From b79b125e4ad5018410c173ac937b0d5566ebc5a7 Mon Sep 17 00:00:00 2001 From: Jim Nicholson Date: Thu, 28 Oct 2021 13:42:52 -0700 Subject: [PATCH] Initial commit --- README.md | 8 ++++ configuration.yaml | 29 ++++++++++++++ deployment.yaml | 97 ++++++++++++++++++++++++++++++++++++++++++++++ ingress.yaml | 26 +++++++++++++ kustomization.yaml | 18 +++++++++ namespace.yaml | 5 +++ service.yaml | 28 +++++++++++++ storage.yaml | 68 ++++++++++++++++++++++++++++++++ 8 files changed, 279 insertions(+) create mode 100644 README.md create mode 100644 configuration.yaml create mode 100644 deployment.yaml create mode 100644 ingress.yaml create mode 100644 kustomization.yaml create mode 100644 namespace.yaml create mode 100644 service.yaml create mode 100644 storage.yaml diff --git a/README.md b/README.md new file mode 100644 index 0000000..a28b2b8 --- /dev/null +++ b/README.md @@ -0,0 +1,8 @@ +# gitea kubernetes deployment + +Deploys gita with a postgresql database + +## ToDo + ++ Replace literal passwords with https://github.com/mittwald/kubernetes-secret-generator + diff --git a/configuration.yaml b/configuration.yaml new file mode 100644 index 0000000..72de932 --- /dev/null +++ b/configuration.yaml @@ -0,0 +1,29 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: postgres-config + namespace: gitea + labels: + app: postgres +data: + PGDATA: "/var/lib/postgresql/data" + POSTGRES_DB: "gitea" + POSTGRES_USER: "postgres" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: gitea-env + namespace: gitea + labels: + app: gitea +data: + APP_NAME: "Gitea" + USER_UID: "1000" + USER_GID: "1000" + ROOT_URL: "https://git.thejimnicholson.com" + HTTP_PORT: "3000" + DB_TYPE: postgres + DB_HOST: postgres.gitea.svc.cluster.local:5432 + DB_NAME: gitea + DB_USER: postgres diff --git a/deployment.yaml b/deployment.yaml new file mode 100644 index 0000000..d366eb2 --- /dev/null +++ b/deployment.yaml @@ -0,0 +1,97 @@ +--- + apiVersion: apps/v1 + kind: Deployment + metadata: + name: postgres + namespace: gitea + labels: + app: postgres + spec: + selector: + matchLabels: + app: postgres # has to match .spec.template.metadata.labels + tier: postgres + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + template: + metadata: + labels: + app: postgres + tier: postgres + spec: + containers: + - image: postgres:12 + securityContext: + runAsUser: 1000 + name: postgres +# command: ["chown", "-R", "1000:1000", "/var/lib/postgresql/data"] + envFrom: + - configMapRef: + name: postgres-config + env: + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: gitea-secrets + key: pg_password + ports: + - containerPort: 5432 + name: postgres + volumeMounts: + - name: postgres-persistent-storage + mountPath: /var/lib/postgresql/data + subPath: pgdata + volumes: + - name: postgres-persistent-storage + persistentVolumeClaim: + claimName: postgres-pvc +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gitea + namespace: gitea + labels: + app: gitea +spec: + selector: + matchLabels: + app: gitea + strategy: + #type: Recreate + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + template: + metadata: + labels: + app: gitea + spec: + containers: + - image: gitea/gitea:1.15.4 + name: gitea + envFrom: + - configMapRef: + name: gitea-env + env: + - name: DB_PASSWD + valueFrom: + secretKeyRef: + name: gitea-secrets + key: pg_password + ports: + - containerPort: 3000 + name: gitea + volumeMounts: + - name: gitea-persistent-storage + mountPath: /data + volumes: + - name: gitea-persistent-storage + persistentVolumeClaim: + claimName: gitea-pvc \ No newline at end of file diff --git a/ingress.yaml b/ingress.yaml new file mode 100644 index 0000000..d686269 --- /dev/null +++ b/ingress.yaml @@ -0,0 +1,26 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: gitea-ingress + namespace: gitea + annotations: + kubernetes.io/ingress.class: "traefik" + traefik.ingress.kubernetes.io/redirect-entry-point: https + cert-manager.io/cluster-issuer: http-clusterissuer +spec: + rules: + - host: git.thejimnicholson.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: gitea + port: + number: 3000 + tls: + - hosts: + - git.thejimnicholson.com + secretName: git.thejimnicholson.com \ No newline at end of file diff --git a/kustomization.yaml b/kustomization.yaml new file mode 100644 index 0000000..39169aa --- /dev/null +++ b/kustomization.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: gitea +secretGenerator: +- literals: + - pg_password=some1pass5here9 + name: gitea-secrets +generatorOptions: + disableNameSuffixHash: true + labels: + type: generated +resources: +- namespace.yaml +- storage.yaml +- configuration.yaml +- deployment.yaml +- service.yaml +- ingress.yaml diff --git a/namespace.yaml b/namespace.yaml new file mode 100644 index 0000000..6b678c1 --- /dev/null +++ b/namespace.yaml @@ -0,0 +1,5 @@ +--- +kind: Namespace +apiVersion: v1 +metadata: + name: gitea \ No newline at end of file diff --git a/service.yaml b/service.yaml new file mode 100644 index 0000000..b3c7f0d --- /dev/null +++ b/service.yaml @@ -0,0 +1,28 @@ +--- + apiVersion: v1 + kind: Service + metadata: + name: postgres + namespace: gitea + labels: + app: postgres + spec: + ports: + - name: postgres + port: 5432 + targetPort: 5432 + selector: + app: postgres + clusterIP: None +--- + apiVersion: v1 + kind: Service + metadata: + name: gitea + namespace: gitea + spec: + selector: + app: gitea + ports: + - protocol: TCP + port: 3000 \ No newline at end of file diff --git a/storage.yaml b/storage.yaml new file mode 100644 index 0000000..3e7c09a --- /dev/null +++ b/storage.yaml @@ -0,0 +1,68 @@ +--- + apiVersion: v1 + kind: PersistentVolume + metadata: + name: postgres-pv + namespace: gitea + labels: + app: gitea + spec: + capacity: + storage: 5Gi + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + nfs: + server: 10.0.96.2 + path: "/volume1/storage/git-database" + claimRef: + namespace: gitea + name: postgres-pvc +--- + apiVersion: v1 + kind: PersistentVolume + metadata: + name: gitea-pv + namespace: gitea + labels: + app: gitea + spec: + capacity: + storage: 5Gi + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + nfs: + server: 10.0.96.2 + path: "/volume1/storage/git-repo" + claimRef: + namespace: gitea + name: gitea-pvc +--- + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: postgres-pvc + namespace: gitea + labels: + app: gitea + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi +--- + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: gitea-pvc + namespace: gitea + labels: + app: gitea + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi \ No newline at end of file