install frps
This commit is contained in:
parent
9bb9b623c8
commit
e2790e48f0
14
apps/frps/configmap.yaml
Normal file
14
apps/frps/configmap.yaml
Normal file
|
@ -0,0 +1,14 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: frps-config
|
||||
data:
|
||||
frps.toml: |
|
||||
auth.token = "{{ .Envs.FRP_SERVER_TOKEN }}"
|
||||
bindPort = 7000
|
||||
vhostHTTPPort = 8080
|
||||
webServer.addr = "0.0.0.0"
|
||||
webServer.port = 7500
|
||||
webServer.user = "{{ .Envs.FRP_SERVER_USER }}"
|
||||
webServer.password = "{{ .Envs.FRP_SERVER_PASS }}"
|
||||
subDomainHost = "frp.tbrnt.ch"
|
45
apps/frps/deployment.yaml
Normal file
45
apps/frps/deployment.yaml
Normal file
|
@ -0,0 +1,45 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: frps
|
||||
labels:
|
||||
app.kubernetes.io/name: frps
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: frps
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: frps
|
||||
spec:
|
||||
serviceAccountName: default
|
||||
containers:
|
||||
- name: frps
|
||||
image: ghcr.io/fatedier/frps:v0.53.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- -c
|
||||
- /etc/frps/frps.toml
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: frps-env
|
||||
ports:
|
||||
- name: frps
|
||||
containerPort: 7000
|
||||
protocol: TCP
|
||||
- name: webserver
|
||||
containerPort: 7500
|
||||
protocol: TCP
|
||||
- name: http
|
||||
containerPort: 8080
|
||||
protocol: TCP
|
||||
resources: {}
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /etc/frps
|
||||
volumes:
|
||||
- name: config
|
||||
configMap:
|
||||
name: frps-config
|
24
apps/frps/ingress.yaml
Normal file
24
apps/frps/ingress.yaml
Normal file
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
||||
traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd
|
||||
name: frps
|
||||
spec:
|
||||
rules:
|
||||
- host: frps.tbrnt.ch
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: frps
|
||||
port:
|
||||
number: 7000
|
||||
tls:
|
||||
- hosts:
|
||||
- frps.tbrnt.ch
|
||||
secretName: ingress-cert
|
10
apps/frps/kustomization.yaml
Normal file
10
apps/frps/kustomization.yaml
Normal file
|
@ -0,0 +1,10 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: frps
|
||||
resources:
|
||||
- configmap.yaml
|
||||
- deployment.yaml
|
||||
- service.yaml
|
||||
- ingress.yaml
|
||||
generators:
|
||||
- secret-generator.yaml
|
6
apps/frps/secret-generator.yaml
Normal file
6
apps/frps/secret-generator.yaml
Normal file
|
@ -0,0 +1,6 @@
|
|||
apiVersion: viaduct.ai/v1
|
||||
kind: ksops
|
||||
metadata:
|
||||
name: secret-generator
|
||||
files:
|
||||
- secret.sops.yaml
|
28
apps/frps/secret.sops.yaml
Normal file
28
apps/frps/secret.sops.yaml
Normal file
|
@ -0,0 +1,28 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: frps-env
|
||||
stringData:
|
||||
FRP_SERVER_USER: ENC[AES256_GCM,data:q5tQlBhRLnJF,iv:A1r5RcTGsfBpoJO1opT5I0/E1hnyHPTaPE3OyQ2oNZw=,tag:bDhqxc5LXZSR2pLaIqHjaA==,type:str]
|
||||
FRP_SERVER_PASS: ENC[AES256_GCM,data:A4ElHqk4NZawSRcn/tKey5cbMK/Z9M9nI2rGah9xVnI=,iv:iG4LXEO0nuPVmbZu6jDcHK/7vJiGudmXy0BI1AlJYt4=,tag:VaYIjs/0oLdjiAu60I27BQ==,type:str]
|
||||
FRP_SERVER_TOKEN: ENC[AES256_GCM,data:3IaGB1kqrylaZMJATukDy8OL1uF7Y5KqwgvxOyXQSds=,iv:22esdT6FDyBIy2GYZZuTOZvhGuaN6v6xonHy9834qkA=,tag:kifPflC8n1VZqcyDCrC1qQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1dfk8euu7afvw7ge5l2qek45z23hdq5anjd56cy4d7kcsf0e0e5pqfjylx8
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRM2hyc2UyZnlnZ2xiU0s0
|
||||
S09ORmNtOW1xMzdWTmxpSCtUdXFsOHp4cTNZCnJKSXZ2c1R5VWtybjBDSzN5MnJM
|
||||
ZVZxRFh0QVlVN3pFS3BHblZKTncxT3MKLS0tIFo4UkJCRXZjV1E1MEUyeEFhd2dm
|
||||
Mm9qUWt0V2lEZHZjUmdITEZMSWwxRzQKW7d530fUfuvyaO1M7D1cUTo4tImmKRab
|
||||
GhMWQZHVbnT69RIi2lRnFQcQffBEc3w3FpW3XP2Dykuky6kafPPyUQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-12-27T20:32:58Z"
|
||||
mac: ENC[AES256_GCM,data:n0rusMzOVv3m5Ia2y8Ww8pcrX9nufIgvGWLHZSe4T+YmFryhDCtJMreUR2/ODVZZkc0DhiFfXpCK18Bh65c42ZVz556cvONoXSDgMkDNUFb8KQro4G4HMsPzSysEU+N9SvC/cf6I20pl6MYbH+teA3HiB5F4eiQ9oIwPmFA7bUU=,iv:4+WV1zoW5Cex09DGjFSsbjBLKK8aTANstvprMFbBVIc=,tag:SCFNMCAMrhxnp74ZB3asbw==,type:str]
|
||||
pgp: []
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.8.1
|
15
apps/frps/service.yaml
Normal file
15
apps/frps/service.yaml
Normal file
|
@ -0,0 +1,15 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: frps
|
||||
labels:
|
||||
app.kubernetes.io/name: frps
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- name: frps
|
||||
port: 7000
|
||||
targetPort: frps
|
||||
protocol: TCP
|
||||
selector:
|
||||
app.kubernetes.io/name: frps
|
19
system/apps/user/frps.yaml
Normal file
19
system/apps/user/frps.yaml
Normal file
|
@ -0,0 +1,19 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: frps
|
||||
namespace: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: apps
|
||||
source:
|
||||
path: apps/frps
|
||||
repoURL: https://git.tbrnt.ch/tobru/gitops-zurrli.git
|
||||
targetRevision: HEAD
|
||||
destination:
|
||||
namespace: frps
|
||||
server: https://kubernetes.default.svc
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
Loading…
Reference in a new issue