JankySolutions/infra
2
0
Fork 0
Code Issues Pull requests 5 Projects Releases Packages 12 Wiki Activity Actions

Update traefik internal services template

Browse source
This commit is contained in:
Finn 2024-08-02 16:09:09 -07:00
parent ff18cdf1cf
commit 41a2f09959
12 changed files with 49 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
k8s/matrix/config-janky.bot/homeserver.yaml
View file

@ -27,4 +27,4 @@ signing_key_path: "/secrets/janky.bot.signing.key"
trusted_key_servers: trusted_key_servers:
- server_name: "matrix.org" - server_name: "matrix.org"
public_baseurl: https://matrix.janky.bot public_baseurl: https://matrix.janky.bot
ip_range_whitelist: [10.5.1.245] ip_range_whitelist: [10.5.1.245,10.5.1.1]

10
k8s/matrix/kustomization.yaml
View file

@ -7,6 +7,7 @@ resources:
- bridge-signal.yaml - bridge-signal.yaml
- bridge-telegram.yaml - bridge-telegram.yaml
- janky.bot-homeserver.yaml - janky.bot-homeserver.yaml
- janky.solutions-homeserver.yaml
- secrets.yaml - secrets.yaml
- secrets-init.yaml - secrets-init.yaml
configMapGenerator: configMapGenerator:
@ -18,3 +19,12 @@ configMapGenerator:
files: files:
- config-janky.bot/homeserver.yaml - config-janky.bot/homeserver.yaml
- config-janky.bot/log.yaml - config-janky.bot/log.yaml
- name: synapse-janky-solutions
files:
- config-janky.solutions/homeserver.yaml
- config-janky.solutions/log.yaml
- name: appservices-janky-solutions
files:
- appservices-janky.solutions/facebook.yaml
- appservices-janky.solutions/telegram.yaml
- appservices-janky.solutions/signal.yaml

2
k8s/monica/kustomization.yaml
View file

@ -4,5 +4,5 @@ namespace: monica
resources: resources:
- namespace.yaml - namespace.yaml
- monica.yaml - monica.yaml
- mysql.yaml - database.yaml
- secrets.yaml - secrets.yaml

1
k8s/monica/monica.yaml
View file

@ -64,6 +64,7 @@ spec:
- metadata: - metadata:
name: storage name: storage
spec: spec:
storageClassName: longhorn
accessModes: ["ReadWriteOnce"] accessModes: ["ReadWriteOnce"]
resources: resources:
requests: requests:

3
k8s/monica/mysql.yaml
View file

@ -27,7 +27,7 @@ spec:
app: mysql app: mysql
spec: spec:
containers: containers:
- image: docker.io/library/mysql:5.7 - image: docker.io/library/mysql:8
name: mysql name: mysql
resources: {} resources: {}
ports: ports:
@ -50,6 +50,7 @@ spec:
- metadata: - metadata:
name: storage name: storage
spec: spec:
storageClassName: longhorn
accessModes: ["ReadWriteOnce"] accessModes: ["ReadWriteOnce"]
resources: resources:
requests: requests:

2
k8s/monitoring/ingresses.yaml
View file

@ -19,6 +19,8 @@ apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
name: prometheus-internal name: prometheus-internal
annotations:
janky.solutions/auth-glue: prometheus
spec: spec:
rules: rules:
- host: prometheus.monitoring.k8s - host: prometheus.monitoring.k8s

1
k8s/system/kustomization.yaml
View file

@ -2,6 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- traefik-default-cert.yaml - traefik-default-cert.yaml
- traefik-dashboard.yaml
configMapGenerator: configMapGenerator:
- name: traefik-additional-configs - name: traefik-additional-configs
namespace: kube-system namespace: kube-system

12
k8s/system/traefik-dashboard.yaml Normal file
View file

@ -0,0 +1,12 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: traefik-dashboard
namespace: kube-system
spec:
routes:
- match: Host(`traefik.kube-system.k8s`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))
kind: Rule
services:
- name: api@internal
kind: TraefikService

32
k8s/system/traefik/external-services.yaml
View file

@ -1,21 +1,25 @@
{{
$services := list
(list "minio-console" "minio-console.home.finn.io" "http://minio:9001")
(list "minio" "storage.home.finn.io" "http://minio:9000")
(list "jellyfin" "jellyfin.janky.solutions" "http://jellyfin:8096")
(list "dns" "dns.janky.solutions" "http://dns:9191")
(list "dns443" "dns.janky.solutions:443" "http://dns:9191")
(list "matrix" "matrix.janky.solutions" "http://matrix:8008")
}}
http: http:
routers: routers:
minio: {{range $_, $service := $services}}
{{index $service 0}}:
entryPoints: entryPoints:
- websecure - websecure
rule: "Host(`storage.home.finn.io`)" rule: "Host(`{{ index $service 1 }}`)"
service: minio service: {{ index $service 0 }}
minio-console: {{end}}
entryPoints:
- websecure
rule: "Host(`minio-console.home.finn.io`)"
service: minio-console
services: services:
minio: {{range $_, $service := $services}}
{{index $service 0}}:
loadBalancer: loadBalancer:
servers: servers:
- url: "http://minio:9000/" - url: "{{index $service 2}}"
minio-console: {{end}}
loadBalancer:
servers:
- url: "http://minio:9001/"

1
playbook-home-k8s-usb.yaml
View file

@ -3,6 +3,5 @@
ansible_user: root ansible_user: root
roles: roles:
- base - base
- monitoring
- k8s-node - k8s-node
- k8s-usb-node - k8s-usb-node

1
playbook-home-k8s.yaml
View file

@ -3,5 +3,4 @@
ansible_user: root ansible_user: root
roles: roles:
- base - base
- monitoring
- k8s-node - k8s-node

1
roles/k8s-node/templates/traefik-config.yaml
View file

@ -22,6 +22,7 @@ spec:
additionalArguments: additionalArguments:
- --providers.file.directory=/file-configs - --providers.file.directory=/file-configs
- --providers.file.watch=true - --providers.file.watch=true
- --providers.file.debugLogGeneratedTemplate=true
volumes: volumes:
- name: traefik-additional-configs - name: traefik-additional-configs
mountPath: /file-configs mountPath: /file-configs