prskr/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat: add nocodb, replace codimd
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse source 
Remove skooner and codimd
This commit is contained in:
Peter 2023-10-19 16:30:59 +02:00
parent 22c5234d18
commit a5b49dccbc
No known key found for this signature in database
25 changed files with 454 additions and 322 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
k8s/configure_cluster.yaml
View file

@ -2,9 +2,9 @@
hosts: localhost
roles:
- role: cifs-csi
- role: skooner
- role: coder
- role: codimd
- role: hedgedoc
- role: nocodb
- role: prometheus
- role: postgres
- role: hcloud

240
k8s/inventory/group_vars/all.yml
View file

@ -1,116 +1,126 @@
$ANSIBLE_VAULT;1.1;AES256
33643030613065616536613463646664623664336531303162336336373132313866653536323266
3932613739313265306639366461363037303365363634330a343835313130653537663464346366
66333136313038393466313331666265666264666233336137663135303861646465616339366438
3362326363383738640a623630626138323335353666383561656234653234666261363437656265
37393737653038626639323565666630393466313034653664383632366432613035333537326339
30623137333331393466396666373539636561313736376536643034393638333139626338636433
37666163396135353936623530316235313762666634636164626130623865663063393336653061
31336631313234373833333533636262313364666532356635656333393531366132613635333962
39653437356431306164353561336561326532336635373035616564336537316432326537376134
36343630326230396463396262666463643632373565656230303335343637663931656431376238
66366265666565633166343038396237393934393838303535613163636333663338623937303838
39636531356536646535343233323961633564333838303239353831653931396536393138356335
36336334666632393636316462623865343936383631363563373532356538366238323932633361
34306564366364376134363238346264373563313239396531346365373166383039393333373534
63336632333632616339313765373433306163363730333838653436663237663331363034633837
34613130336430663439313262393464366463333132343238623862363231623735633936623263
63643065303666343431653733666636336464386136323034646462646534303634636132326466
61373334333831323337366631653763393763323832353761363465346563353661313238333334
65323636613764313037313066623734316430663835623638623235366532313966383064643165
62363530666430623637656233613931623439353734326266613538376531646434616535333836
31353937346637386333366261366631383639616136396639316239303731623465383863313333
35383737646163383064373836363862333538343463303932366435323536386638636236333732
66396439656561373662626632306632333161316662376463653266643239393930613165376539
62653133386562313435333330393938326239313633363235633638646163346362626663393065
37363535346432313833356262353364633234393330626433613730643363356165393034643465
65666466653139333536333232613138666239313766343765663165646165366634643839363934
37653633393832323431303134623731636461346132656638303537616335333065343065616231
37643032393662353436666563626337366566386265303335653035323561373730656163656436
32336437316234613230366265663932343061333233636165353264336364663261386638646331
63373030376263373739623531623963626338336262336237323939303332303032303631383063
38336231376231326563306338393466343534333565343266333366666533326233326563366639
33323439353463383966333261306266356237346333663237396531393863366335663335663561
64323962663338646635613336333933313532396534353039333439323163353137356561373463
34663461626238303961306562313139386633313039636136333434386539303632383966313431
61396263626239343536313430633932353430636463313961666666316532613938353438656364
65393934346161333334386531306134343736656165633733383131383261666135313931363138
35393834653538666663356132653238373133303636303038373462633238316562396430373133
65303362393364313662373731313937336233396430643831353763393932373534366666306535
33336538363739656537653861316263373838643830383736316235313037656236336562306431
32373466313030656230333566616437306538643333306465316232383937613834643934613037
61643664396465613635356231353061336531396232613338376134396138643434363338633161
64316264633863393366626238386531313930323233363033313333326166633163633837616262
37366336636361663638333063646630656266656139376335653563626133343937306233346638
35353332323032333562653536333763613636373762636464366439363734613063323532626632
37393839396231363037646164356532653039303830636336663562393332363131623134643961
34303736323064313230346261356162303366383537383730653832646137656136323831353563
65396432663236323538663535373338383030356465643032373064363866613661316434356463
35346161373661616635663530386266653966396338316134643937343034383431623938383462
31386461303966333432303536656536376632393832393563393331346338613166373761353936
64316662636161616137636364353935613931336435383766306462366536636265643535393530
39616263353638373533303237383063663335356431316131333038346662353264383437373133
34666536303163613335643532646530666330366635386465666336666235306431663763303839
64343437353436336336373737386138663134313737316538376133616633623935623335333830
34626138656436626333376165656437613935623734303932333962393736643939363835313861
63306137313533343439653631356161633636356431663631363239376639323631383966306338
61643232353430383863353231326532316265623637343665343964366463316236383065373962
38396462343734303636393336343463303639383961653337376364386661653164333333333934
36306464396266373662386264373031626561643439376361383434376538326162633362383361
61323735323438356430323833396665613261613161663435386131626565336134333963633065
36636266353865353337363838356435376131383133393237343539326263623131666432363662
30633532303937356465613434646166356138633864353665616632313031623731393062633531
64383866653331313666636563353866633932303135383761316435383366346363653131326662
37636165643966376536646332626438646361373331376565353161646232613439623466663062
32353137353562383439343766306136376131343232383762666137393464366436643165363032
63306132633365393937633935633832386662656639636339333262626663653736613863366236
61666465376664333439343862306634316462363663323830656333656361313234363432396264
62663536626463616239643637643131346365376537373732626432353135363735616461383763
35303364313434396561356536303831356637383662366465613866353639303030333433353636
64303762616339393031303735623433393664396361653962373430646237323230643463366237
62393838336538363066663037333132616464303765343365306134306463623864346238613030
38306163326337613366626263623738346435616238643162393333643231306633316163343731
30663064313037323237303339613263663335303763373565633364326561343736353137643466
35613539623338623839366536666461616562623632313338323539333962353662313762613835
61383337653565396430663133613934623236373938333739323364616333356365383339393165
30643664336337323539346139316234306633303531653331323739613162616231333863653632
35303938643035613630363961396430326536626434656532323466326133326336616430633834
64393438306433653133333535353864626335343362653834633732343236333864356466333032
36346362646236313436613233336438333237666433336431326236323264363235343537363234
34343136616536356663386563613363386566393365343234326466386636373661363363613165
33356430373232643539393835653662393365636332636166616139653161313465356633623763
39316433383233363363616365643339333565356166613763346362366337613334653163303366
62306139396565313863376139373434383530343338306533633265313538323330303835363061
37626333346235383830393865643838363332636366333633313865323566646232653137656435
35373739656339323732613634333765373737383937653239353366633163353465636131313237
65363561383133323539633630386337363462343663313335313933393936666636376337613331
34646163613933646666316666663562663939663434646638366630366363303737333131383661
62626439663037353061326264363833336634373565376534616235356563383766646630623437
39343335636366343161656663343238633963326163626332356330303037353238356136316134
37386230626464633330396539633965353633393865653335373136666435626533343134363634
30343935323965643836323166333437653630663834393861306339613333396630393731663266
37636433653434386161316530333630306336633262613231643762623661393164313934303637
33663436623165386537343835313661356564383466356633396537313664333361303938656633
30643966373961663464366634363831373961393835326433366261323939643331316464623864
62653566326663393534313964643536623361343064666462373338326561653562643265643130
36366339663763353734613831636166303638363439363031613964343566653661326565333737
34363963333464376331366236663762363830363439366433653734353964663963353539663333
61636464383936326666616235633135356332393134363330303561343030633366643736636665
31373566316131303463383737636264336536373464316535623430346664633033346335666334
34343964623661653864396635303262656162326262363863343061323339376265613762656130
35376664626231623338363562383939626539336433623633666134383531633436343832383565
37663832366265396331613330623165373332646339616535346364646630623636313264356138
31303434323938613239353933636137653333306238383237333839353261373431616232613064
37353538653333303938363762336464343030343037626232633765353934616664663039323735
36633034346562623866376666333031333233636636363235613362366562346636656532336262
38373637616139633862323632316362346337356463376166626433303132333432323766343138
64333537653861333233643064306435653663633864346165396666623163343062316262646266
61653761376332376337636634303737303035346662373966323336623631316266346563323233
30313638636138383632636562313763303934356263613037623439366566333862343732383430
32363336653837643131326430656333656333306566666135383232346632323234663963333438
36343264623861666166626536366630316233346439663531303939316330633762303965313831
62313633316631356461643735366232396431626364643761333237386539353161333961656133
32373034653566393431306263323665383032396437386337353534323434663237653132666561
38353836376335353662346530376366623562663130633737663865343665303432316636336437
61623338313064313364653930323537623835326431623964316461653534373230386234313239
643366363332346361353436633736353037
66643230333866626266396537353465623533643664366461343436333038356230316630666466
3238636230333063336636346461633235346531383235640a356461343338333632363732373464
35323834366537373139393465393762356565303364623937383662303034326139363833636333
6461613035356430380a313238653738626164313537613566346163616332623063646139356332
36643863346364313237383839636665643862616531613332616232623135643837376134663362
32353636646235393631636534306437656532343639333338383166306563326561336633613634
63346330356433643362356165613831643637633533636563333238386562656639353665656465
39613861383262613232313038663566383963363435343139656532383730376331366434313939
34373438303730383437353863306336666333396132336330353163346539636138643065386537
64363937393164323661666465613535643965373666663737343330373263336536343930363361
37393335326637366362356431316534666561333832666637323661323431303230626231653863
66393365613238353061396537303764653036313863613931373833316435643530356361316630
61376338353265393838376132633564616530323134613235366465643531393938663339383465
61653736373037643965306264316433336334333033333736643732326133303266376665643832
36663463613634383730323233313734343234656463626433323362396435373237653263343063
35343135646437633537373631303431626161396337303964353662633135646464313463616664
36373764633535653966343664616236303432393262623762663638346137386437636236646438
34316336316165663938306363386663636239313236313365376133376164353230656464663865
39356436616533376531353233393761346236623361633937376231353631393265626338306138
34303964343434323830326130383239326535626462643064643138373438383333386436626364
31656265353932643039333264386532653935323563386366326661336430343162366136616663
38383535303431636637373431363462613931303938623863336131656431393966653834356563
64376264363436636335643566636330393635643064646565396135646161393938383534373237
65393762333438393765396238316336373830646635373763663533356330656236343334663862
30326362383861623131393634306432643138646563383139393936396165343664643063393736
64623664343662386166383266366531653265616638386538616362373936613963666131363635
64376638666136386665653265653736373165666331346433643063383865363865383139343637
30326336393636343139663830666238643938663666326137393861663837643861613131323066
31306164646331343232356365643466393631643536393465376131616430663936366532633034
38646234323934333239353866623966343963656535653734663962316333353661363734333063
36376235626636663762376237363334633931616366383033623031336431643666623832616439
32313539646233633334316539343863316564393730616565653064653836313666303735333535
38613337303737646438616464643338633361373465636362323862363935373635343833363563
65393665373838303630343434666565336435373938373936383035396636366232393564393236
36353437343734643534613130376361306130383166373932303962633538343362653739333432
33663130646666623433343734343132386665356234383232656561326164633634663063626363
39313762386130363565363739663864303566663865383730653935626538636632643031613331
37653736313662653762613536646663373566663365316362303439393533373063313237663033
31336435363163613538313830393433656434316131373038306538393363386463626430356536
38666335623031643661643034356164393065396331666333303938646134623636626639623366
36626164343366343537393762383266353464616139303637323462316363306537646232363732
37636664323165323461363861623361393233666434636364383435653530616439306630653137
65353238326631623561333765336361386337336235323764346435646237373733633437316535
64356234363436383337363730616436633164643937373566343035633266383465343734353039
34393062663662383736396337626535333139366663636539643362316564313464616234383332
63353432396133366663616465636238366466356439643838623061633564386336343737366437
32656139346362666565663135663838333035333964383236323030643236396439313664363233
33663161363038633563653730396264323938346630626563623238363739613863633338643432
36316536656263636661353230316539646662376563376338383161363031663364383364646538
32626263393965333330386536623231656535613837633939613035656662306164643365326339
39643534336235383566386637363464363663323035336336386261313432613862613261343531
62343537653636353835336537356536613730643238313563393837633361393161623439376435
34393037343864336434366130396539656331306238633961363965343430396536653631626161
33363061373630316335353466316230626562646636326130383538653432663064393964393363
64613833316130346261316232376335333534323939373430376134643765646261643463616664
66616531613034353138343033373165616137643466663266303062646430636538386665643336
33633564383964353761323736383230393539336161643836643734303431353864333163323566
63383831663537313431376635333762313734383761326136333362666234663861393038373661
34616432316365333866323234356666656563616430663365346665633561663063643761313636
30303639343037326139393933356363633439333033373937306137643832373839633437386666
35343331623539343434666138633763653464356564333436353062306664663130633834326636
36396232393838316636376162346565366533653864373335663361613033663265326139343962
63613462373962613161656263313763353435366638333563663536326630363962613964306261
66383630316465323131336134653237396635313237646536353132336636343339316365633061
30363532613033623532326430326163343362373036336233643337366439636138363662633766
30646537306330306566626337636631623261323532396137363739343664326438626461326435
35663035316236616133633038386437646133383063323834623264363133366631356236353863
32336633316237336535616638356135633134356437633031316134313761346161323665613537
63613162616537616338653634373862636264353063326163613333633137633238346135646134
65353831396236346464326462343337373137663631333963353738636462643761653533376466
38346164383634393232383563663735663363663661373461303733333265663362396664363763
66373565386436653262376533316233393039346166326265323763373164366265323437616564
35323362396431663134623265373134376537346235333766346330353434376339353535663832
33386534343236636436663637343633333562383531333630386164323635633735653137633662
65626231303666313436626336366539373038323161663232336361633462396432616531373162
62633630376134326534336331643561373136383764323036313938613661616366396631353063
30316636353061303761353838313636636636303166376630623837373663613930316131326231
36653838626238626661356130353132386664366364323965326432613939623065376363656466
38386263656265333035653836666265613134316332343363396634303338623761393430366662
36633233396234663766393331656630383530363134353966636462336163306266646533666130
31333933396633643032616230613136313933663535323838663737313964306233383764376661
35376336336236346130333266613833313830363133396165353237313337633264353238306437
64336566653037653732396266393462656134626663356139393661346231626664386630363665
64383963656266396162333236373831373535623462356662336139623936613335336630373632
30373435363463383264313036623263653862653936386131313062366436336234393230303233
37376333653633383137356563346136306433623066336533386238663066666661656365363632
33343936376631636565363862613766303163326339366235353265383132646163356435336164
39633266306565663739356562643966343730336363366234613834613361313133616130396237
31626164346462616634306366303062653165666561326336373362646162376232316337616439
66333161363463373561316338633531396266316364323834656134633632393964383132323933
65383732383563613866306565386662653232336533333534666439313235383865363338643930
36333135623934343635646333616635353633346534646337356235643831343762343463306364
35353562666466376538353862343965376564633935313934366265313331353062363136383438
62363639613337343564636132333530376335366663343364663162376465656331663038376562
63616137393332303062646533643166336130333666613864326537313763356233613161626661
63353765333332333064306564663738666430353733663035343966656364613663663532376465
64663537323339353238656437383761656564333739306236663037396264343730313037353235
39393235376565373335633737363939366533356533353165653562613231623362646336326232
38633861303830643939336337616532343962326232663833333133356266336431366662346265
31666265616463396363323462373330623539643732656539326533353231393236356336346462
64636536303939323435633930353538373464363431313664616234353230623132313035613634
37363437363131626339626164373162323961303862363734646533313935383137633336303166
39326430306466356466613061613835353831376531303263613137636164653331396335386234
32626464393032333135633733626137333130353839623066366439323539343534336263303665
61353233316263623062336232306663343435386365666235613764366266373136623337363433
36356337383764353432386435616634343634333931653135303466663133643633306431306165
66633937356137393638626237643334343562373836623464313537316362333336643566643962
36653233623861383133333261366331663564656466363134343031616539656436346566646266
31393463316566313836636333356265623134393464623633373163363162373037363738646165
33656439303137373063363832613134326536313936646162386438336631666630366463383333
30383236316364313631643736376538356335346438626461383432386234643032336563333164
31363065383339663961366132663262303661613064636432313636346262626565636639633764
38313037376465626339663535613832313164656366363835383438626233343762363161336532
38616433306664613736393565323263393739663531326164623332313365313662326263326234
30666464656333616231616531623166633361386265356235366435636231653462613835386637
62636133326536303935346532633932363761323337636232313364666331636239373264613565
62386665343831376437346130633262366562316234343933356239303164613937623138333065
61626462393535366239626163646437393333643061376236626436636437303064306632393134
65643539303334366665653730393463306263353936386536643764623339323338666265363735
64633235646562636130623636356434626439663630636661303164326464663866636531316462
34636461313731393035386239393731643337393933373865643639623664663464623963376664
65393031643037393166636535633234626136313462636135326231353765343138336464323432
63396464383332333962363132666539323964643763353135356231303865303033323161396632
37373838343366363762633036346338626539663865616536373934386435373137633336626235
39393834643638303236613930373666393936346162313262366632306431636131

2
k8s/roles/coder/tasks/main.yml
View file

@ -34,6 +34,6 @@
name: coder
chart_ref: coderv2/coder
release_namespace: coder
chart_version: 2.2.1
chart_version: 2.3.1
update_repo_cache: true
release_values: "{{ lookup('template', 'values.coder.yml.j2') | from_yaml }}"

48
k8s/roles/codimd/tasks/main.yml
View file

@ -1,48 +0,0 @@
---
- name: Create CodiMD namespace
kubernetes.core.k8s:
name: codimd
api_version: v1
kind: Namespace
state: present
definition:
metadata:
labels:
prometheus: default
- name: Add CodiMD chart repo
kubernetes.core.helm_repository:
name: codimd
repo_url: https://helm.codimd.dev/
- name: Deploy CodiMD chart
kubernetes.core.helm:
name: codimd
chart_ref: codimd/codimd
release_namespace: codimd
chart_version: 0.1.10
update_repo_cache: true
release_values: "{{ lookup('template', 'values.codimd.yml.j2') | from_yaml }}"
- name: Create CodiMD ingress
kubernetes.core.k8s:
state: present
definition:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: codimd
namespace: codimd
spec:
rules:
- host: kb.icb4dc0.de
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: codimd
port:
number: 80

62
k8s/roles/codimd/templates/values.codimd.yml.j2
View file

@ -1,62 +0,0 @@
image:
registry: code.icb4dc0.de
repository: prskr/hackmd
tag: 1c8ecccb
codimd:
connection:
domain: kb.icb4dc0.de
protocolUseSSL: true
database:
type: postgres
host: postgres-15-postgresql.postgres.svc.cluster.local
port: 5432
username: "{{ codimd.db.user }}"
password: "{{ codimd.db.password }}"
databaseName: "codimd"
imageUpload:
storeType: minio
minio:
endpoint: minio.minio.svc.cluster.local
accessKey: "{{ minio.rootUser }}"
secretKey: "{{ minio.rootPassword }}"
secure: false
port: 9000
imageStorePersistentVolume:
enabled: false
security:
sessionSecret: "{{ codimd.session.secret }}"
allowPDFExport: true
notePermission:
allowAnonymousEdit: false
allowAnonymousView: true
authentication:
local:
enabled: false
oauth2:
enabled: true
providerName: Forgejo
clientId: "{{ codimd.auth.clientId }}"
secret: "{{ codimd.auth.clientSecret }}"
authorizationUrl: https://code.icb4dc0.de/login/oauth/authorize
tokenUrl: https://code.icb4dc0.de/login/oauth/access_token
userProfileUrl: https://code.icb4dc0.de/login/oauth/userinfo
scope: openid profile email
attributes:
username: preferred_username
displayName: name
email: email
nodeSelector:
kubernetes.io/arch: amd64
postgresql:
enabled: false
service:
type: ClusterIP
ingress:
enabled: false
hosts:
- kb.icb4dc0.de

36
k8s/roles/hedgedoc/files/config/base.env Normal file
View file

@ -0,0 +1,36 @@
CMD_DOMAIN=md.icb4dc0.de
CMD_URL_ADDPORT=false
CMD_PROTOCOL_USESSL=true
CMD_USECDN=false
CMD_SESSION_LIFE=1209600000
CMD_HSTS_ENABLE=true
CMD_HSTS_MAX_AGE=31536000
CMD_HSTS_INCLUDE_SUBDOMAINS=false
CMD_HSTS_PRELOAD=true
CMD_CSP_ENABLE=true
CMD_ALLOW_GRAVATAR=true
CMD_RESPONSE_MAX_LAG=70
CMD_ALLOW_FREEURL=false
CMD_FORBIDDEN_NOTE_IDS=robots.txt,favicon.ico,api
CMD_DEFAULT_PERMISSION=editable
CMD_ALLOW_ANONYMOUS_EDITS=false
CMD_ALLOW_ANONYMOUS_VIEWS=true
CMD_ALLOW_PDF_EXPORT=true
CMD_DEFAULT_USE_HARD_BREAK=true
CMD_LINKIFY_HEADER_STYLE=keep-case
CMD_AUTO_VERSION_CHECK=true
CMD_ALLOW_EMAIL_REGISTER=true
CMD_EMAIL=false
CMD_OAUTH2_BASEURL=https://code.icb4dc0.de
CMD_OAUTH2_USER_PROFILE_URL=https://code.icb4dc0.de/login/oauth/userinfo
CMD_OAUTH2_AUTHORIZATION_URL=https://code.icb4dc0.de/login/oauth/authorize
CMD_OAUTH2_TOKEN_URL=https://code.icb4dc0.de/login/oauth/access_token
CMD_OAUTH2_PROVIDERNAME=Forgejo
CMD_OAUTH2_SCOPE=openid profile email
CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username
CMD_IMAGE_UPLOAD_TYPE=minio
CMD_MINIO_ENDPOINT=minio.minio.svc.cluster.local
CMD_MINIO_PORT=9000
CMD_MINIO_SECURE=true

15
k8s/roles/skooner/files/kustomization.yaml → k8s/roles/hedgedoc/files/kustomization.yaml
View file

@ -1,7 +1,12 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: kube-system
namespace: hedgedoc
images:
- name: hedgedoc
newName: quay.io/hedgedoc/hedgedoc
newTag: "1.9.9"
commonLabels:
app.kubernetes.io/instance: icb4dc0de
@ -11,6 +16,8 @@ resources:
- "resources/deployment.yaml"
- "resources/service.yaml"
- "resources/ingress.yaml"
- "resources/rbac/service_account.yaml"
- "resources/rbac/sa_token_secret.yaml"
- "resources/rbac/cluster_role_binding.yaml"
secretGenerator:
- name: hedgedoc-base-config
envs:
- "config/base.env"

43
k8s/roles/hedgedoc/files/resources/deployment.yaml Normal file
View file

@ -0,0 +1,43 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: hedgedoc
spec:
selector:
matchLabels:
app.kubernetes.io/name: hedgedoc
template:
metadata:
labels:
app.kubernetes.io/name: hedgedoc
spec:
containers:
- name: hedgedoc
image: hedgedoc
envFrom:
- secretRef:
name: hedgedoc-base-config
- secretRef:
name: hedgedoc-secret-config
ports:
- containerPort: 3000
protocol: TCP
name: web
resources:
requests:
memory: "168Mi"
cpu: "50m"
limits:
memory: "256Mi"
cpu: "500m"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
securityContext:
runAsUser: 1000
runAsGroup: 1000
runAsNonRoot: true

12
k8s/roles/skooner/files/resources/ingress.yaml → k8s/roles/hedgedoc/files/resources/ingress.yaml
View file

@ -2,16 +2,16 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: skooner
name: hedgedoc
spec:
rules:
- host: skooner.icb4dc0.de
- host: md.icb4dc0.de
http:
paths:
- path: /
- pathType: Prefix
path: /
backend:
service:
name: skooner
name: hedgedoc
port:
number: 8000
pathType: Prefix
number: 3000

12
k8s/roles/hedgedoc/files/resources/service.yaml Normal file
View file

@ -0,0 +1,12 @@
---
apiVersion: v1
kind: Service
metadata:
name: hedgedoc
spec:
selector:
app.kubernetes.io/name: hedgedoc
ports:
- protocol: TCP
port: 3000
targetPort: 3000

38
k8s/roles/hedgedoc/tasks/main.yml Normal file
View file

@ -0,0 +1,38 @@
---
- name: Create HedgeDoc namespace
kubernetes.core.k8s:
name: hedgedoc
api_version: v1
kind: Namespace
state: present
definition:
metadata:
labels:
prometheus: default
- name: Create HedgeDoc secrets
kubernetes.core.k8s:
state: present
definition:
apiVersion: v1
kind: Secret
metadata:
name: hedgedoc-secret-config
namespace: hedgedoc
data:
# Auth
CMD_OAUTH2_CLIENT_ID: "{{ hedgedoc.auth.clientId | b64encode }}"
CMD_OAUTH2_CLIENT_SECRET: "{{ hedgedoc.auth.clientSecret | b64encode }}"
# DB
CMD_DB_URL: "{{ 'postgres://%s:%s@postgres-15-postgresql.postgres.svc.cluster.local:5432/hedgedoc' | format(hedgedoc.db.user, hedgedoc.db.password) | b64encode }}"
# Image upload
CMD_MINIO_ACCESS_KEY: "{{ minio.rootUser | b64encode }}"
CMD_MINIO_SECRET_KEY: "{{ minio.rootPassword | b64encode }}"
CMD_SESSION_SECRET: "{{ hedgedoc.session.secret | b64encode}}"
- name: Deploy HedgeDoc kustomization
k8s:
definition: "{{ lookup('kubernetes.core.kustomize', dir=([role_path, 'files'] | path_join)) }}"

10
k8s/roles/nocodb/files/config/base.env Normal file
View file

@ -0,0 +1,10 @@
NC_PUBLIC_URL=https://noco.icb4dc0.de
NC_TOOL_DIR=/usr/app/data/
DB_QUERY_LIMIT_DEFAULT=25
DB_QUERY_LIMIT_MAX=1000
DB_QUERY_LIMIT_MIN=1
NC_JWT_EXPIRES_IN=1h
NC_DISABLE_TELE=true
NC_S3_REGION=us-east-1
NC_S3_BUCKET_NAME=noco
NC_ADMIN_EMAIL=peter.kurfer@gmail.com

24
k8s/roles/nocodb/files/kustomization.yaml Normal file
View file

@ -0,0 +1,24 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: nocodb
images:
- name: nocodb
newName: docker.io/nocodb/nocodb
newTag: "0.202.4"
commonLabels:
app.kubernetes.io/instance: icb4dc0de
app.kubernetes.io/managed-by: kustomize
resources:
- "resources/pvc.yaml"
- "resources/deployment.yaml"
- "resources/service.yaml"
- "resources/ingress.yaml"
secretGenerator:
- name: nocodb-base-config
envs:
- "config/base.env"

55
k8s/roles/nocodb/files/resources/deployment.yaml Normal file
View file

@ -0,0 +1,55 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nocodb
spec:
selector:
matchLabels:
app.kubernetes.io/name: nocodb
template:
metadata:
labels:
app.kubernetes.io/name: nocodb
spec:
containers:
- name: nocodb
image: nocodb
envFrom:
- secretRef:
name: nocodb-base-config
- secretRef:
name: nocodb-secret-config
ports:
- containerPort: 8080
protocol: TCP
name: web
volumeMounts:
- mountPath: /usr/app/data
name: nocodb-metadata
- mountPath: /usr/src/app/
name: app-volume
resources:
requests:
memory: "168Mi"
cpu: "50m"
limits:
memory: "256Mi"
cpu: "500m"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumes:
- name: nocodb-metadata
persistentVolumeClaim:
claimName: nocodb-metadata
- name: app-volume
emptyDir:
sizeLimit: 1500Mi
securityContext:
runAsUser: 1000
runAsGroup: 1000
runAsNonRoot: true

17
k8s/roles/nocodb/files/resources/ingress.yaml Normal file
View file

@ -0,0 +1,17 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nocodb
spec:
rules:
- host: noco.icb4dc0.de
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: nocodb
port:
number: 8080

14
k8s/roles/nocodb/files/resources/pvc.yaml Normal file
View file

@ -0,0 +1,14 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nocodb-metadata
labels:
app.kubernetes.io/name: nocodb
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: hcloud-volumes

12
k8s/roles/nocodb/files/resources/service.yaml Normal file
View file

@ -0,0 +1,12 @@
---
apiVersion: v1
kind: Service
metadata:
name: nocodb
spec:
selector:
app.kubernetes.io/name: nocodb
ports:
- protocol: TCP
port: 8080
targetPort: 8080

39
k8s/roles/nocodb/tasks/main.yml Normal file
View file

@ -0,0 +1,39 @@
---
- name: Create NocoDB namespace
kubernetes.core.k8s:
name: nocodb
api_version: v1
kind: Namespace
state: present
definition:
metadata:
labels:
prometheus: default
# TODO deploy KeyDB for cache
- name: Create NocoDB secrets
kubernetes.core.k8s:
state: present
definition:
apiVersion: v1
kind: Secret
metadata:
name: nocodb-secret-config
namespace: nocodb
data:
# DB
NC_DB: "{{ 'pg://postgres-15-postgresql.postgres.svc.cluster.local:5432?u=%s&p=%s&d=noco' | format(nocodb.db.user, nocodb.db.password) | b64encode }}"
# Auth
NC_AUTH_JWT_SECRET: "{{ nocodb.jwtSecret | b64encode }}"
NC_ADMIN_PASSWORD: "{{ nocodb.auth.adminPassword | b64encode }}"
# S3 storage plugin
NC_S3_ACCESS_KEY: "{{ minio.rootUser | b64encode }}"
NC_S3_ACCESS_SECRET: "{{ minio.rootPassword | b64encode }}"
- name: Deploy HedgeDoc kustomization
k8s:
definition: "{{ lookup('kubernetes.core.kustomize', dir=([role_path, 'files'] | path_join)) }}"

12
k8s/roles/postgres-config/tasks/main.yaml
View file

@ -10,8 +10,10 @@
password: "{{ gitea.dbPassword }}"
- name: "{{ grafana.db.user }}"
password: "{{ grafana.db.password }}"
- name: "{{ concourse.db.user }}"
password: "{{ concourse.db.password }}"
- name: "{{ hedgedoc.db.user }}"
password: "{{ hedgedoc.db.password }}"
- name: "{{ nocodb.db.user }}"
password: "{{ nocodb.db.password }}"
- name: Create databases
community.postgresql.postgresql_db:
@ -23,7 +25,9 @@
loop:
- name: gitea
owner: gitea
- name: concourse
owner: "{{ concourse.db.user }}"
- name: grafana
owner: "{{ grafana.db.user }}"
- name: hedgedoc
owner: "{{ hedgedoc.db.user }}"
- name: noco
owner: "{{ nocodb.db.user }}"

37
k8s/roles/skooner/files/resources/deployment.yaml
View file

@ -1,37 +0,0 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: skooner
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: skooner
template:
metadata:
labels:
app.kubernetes.io/name: skooner
spec:
containers:
- name: skooner
image: ghcr.io/skooner-k8s/skooner:stable
ports:
- containerPort: 4654
livenessProbe:
httpGet:
scheme: HTTP
path: /
port: 4654
initialDelaySeconds: 30
timeoutSeconds: 30
resources:
requests:
cpu: 50m
memory: 50Mi
limits:
cpu: 100m
memory: 150Mi
nodeSelector:
kubernetes.io/arch: amd64

13
k8s/roles/skooner/files/resources/rbac/cluster_role_binding.yaml
View file

@ -1,13 +0,0 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: prskr-cluster-admin
subjects:
- kind: ServiceAccount
name: prskr
namespace: kube-system
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io

8
k8s/roles/skooner/files/resources/rbac/sa_token_secret.yaml
View file

@ -1,8 +0,0 @@
---
apiVersion: v1
kind: Secret
metadata:
name: prskr-token
annotations:
kubernetes.io/service-account.name: prskr
type: kubernetes.io/service-account-token

5
k8s/roles/skooner/files/resources/rbac/service_account.yaml
View file

@ -1,5 +0,0 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: prskr

12
k8s/roles/skooner/files/resources/service.yaml
View file

@ -1,12 +0,0 @@
---
kind: Service
apiVersion: v1
metadata:
name: skooner
namespace: kube-system
spec:
ports:
- port: 8000
targetPort: 4654
selector:
app.kubernetes.io/name: skooner

4
k8s/roles/skooner/tasks/main.yml
View file

@ -1,4 +0,0 @@
---
- name: Deploy Skooner kustomization
k8s:
definition: "{{ lookup('kubernetes.core.kustomize', dir=([role_path, 'files'] | path_join)) }}"