diff --git a/jaejadle-dev/argocd.yaml b/jaejadle-dev/argocd.yaml new file mode 100644 index 0000000..259f233 --- /dev/null +++ b/jaejadle-dev/argocd.yaml @@ -0,0 +1,35 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: jaejadle-dev + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + sources: + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + path: jaejadle-dev + destination: + server: https://kubernetes.default.svc + namespace: jaejadle-dev + syncPolicy: + automated: + prune: true + selfHeal: true + allowEmpty: false + syncOptions: + - CreateNamespace=true + - PrunePropagationPolicy=foreground + - PruneLast=true + retry: + limit: 5 + backoff: + duration: 5s + factor: 2 + maxDuration: 3m + managedNamespaceMetadata: + labels: + goldilocks.fairwinds.com/enabled: 'true' + revisionHistoryLimit: 10 diff --git a/jaejadle-dev/deployment.yaml b/jaejadle-dev/deployment.yaml new file mode 100644 index 0000000..898d2ae --- /dev/null +++ b/jaejadle-dev/deployment.yaml @@ -0,0 +1,53 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: jaejadle-dev + labels: + app: jaejadle-dev +spec: + replicas: 1 + selector: + matchLabels: + app: jaejadle-dev + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 0 + maxSurge: 1 + revisionHistoryLimit: 3 + template: + metadata: + labels: + app: jaejadle-dev + spec: + imagePullSecrets: + - name: ghcr-secret + containers: + - name: jaejadle-dev + image: ghcr.io/mayne0213/jaejadle:develop + imagePullPolicy: Always + ports: + - containerPort: 3000 + protocol: TCP + envFrom: + - secretRef: + name: jaejadle-dev-secrets + resources: + requests: + memory: 80Mi + cpu: 20m + limits: + memory: 300Mi + livenessProbe: + httpGet: + path: /api/health + port: 3000 + initialDelaySeconds: 30 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /api/health + port: 3000 + initialDelaySeconds: 5 + periodSeconds: 5 + restartPolicy: Always diff --git a/jaejadle-dev/external-secret.yaml b/jaejadle-dev/external-secret.yaml new file mode 100644 index 0000000..5cf781b --- /dev/null +++ b/jaejadle-dev/external-secret.yaml @@ -0,0 +1,46 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: jaejadle-dev-secrets +spec: + refreshInterval: 1h + secretStoreRef: + name: vault-backend + kind: ClusterSecretStore + target: + name: jaejadle-dev-secrets + creationPolicy: Owner + deletionPolicy: Retain + data: + - secretKey: DATABASE_URL + remoteRef: + key: jaejadle-dev + property: DATABASE_URL + - secretKey: JWT_SECRET + remoteRef: + key: jaejadle-dev + property: JWT_SECRET + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + key: jaejadle-dev + property: AWS_ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + key: jaejadle-dev + property: AWS_SECRET_ACCESS_KEY + - secretKey: AWS_S3_BUCKET_NAME + remoteRef: + key: jaejadle-dev + property: AWS_S3_BUCKET_NAME + - secretKey: AWS_S3_ENDPOINT + remoteRef: + key: jaejadle-dev + property: AWS_S3_ENDPOINT + - secretKey: AWS_REGION + remoteRef: + key: jaejadle-dev + property: AWS_REGION + - secretKey: CODE + remoteRef: + key: jaejadle-dev + property: CODE diff --git a/jaejadle-dev/ingress.yaml b/jaejadle-dev/ingress.yaml new file mode 100644 index 0000000..82b3fcc --- /dev/null +++ b/jaejadle-dev/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: jaejadle-dev-ingress + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia@kubernetescrd +spec: + ingressClassName: traefik + tls: + - hosts: + - dev.jaejadle.kro.kr + secretName: jaejadle-dev-tls + rules: + - host: dev.jaejadle.kro.kr + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: jaejadle-dev + port: + number: 80 diff --git a/jaejadle-dev/kustomization.yaml b/jaejadle-dev/kustomization.yaml new file mode 100644 index 0000000..0d8d190 --- /dev/null +++ b/jaejadle-dev/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: jaejadle-dev +resources: +- deployment.yaml +- service.yaml +- ingress.yaml +- external-secret.yaml diff --git a/jaejadle-dev/service.yaml b/jaejadle-dev/service.yaml new file mode 100644 index 0000000..30611e5 --- /dev/null +++ b/jaejadle-dev/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: jaejadle-dev + labels: + app: jaejadle-dev +spec: + type: ClusterIP + ports: + - name: http + port: 80 + targetPort: 3000 + protocol: TCP + selector: + app: jaejadle-dev diff --git a/jaejadle/argocd.yaml b/jaejadle/argocd.yaml new file mode 100644 index 0000000..c18364b --- /dev/null +++ b/jaejadle/argocd.yaml @@ -0,0 +1,35 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: jaejadle + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + sources: + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + path: jaejadle + destination: + server: https://kubernetes.default.svc + namespace: jaejadle + syncPolicy: + automated: + prune: true + selfHeal: true + allowEmpty: false + syncOptions: + - CreateNamespace=true + - PrunePropagationPolicy=foreground + - PruneLast=true + retry: + limit: 5 + backoff: + duration: 5s + factor: 2 + maxDuration: 3m + managedNamespaceMetadata: + labels: + goldilocks.fairwinds.com/enabled: 'true' + revisionHistoryLimit: 10 diff --git a/jaejadle/deployment.yaml b/jaejadle/deployment.yaml new file mode 100644 index 0000000..317d1fe --- /dev/null +++ b/jaejadle/deployment.yaml @@ -0,0 +1,53 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: jaejadle + labels: + app: jaejadle +spec: + replicas: 1 + selector: + matchLabels: + app: jaejadle + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 0 + maxSurge: 1 + revisionHistoryLimit: 3 + template: + metadata: + labels: + app: jaejadle + spec: + imagePullSecrets: + - name: ghcr-secret + containers: + - name: jaejadle + image: ghcr.io/mayne0213/jaejadle:latest + imagePullPolicy: Always + ports: + - containerPort: 3000 + protocol: TCP + envFrom: + - secretRef: + name: jaejadle-secrets + resources: + requests: + memory: 80Mi + cpu: 20m + limits: + memory: 300Mi + livenessProbe: + httpGet: + path: /api/health + port: 3000 + initialDelaySeconds: 30 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /api/health + port: 3000 + initialDelaySeconds: 5 + periodSeconds: 5 + restartPolicy: Always diff --git a/jaejadle/external-secret.yaml b/jaejadle/external-secret.yaml new file mode 100644 index 0000000..38f6291 --- /dev/null +++ b/jaejadle/external-secret.yaml @@ -0,0 +1,46 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: jaejadle-secrets +spec: + refreshInterval: 1h + secretStoreRef: + name: vault-backend + kind: ClusterSecretStore + target: + name: jaejadle-secrets + creationPolicy: Owner + deletionPolicy: Retain + data: + - secretKey: DATABASE_URL + remoteRef: + key: jaejadle + property: DATABASE_URL + - secretKey: JWT_SECRET + remoteRef: + key: jaejadle + property: JWT_SECRET + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + key: jaejadle + property: AWS_ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + key: jaejadle + property: AWS_SECRET_ACCESS_KEY + - secretKey: AWS_S3_BUCKET_NAME + remoteRef: + key: jaejadle + property: AWS_S3_BUCKET_NAME + - secretKey: AWS_S3_ENDPOINT + remoteRef: + key: jaejadle + property: AWS_S3_ENDPOINT + - secretKey: AWS_REGION + remoteRef: + key: jaejadle + property: AWS_REGION + - secretKey: CODE + remoteRef: + key: jaejadle + property: CODE diff --git a/jaejadle/ingress.yaml b/jaejadle/ingress.yaml new file mode 100644 index 0000000..045ae1c --- /dev/null +++ b/jaejadle/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: jaejadle-ingress + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia@kubernetescrd +spec: + ingressClassName: traefik + tls: + - hosts: + - jaejadle.kro.kr + secretName: jaejadle-tls + rules: + - host: jaejadle.kro.kr + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: jaejadle + port: + number: 80 diff --git a/jaejadle/kustomization.yaml b/jaejadle/kustomization.yaml new file mode 100644 index 0000000..fed166c --- /dev/null +++ b/jaejadle/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: jaejadle +resources: +- deployment.yaml +- service.yaml +- ingress.yaml +- external-secret.yaml diff --git a/jaejadle/service.yaml b/jaejadle/service.yaml new file mode 100644 index 0000000..d823dbf --- /dev/null +++ b/jaejadle/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: jaejadle + labels: + app: jaejadle +spec: + type: ClusterIP + ports: + - name: http + port: 80 + targetPort: 3000 + protocol: TCP + selector: + app: jaejadle diff --git a/joossam-dev/argocd.yaml b/joossam-dev/argocd.yaml new file mode 100644 index 0000000..eb838c2 --- /dev/null +++ b/joossam-dev/argocd.yaml @@ -0,0 +1,35 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: joossam-dev + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + sources: + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + path: joossam-dev + destination: + server: https://kubernetes.default.svc + namespace: joossam-dev + syncPolicy: + automated: + prune: true + selfHeal: true + allowEmpty: false + syncOptions: + - CreateNamespace=true + - PrunePropagationPolicy=foreground + - PruneLast=true + retry: + limit: 5 + backoff: + duration: 5s + factor: 2 + maxDuration: 3m + managedNamespaceMetadata: + labels: + goldilocks.fairwinds.com/enabled: 'true' + revisionHistoryLimit: 10 diff --git a/joossam-dev/deployment.yaml b/joossam-dev/deployment.yaml new file mode 100644 index 0000000..3fecacc --- /dev/null +++ b/joossam-dev/deployment.yaml @@ -0,0 +1,50 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: joossam-dev + labels: + app: joossam-dev +spec: + replicas: 1 + selector: + matchLabels: + app: joossam-dev + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 0 + maxSurge: 1 + revisionHistoryLimit: 3 + template: + metadata: + labels: + app: joossam-dev + spec: + imagePullSecrets: + - name: ghcr-secret + containers: + - name: joossam-dev + image: ghcr.io/mayne0213/joossam:develop + imagePullPolicy: Always + ports: + - containerPort: 8000 + protocol: TCP + resources: + requests: + memory: 256Mi + cpu: 20m + limits: + memory: 512Mi + livenessProbe: + httpGet: + path: / + port: 8000 + initialDelaySeconds: 10 + periodSeconds: 10 + readinessProbe: + httpGet: + path: / + port: 8000 + initialDelaySeconds: 5 + periodSeconds: 5 + restartPolicy: Always diff --git a/joossam-dev/ingress.yaml b/joossam-dev/ingress.yaml new file mode 100644 index 0000000..c6c079a --- /dev/null +++ b/joossam-dev/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: joossam-dev-ingress + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia@kubernetescrd +spec: + ingressClassName: traefik + tls: + - hosts: + - dev.joossameng.kro.kr + secretName: joossam-dev-tls + rules: + - host: dev.joossameng.kro.kr + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: joossam-dev + port: + number: 80 diff --git a/joossam-dev/kustomization.yaml b/joossam-dev/kustomization.yaml new file mode 100644 index 0000000..f59399a --- /dev/null +++ b/joossam-dev/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: joossam-dev +resources: +- deployment.yaml +- service.yaml +- ingress.yaml diff --git a/joossam-dev/service.yaml b/joossam-dev/service.yaml new file mode 100644 index 0000000..a575608 --- /dev/null +++ b/joossam-dev/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: joossam-dev + labels: + app: joossam-dev +spec: + type: ClusterIP + ports: + - name: http + port: 80 + targetPort: 8000 + protocol: TCP + selector: + app: joossam-dev diff --git a/joossam/argocd.yaml b/joossam/argocd.yaml new file mode 100644 index 0000000..b116360 --- /dev/null +++ b/joossam/argocd.yaml @@ -0,0 +1,35 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: joossam + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + sources: + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + path: joossam + destination: + server: https://kubernetes.default.svc + namespace: joossam + syncPolicy: + automated: + prune: true + selfHeal: true + allowEmpty: false + syncOptions: + - CreateNamespace=true + - PrunePropagationPolicy=foreground + - PruneLast=true + retry: + limit: 5 + backoff: + duration: 5s + factor: 2 + maxDuration: 3m + managedNamespaceMetadata: + labels: + goldilocks.fairwinds.com/enabled: 'true' + revisionHistoryLimit: 10 diff --git a/joossam/deployment.yaml b/joossam/deployment.yaml new file mode 100644 index 0000000..3c39131 --- /dev/null +++ b/joossam/deployment.yaml @@ -0,0 +1,50 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: joossam + labels: + app: joossam +spec: + replicas: 1 + selector: + matchLabels: + app: joossam + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 0 + maxSurge: 1 + revisionHistoryLimit: 3 + template: + metadata: + labels: + app: joossam + spec: + imagePullSecrets: + - name: ghcr-secret + containers: + - name: joossam + image: ghcr.io/mayne0213/joossam:latest + imagePullPolicy: Always + ports: + - containerPort: 8000 + protocol: TCP + resources: + requests: + memory: 256Mi + cpu: 20m + limits: + memory: 512Mi + livenessProbe: + httpGet: + path: / + port: 8000 + initialDelaySeconds: 10 + periodSeconds: 10 + readinessProbe: + httpGet: + path: / + port: 8000 + initialDelaySeconds: 5 + periodSeconds: 5 + restartPolicy: Always diff --git a/joossam/ingress.yaml b/joossam/ingress.yaml new file mode 100644 index 0000000..2fd4d45 --- /dev/null +++ b/joossam/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: joossam-ingress + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia@kubernetescrd +spec: + ingressClassName: traefik + tls: + - hosts: + - joossameng.kro.kr + secretName: joossam-tls + rules: + - host: joossameng.kro.kr + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: joossam + port: + number: 80 diff --git a/joossam/kustomization.yaml b/joossam/kustomization.yaml new file mode 100644 index 0000000..4b7b59b --- /dev/null +++ b/joossam/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: joossam +resources: +- deployment.yaml +- service.yaml +- ingress.yaml diff --git a/joossam/service.yaml b/joossam/service.yaml new file mode 100644 index 0000000..74fbbf4 --- /dev/null +++ b/joossam/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: joossam + labels: + app: joossam +spec: + type: ClusterIP + ports: + - name: http + port: 80 + targetPort: 8000 + protocol: TCP + selector: + app: joossam diff --git a/kustomization.yaml b/kustomization.yaml index 83e0c8f..2fb7078 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -6,3 +6,7 @@ resources: - portfolio/argocd.yaml - todo/argocd.yaml - jotion/argocd.yaml + - jaejadle/argocd.yaml + - jaejadle-dev/argocd.yaml + - joossam/argocd.yaml + - joossam-dev/argocd.yaml