Add test mobilizon instance
All checks were successful
/ diff-and-deploy (push) Successful in 2m9s

This commit is contained in:
Finn 2025-01-23 13:10:09 -08:00
parent b8c9edf924
commit ac3d1fe25f
6 changed files with 218 additions and 0 deletions

View file

@ -10,6 +10,7 @@ resources:
- keycloak
- matrix
- meshtastic
- mobilizon
- miniflux
- monitoring
- netbox

View file

@ -0,0 +1,66 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: postgis
spec:
selector:
matchLabels:
app: postgis
serviceName: postgis
replicas: 1
template:
metadata:
labels:
app: postgis
spec:
containers:
- name: postgis
image: postgis/postgis:15-3.4
ports:
- containerPort: 5432
name: postgres
volumeMounts:
- name: data
mountPath: /var/lib/postgresql
env:
- name: POSTGRES_USER
value: mobilizon
- name: POSTGRES_DB
value: mobilizon
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgis-password
key: password
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: Service
metadata:
name: postgis
spec:
selector:
app: postgis
ports:
- port: 5432
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: postgis-password
spec:
target:
name: postgis-password
dataFrom:
- sourceRef:
generatorRef:
apiVersion: generators.external-secrets.io/v1alpha1
kind: ClusterGenerator
name: password

View file

@ -0,0 +1,18 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: mobilizon
labels:
name: mobilizon
spec:
rules:
- host: mobilizon-test.k8s.home.finn.io
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: mobilizon
port:
number: 4000

View file

@ -0,0 +1,37 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: mobilizon
resources:
- namespace.yaml
- database.yaml
- mobilizon.yaml
- ingress.yaml
configMapGenerator:
- name: mobilizon
literals:
# documented at https://framagit.org/framasoft/joinmobilizon/docker/-/blob/master/env.template?ref_type=heads
- MOBILIZON_INSTANCE_NAME=Mobilizon Test
- MOBILIZON_INSTANCE_HOST=mobilizon-test.k8s.home.finn.io
- MOBILIZON_INSTANCE_LISTEN_IP=0.0.0.0
- MOBILIZON_INSTANCE_PORT=4000
- MOBILIZON_INSTANCE_EMAIL=mobilizon-test@janky.solutions
- MOBILIZON_REPLY_EMAIL=mobilizon-test@janky.solutions
- MOBILIZON_INSTANCE_REGISTRATIONS_OPEN=false
- MOBILIZON_DATABASE_USERNAME=mobilizon
- MOBILIZON_DATABASE_DBNAME=mobilizon
- MOBILIZON_DATABASE_HOST=postgis
- MOBILIZON_DATABASE_PORT=5432
- MOBILIZON_DATABASE_SSL=false
# - MOBILIZON_INSTANCE_SECRET_KEY_BASE
# - MOBILIZON_INSTANCE_SECRET_KEY
- MOBILIZON_LOGLEVEL=debug
- MOBILIZON_SMTP_SERVER=mx1.janky.solutions
- MOBILIZON_SMTP_PORT=465
- MOBILIZON_SMTP_SSL=false
- MOBILIZON_SMTP_TLS=true
- MOBILIZON_SMTP_USERNAME=mobilizon-test@janky.solutions
# - MOBILIZON_SMTP_PASSWORD
# - MOBILIZON_UPLOADS
# - MOBILIZON_UPLOADS_EXPORTS
# - MOBILIZON_TIMEZONES_DIR
# - MOBILIZON_TZDATA_DIR

View file

@ -0,0 +1,92 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mobilizon
spec:
selector:
matchLabels:
app: mobilizon
serviceName: mobilizon
replicas: 1
template:
metadata:
labels:
app: mobilizon
spec:
securityContext:
fsGroup: 65534
fsGroupChangePolicy: "OnRootMismatch"
containers:
- name: mobilizon
image: framasoft/mobilizon:5.1.1
ports:
- containerPort: 4000
name: web
volumeMounts:
- name: data
mountPath: /var/lib/mobilizon/uploads
env:
- name: MOBILIZON_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: postgis-password
key: password
- name: MOBILIZON_INSTANCE_SECRET_KEY_BASE
valueFrom:
secretKeyRef:
name: mobilizon-instance-secret-key-base
key: password
- name: MOBILIZON_INSTANCE_SECRET_KEY
valueFrom:
secretKeyRef:
name: mobilizon-instance-secret-key
key: password
envFrom:
- configMapRef:
name: mobilizon
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: Service
metadata:
name: mobilizon
spec:
selector:
app: mobilizon
ports:
- port: 4000
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: mobilizon-instance-secret-key-base
spec:
target:
name: mobilizon-instance-secret-key-base
dataFrom:
- sourceRef:
generatorRef:
apiVersion: generators.external-secrets.io/v1alpha1
kind: ClusterGenerator
name: password
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: mobilizon-instance-secret-key
spec:
target:
name: mobilizon-instance-secret-key
dataFrom:
- sourceRef:
generatorRef:
apiVersion: generators.external-secrets.io/v1alpha1
kind: ClusterGenerator
name: password

View file

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: mobilizon