all repos — infra @ 14e9456e43455b77b2e64cdfc2927f63f75d6e84

infrastructure manifests and setup notes 

Add fsrv
Anirudh Oppiliappan x@icyphox.sh
Fri, 18 Jun 2021 23:08:31 +0530
commit

14e9456e43455b77b2e64cdfc2927f63f75d6e84

parent

53d0b39725c374d561a5196aae59cf3dfeb3215d

5 files changed, 135 insertions(+), 3 deletions(-)

jump to
A apps/fsrv/default.conf.yaml 
@@ -0,0 +1,14 @@
+apiVersion: v1
+data:
+  default.conf: |
+    server {
+        listen 80;
+        root /uploads;
+        location = / {
+            default_type application/octet-stream;
+            try_files $uri =404;
+        }
+    }
+kind: ConfigMap
+metadata:
+  name: fsrv-nginx
A apps/fsrv/fsrv.yaml 
@@ -0,0 +1,77 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: fsrv
+  labels:
+    app: fsrv
+spec:
+  selector:
+    matchLabels:
+      app: fsrv
+  template:
+    metadata:
+      labels:
+        app: fsrv
+    spec:
+      imagePullSecrets:
+        - name: registry-creds
+      nodeSelector:
+        arch: "amd64"
+      containers:
+        - name: fsrv
+          image: reg.icyphox.sh/fsrv
+          imagePullPolicy: Always
+          env:
+            - name: FSRV_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: fsrv-key
+                  key: key
+          volumeMounts:
+            - name: uploads
+              mountPath: "/uploads"
+              readOnly: false
+          ports:
+            - name: http
+              containerPort: 9393
+          command: ["/bin/sh"]
+          args:
+            - -c
+            - /fsrv/fsrv -url https://x.icyphox.sh -key $FSRV_KEY -index /fsrv/index.html -storepath /uploads
+        - name: nginx
+          image: nginx
+          volumeMounts:
+            - name: uploads
+              mountPath: "/uploads"
+              readOnly: true
+            - name: nginx-config
+              mountPath: "/etc/nginx/conf.d/"
+              readOnly: true
+          ports:
+            - name: http
+              containerPort: 80
+      volumes:
+        - name: uploads
+          persistentVolumeClaim:
+            claimName: fsrv-uploads
+        - name: nginx-config
+          configMap:
+            name: fsrv-nginx
+            items:
+              - key: "default.conf"
+                path: "default.conf"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: fsrv
+spec:
+  selector:
+    app: fsrv
+  ports:
+    - name: fsrv-http
+      port: 9393
+      targetPort: 9393
+    - name: nginx-http
+      port: 80
+      targetPort: 80
A apps/fsrv/ing.yaml 
@@ -0,0 +1,30 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    kubernetes.io/tls-acme: 'true'
+    cert-manager.io/issuer: "letsencrypt-prod"
+  name: fsrv-ingress
+spec:
+  tls:
+    - hosts:
+      - x.icyphox.sh
+      secretName: fsrv-certs
+  rules:
+  - host: x.icyphox.sh
+    http:
+      paths:
+      - backend:
+          service:
+            name: fsrv
+            port:
+              number: 9393
+        path: /
+        pathType: Exact
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: fsrv
+            port:
+              number: 80
A apps/fsrv/pvc.yaml 
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: fsrv-uploads
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 2Gi
M readmereadme 
@@ -24,6 +24,7 @@
 APPLICATIONS
 
 · radicale: CardDAV/CalDAV server (dav.icyphox.sh)
-· registry: Self-hosted container registry
-· yarr: RSS reader
-· znc: IRC bouncer
+· registry: Self-hosted container registry (reg.icyphox.sh)
+· yarr: RSS reader (f.icyphox.sh)
+· znc: IRC bouncer (irc.icyphox.sh:6666)
+· fsrv: File host service (x.icyphox.sh)