FEAT(repo): add jaejadle and joossam applications

- jaejadle: Next.js app at jaejadle.kro.kr (prod)
- jaejadle-dev: dev environment at dev.jaejadle.kro.kr
- joossam: FastAPI app at joossameng.kro.kr (prod)
- joossam-dev: dev environment at dev.joossameng.kro.kr
- All apps use Authelia SSO
- jaejadle uses ExternalSecrets for DB and AWS credentials

jaejadle/argocd.yaml

@@ -0,0 +1,35 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: jaejadle
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  sources:
+  - repoURL: https://github.com/K3S-HOME/web-apps.git
+    targetRevision: main
+    path: jaejadle
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: jaejadle
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+      allowEmpty: false
+    syncOptions:
+    - CreateNamespace=true
+    - PrunePropagationPolicy=foreground
+    - PruneLast=true
+    retry:
+      limit: 5
+      backoff:
+        duration: 5s
+        factor: 2
+        maxDuration: 3m
+    managedNamespaceMetadata:
+      labels:
+        goldilocks.fairwinds.com/enabled: 'true'
+  revisionHistoryLimit: 10

jaejadle/deployment.yaml

@@ -0,0 +1,53 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: jaejadle
+  labels:
+    app: jaejadle
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: jaejadle
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 0
+      maxSurge: 1
+  revisionHistoryLimit: 3
+  template:
+    metadata:
+      labels:
+        app: jaejadle
+    spec:
+      imagePullSecrets:
+      - name: ghcr-secret
+      containers:
+      - name: jaejadle
+        image: ghcr.io/mayne0213/jaejadle:latest
+        imagePullPolicy: Always
+        ports:
+        - containerPort: 3000
+          protocol: TCP
+        envFrom:
+        - secretRef:
+            name: jaejadle-secrets
+        resources:
+          requests:
+            memory: 80Mi
+            cpu: 20m
+          limits:
+            memory: 300Mi
+        livenessProbe:
+          httpGet:
+            path: /api/health
+            port: 3000
+          initialDelaySeconds: 30
+          periodSeconds: 10
+        readinessProbe:
+          httpGet:
+            path: /api/health
+            port: 3000
+          initialDelaySeconds: 5
+          periodSeconds: 5
+      restartPolicy: Always

jaejadle/external-secret.yaml

@@ -0,0 +1,46 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: jaejadle-secrets
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-backend
+    kind: ClusterSecretStore
+  target:
+    name: jaejadle-secrets
+    creationPolicy: Owner
+    deletionPolicy: Retain
+  data:
+  - secretKey: DATABASE_URL
+    remoteRef:
+      key: jaejadle
+      property: DATABASE_URL
+  - secretKey: JWT_SECRET
+    remoteRef:
+      key: jaejadle
+      property: JWT_SECRET
+  - secretKey: AWS_ACCESS_KEY_ID
+    remoteRef:
+      key: jaejadle
+      property: AWS_ACCESS_KEY_ID
+  - secretKey: AWS_SECRET_ACCESS_KEY
+    remoteRef:
+      key: jaejadle
+      property: AWS_SECRET_ACCESS_KEY
+  - secretKey: AWS_S3_BUCKET_NAME
+    remoteRef:
+      key: jaejadle
+      property: AWS_S3_BUCKET_NAME
+  - secretKey: AWS_S3_ENDPOINT
+    remoteRef:
+      key: jaejadle
+      property: AWS_S3_ENDPOINT
+  - secretKey: AWS_REGION
+    remoteRef:
+      key: jaejadle
+      property: AWS_REGION
+  - secretKey: CODE
+    remoteRef:
+      key: jaejadle
+      property: CODE

jaejadle/ingress.yaml

@@ -0,0 +1,24 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: jaejadle-ingress
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia@kubernetescrd
+spec:
+  ingressClassName: traefik
+  tls:
+  - hosts:
+    - jaejadle.kro.kr
+    secretName: jaejadle-tls
+  rules:
+  - host: jaejadle.kro.kr
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: jaejadle
+            port:
+              number: 80

jaejadle/kustomization.yaml

@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: jaejadle
+resources:
+- deployment.yaml
+- service.yaml
+- ingress.yaml
+- external-secret.yaml

jaejadle/service.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: jaejadle
+  labels:
+    app: jaejadle
+spec:
+  type: ClusterIP
+  ports:
+  - name: http
+    port: 80
+    targetPort: 3000
+    protocol: TCP
+  selector:
+    app: jaejadle