From 1ee09217514a4281ab0f27c42edf4579d63de54f Mon Sep 17 00:00:00 2001 From: Brad Stein Date: Sat, 29 Mar 2025 12:04:11 -0500 Subject: [PATCH] restructured repo and added traefik --- clusters/production/kustomization-gitea.yaml | 12 ---- .../flux-system}/gotk-components.yaml | 0 .../flux-system}/gotk-sync.yaml | 0 .../flux-system}/kustomization.yaml | 0 infrastructure/production/README.md | 0 infrastructure/production/kustomization.yaml | 3 - .../traefik/.kustomization.yaml.kate-swp | Bin 0 -> 125 bytes infrastructure/traefik/clusterrole.yaml | 62 ++++++++++++++++++ .../traefik/clusterrolebinding.yaml | 12 ++++ infrastructure/traefik/deployment.yaml | 60 +++++++++++++++++ infrastructure/traefik/kustomization.yaml | 10 +++ infrastructure/traefik/serviceaccount.yaml | 5 ++ .../gitea/deployment.yaml | 1 + .../gitea/ingress.yaml | 0 .../gitea/kustomization.yaml | 7 +- .../gitea/namespace.yaml | 0 {apps/production => services}/gitea/pvc.yaml | 1 + .../gitea/service.yaml | 3 +- 18 files changed, 156 insertions(+), 20 deletions(-) delete mode 100644 clusters/production/kustomization-gitea.yaml rename {flux-system => infrastructure/flux-system}/gotk-components.yaml (100%) rename {flux-system => infrastructure/flux-system}/gotk-sync.yaml (100%) rename {flux-system => infrastructure/flux-system}/kustomization.yaml (100%) delete mode 100644 infrastructure/production/README.md delete mode 100644 infrastructure/production/kustomization.yaml create mode 100644 infrastructure/traefik/.kustomization.yaml.kate-swp create mode 100644 infrastructure/traefik/clusterrole.yaml create mode 100644 infrastructure/traefik/clusterrolebinding.yaml create mode 100644 infrastructure/traefik/deployment.yaml create mode 100644 infrastructure/traefik/kustomization.yaml create mode 100644 infrastructure/traefik/serviceaccount.yaml rename {apps/production => services}/gitea/deployment.yaml (98%) rename {apps/production => services}/gitea/ingress.yaml (100%) rename {apps/production => services}/gitea/kustomization.yaml (59%) rename {apps/production => services}/gitea/namespace.yaml (100%) rename {apps/production => services}/gitea/pvc.yaml (89%) rename {apps/production => services}/gitea/service.yaml (90%) diff --git a/clusters/production/kustomization-gitea.yaml b/clusters/production/kustomization-gitea.yaml deleted file mode 100644 index edde849..0000000 --- a/clusters/production/kustomization-gitea.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 -kind: Kustomization -metadata: - name: gitea - namespace: flux-system -spec: - interval: 10m - path: "./apps/production/gitea" - prune: true - sourceRef: - kind: GitRepository - name: flux-system diff --git a/flux-system/gotk-components.yaml b/infrastructure/flux-system/gotk-components.yaml similarity index 100% rename from flux-system/gotk-components.yaml rename to infrastructure/flux-system/gotk-components.yaml diff --git a/flux-system/gotk-sync.yaml b/infrastructure/flux-system/gotk-sync.yaml similarity index 100% rename from flux-system/gotk-sync.yaml rename to infrastructure/flux-system/gotk-sync.yaml diff --git a/flux-system/kustomization.yaml b/infrastructure/flux-system/kustomization.yaml similarity index 100% rename from flux-system/kustomization.yaml rename to infrastructure/flux-system/kustomization.yaml diff --git a/infrastructure/production/README.md b/infrastructure/production/README.md deleted file mode 100644 index e69de29..0000000 diff --git a/infrastructure/production/kustomization.yaml b/infrastructure/production/kustomization.yaml deleted file mode 100644 index b83b23e..0000000 --- a/infrastructure/production/kustomization.yaml +++ /dev/null @@ -1,3 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: [] diff --git a/infrastructure/traefik/.kustomization.yaml.kate-swp b/infrastructure/traefik/.kustomization.yaml.kate-swp new file mode 100644 index 0000000000000000000000000000000000000000..b72fbd7bcca1dbe7f3fb65eb0a69f1015d482415 GIT binary patch literal 125 zcmZQzU=Z?7EJ;-eE>A2_aLdd|RWQ;sU|?VnQCa@=h2{#ygge(Vu4Vq*Us#^>r!F`g xD8mB85}rVU6^KEANkPFi7$(336ksfI4Gsd*AO#>kGlC1`F)+CXhXN^9R{(>B7gYcN literal 0 HcmV?d00001 diff --git a/infrastructure/traefik/clusterrole.yaml b/infrastructure/traefik/clusterrole.yaml new file mode 100644 index 0000000..38fef27 --- /dev/null +++ b/infrastructure/traefik/clusterrole.yaml @@ -0,0 +1,62 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: traefik-ingress-controller +rules: +- apiGroups: + - "" + resources: + - services + - endpoints + - secrets + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - traefik.containo.us + resources: + - middlewares + - ingressroutes + - ingressroutetcps + - ingressrouteudps + - tlsoptions + - tlsstores + verbs: + - get + - list + - watch +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - get + - list + - watch +- apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - get + - list + - watch +- apiGroups: + - traefik.containo.us + resources: + - middlewares + verbs: + - get + - list + - watch diff --git a/infrastructure/traefik/clusterrolebinding.yaml b/infrastructure/traefik/clusterrolebinding.yaml new file mode 100644 index 0000000..4403a45 --- /dev/null +++ b/infrastructure/traefik/clusterrolebinding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: traefik-ingress-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: traefik-ingress-controller +subjects: +- kind: ServiceAccount + name: traefik-ingress-controller + namespace: traefik diff --git a/infrastructure/traefik/deployment.yaml b/infrastructure/traefik/deployment.yaml new file mode 100644 index 0000000..77f1d4e --- /dev/null +++ b/infrastructure/traefik/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: v1 +items: +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "4" + name: traefik + namespace: traefik + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: traefik + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-02-12T05:57:48-06:00" + creationTimestamp: null + labels: + app: traefik + spec: + containers: + - args: + - --providers.kubernetesIngress=true + - --entrypoints.web.address=:80 + - --entrypoints.websecure.address=:443 + - --api.dashboard=true + image: traefik:v3.3.3 + imagePullPolicy: IfNotPresent + name: traefik + ports: + - containerPort: 80 + name: web + protocol: TCP + - containerPort: 443 + name: websecure + protocol: TCP + - containerPort: 8080 + name: admin + protocol: TCP + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + nodeSelector: + node-role.kubernetes.io/worker: "true" + restartPolicy: Always + schedulerName: default-scheduler + serviceAccount: traefik-ingress-controller + serviceAccountName: traefik-ingress-controller + terminationGracePeriodSeconds: 30 +kind: List +metadata: {} diff --git a/infrastructure/traefik/kustomization.yaml b/infrastructure/traefik/kustomization.yaml new file mode 100644 index 0000000..24a7f5e --- /dev/null +++ b/infrastructure/traefik/kustomization.yaml @@ -0,0 +1,10 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +metadata: + name: traefik + namespace: flux-system +resources: + - deployment.yaml + - serviceaccount.yaml + - clusterrole.yaml + - clusterrolebinding.yaml diff --git a/infrastructure/traefik/serviceaccount.yaml b/infrastructure/traefik/serviceaccount.yaml new file mode 100644 index 0000000..d5fe199 --- /dev/null +++ b/infrastructure/traefik/serviceaccount.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: traefik-ingress-controller + namespace: traefik diff --git a/apps/production/gitea/deployment.yaml b/services/gitea/deployment.yaml similarity index 98% rename from apps/production/gitea/deployment.yaml rename to services/gitea/deployment.yaml index 9d6afb8..ad6586d 100644 --- a/apps/production/gitea/deployment.yaml +++ b/services/gitea/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: gitea + namespace: gitea labels: app: gitea spec: diff --git a/apps/production/gitea/ingress.yaml b/services/gitea/ingress.yaml similarity index 100% rename from apps/production/gitea/ingress.yaml rename to services/gitea/ingress.yaml diff --git a/apps/production/gitea/kustomization.yaml b/services/gitea/kustomization.yaml similarity index 59% rename from apps/production/gitea/kustomization.yaml rename to services/gitea/kustomization.yaml index d952ebc..c434650 100644 --- a/apps/production/gitea/kustomization.yaml +++ b/services/gitea/kustomization.yaml @@ -1,12 +1,11 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 kind: Kustomization metadata: - name: gitea-overlay -namespace: gitea + name: gitea + namespace: flux-system resources: - namespace.yaml - deployment.yaml - service.yaml - pvc.yaml - ingress.yaml - diff --git a/apps/production/gitea/namespace.yaml b/services/gitea/namespace.yaml similarity index 100% rename from apps/production/gitea/namespace.yaml rename to services/gitea/namespace.yaml diff --git a/apps/production/gitea/pvc.yaml b/services/gitea/pvc.yaml similarity index 89% rename from apps/production/gitea/pvc.yaml rename to services/gitea/pvc.yaml index 4dad42a..15019f7 100644 --- a/apps/production/gitea/pvc.yaml +++ b/services/gitea/pvc.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: gitea-data + namespace: gitea spec: accessModes: - ReadWriteOnce diff --git a/apps/production/gitea/service.yaml b/services/gitea/service.yaml similarity index 90% rename from apps/production/gitea/service.yaml rename to services/gitea/service.yaml index 4e23941..0067c8b 100644 --- a/apps/production/gitea/service.yaml +++ b/services/gitea/service.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: Service metadata: name: gitea + namespace: gitea labels: app: gitea spec: @@ -27,4 +28,4 @@ spec: - name: ssh port: 2242 targetPort: 2242 - nodePort: 32242 \ No newline at end of file + nodePort: 32242