install tobru.ch ghost blog
This commit is contained in:
parent
2ea545a905
commit
a6ae38800d
|
@ -0,0 +1,21 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: tobru-ch
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: tobru-ch
|
||||
server: https://kubernetes.default.svc
|
||||
project: default
|
||||
source:
|
||||
path: tobru-ch
|
||||
repoURL: https://git.tbrnt.ch/tobru/gitops-tbrnt.git
|
||||
targetRevision: HEAD
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: tobru-ch
|
|
@ -0,0 +1,16 @@
|
|||
apiVersion: backup.appuio.ch/v1alpha1
|
||||
kind: Schedule
|
||||
metadata:
|
||||
name: backup-schedule
|
||||
namespace: tobru-ch
|
||||
spec:
|
||||
backup:
|
||||
schedule: '0 */4 * * *'
|
||||
keepJobs: 4
|
||||
check:
|
||||
schedule: '0 01 * * *'
|
||||
prune:
|
||||
schedule: '0 02 * * *'
|
||||
retention:
|
||||
keepLast: 10
|
||||
keepDaily: 14
|
|
@ -0,0 +1,103 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: data
|
||||
namespace: tobru-ch
|
||||
labels:
|
||||
app: tobru-ch
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
volumeMode: Filesystem
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
storageClassName: localstorage
|
||||
selector:
|
||||
matchLabels:
|
||||
app: tobru-ch
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: tobru-ch
|
||||
name: ghost
|
||||
namespace: tobru-ch
|
||||
spec:
|
||||
progressDeadlineSeconds: 600
|
||||
replicas: 1
|
||||
revisionHistoryLimit: 10
|
||||
selector:
|
||||
matchLabels:
|
||||
component: ghost
|
||||
strategy:
|
||||
rollingUpdate:
|
||||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
type: RollingUpdate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
component: ghost
|
||||
spec:
|
||||
containers:
|
||||
- image: ghost:3.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: ghost
|
||||
env:
|
||||
- name: url
|
||||
value: https://tobru.ch/
|
||||
- name: mail__transport
|
||||
value: SMTP
|
||||
- name: mail__options__service
|
||||
value: Mailgun
|
||||
- name: mail__options__host
|
||||
value: smtp.eu.mailgun.org
|
||||
- name: mail__options__auth__user
|
||||
value: ghost@www.tobru.ch
|
||||
- name: mail__options__auth__pass
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: mailgun-auth
|
||||
key: auth_pass
|
||||
- name: mail__from
|
||||
value: "'tobru.ch Ghost Blog <ghost@www.tobru.ch>'"
|
||||
ports:
|
||||
- containerPort: 2368
|
||||
name: ghost
|
||||
protocol: TCP
|
||||
resources: {}
|
||||
terminationMessagePath: /dev/termination-log
|
||||
terminationMessagePolicy: File
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /var/lib/ghost/content
|
||||
subPath: ghost
|
||||
dnsPolicy: ClusterFirst
|
||||
restartPolicy: Always
|
||||
schedulerName: default-scheduler
|
||||
securityContext: {}
|
||||
terminationGracePeriodSeconds: 30
|
||||
volumes:
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
claimName: data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app: tobru-ch
|
||||
name: ghost
|
||||
namespace: tobru-ch
|
||||
spec:
|
||||
ports:
|
||||
- port: 2368
|
||||
protocol: TCP
|
||||
targetPort: 2368
|
||||
selector:
|
||||
component: ghost
|
||||
sessionAffinity: None
|
||||
type: ClusterIP
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
labels:
|
||||
app: tobru-ch
|
||||
name: isso
|
||||
namespace: tobru-ch
|
||||
spec:
|
||||
rules:
|
||||
- host: isso.tobru.ch
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: isso
|
||||
servicePort: 8080
|
||||
tls:
|
||||
- hosts:
|
||||
- isso.tobru.ch
|
||||
secretName: isso-cert
|
|
@ -0,0 +1,65 @@
|
|||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: tobru-ch
|
||||
name: isso
|
||||
namespace: tobru-ch
|
||||
spec:
|
||||
progressDeadlineSeconds: 600
|
||||
replicas: 1
|
||||
revisionHistoryLimit: 10
|
||||
selector:
|
||||
matchLabels:
|
||||
component: isso
|
||||
strategy:
|
||||
rollingUpdate:
|
||||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
type: RollingUpdate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
component: isso
|
||||
spec:
|
||||
containers:
|
||||
- image: angristan/isso:0.11.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: isso
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: isso
|
||||
protocol: TCP
|
||||
resources: {}
|
||||
terminationMessagePath: /dev/termination-log
|
||||
terminationMessagePolicy: File
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /isso
|
||||
subPath: isso
|
||||
dnsPolicy: ClusterFirst
|
||||
restartPolicy: Always
|
||||
schedulerName: default-scheduler
|
||||
securityContext: {}
|
||||
terminationGracePeriodSeconds: 30
|
||||
volumes:
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
claimName: data
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app: tobru-ch
|
||||
name: isso
|
||||
namespace: tobru-ch
|
||||
spec:
|
||||
ports:
|
||||
- port: 8080
|
||||
protocol: TCP
|
||||
targetPort: 8080
|
||||
selector:
|
||||
component: isso
|
||||
sessionAffinity: None
|
||||
type: ClusterIP
|
|
@ -0,0 +1,16 @@
|
|||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: mailgun-auth
|
||||
namespace: tobru-ch
|
||||
spec:
|
||||
encryptedData:
|
||||
auth_pass: AgB6kRHjsYIZEQWJvPkuGDkMCczJ9kCjzZEwerxydqUA3o4GpSMz4gWIwu7z+5X+JnFgteUIx0Zhr4OAxBrXMg+kC9JNDSXykzLVpPfHUtGemcSl9AMGOXv3TTFG94PRFvUxBOYi2PX0FzJzst4JoTkAlTHS2oU9PvaAFVaP4KcxJQpGZBo2foapjRp3aKz+q4Lv+8NBnwWjnMV1oBd+CkSq+dSMYuOtBbWF6tVHaOJJqb9sI+oRo283em43ocs01VT9hxdNdgqla0WQHyH3EScHF9ZuL5nBRkCLn2wPF8TlLb25NE+Wd5ETMSeu4PizNcOi0LHFF8YXsM8aNBWtvEm4wlCJMiHWACiuBIbL9fvB9HI9FR0wvVTWaJ+0gvkg2sXqU9tp1SuFPA8VHVedXEHLBfEoOdcQTXTuaHck0pzYB9KksI3A45/fEiHJprAIOj/nu9ttlUqfgtoFDOpbbYiDTJl7krQQpIrIzQDnxFkWZUoR7Rh6PVotx3WmnDvSLPrgXCpJxgAZ0dvHqtMrp1SO0NsRlfhNmJTVy5XoQF9cRp80f2q7/tDBaZnRE/RpmIXUs6eg5W3qaol92uSesQULQ62dKiK48T+aErKFrU1VyAeAlyJOMUiNhn7zgsxkpRwM6KvGJ+gmA6PyY0+03/PZm5A0UaBLJl4ZukUUBDwJHoDyvzFpQQZkw2xjZ4pIE73eA0pB6A0O2hC6fO0gkFOXL7reT+PicL1nHOZVFS//KQ==
|
||||
template:
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: mailgun-auth
|
||||
namespace: tobru-ch
|
||||
status: {}
|
||||
|
|
@ -0,0 +1,50 @@
|
|||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
ingress.kubernetes.io/force-hsts: "true"
|
||||
ingress.kubernetes.io/hsts-max-age: "315360000"
|
||||
ingress.kubernetes.io/hsts-preload: "true"
|
||||
labels:
|
||||
app: tobru-ch
|
||||
name: tobru-ch
|
||||
namespace: tobru-ch
|
||||
spec:
|
||||
rules:
|
||||
- host: tobru.ch
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: ghost
|
||||
servicePort: 2368
|
||||
tls:
|
||||
- hosts:
|
||||
- tobru.ch
|
||||
secretName: tobru-ch-cert
|
||||
---
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
traefik.ingress.kubernetes.io/redirect-regex: ^https://www.tobru.ch/(.*)
|
||||
traefik.ingress.kubernetes.io/redirect-replacement: https://tobru.ch/$1
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
labels:
|
||||
app: tobru-ch
|
||||
name: www-tobru-ch
|
||||
namespace: tobru-ch
|
||||
spec:
|
||||
rules:
|
||||
- host: www.tobru.ch
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: ghost
|
||||
servicePort: 2368
|
||||
tls:
|
||||
- hosts:
|
||||
- www.tobru.ch
|
Reference in New Issue