infra
/
kubernetes
1
0
Fork 0
Code Pull Requests 4 Activity

websites: Host darkchestofwonders.us in k8s 

The *darkchestofwonders.us* website is a legacy Python/mod_wsgi
application.  It was down for a while after updating the main web server
to Fedora 38.  Although we don't upload as many screenshots anymore, we
do still enjoy looking at the old ones.  Until I get a chance to either
update the site to use a more modern deplyoment mechansim, or move the
screenshots to some other photo hosting system, the easiest way to keep
it online is to run it in a container.
dch-webhooks-secrets
Dustin 2024-01-04 08:56:12 -06:00
parent 0d68b25e5f
commit ced5a7b4a1
7 changed files with 180 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
websites/darkchestofwonders.us/ingress.yaml Normal file
View File

@ -0,0 +1,25 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: darkchestofwonders.us
labels:
app.kubernetes.io/name: darkchestofwonders.us
app.kubernetes.io/component: darkchestofwonders.us
app.kubernetes.io/part-of: darkchestofwonders.us
annotations:
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/proxy-body-size: 100m
spec:
ingressClassName: nginx
rules:
- host: darkchestofwonders.us
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: darkchestofwonders
port:
name: http

12
websites/darkchestofwonders.us/kustomization.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
labels:
- pairs:
app.kubernetes.io/instance: darkchestofwonders.us
includeSelectors: true
resources:
- storage.yaml
- server.yaml
- ingress.yaml

94
websites/darkchestofwonders.us/server.yaml Normal file
View File

@ -0,0 +1,94 @@
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: darkchestofwonders.us
app.kubernetes.io/name: darkchestofwonders.us
app.kubernetes.io/part-of: darkchestofwonders.us
name: darkchestofwonders
spec:
ports:
- port: 8204
name: http
selector:
app.kubernetes.io/component: darkchestofwonders.us
app.kubernetes.io/name: darkchestofwonders.us
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: darkchestofwonders.us
app.kubernetes.io/name: darkchestofwonders.us
app.kubernetes.io/part-of: darkchestofwonders.us
name: darkchestofwonders
spec:
selector:
matchLabels:
app.kubernetes.io/component: darkchestofwonders.us
app.kubernetes.io/name: darkchestofwonders.us
template:
metadata:
labels:
app.kubernetes.io/component: darkchestofwonders.us
app.kubernetes.io/name: darkchestofwonders.us
app.kubernetes.io/part-of: darkchestofwonders.us
spec:
containers:
- name: darkchestofwonders
image: git.pyrocufflink.net/packages/darkchestofwonders:5
envFrom:
- configMapRef:
name: darkchestofwonders.us
optional: true
ports:
- containerPort: 8204
name: http
readinessProbe: &probe
httpGet:
port: 8204
path: /
failureThreshold: 3
periodSeconds: 60
successThreshold: 1
timeoutSeconds: 1
startupProbe:
<<: *probe
failureThreshold: 30
periodSeconds: 1
initialDelaySeconds: 1
securityContext:
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /data
name: data
subPath: data
- mountPath: /data/screenshots
name: data
subPath: data/screenshots
- mountPath: /data/thumbnails
name: data
subPath: data/thumbnails
- mountPath: /run
name: tmp
subPath: run
- mountPath: /run/httpd
name: tmp
subPath: run/httpd
- mountPath: /tmp
name: tmp
subPath: tmp
securityContext:
fsGroup: 48
runAsGroup: 48
runAsNonRoot: true
runAsUser: 48
volumes:
- name: data
persistentVolumeClaim:
claimName: darkchestofwonders.us
- name: tmp
emptyDir:
medium: Memory

14
websites/darkchestofwonders.us/storage.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/component: darkchestofwonders.us
app.kubernetes.io/name: darkchestofwonders.us
app.kubernetes.io/part-of: darkchestofwonders.us
name: darkchestofwonders.us
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 8Gi

9
websites/kustomization.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: websites
resources:
- namespace.yaml
- secrets.yaml
- darkchestofwonders.us

12
websites/namespace.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: Namespace
metadata:
name: websites
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: default
imagePullSecrets:
- name: imagepull-gitea

14
websites/secrets.yaml Normal file
View File

@ -0,0 +1,14 @@
---
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: imagepull-gitea
namespace: websites
spec:
encryptedData:
.dockerconfigjson: AgA70FuJy4rnu87LIhpwAUnGgmR4jes9fW5HcIcyEfFcRqFdQDXJMGhChDiTgSTHJH47MBhKpVDFudOSt6B9islVTOcIz7VsI5AO1CtAOlKNUqSyS8EXzGzGwc0Yley4ID0jcJP6+DbzqQ7PBSsXcTo79i/eLp+cUwtpqRGLBjTgS4377apVyY+s8SePuo8r/zByeJvxxEN5iQ3prArsNEIIdYQmTzbcFXIQUkNBE/JN9sG5lxAKjtFZdp1yQLI6uuvHI+9uvbzDGjD+0mis8+qu0CWIHDF70aEvZXVnVcDcR1fRPnia0hGeI1QT2XINHsCqZBALR54RsmNbFY4K8JDHyaBmbqiEWMnqj+cvBD2k1pddeepd0UqdHHiKAg5RW/HIrc7IRZGlioC6gz8N/++p6LiFyzWfOInJdnSfVUnPQ1QD3dcHvGYNrrax+zxUPs/jaXeuRP4NZmrSyO+nhB4BMkek0P7Jcu1wMrxyBIfwSdFY9wbVLEag4srF3Z2s8YJyghv0bSaHD+IFoQPBzk6TC6KO1iYgQIJ1UFnxqDD4TU+y8/XEz2O1GHtij1oko9D9kkyi/WxJtZ0/1AE7zYrD6z4KelH1uR5E7S4bH5gpWzqyjgrHiV0SaPfgVBl/CXrY8pudeVa8noPOnMjFAhX8GDhePTyUtqTN4nH4nAoNlCJwjDZ+9c1Qz40AJ44cGQe5eSWqpsVvlPMyT7PxlQcRG9/ifIy3/7CC1Zt47qtIVKQF/peC5B7bfgOojNVNy2Zmldg4DpyCJUvHn0GLyiXDeWSZbRBrHPrE2vB0EiwGMXtxiL4omZU7pqSEaVGEkpbevgcBLvxpJjuSv6IKWkEnwF68ZqQdNJjJc0EbYTahlyt8elB425JlOBeL/0QDYaLRtCv4ANgHrywuX2wVFuhP933ZqdBCpmA4KsVR4+jQ4hvgUDrwMQrhumpY5VK9BAr45USWw4st2Bn0T41iqz2n2nSF22/c3/eoMzxU3N0VEMdowxtuU14srpZoNWg=
template:
metadata:
name: imagepull-gitea
namespace: websites
type: kubernetes.io/dockerconfigjson