diff --git a/bootstrap/kustomizations/kustomization-taskchampion.yaml b/bootstrap/kustomizations/kustomization-taskchampion.yaml new file mode 100644 index 0000000..0b22313 --- /dev/null +++ b/bootstrap/kustomizations/kustomization-taskchampion.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: taskchampion + namespace: flux-system +spec: + interval: 15m + path: ./taskchampion + prune: true # remove any elements later removed from the above path + timeout: 2m # if not set, this defaults to interval duration, which is 1h + sourceRef: + kind: GitRepository + name: flux-system + healthChecks: + - apiVersion: apps/v1 + kind: Deployment + name: taskchampion + namespace: taskchampion diff --git a/bootstrap/namespaces/namespace-taskchampion.yaml b/bootstrap/namespaces/namespace-taskchampion.yaml new file mode 100644 index 0000000..4c08cc2 --- /dev/null +++ b/bootstrap/namespaces/namespace-taskchampion.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: taskchampion diff --git a/taskchampion/deployment.yaml b/taskchampion/deployment.yaml new file mode 100644 index 0000000..cc02819 --- /dev/null +++ b/taskchampion/deployment.yaml @@ -0,0 +1,33 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: taskchampion + namespace: taskchampion +spec: + selector: + matchLabels: + app: taskchampion + template: + metadata: + labels: + app: taskchampion + spec: + containers: + - name: taskchampion + image: ghcr.io/gothenburgbitfactory/taskchampion-sync-server:latest + imagePullPolicy: Always + args: ["--data-dir", "/tss", "--port", "8080"] + env: + - name: RUST_LOG + value: info + ports: + - containerPort: 8080 + name: http + protocol: TCP + volumeMounts: + - name: data + mountPath: /tss + volumes: + - name: data + persistentVolumeClaim: + claimName: taskchampion-data diff --git a/taskchampion/dns-endpoint.yaml b/taskchampion/dns-endpoint.yaml new file mode 100644 index 0000000..7007b64 --- /dev/null +++ b/taskchampion/dns-endpoint.yaml @@ -0,0 +1,15 @@ +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: taskchampion.michaelthomson.dev + namespace: taskchampion +spec: + endpoints: + - dnsName: taskchampion.michaelthomson.dev + recordTTL: 180 + recordType: CNAME + targets: + - michaelthomson.ddns.net + providerSpecific: + - name: external-dns.alpha.kubernetes.io/cloudflare-proxied + value: "true" diff --git a/taskchampion/ingress.yaml b/taskchampion/ingress.yaml new file mode 100644 index 0000000..04724ba --- /dev/null +++ b/taskchampion/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: taskchampion + namespace: taskchampion + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" +spec: + rules: + - host: taskchampion.michaelthomson.dev + http: + paths: + - pathType: ImplementationSpecific + path: / + backend: + service: + name: taskchampion + port: + name: http + tls: + - hosts: + - taskchampion.michaelthomson.dev + secretName: letsencrypt-wildcard-cert-michaelthomson.dev diff --git a/taskchampion/pvc-data.yaml b/taskchampion/pvc-data.yaml new file mode 100644 index 0000000..6609399 --- /dev/null +++ b/taskchampion/pvc-data.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: taskchampion-data + namespace: taskchampion +spec: + resources: + requests: + storage: 1Gi + storageClassName: longhorn + accessModes: + - ReadWriteOnce diff --git a/taskchampion/service.yaml b/taskchampion/service.yaml new file mode 100644 index 0000000..df47c35 --- /dev/null +++ b/taskchampion/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: taskchampion + namespace: taskchampion +spec: + selector: + app: taskchampion + ports: + - port: 80 + targetPort: http + name: http