bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

restructured repo and added traefik

Browse Source
This commit is contained in:
Brad Stein 2025-03-29 12:04:11 -05:00
parent 0e48c4feba
commit 1ee0921751
18 changed files with 156 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
clusters/production/kustomization-gitea.yaml
View File

@ -1,12 +0,0 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
name: gitea
namespace: flux-system
spec:
interval: 10m
path: "./apps/production/gitea"
prune: true
sourceRef:
kind: GitRepository
name: flux-system

0
flux-system/gotk-components.yaml → infrastructure/flux-system/gotk-components.yaml
View File

0
flux-system/gotk-sync.yaml → infrastructure/flux-system/gotk-sync.yaml
View File

0
flux-system/kustomization.yaml → infrastructure/flux-system/kustomization.yaml
View File

0
infrastructure/production/README.md
View File

3
infrastructure/production/kustomization.yaml
View File

@ -1,3 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources: []

BIN
infrastructure/traefik/.kustomization.yaml.kate-swp Normal file
View File

Binary file not shown.

62
infrastructure/traefik/clusterrole.yaml Normal file
View File

@ -0,0 +1,62 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: traefik-ingress-controller
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- traefik.containo.us
resources:
- middlewares
- ingressroutes
- ingressroutetcps
- ingressrouteudps
- tlsoptions
- tlsstores
verbs:
- get
- list
- watch
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
verbs:
- get
- list
- watch
- apiGroups:
- networking.k8s.io
resources:
- ingressclasses
verbs:
- get
- list
- watch
- apiGroups:
- traefik.containo.us
resources:
- middlewares
verbs:
- get
- list
- watch

12
infrastructure/traefik/clusterrolebinding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: traefik-ingress-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: traefik-ingress-controller
subjects:
- kind: ServiceAccount
name: traefik-ingress-controller
namespace: traefik

60
infrastructure/traefik/deployment.yaml Normal file
View File

@ -0,0 +1,60 @@
apiVersion: v1
items:
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "4"
name: traefik
namespace: traefik
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: traefik
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
annotations:
kubectl.kubernetes.io/restartedAt: "2025-02-12T05:57:48-06:00"
creationTimestamp: null
labels:
app: traefik
spec:
containers:
- args:
- --providers.kubernetesIngress=true
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --api.dashboard=true
image: traefik:v3.3.3
imagePullPolicy: IfNotPresent
name: traefik
ports:
- containerPort: 80
name: web
protocol: TCP
- containerPort: 443
name: websecure
protocol: TCP
- containerPort: 8080
name: admin
protocol: TCP
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
nodeSelector:
node-role.kubernetes.io/worker: "true"
restartPolicy: Always
schedulerName: default-scheduler
serviceAccount: traefik-ingress-controller
serviceAccountName: traefik-ingress-controller
terminationGracePeriodSeconds: 30
kind: List
metadata: {}

10
infrastructure/traefik/kustomization.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
metadata:
name: traefik
namespace: flux-system
resources:
- deployment.yaml
- serviceaccount.yaml
- clusterrole.yaml
- clusterrolebinding.yaml

5
infrastructure/traefik/serviceaccount.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: traefik-ingress-controller
namespace: traefik

1
apps/production/gitea/deployment.yaml → services/gitea/deployment.yaml
View File

@ -2,6 +2,7 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: gitea name: gitea
namespace: gitea
labels: labels:
app: gitea app: gitea
spec: spec:

0
apps/production/gitea/ingress.yaml → services/gitea/ingress.yaml
View File

7
apps/production/gitea/kustomization.yaml → services/gitea/kustomization.yaml
View File

@ -1,12 +1,11 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization kind: Kustomization
metadata: metadata:
name: gitea-overlay name: gitea
namespace: gitea namespace: flux-system
resources: resources:
- namespace.yaml - namespace.yaml
- deployment.yaml - deployment.yaml
- service.yaml - service.yaml
- pvc.yaml - pvc.yaml
- ingress.yaml - ingress.yaml

0
apps/production/gitea/namespace.yaml → services/gitea/namespace.yaml
View File

1
apps/production/gitea/pvc.yaml → services/gitea/pvc.yaml
View File

@ -2,6 +2,7 @@ apiVersion: v1
kind: PersistentVolumeClaim kind: PersistentVolumeClaim
metadata: metadata:
name: gitea-data name: gitea-data
namespace: gitea
spec: spec:
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce

1
apps/production/gitea/service.yaml → services/gitea/service.yaml
View File

@ -2,6 +2,7 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: gitea name: gitea
namespace: gitea
labels: labels:
app: gitea app: gitea
spec: spec: