K3S-HOME/web-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

REFACTOR(repo): migrate to Helm chart structure

Browse Source 
- Add web-app Helm chart in charts/web-app/
- Replace individual deployment/service/ingress YAML with helm-values
- Update ArgoCD applications to use Helm chart with values files
- Reduces per-app files from 6 to 2 (argocd.yaml + helm-values.yaml)

Apps migrated: jaejadle, jaejadle-dev, joossam, joossam-dev,
jotion, jovies, portfolio, todo
This commit is contained in:
Mayne0213
2026-01-06 01:04:43 +09:00
parent 5e0b33d44f
commit 128ab8cdb7
59 changed files with 962 additions and 968 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
charts/web-app/Chart.yaml Normal file
View File

@@ -0,0 +1,6 @@
apiVersion: v2
name: web-app
description: A Helm chart for deploying web applications on K3S
type: application
version: 0.1.0
appVersion: "1.0.0"

40
charts/web-app/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,40 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "web-app.name" -}}
{{- default .Chart.Name .Values.name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
*/}}
{{- define "web-app.fullname" -}}
{{- if .Values.name }}
{{- .Values.name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "web-app.labels" -}}
app: {{ include "web-app.fullname" . }}
app.kubernetes.io/name: {{ include "web-app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "web-app.selectorLabels" -}}
app: {{ include "web-app.fullname" . }}
{{- end }}
{{/*
Image name
*/}}
{{- define "web-app.image" -}}
{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository .Values.image.tag }}
{{- end }}

76
charts/web-app/templates/deployment.yaml Normal file
View File

@@ -0,0 +1,76 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "web-app.fullname" . }}
labels:
{{- include "web-app.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "web-app.selectorLabels" . | nindent 6 }}
strategy:
type: {{ .Values.strategy.type }}
{{- if eq .Values.strategy.type "RollingUpdate" }}
rollingUpdate:
maxUnavailable: {{ .Values.strategy.rollingUpdate.maxUnavailable }}
maxSurge: {{ .Values.strategy.rollingUpdate.maxSurge }}
{{- end }}
revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
template:
metadata:
labels:
{{- include "web-app.selectorLabels" . | nindent 8 }}
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ include "web-app.fullname" . }}
image: {{ include "web-app.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- containerPort: {{ .Values.containerPort }}
protocol: TCP
{{- with .Values.env }}
env:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.envFrom }}
envFrom:
{{- toYaml . | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- if .Values.healthCheck.enabled }}
livenessProbe:
httpGet:
path: {{ .Values.healthCheck.path }}
port: {{ .Values.containerPort }}
initialDelaySeconds: {{ .Values.healthCheck.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.healthCheck.livenessProbe.periodSeconds }}
readinessProbe:
httpGet:
path: {{ .Values.healthCheck.path }}
port: {{ .Values.containerPort }}
initialDelaySeconds: {{ .Values.healthCheck.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.healthCheck.readinessProbe.periodSeconds }}
{{- end }}
restartPolicy: Always
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

22
charts/web-app/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,22 @@
{{- if .Values.externalSecret.enabled }}
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: {{ include "web-app.fullname" . }}-secrets
spec:
refreshInterval: {{ .Values.externalSecret.refreshInterval }}
secretStoreRef:
name: {{ .Values.externalSecret.secretStoreRef.name }}
kind: {{ .Values.externalSecret.secretStoreRef.kind }}
target:
name: {{ include "web-app.fullname" . }}-secrets
creationPolicy: {{ .Values.externalSecret.target.creationPolicy }}
deletionPolicy: {{ .Values.externalSecret.target.deletionPolicy }}
data:
{{- range .Values.externalSecret.data }}
- secretKey: {{ .secretKey }}
remoteRef:
key: {{ .remoteRef.key }}
property: {{ .remoteRef.property }}
{{- end }}
{{- end }}

37
charts/web-app/templates/ingress.yaml Normal file
View File

@@ -0,0 +1,37 @@
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "web-app.fullname" . }}-ingress
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
ingressClassName: {{ .Values.ingress.className }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "web-app.fullname" $ }}
port:
number: {{ $.Values.service.port }}
{{- end }}
{{- end }}
{{- end }}

17
charts/web-app/templates/service.yaml Normal file
View File

@@ -0,0 +1,17 @@
{{- if .Values.service.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "web-app.fullname" . }}
labels:
{{- include "web-app.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- name: http
port: {{ .Values.service.port }}
targetPort: {{ .Values.containerPort }}
protocol: TCP
selector:
{{- include "web-app.selectorLabels" . | nindent 4 }}
{{- end }}

110
charts/web-app/values.yaml Normal file
View File

@@ -0,0 +1,110 @@
# Web App Helm Chart Default Values
# Application name (used for labels, selectors, service names)
name: ""
# Image configuration
image:
registry: ghcr.io
repository: mayne0213/app
tag: latest
pullPolicy: Always
# Image pull secrets
imagePullSecrets:
- name: ghcr-secret
# Replicas
replicaCount: 1
# Container port
containerPort: 3000
# Service configuration
service:
enabled: true
type: ClusterIP
port: 80
# Ingress configuration
ingress:
enabled: true
className: traefik
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: app.example.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: app-tls
hosts:
- app.example.com
# Resources
resources:
requests:
memory: 80Mi
cpu: 20m
limits:
memory: 200Mi
# Health checks
healthCheck:
enabled: true
path: /
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 5
# Environment variables (plain)
env: []
# - name: NODE_ENV
# value: production
# Environment variables from secrets
envFrom: []
# - secretRef:
# name: app-secrets
# External Secrets configuration
externalSecret:
enabled: false
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
creationPolicy: Owner
deletionPolicy: Retain
data: []
# - secretKey: DATABASE_URL
# remoteRef:
# key: myapp
# property: DATABASE_URL
# Deployment strategy
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
# Revision history
revisionHistoryLimit: 3
# Pod annotations
podAnnotations: {}
# Node selector
nodeSelector: {}
# Tolerations
tolerations: []
# Affinity
affinity: {}

8
jaejadle-dev/argocd.yaml
View File

@@ -10,7 +10,13 @@ spec:
sources:
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
path: jaejadle-dev
path: charts/web-app
helm:
valueFiles:
- $values/jaejadle-dev/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
ref: values
destination:
server: https://kubernetes.default.svc
namespace: jaejadle-dev

53
jaejadle-dev/deployment.yaml
View File

@@ -1,53 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: jaejadle-dev
labels:
app: jaejadle-dev
spec:
replicas: 1
selector:
matchLabels:
app: jaejadle-dev
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
revisionHistoryLimit: 3
template:
metadata:
labels:
app: jaejadle-dev
spec:
imagePullSecrets:
- name: ghcr-secret
containers:
- name: jaejadle-dev
image: ghcr.io/mayne0213/jaejadle:develop
imagePullPolicy: Always
ports:
- containerPort: 3000
protocol: TCP
envFrom:
- secretRef:
name: jaejadle-dev-secrets
resources:
requests:
memory: 80Mi
cpu: 20m
limits:
memory: 300Mi
livenessProbe:
httpGet:
path: /
port: 3000
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: 3000
initialDelaySeconds: 5
periodSeconds: 5
restartPolicy: Always

46
jaejadle-dev/external-secret.yaml
View File

@@ -1,46 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: jaejadle-dev-secrets
spec:
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
name: jaejadle-dev-secrets
creationPolicy: Owner
deletionPolicy: Retain
data:
- secretKey: DATABASE_URL
remoteRef:
key: jaejadle-dev
property: DATABASE_URL
- secretKey: JWT_SECRET
remoteRef:
key: jaejadle-dev
property: JWT_SECRET
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
key: jaejadle-dev
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
key: jaejadle-dev
property: AWS_SECRET_ACCESS_KEY
- secretKey: AWS_S3_BUCKET_NAME
remoteRef:
key: jaejadle-dev
property: AWS_S3_BUCKET_NAME
- secretKey: AWS_S3_ENDPOINT
remoteRef:
key: jaejadle-dev
property: AWS_S3_ENDPOINT
- secretKey: AWS_REGION
remoteRef:
key: jaejadle-dev
property: AWS_REGION
- secretKey: CODE
remoteRef:
key: jaejadle-dev
property: CODE

99
jaejadle-dev/helm-values.yaml Normal file
View File

@@ -0,0 +1,99 @@
# Jaejadle Dev Web App Helm Values
name: jaejadle-dev
image:
registry: ghcr.io
repository: mayne0213/jaejadle
tag: develop
pullPolicy: Always
imagePullSecrets:
- name: ghcr-secret
replicaCount: 1
containerPort: 3000
service:
enabled: true
type: ClusterIP
port: 80
ingress:
enabled: true
className: traefik
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: dev.jaejadle.kro.kr
paths:
- path: /
pathType: Prefix
tls:
- secretName: jaejadle-dev-tls
hosts:
- dev.jaejadle.kro.kr
resources:
requests:
memory: 80Mi
cpu: 20m
limits:
memory: 300Mi
healthCheck:
enabled: true
path: /
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 5
envFrom:
- secretRef:
name: jaejadle-dev-secrets
externalSecret:
enabled: true
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
creationPolicy: Owner
deletionPolicy: Retain
data:
- secretKey: DATABASE_URL
remoteRef:
key: jaejadle-dev
property: DATABASE_URL
- secretKey: JWT_SECRET
remoteRef:
key: jaejadle-dev
property: JWT_SECRET
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
key: jaejadle-dev
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
key: jaejadle-dev
property: AWS_SECRET_ACCESS_KEY
- secretKey: AWS_S3_BUCKET_NAME
remoteRef:
key: jaejadle-dev
property: AWS_S3_BUCKET_NAME
- secretKey: AWS_S3_ENDPOINT
remoteRef:
key: jaejadle-dev
property: AWS_S3_ENDPOINT
- secretKey: AWS_REGION
remoteRef:
key: jaejadle-dev
property: AWS_REGION
- secretKey: CODE
remoteRef:
key: jaejadle-dev
property: CODE

23
jaejadle-dev/ingress.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jaejadle-dev-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: traefik
tls:
- hosts:
- dev.jaejadle.kro.kr
secretName: jaejadle-dev-tls
rules:
- host: dev.jaejadle.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jaejadle-dev
port:
number: 80

8
jaejadle-dev/kustomization.yaml
View File

@@ -1,8 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: jaejadle-dev
resources:
- deployment.yaml
- service.yaml
- ingress.yaml
- external-secret.yaml

15
jaejadle-dev/service.yaml
View File

@@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: jaejadle-dev
labels:
app: jaejadle-dev
spec:
type: ClusterIP
ports:
- name: http
port: 80
targetPort: 3000
protocol: TCP
selector:
app: jaejadle-dev

8
jaejadle/argocd.yaml
View File

@@ -10,7 +10,13 @@ spec:
sources:
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
path: jaejadle
path: charts/web-app
helm:
valueFiles:
- $values/jaejadle/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
ref: values
destination:
server: https://kubernetes.default.svc
namespace: jaejadle

53
jaejadle/deployment.yaml
View File

@@ -1,53 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: jaejadle
labels:
app: jaejadle
spec:
replicas: 1
selector:
matchLabels:
app: jaejadle
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
revisionHistoryLimit: 3
template:
metadata:
labels:
app: jaejadle
spec:
imagePullSecrets:
- name: ghcr-secret
containers:
- name: jaejadle
image: ghcr.io/mayne0213/jaejadle:latest
imagePullPolicy: Always
ports:
- containerPort: 3000
protocol: TCP
envFrom:
- secretRef:
name: jaejadle-secrets
resources:
requests:
memory: 80Mi
cpu: 20m
limits:
memory: 300Mi
livenessProbe:
httpGet:
path: /
port: 3000
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: 3000
initialDelaySeconds: 5
periodSeconds: 5
restartPolicy: Always

46
jaejadle/external-secret.yaml
View File

@@ -1,46 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: jaejadle-secrets
spec:
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
name: jaejadle-secrets
creationPolicy: Owner
deletionPolicy: Retain
data:
- secretKey: DATABASE_URL
remoteRef:
key: jaejadle
property: DATABASE_URL
- secretKey: JWT_SECRET
remoteRef:
key: jaejadle
property: JWT_SECRET
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
key: jaejadle
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
key: jaejadle
property: AWS_SECRET_ACCESS_KEY
- secretKey: AWS_S3_BUCKET_NAME
remoteRef:
key: jaejadle
property: AWS_S3_BUCKET_NAME
- secretKey: AWS_S3_ENDPOINT
remoteRef:
key: jaejadle
property: AWS_S3_ENDPOINT
- secretKey: AWS_REGION
remoteRef:
key: jaejadle
property: AWS_REGION
- secretKey: CODE
remoteRef:
key: jaejadle
property: CODE

99
jaejadle/helm-values.yaml Normal file
View File

@@ -0,0 +1,99 @@
# Jaejadle Web App Helm Values
name: jaejadle
image:
registry: ghcr.io
repository: mayne0213/jaejadle
tag: latest
pullPolicy: Always
imagePullSecrets:
- name: ghcr-secret
replicaCount: 1
containerPort: 3000
service:
enabled: true
type: ClusterIP
port: 80
ingress:
enabled: true
className: traefik
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: jaejadle.kro.kr
paths:
- path: /
pathType: Prefix
tls:
- secretName: jaejadle-tls
hosts:
- jaejadle.kro.kr
resources:
requests:
memory: 80Mi
cpu: 20m
limits:
memory: 300Mi
healthCheck:
enabled: true
path: /
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 5
envFrom:
- secretRef:
name: jaejadle-secrets
externalSecret:
enabled: true
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
creationPolicy: Owner
deletionPolicy: Retain
data:
- secretKey: DATABASE_URL
remoteRef:
key: jaejadle
property: DATABASE_URL
- secretKey: JWT_SECRET
remoteRef:
key: jaejadle
property: JWT_SECRET
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
key: jaejadle
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
key: jaejadle
property: AWS_SECRET_ACCESS_KEY
- secretKey: AWS_S3_BUCKET_NAME
remoteRef:
key: jaejadle
property: AWS_S3_BUCKET_NAME
- secretKey: AWS_S3_ENDPOINT
remoteRef:
key: jaejadle
property: AWS_S3_ENDPOINT
- secretKey: AWS_REGION
remoteRef:
key: jaejadle
property: AWS_REGION
- secretKey: CODE
remoteRef:
key: jaejadle
property: CODE

23
jaejadle/ingress.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jaejadle-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: traefik
tls:
- hosts:
- jaejadle.kro.kr
secretName: jaejadle-tls
rules:
- host: jaejadle.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jaejadle
port:
number: 80

8
jaejadle/kustomization.yaml
View File

@@ -1,8 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: jaejadle
resources:
- deployment.yaml
- service.yaml
- ingress.yaml
- external-secret.yaml

15
jaejadle/service.yaml
View File

@@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: jaejadle
labels:
app: jaejadle
spec:
type: ClusterIP
ports:
- name: http
port: 80
targetPort: 3000
protocol: TCP
selector:
app: jaejadle

8
joossam-dev/argocd.yaml
View File

@@ -10,7 +10,13 @@ spec:
sources:
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
path: joossam-dev
path: charts/web-app
helm:
valueFiles:
- $values/joossam-dev/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
ref: values
destination:
server: https://kubernetes.default.svc
namespace: joossam-dev

50
joossam-dev/deployment.yaml
View File

@@ -1,50 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: joossam-dev
labels:
app: joossam-dev
spec:
replicas: 1
selector:
matchLabels:
app: joossam-dev
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
revisionHistoryLimit: 3
template:
metadata:
labels:
app: joossam-dev
spec:
imagePullSecrets:
- name: ghcr-secret
containers:
- name: joossam-dev
image: ghcr.io/mayne0213/joossam:develop
imagePullPolicy: Always
ports:
- containerPort: 8000
protocol: TCP
resources:
requests:
memory: 256Mi
cpu: 20m
limits:
memory: 512Mi
livenessProbe:
httpGet:
path: /
port: 8000
initialDelaySeconds: 10
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: 8000
initialDelaySeconds: 5
periodSeconds: 5
restartPolicy: Always

55
joossam-dev/helm-values.yaml Normal file
View File

@@ -0,0 +1,55 @@
# Joossam Dev Web App Helm Values
name: joossam-dev
image:
registry: ghcr.io
repository: mayne0213/joossam
tag: develop
pullPolicy: Always
imagePullSecrets:
- name: ghcr-secret
replicaCount: 1
containerPort: 8000
service:
enabled: true
type: ClusterIP
port: 80
ingress:
enabled: true
className: traefik
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: dev.joossameng.kro.kr
paths:
- path: /
pathType: Prefix
tls:
- secretName: joossam-dev-tls
hosts:
- dev.joossameng.kro.kr
resources:
requests:
memory: 256Mi
cpu: 20m
limits:
memory: 512Mi
healthCheck:
enabled: true
path: /
livenessProbe:
initialDelaySeconds: 10
periodSeconds: 10
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 5
externalSecret:
enabled: false

23
joossam-dev/ingress.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: joossam-dev-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: traefik
tls:
- hosts:
- dev.joossameng.kro.kr
secretName: joossam-dev-tls
rules:
- host: dev.joossameng.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: joossam-dev
port:
number: 80

7
joossam-dev/kustomization.yaml
View File

@@ -1,7 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: joossam-dev
resources:
- deployment.yaml
- service.yaml
- ingress.yaml

15
joossam-dev/service.yaml
View File

@@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: joossam-dev
labels:
app: joossam-dev
spec:
type: ClusterIP
ports:
- name: http
port: 80
targetPort: 8000
protocol: TCP
selector:
app: joossam-dev

8
joossam/argocd.yaml
View File

@@ -10,7 +10,13 @@ spec:
sources:
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
path: joossam
path: charts/web-app
helm:
valueFiles:
- $values/joossam/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
ref: values
destination:
server: https://kubernetes.default.svc
namespace: joossam

50
joossam/deployment.yaml
View File

@@ -1,50 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: joossam
labels:
app: joossam
spec:
replicas: 1
selector:
matchLabels:
app: joossam
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
revisionHistoryLimit: 3
template:
metadata:
labels:
app: joossam
spec:
imagePullSecrets:
- name: ghcr-secret
containers:
- name: joossam
image: ghcr.io/mayne0213/joossam:latest
imagePullPolicy: Always
ports:
- containerPort: 8000
protocol: TCP
resources:
requests:
memory: 256Mi
cpu: 20m
limits:
memory: 512Mi
livenessProbe:
httpGet:
path: /
port: 8000
initialDelaySeconds: 10
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: 8000
initialDelaySeconds: 5
periodSeconds: 5
restartPolicy: Always

55
joossam/helm-values.yaml Normal file
View File

@@ -0,0 +1,55 @@
# Joossam Web App Helm Values
name: joossam
image:
registry: ghcr.io
repository: mayne0213/joossam
tag: latest
pullPolicy: Always
imagePullSecrets:
- name: ghcr-secret
replicaCount: 1
containerPort: 8000
service:
enabled: true
type: ClusterIP
port: 80
ingress:
enabled: true
className: traefik
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: joossameng.kro.kr
paths:
- path: /
pathType: Prefix
tls:
- secretName: joossam-tls
hosts:
- joossameng.kro.kr
resources:
requests:
memory: 256Mi
cpu: 20m
limits:
memory: 512Mi
healthCheck:
enabled: true
path: /
livenessProbe:
initialDelaySeconds: 10
periodSeconds: 10
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 5
externalSecret:
enabled: false

23
joossam/ingress.yaml
View File

@@ -1,23 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: joossam-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: traefik
tls:
- hosts:
- joossameng.kro.kr
secretName: joossam-tls
rules:
- host: joossameng.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: joossam
port:
number: 80

7
joossam/kustomization.yaml
View File

@@ -1,7 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: joossam
resources:
- deployment.yaml
- service.yaml
- ingress.yaml

15
joossam/service.yaml
View File

@@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: joossam
labels:
app: joossam
spec:
type: ClusterIP
ports:
- name: http
port: 80
targetPort: 8000
protocol: TCP
selector:
app: joossam

8
jotion/argocd.yaml
View File

@@ -10,7 +10,13 @@ spec:
sources:
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
path: jotion
path: charts/web-app
helm:
valueFiles:
- $values/jotion/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
ref: values
destination:
server: https://kubernetes.default.svc
namespace: jotion

58
jotion/deployment.yaml
View File

@@ -1,58 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: jotion
labels:
app: jotion
spec:
replicas: 1
selector:
matchLabels:
app: jotion
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
revisionHistoryLimit: 3
template:
metadata:
labels:
app: jotion
spec:
imagePullSecrets:
- name: ghcr-secret
containers:
- name: jotion
image: ghcr.io/mayne0213/jotion:latest
imagePullPolicy: Always
ports:
- containerPort: 3000
protocol: TCP
env:
- name: NODE_ENV
value: production
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: jotion-secrets
key: database-url
resources:
requests:
memory: 80Mi
cpu: 20m
limits:
memory: 200Mi
livenessProbe:
httpGet:
path: /api/health
port: 3000
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /api/health
port: 3000
initialDelaySeconds: 5
periodSeconds: 5
restartPolicy: Always

18
jotion/external-secret.yaml
View File

@@ -1,18 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: jotion-secrets
spec:
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
name: jotion-secrets
creationPolicy: Owner
deletionPolicy: Retain
data:
- secretKey: database-url
remoteRef:
key: jotion
property: DATABASE_URL

81
jotion/helm-values.yaml Normal file
View File

@@ -0,0 +1,81 @@
# Jotion Web App Helm Values
name: jotion
image:
registry: ghcr.io
repository: mayne0213/jotion
tag: latest
pullPolicy: Always
imagePullSecrets:
- name: ghcr-secret
replicaCount: 1
containerPort: 3000
service:
enabled: true
type: ClusterIP
port: 80
ingress:
enabled: true
className: traefik
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: jotion0213.kro.kr
paths:
- path: /
pathType: Prefix
- host: www.jotion0213.kro.kr
paths:
- path: /
pathType: Prefix
tls:
- secretName: jotion-tls
hosts:
- jotion0213.kro.kr
- www.jotion0213.kro.kr
resources:
requests:
memory: 80Mi
cpu: 20m
limits:
memory: 200Mi
healthCheck:
enabled: true
path: /api/health
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 5
env:
- name: NODE_ENV
value: production
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: jotion-secrets
key: database-url
externalSecret:
enabled: true
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
creationPolicy: Owner
deletionPolicy: Retain
data:
- secretKey: database-url
remoteRef:
key: jotion
property: DATABASE_URL

34
jotion/ingress.yaml
View File

@@ -1,34 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jotion-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: traefik
tls:
- hosts:
- jotion0213.kro.kr
- www.jotion0213.kro.kr
secretName: jotion-tls
rules:
- host: jotion0213.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jotion
port:
number: 80
- host: www.jotion0213.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jotion
port:
number: 80

8
jotion/kustomization.yaml
View File

@@ -1,8 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: jotion
resources:
- deployment.yaml
- service.yaml
- ingress.yaml
- external-secret.yaml

15
jotion/service.yaml
View File

@@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: jotion
labels:
app: jotion
spec:
type: ClusterIP
ports:
- name: http
port: 80
targetPort: 3000
protocol: TCP
selector:
app: jotion

8
jovies/argocd.yaml
View File

@@ -10,7 +10,13 @@ spec:
sources:
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
path: jovies
path: charts/web-app
helm:
valueFiles:
- $values/jovies/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
ref: values
destination:
server: https://kubernetes.default.svc
namespace: jovies

51
jovies/deployment.yaml
View File

@@ -1,51 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: jovies
labels:
app: jovies
spec:
replicas: 1
selector:
matchLabels:
app: jovies
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
revisionHistoryLimit: 3
template:
metadata:
labels:
app: jovies
spec:
containers:
- name: jovies
image: ghcr.io/mayne0213/jovies:latest
imagePullPolicy: Always
ports:
- containerPort: 3000
protocol: TCP
env:
- name: NODE_ENV
value: production
resources:
requests:
memory: 40Mi
cpu: 5m
limits:
memory: 100Mi
livenessProbe:
httpGet:
path: /
port: 3000
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: 3000
initialDelaySeconds: 5
periodSeconds: 5
restartPolicy: Always

63
jovies/helm-values.yaml Normal file
View File

@@ -0,0 +1,63 @@
# Jovies Web App Helm Values
name: jovies
image:
registry: ghcr.io
repository: mayne0213/jovies
tag: latest
pullPolicy: Always
imagePullSecrets: []
replicaCount: 1
containerPort: 3000
service:
enabled: true
type: ClusterIP
port: 80
ingress:
enabled: true
className: traefik
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: jovies.kro.kr
paths:
- path: /
pathType: Prefix
- host: www.jovies.kro.kr
paths:
- path: /
pathType: Prefix
tls:
- secretName: jovies-tls
hosts:
- jovies.kro.kr
- www.jovies.kro.kr
resources:
requests:
memory: 40Mi
cpu: 5m
limits:
memory: 100Mi
healthCheck:
enabled: true
path: /
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 5
env:
- name: NODE_ENV
value: production
externalSecret:
enabled: false

34
jovies/ingress.yaml
View File

@@ -1,34 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jovies-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: traefik
tls:
- hosts:
- jovies.kro.kr
- www.jovies.kro.kr
secretName: jovies-tls
rules:
- host: jovies.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jovies
port:
number: 80
- host: www.jovies.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jovies
port:
number: 80

7
jovies/kustomization.yaml
View File

@@ -1,7 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: jovies
resources:
- deployment.yaml
- service.yaml
- ingress.yaml

15
jovies/service.yaml
View File

@@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: jovies
labels:
app: jovies
spec:
type: ClusterIP
ports:
- name: http
port: 80
targetPort: 3000
protocol: TCP
selector:
app: jovies

8
portfolio/argocd.yaml
View File

@@ -10,7 +10,13 @@ spec:
sources:
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
path: portfolio
path: charts/web-app
helm:
valueFiles:
- $values/portfolio/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
ref: values
destination:
server: https://kubernetes.default.svc
namespace: portfolio

53
portfolio/deployment.yaml
View File

@@ -1,53 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: portfolio
labels:
app: portfolio
spec:
replicas: 1
selector:
matchLabels:
app: portfolio
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
revisionHistoryLimit: 3
template:
metadata:
labels:
app: portfolio
spec:
containers:
- name: portfolio
image: ghcr.io/mayne0213/portfolio:latest
imagePullPolicy: Always
ports:
- containerPort: 3000
protocol: TCP
env:
- name: NODE_ENV
value: production
- name: PROMETHEUS_URL
value: http://prometheus.prometheus.svc.cluster.local:9090
resources:
requests:
memory: 80Mi
cpu: 20m
limits:
memory: 150Mi
livenessProbe:
httpGet:
path: /
port: 3000
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: 3000
initialDelaySeconds: 5
periodSeconds: 5
restartPolicy: Always

65
portfolio/helm-values.yaml Normal file
View File

@@ -0,0 +1,65 @@
# Portfolio Web App Helm Values
name: portfolio
image:
registry: ghcr.io
repository: mayne0213/portfolio
tag: latest
pullPolicy: Always
imagePullSecrets: []
replicaCount: 1
containerPort: 3000
service:
enabled: true
type: ClusterIP
port: 80
ingress:
enabled: true
className: traefik
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: minjo0213.kro.kr
paths:
- path: /
pathType: Prefix
- host: www.minjo0213.kro.kr
paths:
- path: /
pathType: Prefix
tls:
- secretName: portfolio-tls
hosts:
- minjo0213.kro.kr
- www.minjo0213.kro.kr
resources:
requests:
memory: 80Mi
cpu: 20m
limits:
memory: 150Mi
healthCheck:
enabled: true
path: /
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 5
env:
- name: NODE_ENV
value: production
- name: PROMETHEUS_URL
value: http://prometheus.prometheus.svc.cluster.local:9090
externalSecret:
enabled: false

34
portfolio/ingress.yaml
View File

@@ -1,34 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: portfolio-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: traefik
tls:
- hosts:
- minjo0213.kro.kr
- www.minjo0213.kro.kr
secretName: portfolio-tls
rules:
- host: minjo0213.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: portfolio
port:
number: 80
- host: www.minjo0213.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: portfolio
port:
number: 80

7
portfolio/kustomization.yaml
View File

@@ -1,7 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: portfolio
resources:
- deployment.yaml
- service.yaml
- ingress.yaml

15
portfolio/service.yaml
View File

@@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: portfolio
labels:
app: portfolio
spec:
type: ClusterIP
ports:
- name: http
port: 80
targetPort: 3000
protocol: TCP
selector:
app: portfolio

8
todo/argocd.yaml
View File

@@ -10,7 +10,13 @@ spec:
sources:
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
path: todo
path: charts/web-app
helm:
valueFiles:
- $values/todo/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/web-apps.git
targetRevision: main
ref: values
destination:
server: https://kubernetes.default.svc
namespace: todo

56
todo/deployment.yaml
View File

@@ -1,56 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: todo
labels:
app: todo
spec:
replicas: 1
selector:
matchLabels:
app: todo
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
revisionHistoryLimit: 3
template:
metadata:
labels:
app: todo
spec:
containers:
- name: todo
image: ghcr.io/mayne0213/todo:latest
imagePullPolicy: Always
ports:
- containerPort: 3000
protocol: TCP
env:
- name: NODE_ENV
value: production
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: todo-secrets
key: database-url
resources:
requests:
memory: 50Mi
cpu: 20m
limits:
memory: 120Mi
livenessProbe:
httpGet:
path: /api/health
port: 3000
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /api/health
port: 3000
initialDelaySeconds: 5
periodSeconds: 5
restartPolicy: Always

18
todo/external-secret.yaml
View File

@@ -1,18 +0,0 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: todo-secrets
spec:
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
name: todo-secrets
creationPolicy: Owner
deletionPolicy: Retain
data:
- secretKey: database-url
remoteRef:
key: todo/prod
property: DATABASE_URL

81
todo/helm-values.yaml Normal file
View File

@@ -0,0 +1,81 @@
# Todo Web App Helm Values
name: todo
image:
registry: ghcr.io
repository: mayne0213/todo
tag: latest
pullPolicy: Always
# No imagePullSecrets needed (public or already configured)
imagePullSecrets: []
replicaCount: 1
containerPort: 3000
service:
enabled: true
type: ClusterIP
port: 80
ingress:
enabled: true
className: traefik
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: todo0213.kro.kr
paths:
- path: /
pathType: Prefix
- host: www.todo0213.kro.kr
paths:
- path: /
pathType: Prefix
tls:
- secretName: todo-tls
hosts:
- todo0213.kro.kr
- www.todo0213.kro.kr
resources:
requests:
memory: 50Mi
cpu: 20m
limits:
memory: 120Mi
healthCheck:
enabled: true
path: /api/health
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 5
env:
- name: NODE_ENV
value: production
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: todo-secrets
key: database-url
externalSecret:
enabled: true
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
creationPolicy: Owner
deletionPolicy: Retain
data:
- secretKey: database-url
remoteRef:
key: todo/prod
property: DATABASE_URL

34
todo/ingress.yaml
View File

@@ -1,34 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: todo-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: traefik
tls:
- hosts:
- todo0213.kro.kr
- www.todo0213.kro.kr
secretName: todo-tls
rules:
- host: todo0213.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: todo
port:
number: 80
- host: www.todo0213.kro.kr
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: todo
port:
number: 80

8
todo/kustomization.yaml
View File

@@ -1,8 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: todo
resources:
- deployment.yaml
- service.yaml
- ingress.yaml
- external-secret.yaml

15
todo/service.yaml
View File

@@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: todo
labels:
app: todo
spec:
type: ClusterIP
ports:
- name: http
port: 80
targetPort: 3000
protocol: TCP
selector:
app: todo