diff --git a/crafty/argocd.yaml b/crafty/argocd.yaml index 995d3c8..669ddc6 100644 --- a/crafty/argocd.yaml +++ b/crafty/argocd.yaml @@ -8,6 +8,15 @@ metadata: spec: project: default sources: + - repoURL: https://bjw-s.github.io/helm-charts + chart: app-template + targetRevision: 3.6.1 + helm: + valueFiles: + - $values/crafty/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/applications.git + targetRevision: main + ref: values - repoURL: https://github.com/K3S-HOME/applications.git targetRevision: main path: crafty diff --git a/crafty/deployment.yaml b/crafty/deployment.yaml deleted file mode 100644 index 62d8188..0000000 --- a/crafty/deployment.yaml +++ /dev/null @@ -1,68 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: crafty - namespace: crafty - labels: - app: crafty -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app: crafty - template: - metadata: - labels: - app: crafty - spec: - securityContext: - fsGroup: 0 - initContainers: - - name: init-permissions - image: busybox:latest - command: ['sh', '-c', 'chown -R 1000:0 /crafty && chmod -R g+rwX /crafty'] - volumeMounts: - - name: servers - mountPath: /crafty/servers - - name: config - mountPath: /crafty/app/config - securityContext: - runAsUser: 0 - containers: - - name: crafty - image: registry.gitlab.com/crafty-controller/crafty-4:latest - env: - - name: TZ - value: Asia/Seoul - ports: - - name: https - containerPort: 8443 - protocol: TCP - - name: dynmap - containerPort: 8123 - protocol: TCP - - name: bedrock - containerPort: 19132 - protocol: UDP - resources: - requests: - memory: "512Mi" - cpu: "250m" - limits: - memory: "2Gi" - volumeMounts: - - name: servers - mountPath: /crafty/servers - - name: config - mountPath: /crafty/app/config - securityContext: - allowPrivilegeEscalation: false - volumes: - - name: servers - persistentVolumeClaim: - claimName: crafty-servers - - name: config - persistentVolumeClaim: - claimName: crafty-config diff --git a/crafty/helm-values.yaml b/crafty/helm-values.yaml new file mode 100644 index 0000000..2060f67 --- /dev/null +++ b/crafty/helm-values.yaml @@ -0,0 +1,67 @@ +# crafty - bjw-s/app-template values +# Minecraft server manager + +defaultPodOptions: + securityContext: + fsGroup: 0 + +controllers: + main: + strategy: Recreate + initContainers: + init-permissions: + image: + repository: busybox + tag: latest + command: + - sh + - -c + - "chown -R 1000:0 /crafty && chmod -R g+rwX /crafty" + securityContext: + runAsUser: 0 + containers: + main: + image: + repository: registry.gitlab.com/crafty-controller/crafty-4 + tag: latest + env: + TZ: Asia/Seoul + resources: + requests: + cpu: 250m + memory: 512Mi + limits: + memory: 2Gi + securityContext: + allowPrivilegeEscalation: false + +service: + main: + controller: main + ports: + https: + port: 8443 + dynmap: + port: 8123 + +persistence: + servers: + enabled: true + type: persistentVolumeClaim + existingClaim: crafty-servers + advancedMounts: + main: + init-permissions: + - path: /crafty/servers + main: + - path: /crafty/servers + config: + enabled: true + type: persistentVolumeClaim + existingClaim: crafty-config + advancedMounts: + main: + init-permissions: + - path: /crafty/app/config + main: + - path: /crafty/app/config diff --git a/crafty/kustomization.yaml b/crafty/kustomization.yaml index 22860e7..a9c8cd5 100644 --- a/crafty/kustomization.yaml +++ b/crafty/kustomization.yaml @@ -1,9 +1,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - resources: - - pvc.yaml - - deployment.yaml - - service.yaml - - serverstransport.yaml - - ingress.yaml +- manifests/pvc.yaml +- manifests/minecraft-service.yaml +- manifests/serverstransport.yaml +- manifests/ingress.yaml diff --git a/crafty/ingress.yaml b/crafty/manifests/ingress.yaml similarity index 100% rename from crafty/ingress.yaml rename to crafty/manifests/ingress.yaml diff --git a/crafty/service.yaml b/crafty/manifests/minecraft-service.yaml similarity index 65% rename from crafty/service.yaml rename to crafty/manifests/minecraft-service.yaml index 0503be6..cde3b43 100644 --- a/crafty/service.yaml +++ b/crafty/manifests/minecraft-service.yaml @@ -1,26 +1,5 @@ apiVersion: v1 kind: Service -metadata: - name: crafty - namespace: crafty - labels: - app: crafty -spec: - type: ClusterIP - selector: - app: crafty - ports: - - name: https - port: 8443 - targetPort: 8443 - protocol: TCP - - name: dynmap - port: 8123 - targetPort: 8123 - protocol: TCP ---- -apiVersion: v1 -kind: Service metadata: name: crafty-minecraft namespace: crafty @@ -29,7 +8,7 @@ metadata: spec: type: LoadBalancer selector: - app: crafty + app.kubernetes.io/name: crafty ports: - name: bedrock port: 19132 diff --git a/crafty/pvc.yaml b/crafty/manifests/pvc.yaml similarity index 100% rename from crafty/pvc.yaml rename to crafty/manifests/pvc.yaml diff --git a/crafty/serverstransport.yaml b/crafty/manifests/serverstransport.yaml similarity index 100% rename from crafty/serverstransport.yaml rename to crafty/manifests/serverstransport.yaml diff --git a/docusaurus/argocd.yaml b/docusaurus/argocd.yaml index 0c98d20..0510990 100644 --- a/docusaurus/argocd.yaml +++ b/docusaurus/argocd.yaml @@ -8,6 +8,15 @@ metadata: spec: project: default sources: + - repoURL: https://bjw-s.github.io/helm-charts + chart: app-template + targetRevision: 3.6.1 + helm: + valueFiles: + - $values/docusaurus/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/applications.git + targetRevision: main + ref: values - repoURL: https://github.com/K3S-HOME/applications.git targetRevision: main path: docusaurus @@ -18,11 +27,8 @@ spec: automated: prune: true selfHeal: true - allowEmpty: false syncOptions: - CreateNamespace=true - - PrunePropagationPolicy=foreground - - PruneLast=true retry: limit: 5 backoff: @@ -32,15 +38,3 @@ spec: managedNamespaceMetadata: labels: goldilocks.fairwinds.com/enabled: 'true' - revisionHistoryLimit: 10 - ignoreDifferences: - - group: apps - kind: Deployment - jqPathExpressions: - - .metadata.annotations - - group: '' - kind: Service - name: docusaurus - namespace: docusaurus - jsonPointers: - - /spec/clusterIP diff --git a/docusaurus/deployment.yaml b/docusaurus/deployment.yaml deleted file mode 100644 index 78b84f5..0000000 --- a/docusaurus/deployment.yaml +++ /dev/null @@ -1,118 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: docusaurus - namespace: docusaurus - labels: - app: docusaurus -spec: - replicas: 1 - selector: - matchLabels: - app: docusaurus - template: - metadata: - labels: - app: docusaurus - annotations: - docusaurus/source-hash: "2024-12-30-v1" - spec: - initContainers: - - name: build-docusaurus - image: node:18-alpine - workingDir: /workspace - command: - - sh - - -c - - | - apk add --no-cache git - echo "Cloning repository..." - git clone https://github.com/K3S-HOME/applications.git /tmp/repo - cd /tmp/repo/docusaurus/asset - echo "Installing dependencies..." - npm install --legacy-peer-deps - echo "Building Docusaurus site..." - npm run build - echo "Copying build output..." - cp -r build/. /build/ - echo "Build complete!" - volumeMounts: - - name: build-output - mountPath: /build - containers: - - name: nginx - image: nginx:alpine - ports: - - containerPort: 80 - name: http - volumeMounts: - - name: build-output - mountPath: /usr/share/nginx/html - - name: nginx-config - mountPath: /etc/nginx/conf.d/default.conf - subPath: default.conf - resources: - requests: - cpu: 50m - memory: 64Mi - limits: - memory: 128Mi - livenessProbe: - httpGet: - path: / - port: 80 - initialDelaySeconds: 10 - periodSeconds: 10 - readinessProbe: - httpGet: - path: / - port: 80 - initialDelaySeconds: 5 - periodSeconds: 5 - volumes: - - name: build-output - emptyDir: {} - - name: nginx-config - configMap: - name: nginx-config ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: nginx-config - namespace: docusaurus -data: - default.conf: | - server { - listen 80; - server_name _; - root /usr/share/nginx/html; - index index.html; - - # Enable gzip compression - gzip on; - gzip_vary on; - gzip_min_length 1024; - gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml+rss application/javascript application/json; - - # Redirect root to intro page - location = / { - return 301 /intro/; - } - - # SPA fallback - location / { - try_files $uri $uri/ /intro/index.html; - } - - # Cache static assets - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { - expires 1y; - add_header Cache-Control "public, immutable"; - } - - # Security headers - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-XSS-Protection "1; mode=block" always; - } diff --git a/docusaurus/helm-values.yaml b/docusaurus/helm-values.yaml new file mode 100644 index 0000000..0533eb1 --- /dev/null +++ b/docusaurus/helm-values.yaml @@ -0,0 +1,104 @@ +# docusaurus - bjw-s/app-template values +# Documentation site with build-time static generation + +controllers: + main: + annotations: + docusaurus/source-hash: "2024-12-30-v1" + initContainers: + build-docusaurus: + image: + repository: node + tag: 18-alpine + command: + - sh + - -c + - | + apk add --no-cache git + echo "Cloning repository..." + git clone https://github.com/K3S-HOME/applications.git /tmp/repo + cd /tmp/repo/docusaurus/asset + echo "Installing dependencies..." + npm install --legacy-peer-deps + echo "Building Docusaurus site..." + npm run build + echo "Copying build output..." + cp -r build/. /build/ + echo "Build complete!" + containers: + main: + image: + repository: nginx + tag: alpine + resources: + requests: + cpu: 50m + memory: 64Mi + limits: + memory: 128Mi + probes: + liveness: + enabled: true + custom: true + spec: + httpGet: + path: / + port: 80 + initialDelaySeconds: 10 + periodSeconds: 10 + readiness: + enabled: true + custom: true + spec: + httpGet: + path: / + port: 80 + initialDelaySeconds: 5 + periodSeconds: 5 + +service: + main: + controller: main + ports: + http: + port: 80 + +ingress: + main: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: docusaurus0213.kro.kr + paths: + - path: / + service: + identifier: main + port: http + tls: + - secretName: docusaurus-tls + hosts: + - docusaurus0213.kro.kr + +persistence: + build-output: + enabled: true + type: emptyDir + globalMounts: + - path: /build + advancedMounts: + main: + build-docusaurus: + - path: /build + main: + - path: /usr/share/nginx/html + nginx-config: + enabled: true + type: configMap + name: nginx-config + advancedMounts: + main: + main: + - path: /etc/nginx/conf.d/default.conf + subPath: default.conf diff --git a/docusaurus/ingress.yaml b/docusaurus/ingress.yaml deleted file mode 100644 index a98b947..0000000 --- a/docusaurus/ingress.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: docusaurus-ingress - namespace: docusaurus - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-prod" - nginx.ingress.kubernetes.io/proxy-body-size: "0" - nginx.ingress.kubernetes.io/proxy-read-timeout: "600" - nginx.ingress.kubernetes.io/proxy-send-timeout: "600" -spec: - ingressClassName: traefik - tls: - - hosts: - - docusaurus0213.kro.kr - secretName: docusaurus-tls - rules: - - host: docusaurus0213.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: docusaurus - port: - number: 80 diff --git a/docusaurus/kustomization.yaml b/docusaurus/kustomization.yaml index c33ea97..1f5f3d3 100644 --- a/docusaurus/kustomization.yaml +++ b/docusaurus/kustomization.yaml @@ -1,7 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: -- deployment.yaml -- service.yaml -- ingress.yaml namespace: docusaurus +resources: +- manifests/configmap.yaml diff --git a/docusaurus/manifests/configmap.yaml b/docusaurus/manifests/configmap.yaml new file mode 100644 index 0000000..0b9618e --- /dev/null +++ b/docusaurus/manifests/configmap.yaml @@ -0,0 +1,40 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-config + namespace: docusaurus +data: + default.conf: | + server { + listen 80; + server_name _; + root /usr/share/nginx/html; + index index.html; + + # Enable gzip compression + gzip on; + gzip_vary on; + gzip_min_length 1024; + gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml+rss application/javascript application/json; + + # Redirect root to intro page + location = / { + return 301 /intro/; + } + + # SPA fallback + location / { + try_files $uri $uri/ /intro/index.html; + } + + # Cache static assets + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { + expires 1y; + add_header Cache-Control "public, immutable"; + } + + # Security headers + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Content-Type-Options "nosniff" always; + add_header X-XSS-Protection "1; mode=block" always; + } diff --git a/docusaurus/service.yaml b/docusaurus/service.yaml deleted file mode 100644 index ce261a5..0000000 --- a/docusaurus/service.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: docusaurus - namespace: docusaurus - labels: - app: docusaurus -spec: - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: 80 - protocol: TCP - selector: - app: docusaurus diff --git a/homer/argocd.yaml b/homer/argocd.yaml index e4ea639..24da3b3 100644 --- a/homer/argocd.yaml +++ b/homer/argocd.yaml @@ -8,6 +8,15 @@ metadata: spec: project: default sources: + - repoURL: https://bjw-s.github.io/helm-charts + chart: app-template + targetRevision: 3.6.1 + helm: + valueFiles: + - $values/homer/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/applications.git + targetRevision: main + ref: values - repoURL: https://github.com/K3S-HOME/applications.git targetRevision: main path: homer diff --git a/homer/deployment.yaml b/homer/deployment.yaml deleted file mode 100644 index 371f876..0000000 --- a/homer/deployment.yaml +++ /dev/null @@ -1,68 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: homer - namespace: homer - labels: - app: homer -spec: - replicas: 1 - selector: - matchLabels: - app: homer - template: - metadata: - labels: - app: homer - spec: - initContainers: - - name: copy-homer-files - image: b4bz/homer:latest - command: ['sh', '-c'] - args: - - | - # Homer의 기본 파일들을 emptyDir로 복사 - cp -r /www/* /tmp/www/ - volumeMounts: - - name: www - mountPath: /tmp/www - - name: copy-assets - image: alpine/git:latest - command: ['sh', '-c'] - args: - - | - # Git에서 assets 복사 - git clone --depth 1 --branch main https://github.com/K3S-HOME/applications.git /tmp/repo - # assets 폴더 덮어쓰기 - rm -rf /www/assets - cp -r /tmp/repo/homer/assets /www/assets - # config.yml 복사 - cp /config/config.yml /www/assets/config.yml - # lighttpd 사용자(uid=1000)가 읽을 수 있도록 권한 변경 - chmod -R 755 /www/assets - chown -R 1000:65533 /www/assets - volumeMounts: - - name: config - mountPath: /config - - name: www - mountPath: /www - containers: - - name: homer - image: b4bz/homer:latest - imagePullPolicy: IfNotPresent - ports: - - containerPort: 8080 - name: http - volumeMounts: - - name: www - mountPath: "/www" - resources: - requests: - memory: "64Mi" - cpu: "5m" - volumes: - - name: config - configMap: - name: homer-config - - name: www - emptyDir: {} diff --git a/homer/helm-values.yaml b/homer/helm-values.yaml new file mode 100644 index 0000000..b542576 --- /dev/null +++ b/homer/helm-values.yaml @@ -0,0 +1,93 @@ +# homer - bjw-s/app-template values +# Dashboard for self-hosted services + +controllers: + main: + initContainers: + copy-homer-files: + image: + repository: b4bz/homer + tag: latest + command: + - sh + - -c + - | + cp -r /www/* /tmp/www/ + copy-assets: + image: + repository: alpine/git + tag: latest + command: + - sh + - -c + - | + git clone --depth 1 --branch main https://github.com/K3S-HOME/applications.git /tmp/repo + rm -rf /www/assets + cp -r /tmp/repo/homer/assets /www/assets + cp /config/config.yml /www/assets/config.yml + chmod -R 755 /www/assets + chown -R 1000:65533 /www/assets + containers: + main: + image: + repository: b4bz/homer + tag: latest + pullPolicy: IfNotPresent + resources: + requests: + cpu: 5m + memory: 64Mi + +service: + main: + controller: main + ports: + http: + port: 80 + targetPort: 8080 + +ingress: + main: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: mayne.kro.kr + paths: + - path: / + service: + identifier: main + port: http + - host: www.mayne.kro.kr + paths: + - path: / + service: + identifier: main + port: http + tls: + - secretName: homer-tls + hosts: + - mayne.kro.kr + - www.mayne.kro.kr + +persistence: + www: + enabled: true + type: emptyDir + advancedMounts: + main: + copy-homer-files: + - path: /tmp/www + copy-assets: + - path: /www + main: + - path: /www + config: + enabled: true + type: configMap + name: homer-config + advancedMounts: + main: + copy-assets: + - path: /config diff --git a/homer/ingress.yaml b/homer/ingress.yaml deleted file mode 100644 index d7b44fb..0000000 --- a/homer/ingress.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: homer-ingress - namespace: homer - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-prod" -spec: - ingressClassName: traefik - tls: - - hosts: - - mayne.kro.kr - - www.mayne.kro.kr - secretName: homer-tls - rules: - - host: mayne.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: homer - port: - number: 80 - - host: www.mayne.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: homer - port: - number: 80 diff --git a/homer/kustomization.yaml b/homer/kustomization.yaml index 1f78d09..c490369 100644 --- a/homer/kustomization.yaml +++ b/homer/kustomization.yaml @@ -1,11 +1,9 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: -- deployment.yaml -- service.yaml -- ingress.yaml configMapGenerator: - name: homer-config namespace: homer files: - config.yml +generatorOptions: + disableNameSuffixHash: true diff --git a/homer/service.yaml b/homer/service.yaml deleted file mode 100644 index 46df59c..0000000 --- a/homer/service.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: homer - namespace: homer -spec: - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: 8080 - selector: - app: homer diff --git a/mas/argocd.yaml b/mas/argocd.yaml index 164b79c..e0daf7d 100644 --- a/mas/argocd.yaml +++ b/mas/argocd.yaml @@ -8,6 +8,15 @@ metadata: spec: project: default sources: + - repoURL: https://bjw-s.github.io/helm-charts + chart: app-template + targetRevision: 3.6.1 + helm: + valueFiles: + - $values/mas/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/applications.git + targetRevision: main + ref: values - repoURL: https://github.com/K3S-HOME/applications.git targetRevision: main path: mas @@ -18,11 +27,8 @@ spec: automated: prune: true selfHeal: true - allowEmpty: false syncOptions: - CreateNamespace=true - - PrunePropagationPolicy=foreground - - PruneLast=true retry: limit: 5 backoff: @@ -32,4 +38,3 @@ spec: managedNamespaceMetadata: labels: goldilocks.fairwinds.com/enabled: 'true' - revisionHistoryLimit: 10 diff --git a/mas/deployment.yaml b/mas/deployment.yaml deleted file mode 100644 index 18ed376..0000000 --- a/mas/deployment.yaml +++ /dev/null @@ -1,77 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mas - labels: - app: mas -spec: - replicas: 1 - selector: - matchLabels: - app: mas - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 - revisionHistoryLimit: 3 - template: - metadata: - labels: - app: mas - spec: - hostPID: true - serviceAccountName: mas - imagePullSecrets: - - name: ghcr-secret - containers: - - name: mas - image: ghcr.io/mayne0213/mas:latest - imagePullPolicy: Always - securityContext: - privileged: true - ports: - - containerPort: 8000 - name: http - env: - - name: ANTHROPIC_API_KEY - valueFrom: - secretKeyRef: - name: mas-api-keys - key: anthropic-api-key - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql-password - key: password - - name: CHAINLIT_DATABASE_URL - value: "postgresql://bluemayne:$(POSTGRES_PASSWORD)@postgresql-rw.postgresql.svc.cluster.local:5432/mas" - - name: DATABASE_URL - value: "postgresql://bluemayne:$(POSTGRES_PASSWORD)@postgresql-rw.postgresql.svc.cluster.local:5432/mas" - - name: POSTGRES_HOST - value: "postgresql-rw.postgresql.svc.cluster.local" - - name: POSTGRES_PORT - value: "5432" - - name: POSTGRES_USER - value: "bluemayne" - - name: REDIS_URL - value: "redis://redis:6379/0" - resources: - requests: - memory: 256Mi - cpu: 100m - limits: - memory: 1Gi - livenessProbe: - httpGet: - path: / - port: 8000 - initialDelaySeconds: 30 - periodSeconds: 10 - readinessProbe: - httpGet: - path: / - port: 8000 - initialDelaySeconds: 10 - periodSeconds: 5 - restartPolicy: Always diff --git a/mas/helm-values.yaml b/mas/helm-values.yaml new file mode 100644 index 0000000..520f993 --- /dev/null +++ b/mas/helm-values.yaml @@ -0,0 +1,102 @@ +# mas - bjw-s/app-template values +# Multi-Agent System + +defaultPodOptions: + hostPID: true + imagePullSecrets: + - name: ghcr-secret + +serviceAccount: + create: false + name: mas + +controllers: + main: + strategy: RollingUpdate + rollingUpdate: + unavailable: 0 + surge: 1 + revisionHistoryLimit: 3 + containers: + main: + image: + repository: ghcr.io/mayne0213/mas + tag: latest + pullPolicy: Always + securityContext: + privileged: true + env: + ANTHROPIC_API_KEY: + valueFrom: + secretKeyRef: + name: mas-api-keys + key: anthropic-api-key + POSTGRES_PASSWORD: + valueFrom: + secretKeyRef: + name: postgresql-password + key: password + CHAINLIT_DATABASE_URL: "postgresql://bluemayne:$(POSTGRES_PASSWORD)@postgresql-rw.postgresql.svc.cluster.local:5432/mas" + DATABASE_URL: "postgresql://bluemayne:$(POSTGRES_PASSWORD)@postgresql-rw.postgresql.svc.cluster.local:5432/mas" + POSTGRES_HOST: "postgresql-rw.postgresql.svc.cluster.local" + POSTGRES_PORT: "5432" + POSTGRES_USER: "bluemayne" + REDIS_URL: "redis://redis:6379/0" + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + memory: 1Gi + probes: + liveness: + enabled: true + custom: true + spec: + httpGet: + path: / + port: 8000 + initialDelaySeconds: 30 + periodSeconds: 10 + readiness: + enabled: true + custom: true + spec: + httpGet: + path: / + port: 8000 + initialDelaySeconds: 10 + periodSeconds: 5 + +service: + main: + controller: main + ports: + http: + port: 8000 + +ingress: + main: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd + hosts: + - host: mas0213.kro.kr + paths: + - path: / + service: + identifier: main + port: http + - host: www.mas0213.kro.kr + paths: + - path: / + service: + identifier: main + port: http + tls: + - secretName: mas-tls + hosts: + - mas0213.kro.kr + - www.mas0213.kro.kr diff --git a/mas/ingress.yaml b/mas/ingress.yaml deleted file mode 100644 index 84ab2a2..0000000 --- a/mas/ingress.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: mas-ingress - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd -spec: - ingressClassName: traefik - tls: - - hosts: - - mas0213.kro.kr - - www.mas0213.kro.kr - secretName: mas-tls - rules: - - host: mas0213.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: mas - port: - number: 8000 - - host: www.mas0213.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: mas - port: - number: 8000 diff --git a/mas/kustomization.yaml b/mas/kustomization.yaml index 9c60046..ddd6310 100644 --- a/mas/kustomization.yaml +++ b/mas/kustomization.yaml @@ -2,8 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: mas resources: -- deployment.yaml -- service.yaml -- ingress.yaml -- external-secret.yaml -- rbac.yaml +- manifests/rbac.yaml +- manifests/external-secret.yaml diff --git a/mas/external-secret.yaml b/mas/manifests/external-secret.yaml similarity index 100% rename from mas/external-secret.yaml rename to mas/manifests/external-secret.yaml diff --git a/mas/rbac.yaml b/mas/manifests/rbac.yaml similarity index 100% rename from mas/rbac.yaml rename to mas/manifests/rbac.yaml diff --git a/mas/service.yaml b/mas/service.yaml deleted file mode 100644 index 844fa86..0000000 --- a/mas/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mas - labels: - app: mas -spec: - type: ClusterIP - ports: - - port: 8000 - targetPort: 8000 - protocol: TCP - name: http - selector: - app: mas