This commit is contained in:
parent
b8c9edf924
commit
ac3d1fe25f
6 changed files with 218 additions and 0 deletions
|
@ -10,6 +10,7 @@ resources:
|
|||
- keycloak
|
||||
- matrix
|
||||
- meshtastic
|
||||
- mobilizon
|
||||
- miniflux
|
||||
- monitoring
|
||||
- netbox
|
||||
|
|
66
k8s/mobilizon/database.yaml
Normal file
66
k8s/mobilizon/database.yaml
Normal file
|
@ -0,0 +1,66 @@
|
|||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: postgis
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: postgis
|
||||
serviceName: postgis
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: postgis
|
||||
spec:
|
||||
containers:
|
||||
- name: postgis
|
||||
image: postgis/postgis:15-3.4
|
||||
ports:
|
||||
- containerPort: 5432
|
||||
name: postgres
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /var/lib/postgresql
|
||||
env:
|
||||
- name: POSTGRES_USER
|
||||
value: mobilizon
|
||||
- name: POSTGRES_DB
|
||||
value: mobilizon
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgis-password
|
||||
key: password
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: data
|
||||
spec:
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: postgis
|
||||
spec:
|
||||
selector:
|
||||
app: postgis
|
||||
ports:
|
||||
- port: 5432
|
||||
---
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: postgis-password
|
||||
spec:
|
||||
target:
|
||||
name: postgis-password
|
||||
dataFrom:
|
||||
- sourceRef:
|
||||
generatorRef:
|
||||
apiVersion: generators.external-secrets.io/v1alpha1
|
||||
kind: ClusterGenerator
|
||||
name: password
|
18
k8s/mobilizon/ingress.yaml
Normal file
18
k8s/mobilizon/ingress.yaml
Normal file
|
@ -0,0 +1,18 @@
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: mobilizon
|
||||
labels:
|
||||
name: mobilizon
|
||||
spec:
|
||||
rules:
|
||||
- host: mobilizon-test.k8s.home.finn.io
|
||||
http:
|
||||
paths:
|
||||
- pathType: Prefix
|
||||
path: "/"
|
||||
backend:
|
||||
service:
|
||||
name: mobilizon
|
||||
port:
|
||||
number: 4000
|
37
k8s/mobilizon/kustomization.yaml
Normal file
37
k8s/mobilizon/kustomization.yaml
Normal file
|
@ -0,0 +1,37 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: mobilizon
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- database.yaml
|
||||
- mobilizon.yaml
|
||||
- ingress.yaml
|
||||
configMapGenerator:
|
||||
- name: mobilizon
|
||||
literals:
|
||||
# documented at https://framagit.org/framasoft/joinmobilizon/docker/-/blob/master/env.template?ref_type=heads
|
||||
- MOBILIZON_INSTANCE_NAME=Mobilizon Test
|
||||
- MOBILIZON_INSTANCE_HOST=mobilizon-test.k8s.home.finn.io
|
||||
- MOBILIZON_INSTANCE_LISTEN_IP=0.0.0.0
|
||||
- MOBILIZON_INSTANCE_PORT=4000
|
||||
- MOBILIZON_INSTANCE_EMAIL=mobilizon-test@janky.solutions
|
||||
- MOBILIZON_REPLY_EMAIL=mobilizon-test@janky.solutions
|
||||
- MOBILIZON_INSTANCE_REGISTRATIONS_OPEN=false
|
||||
- MOBILIZON_DATABASE_USERNAME=mobilizon
|
||||
- MOBILIZON_DATABASE_DBNAME=mobilizon
|
||||
- MOBILIZON_DATABASE_HOST=postgis
|
||||
- MOBILIZON_DATABASE_PORT=5432
|
||||
- MOBILIZON_DATABASE_SSL=false
|
||||
# - MOBILIZON_INSTANCE_SECRET_KEY_BASE
|
||||
# - MOBILIZON_INSTANCE_SECRET_KEY
|
||||
- MOBILIZON_LOGLEVEL=debug
|
||||
- MOBILIZON_SMTP_SERVER=mx1.janky.solutions
|
||||
- MOBILIZON_SMTP_PORT=465
|
||||
- MOBILIZON_SMTP_SSL=false
|
||||
- MOBILIZON_SMTP_TLS=true
|
||||
- MOBILIZON_SMTP_USERNAME=mobilizon-test@janky.solutions
|
||||
# - MOBILIZON_SMTP_PASSWORD
|
||||
# - MOBILIZON_UPLOADS
|
||||
# - MOBILIZON_UPLOADS_EXPORTS
|
||||
# - MOBILIZON_TIMEZONES_DIR
|
||||
# - MOBILIZON_TZDATA_DIR
|
92
k8s/mobilizon/mobilizon.yaml
Normal file
92
k8s/mobilizon/mobilizon.yaml
Normal file
|
@ -0,0 +1,92 @@
|
|||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: mobilizon
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: mobilizon
|
||||
serviceName: mobilizon
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: mobilizon
|
||||
spec:
|
||||
securityContext:
|
||||
fsGroup: 65534
|
||||
fsGroupChangePolicy: "OnRootMismatch"
|
||||
containers:
|
||||
- name: mobilizon
|
||||
image: framasoft/mobilizon:5.1.1
|
||||
ports:
|
||||
- containerPort: 4000
|
||||
name: web
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /var/lib/mobilizon/uploads
|
||||
env:
|
||||
- name: MOBILIZON_DATABASE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgis-password
|
||||
key: password
|
||||
- name: MOBILIZON_INSTANCE_SECRET_KEY_BASE
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: mobilizon-instance-secret-key-base
|
||||
key: password
|
||||
- name: MOBILIZON_INSTANCE_SECRET_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: mobilizon-instance-secret-key
|
||||
key: password
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: mobilizon
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: data
|
||||
spec:
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: mobilizon
|
||||
spec:
|
||||
selector:
|
||||
app: mobilizon
|
||||
ports:
|
||||
- port: 4000
|
||||
---
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: mobilizon-instance-secret-key-base
|
||||
spec:
|
||||
target:
|
||||
name: mobilizon-instance-secret-key-base
|
||||
dataFrom:
|
||||
- sourceRef:
|
||||
generatorRef:
|
||||
apiVersion: generators.external-secrets.io/v1alpha1
|
||||
kind: ClusterGenerator
|
||||
name: password
|
||||
---
|
||||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: mobilizon-instance-secret-key
|
||||
spec:
|
||||
target:
|
||||
name: mobilizon-instance-secret-key
|
||||
dataFrom:
|
||||
- sourceRef:
|
||||
generatorRef:
|
||||
apiVersion: generators.external-secrets.io/v1alpha1
|
||||
kind: ClusterGenerator
|
||||
name: password
|
4
k8s/mobilizon/namespace.yaml
Normal file
4
k8s/mobilizon/namespace.yaml
Normal file
|
@ -0,0 +1,4 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: mobilizon
|
Loading…
Add table
Reference in a new issue