all repos — infra @ 2c2f4a9c4ea30de96f40d8cd804201ede5015088

infrastructure manifests and setup notes

apps: add radicale
Anirudh Oppiliappan x@icyphox.sh
Tue, 02 Jul 2024 00:30:02 +0300
commit

2c2f4a9c4ea30de96f40d8cd804201ede5015088

parent

fe4e1663705e00f04340ca4f18cde91a435f6f92

6 files changed, 42 insertions(+), 83 deletions(-)

jump to
M .gitignore.gitignore

@@ -1,1 +1,2 @@

*certs* +rootca.crt
D apps/radicale/Dockerfile

@@ -1,14 +0,0 @@

-FROM alpine - -RUN apk add --no-cache \ - python3 \ - py3-pip - -RUN python3 -m pip install --upgrade radicale -RUN addgroup -S radicale && adduser -S radicale -G radicale - -USER radicale -WORKDIR /home/radicale -EXPOSE 5232 - -CMD ["python3", "-m", "radicale", "--server-hosts", "0.0.0.0:5232", "--storage-filesystem-folder=./collections"]
D apps/radicale/ing.yaml

@@ -1,28 +0,0 @@

-apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/configuration-snippet: | - proxy_set_header X-Script-Name /; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_pass_header Authorization; - kubernetes.io/tls-acme: 'true' - cert-manager.io/issuer: "letsencrypt-prod" - name: radicale-ingress -spec: - tls: - - hosts: - - dav.icyphox.sh - secretName: radicale-certs - rules: - - host: dav.icyphox.sh - http: - paths: - - backend: - service: - name: radicale - port: - number: 5232 - path: / - pathType: Prefix
D apps/radicale/pvc.yaml

@@ -1,10 +0,0 @@

-apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: radicale-collections -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 100Mi
M apps/radicale/radicale.yamlapps/radicale/radicale.yaml

@@ -13,19 +13,15 @@ metadata:

labels: app: radicale spec: - securityContext: - fsGroup: 101 - imagePullSecrets: - - name: registry-creds nodeSelector: - arch: "amd64" + kubernetes.io/hostname: sini containers: - name: radicale - image: reg.icyphox.sh/radicale + image: tomsquest/docker-radicale imagePullPolicy: IfNotPresent volumeMounts: - name: collections - mountPath: "/home/radicale/collections" + mountPath: /data/collections ports: - name: http containerPort: 5232

@@ -43,5 +39,41 @@ selector:

app: radicale ports: - name: http - port: 5232 + port: 80 targetPort: 5232 +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: radicale-collections +spec: + storageClassName: local-path + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 100Mi +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: dav.koti.lan + namespace: default +spec: + ingressClassName: caddy + rules: + - host: dav.koti.lan + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: radicale + port: + number: 80 + tls: + - secretName: koti-lan-tls + hosts: + - dav.koti.lan +
M apps/yarr/ing.yamlapps/yarr/ing.yaml

@@ -1,23 +1,1 @@

-apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - kubernetes.io/tls-acme: 'true' - cert-manager.io/issuer: "letsencrypt-prod" - name: yarr-ingress -spec: - tls: - - hosts: - - f.icyphox.sh - secretName: yarr-certs - rules: - - host: f.icyphox.sh - http: - paths: - - backend: - service: - name: yarr - port: - number: 7070 - path: / - pathType: Prefix +