_all | list }}"
- name: Add Hcloud chart repo
kubernetes.core.helm_repository:
name: hcloud
repo_url: https://charts.hetzner.cloud
- name: Deploy cloud-controller-manager - name: Deploy cloud-controller-manager
kubernetes.core.k8s: kubernetes.core.helm:
state: present name: hccm
definition: "{{ item }}" chart_ref: hcloud/hcloud-cloud-controller-manager
loop: "{{ lookup('ansible.builtin.template', 'cloud-controller-manager.yml.j2') | ansible.builtin.from_yaml_all | list }}" release_namespace: kube-system
chart_version: "1.17.0"
release_values: "{{ lookup('template', 'values.hccm.yml.j2') | from_yaml }}"
- name: Create CSI controller PodMonitor - name: Create CSI controller PodMonitor
kubernetes.core.k8s: kubernetes.core.k8s:

3
k8s/roles/hcloud/templates/values.hccm.yml.j2 Normal file
View file

@ -0,0 +1,3 @@
monitoring:
podMonitor:
enabled: true

2
k8s/roles/postgres/tasks/main.yml
View file

@ -32,5 +32,5 @@
name: postgres-15 name: postgres-15
chart_ref: bitnami/postgresql chart_ref: bitnami/postgresql
release_namespace: postgres release_namespace: postgres
chart_version: 12.6.4 chart_version: "12.6.4"
release_values: "{{ lookup('ansible.builtin.file', 'values.postgres15.yaml') | from_yaml }}" release_values: "{{ lookup('ansible.builtin.file', 'values.postgres15.yaml') | from_yaml }}"

14
k8s/roles/skooner/files/kustomization.yaml Normal file
View file

@ -0,0 +1,14 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: kube-system
commonLabels:
app.kubernetes.io/instance: icb4dc0de
app.kubernetes.io/managed-by: kustomize
resources:
- "resources/deployment.yaml"
- "resources/service.yaml"
- "resources/rbac/service_account.yaml"
- "resources/rbac/sa_token_secret.yaml"

37
k8s/roles/skooner/files/resources/deployment.yaml Normal file
View file

@ -0,0 +1,37 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: skooner
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: skooner
template:
metadata:
labels:
app.kubernetes.io/name: skooner
spec:
containers:
- name: skooner
image: ghcr.io/skooner-k8s/skooner:stable
ports:
- containerPort: 4654
livenessProbe:
httpGet:
scheme: HTTP
path: /
port: 4654
initialDelaySeconds: 30
timeoutSeconds: 30
resources:
requests:
cpu: 50m
memory: 50Mi
limits:
cpu: 100m
memory: 150Mi
nodeSelector:
kubernetes.io/arch: amd64

8
k8s/roles/skooner/files/resources/rbac/sa_token_secret.yaml Normal file
View file

@ -0,0 +1,8 @@
---
apiVersion: v1
kind: Secret
metadata:
name: prskr-token
annotations:
kubernetes.io/service-account.name: prskr
type: kubernetes.io/service-account-token

5
k8s/roles/skooner/files/resources/rbac/service_account.yaml Normal file
View file

@ -0,0 +1,5 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: prskr

12
k8s/roles/skooner/files/resources/service.yaml Normal file
View file

@ -0,0 +1,12 @@
---
kind: Service
apiVersion: v1
metadata:
name: skooner
namespace: kube-system
spec:
ports:
- port: 8000
targetPort: 4654
selector:
app.kubernetes.io/name: skooner

4
k8s/roles/skooner/tasks/main.yml Normal file
View file

@ -0,0 +1,4 @@
---
- name: Deploy Skooner kustomization
k8s:
definition: "{{ lookup('kubernetes.core.kustomize', dir=([role_path, 'files'] | path_join)) }}"