Skip to content
Snippets Groups Projects
Commit fec790bc authored by Tóth Miklós Tibor's avatar Tóth Miklós Tibor :shrug:
Browse files

add k8s yamls

parent fd2e171b
Branches
No related tags found
No related merge requests found
secret.env
\ No newline at end of file
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
../.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
apiVersion: v2
name: vox
description: A Helm chart for Kubernetes
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"
#!/bin/bash
set -o allexport
source secret.env
set +o allexport
envsubst < values.yaml | helm install vox . --values -
\ No newline at end of file
{{ if .Values.istio }}
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
name: vox
namespace: istio-system
spec:
commonName: {{ .Values.Domain }}
dnsNames:
- {{ .Values.Domain }}
issuerRef:
name: letsencrypt
secretName: vox-cert
{{ end }}
\ No newline at end of file
apiVersion: apps/v1
kind: Deployment
metadata:
name: vox
spec:
selector:
matchLabels:
app: vox
template:
metadata:
labels:
app: vox
spec:
priorityClassName: apps
containers:
- name: vox
image: "docker.io/miketth/vox:{{ .Values.tag }}"
imagePullPolicy: Always
envFrom:
- secretRef:
name: vox-secret
- secretRef:
name: postgres-vox-creds
{{ if false }}
livenessProbe:
httpGet:
port: 8000
path: /live
initialDelaySeconds: 5
periodSeconds: 5
readinessProbe:
httpGet:
port: 8000
path: /ready
periodSeconds: 5
{{ end }}
---
apiVersion: v1
kind: Service
metadata:
name: vox
spec:
selector:
app: vox
ports:
- port: 80
targetPort: 8080
{{ if not .Values.istio }}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: vox
annotations:
cert-manager.io/cluster-issuer: letsencrypt
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: 'true'
spec:
tls:
- hosts:
- {{ .Values.Domain }}
secretName: vox-tls
rules:
- host: {{ .Values.Domain }}
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: vox
port:
number: 80
{{ end }}
\ No newline at end of file
{{ if .Values.istio }}
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: vox
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- {{ .Values.Domain }}
port:
name: web
number: 443
protocol: HTTPS
tls:
credentialName: vox-cert
mode: SIMPLE
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: vox
spec:
gateways:
- vox
hosts:
- {{ .Values.Domain }}
http:
- route:
- destination:
host: vox
port:
number: 80
{{ end }}
\ No newline at end of file
apiVersion: v1
kind: Secret
metadata:
name: postgres-vox-creds
stringData:
POSTGRES: "{{ .Values.Postgres }}"
\ No newline at end of file
apiVersion: v1
kind: Secret
metadata:
name: vox-secret
stringData:
CLIENTID: "{{ .Values.ClientID }}"
CLIENTSECRET: "{{ .Values.ClientSecret }}"
\ No newline at end of file
#!/bin/bash
set -o allexport
source secret.env
set +o allexport
envsubst < values.yaml | helm upgrade vox . --values -
replicas: 1
ClientID: "${CLIENTID}"
ClientSecret: "${CLIENTSECRET}"
Postgres: postgresql://vox:${POSTGRES_PASS}@cockroachdb-public.cockroach.svc:26257/vox?sslmode=prefer
Domain: vox.mikesweb.site
tag: latest
istio: no
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment