all repos — infra @ 557c7497404bb7c095aa80502b82e65b78ccaf4f

infrastructure manifests and setup notes

all: clean up for fresh cluster
Anirudh Oppiliappan x@icyphox.sh
Sat, 29 Jun 2024 10:33:03 +0300
commit

557c7497404bb7c095aa80502b82e65b78ccaf4f

parent

5fe6100c7c0d9b65eb2bfaf84cb2ff898979d35b

33 files changed, 55 insertions(+), 1717 deletions(-)

jump to
D apps/cgit/Dockerfile

@@ -1,8 +0,0 @@

-FROM nginx:alpine - -RUN apk add cgit fcgiwrap groff gettext spawn-fcgi - -RUN addgroup -S git && adduser -S git -G git -RUN ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log - -EXPOSE 80
D apps/cgit/cgit-ui/cgit.css

@@ -1,977 +0,0 @@

-:root { - --fg: #000; - --fg-light: #666; - --bg: #fff; - --bg-light: #eee; - --less-dark: #444; - --dark: #222; -} - -body { - overflow-x:auto -} - -/* syntax highlighting*/ -body.hl { background-color:var(--bg); } -pre.hl { color:var(--fg); background-color:var(--bg); font-family:monospace;} -.hl.num { color:var(--less-dark); } -.hl.esc { color:var(--fg); } -.hl.str { color:var(--less-dark); } -.hl.pps { color:var(--dark); } -.hl.slc { color:var(--fg-light); font-style:italic; } -.hl.com { color:var(--fg-light); font-style:italic; } -.hl.ppc { color:var(--dark); } -.hl.opt { color:var(--fg); } -.hl.ipl { color:var(--dark); } -.hl.lin { color:var(--fg); } -.hl.kwa { color:var(--fg); font-weight:bold; } -.hl.kwb { color:var(--fg-light); } -.hl.kwc { color:var(--fg); font-weight:bold; } -.hl.kwd { color:var(--fg); font-weight:bold; } - -::selection { - background-color: var(--less-dark); - color: var(--bg); -} - -div#cgit { - font-family: serif; - margin: 2em; - font-size: 13pt; - color: var(--fg); - background: white; -} - -@media only screen and (min-width: 1080px) { - div#cgit{ - margin: 18em; - margin-top: 2em; - margin-bottom: 2em; - } -} - -@media only screen and (min-width: 1400px) { - div#cgit{ - margin: 18em; - margin-top: 2em; - margin-bottom: 2em; - } -} - -div#cgit a { - color: var(--dark); - text-decoration: none; -} - -div#cgit a:hover { - text-decoration: underline; -} - -div#cgit table { - border-collapse: collapse; -} - -div#cgit table#header { - width: 100%; - margin-bottom: 1em; -} - -div#cgit table#header td.logo { - width: 96px; - vertical-align: top; -} - -div#cgit table#header td.main { - font-size: 3em; - padding-left: 10px; - white-space: nowrap; -} - -div#cgit table#header td.main a { - color: var(--fg); -} - -div#cgit table#header td.form { - text-align: right; - vertical-align: bottom; - padding-right: 1em; - padding-bottom: 2px; - white-space: nowrap; -} - -div#cgit table#header td.form form, -div#cgit table#header td.form input, -div#cgit table#header td.form select { - font-size: 90%; -} - -div#cgit table#header td.sub { - color: var(--fg-light); - padding-left: 10px; -} - -div#cgit table.tabs { - border: none; - margin-top: 2em; - margin-bottom: 2em; - width: 100%; -} - -div#cgit table.tabs td { - padding: 0px 1em; - vertical-align: bottom; -} - -div#cgit table.tabs td a { - padding: 0.75em; - color: var(--fg-light); - font-size: 110%; -} - -div#cgit table.tabs td a:hover { - color: var(--fg); - text-decoration: none; -} - -div#cgit table.tabs td a.active { - color: var(--fg); -} - -div#cgit table.tabs a[href^="http://"]:after, div#cgit table.tabs a[href^="https://"]:after { - content: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAoAAAAKCAQAAAAnOwc2AAAAAmJLR0QA/4ePzL8AAAAJcEhZcwAACxMAAAsTAQCanBgAAAAHdElNRQfgAhcJDQY+gm2TAAAAHWlUWHRDb21tZW50AAAAAABDcmVhdGVkIHdpdGggR0lNUGQuZQcAAABbSURBVAhbY2BABs4MU4CwhYHBh2Erww4wrGFQZHjI8B8IgUIscJWyDHcggltQhI4zGDCcRwhChPggHIggP1QoAVmQkSETrGoHsiAEsACtBYN0oDAMbgU6EBcAAL2eHUt4XUU4AAAAAElFTkSuQmCC); - opacity: 0.5; - margin: 0 0 0 5px; -} - -div#cgit table.tabs td.form { - text-align: right; -} - -div#cgit table.tabs td.form form { - padding-bottom: 2px; - font-size: 90%; - white-space: nowrap; -} - -div#cgit table.tabs td.form input, -div#cgit table.tabs td.form select { - font-size: 90%; -} - -div#cgit div.path { - margin: 0px; - padding: 5px 2em 2px 2em; - color: #000; - background-color: #eee; -} - -div#cgit div.content { - margin: 0px; - padding: 2em; - td { - padding-top: 4px; - padding-bottom: 4px; - } -} - - -div#cgit table.list { - width: 100%; - border: none; - border-collapse: collapse; -} - -div#cgit table.list tr { - background: white; -} - -div#cgit table.list tr.logheader { - background: #eee; -} - -div#cgit table.list tr:nth-child(even) { - background: #white; -} - -div#cgit table.list tr:nth-child(odd) { - background: white; -} - -div#cgit table.list tr:hover { -} - -div#cgit table.list tr.nohover { - background: var(--bg); -} - -div#cgit table.list tr.nohover:hover { - background: var(--bg); -} - -div#cgit table.list tr.nohover-highlight:hover:nth-child(even) { - background: var(--bg); -} - -div#cgit table.list tr.nohover-highlight:hover:nth-child(odd) { - background: var(--bg); -} - -div#cgit table.list th { - font-weight: bold; - /* color: #888; - border-top: dashed 1px #888; - border-bottom: dashed 1px #888; - */ - color: var(--fg); - padding: 0.1em 0.5em 0.05em 0.5em; - vertical-align: baseline; -} - -div#cgit table.list td { - border: none; - padding: 0em 0.5em 0.1em 0.5em; -} - -div#cgit table.list td.commitgraph { - font-family: monospace; - white-space: pre; - color: var(--fg); -} - -div#cgit table.list td.commitgraph .column1 { - color: var(--fg-light); -} - -div#cgit table.list td.commitgraph .column2 { - color: var(--fg-light); -} - -div#cgit table.list td.commitgraph .column3 { - color: var(--fg-light); -} - -div#cgit table.list td.commitgraph .column4 { - color: var(--fg-light); -} - -div#cgit table.list td.commitgraph .column5 { - color: var(--fg-light); -} - -div#cgit table.list td.commitgraph .column6 { - color: var(--fg-light); -} - -div#cgit table.list td.logsubject { - font-family: monospace; - font-weight: bold; -} - -div#cgit table.list td.logmsg { - font-family: monospace; - white-space: pre; - padding: 0 0.5em; -} - -div#cgit table.list td a { - color: var(--fg); -} - -div#cgit table.list td a.ls-dir { - font-weight: bold; - color: var(--less-dark); -} - -div#cgit table.list td a:hover { - text-decoration: none; - background: var(--bg); -} - -div#cgit img { - width: 100%; - border: none; -} - -div#cgit input#switch-btn { - margin: 2px 0px 0px 0px; -} - -div#cgit td#sidebar input.txt { - width: 100%; - margin: 2px 0px 0px 0px; -} - - -div#cgit input[type=submit], div#cgit input[type=search] { - display: none; -} - -div#cgit select { - border: 1px solid var(--fg); - font-family: serif; - background-color: var(--bg); - padding: 0.5em; -} - -div#cgit table#grid { - margin: 0px; -} - -div#cgit td#content { - vertical-align: top; - padding: 1em 2em 1em 1em; - border: none; -} - -div#cgit div#summary { - vertical-align: top; - margin-bottom: 1em; -} - -div#cgit table#downloads { - float: right; - border-collapse: collapse; - border: solid 1px #777; - margin-left: 0.5em; - margin-bottom: 0.5em; -} - -div#cgit table#downloads th { - background-color: #ccc; -} - -div#cgit div#blob { - border: solid 1px black; -} - -div#cgit div.error { - color: red; - font-weight: bold; - margin: 1em 2em; -} - -div#cgit a.ls-blob, div#cgit a.ls-dir, div#cgit .ls-mod { - font-family: monospace; -} - -div#cgit td.ls-size { - text-align: right; - font-family: monospace; - width: 10em; -} - -div#cgit td.ls-mode { - font-family: monospace; - width: 10em; -} - -div#cgit table.blob { - margin-top: 0.5em; - border-top: solid 1px black; -} - -div#cgit table.blob td.hashes, -div#cgit table.blob td.lines { - margin: 0; padding: 0 0 0 0.5em; - vertical-align: top; - color: black; -} - -div#cgit table.blob td.linenumbers { - margin: 0; padding: 0 0.5em 0 0.5em; - vertical-align: top; - text-align: right; - border-right: 1px solid var(--bg-light); -} - -div#cgit table.blob pre { - padding: 0; margin: 0; -} - -div#cgit table.blob td.linenumbers a, -div#cgit table.ssdiff td.lineno a { - color: #888; - text-align: right; - text-decoration: none; -} - -div#cgit table.blob td.linenumbers a:hover, -div#cgit table.ssdiff td.lineno a:hover { - color: var(--fg); -} - -div#cgit table.blame td.hashes, -div#cgit table.blame td.lines, -div#cgit table.blame td.linenumbers { - padding: 0; -} - -div#cgit table.blame td.hashes div.alt, -div#cgit table.blame td.lines div.alt { - padding: 0 0.5em 0 0.5em; -} - -div#cgit table.blame td.linenumbers div.alt { - padding: 0 0.5em 0 0; -} - -div#cgit table.blame div.alt:nth-child(even) { - background: #eee; -} - -div#cgit table.blame div.alt:nth-child(odd) { - background: white; -} - -div#cgit table.blame td.lines > div { - position: relative; -} - -div#cgit table.blame td.lines > div > pre { - padding: 0 0 0 0.5em; - position: absolute; - top: 0; -} - -div#cgit table.bin-blob { - margin-top: 0.5em; - border: solid 1px black; -} - -div#cgit table.bin-blob th { - font-family: monospace; - white-space: pre; - border: solid 1px #777; - padding: 0.5em 1em; -} - -div#cgit table.bin-blob td { - font-family: monospace; - white-space: pre; - border-left: solid 1px #777; - padding: 0em 1em; -} - -div#cgit table.nowrap td { - white-space: nowrap; -} - -div#cgit table.commit-info { - border-collapse: collapse; - margin-top: 1.5em; -} - -div#cgit div.cgit-panel { - float: right; - margin-top: 1.5em; -} - -div#cgit div.cgit-panel table { - border-collapse: collapse; - border: solid 1px #aaa; - background-color: #eee; -} - -div#cgit div.cgit-panel th { - text-align: center; -} - -div#cgit div.cgit-panel td { - padding: 0.25em 0.5em; -} - -div#cgit div.cgit-panel td.label { - padding-right: 0.5em; -} - -div#cgit div.cgit-panel td.ctrl { - padding-left: 0.5em; -} - -div#cgit table.commit-info th { - text-align: left; - font-weight: normal; - padding: 0.1em 1em 0.1em 0.1em; - vertical-align: top; -} - -div#cgit table.commit-info td { - font-weight: normal; - padding: 0.1em 1em 0.1em 0.1em; -} - -div#cgit div.commit-subject { - font-weight: bold; - font-size: 125%; - margin: 1.5em 0em 0.5em 0em; - padding: 0em; -} - -div#cgit div.commit-msg { - white-space: pre; - font-family: monospace; -} - -div#cgit div.notes-header { - font-weight: bold; - padding-top: 1.5em; -} - -div#cgit div.notes { - white-space: pre; - font-family: monospace; - border: solid 1px #ee9; - background-color: #ffd; - padding: 0.3em 2em 0.3em 1em; - float: left; -} - -div#cgit div.notes-footer { - clear: left; -} - -div#cgit div.diffstat-header { - font-weight: bold; - padding-top: 1.5em; -} - -div#cgit table.diffstat { - border-collapse: collapse; - border: solid 1px #aaa; - background-color: #eee; -} - -div#cgit table.diffstat th { - font-weight: normal; - text-align: left; - text-decoration: underline; - padding: 0.1em 1em 0.1em 0.1em; - font-size: 100%; -} - -div#cgit table.diffstat td { - padding: 0.2em 0.2em 0.1em 0.1em; - font-size: 100%; - border: none; -} - -div#cgit table.diffstat td.mode { - font: monospace; - white-space: nowrap; -} - -div#cgit table.diffstat td span.modechange { - padding-left: 1em; - color: red; -} - -div#cgit table.diffstat td.add a { - color: green; -} - -div#cgit table.diffstat td.del a { - color: red; -} - -div#cgit table.diffstat td.upd a { - color: var(--dark); -} - -div#cgit table.diffstat td.graph { - width: 500px; - vertical-align: middle; -} - -div#cgit table.diffstat td.graph table { - border: none; -} - -div#cgit table.diffstat td.graph td { - padding: 0px; - border: 0px; - height: 7pt; -} - -div#cgit table.diffstat td.graph td.add { - background-color: #5c5; -} - -div#cgit table.diffstat td.graph td.rem { - background-color: #c55; -} - -div#cgit div.diffstat-summary { - color: #888; - padding-top: 0.5em; -} - -div#cgit table.diff { - width: 100%; -} - -div#cgit table.diff td { - font-family: monospace; - white-space: pre; -} - -div#cgit table.diff td div.head { - font-weight: bold; - margin-top: 1em; - color: black; -} - -div#cgit table.diff td div.hunk { - color: #009; -} - -div#cgit table.diff td div.add { - color: green; -} - -div#cgit table.diff td div.del { - color: red; -} - -div#cgit .sha1 { - font-family: monospace; - font-size: 90%; -} - -div#cgit .left { - text-align: left; -} - -div#cgit .right { - text-align: right; -} - -div#cgit table.list td.reposection { - padding-top: 1.5rem; - padding-bottom: 0.5rem; - color: var(--fg-light); -} - -div#cgit table.list td.reposection::after { - content: " / "; - font-style: italic; - color: var(--fg-light); -} - - -div#cgit a.button { - font-size: 80%; - padding: 0em 0.5em; -} - -div#cgit a.primary { - font-size: 100%; -} - -div#cgit a.secondary { - font-size: 90%; -} - -div#cgit td.toplevel-repo { - -} - -div#cgit table.list td.sublevel-repo { - padding-left: 1.5em; -} - -div#cgit table.list td.sublevel-repo a:hover::after{ - content: " / "; - font-style: italic; - color: var(--fg-light); -} - -div#cgit ul.pager { - list-style-type: none; - text-align: center; - margin: 1em 0em 0em 0em; - padding: 0; -} - -div#cgit ul.pager li { - display: inline-block; - margin: 0.25em 0.5em; -} - -div#cgit ul.pager a { - color: #777; -} - -div#cgit ul.pager .current { - font-weight: bold; -} - -div#cgit span.age-mins { - font-weight: bold; - color: #000; -} - -div#cgit span.age-hours { - color: #000; -} - -div#cgit span.age-days { - color: #555; -} - -div#cgit span.age-weeks { - color: #aaa; -} - -div#cgit span.age-months { - color: #ccc; -} - -div#cgit span.age-years { - color: #eee; -} - -div#cgit span.insertions { - color: #080; -} - -div#cgit span.deletions { - color: #800; -} - -div#cgit div.footer { - margin-top: 0.5em; - text-align: center; - font-size: 80%; - color: #ccc; -} - -div#cgit div.footer a { - color: #ccc; - text-decoration: none; -} - -div#cgit div.footer a:hover { - text-decoration: underline; -} - -div#cgit a.branch-deco { - color: var(--less-dark) !important; - font-weight: bold; - margin: 0px 0.5em; - padding: 0px 0.25em; -} - -div#cgit a.tag-deco { - color: var(--less-dark) !important; - margin: 0px 0.5em; - padding: 0px 0.25em; - font-weight: bold; -} - -div#cgit a.tag-annotated-deco { - color: var(--less-dark) !important; - font-weight: bold; - margin: 0px 0.5em; - padding: 0px 0.25em; -} - -div#cgit a.remote-deco { - color: var(--less-dark) !important; - margin: 0px 0.5em; - padding: 0px 0.25em; - background-color: #ccccff; - border: solid 1px #000077; -} - -div#cgit a.deco { - color: var(--less-dark) !important; - font-weight: bold; - margin: 0px 0.5em; - padding: 0px 0.25em; -} - -div#cgit div.commit-subject a.branch-deco, -div#cgit div.commit-subject a.tag-deco, -div#cgit div.commit-subject a.tag-annotated-deco, -div#cgit div.commit-subject a.remote-deco, -div#cgit div.commit-subject a.deco { - margin-left: 1em; - font-size: 75%; -} - -div#cgit table.stats { - border: solid 1px black; - border-collapse: collapse; -} - -div#cgit table.stats th { - text-align: left; - padding: 1px 0.5em; - background-color: #eee; - border: solid 1px black; -} - -div#cgit table.stats td { - text-align: right; - padding: 1px 0.5em; - border: solid 1px black; -} - -div#cgit table.stats td.total { - font-weight: bold; - text-align: left; -} - -div#cgit table.stats td.sum { - color: #c00; - font-weight: bold; -/* background-color: #eee; */ -} - -div#cgit table.stats td.left { - text-align: left; -} - -div#cgit table.vgraph { - border-collapse: separate; - border: solid 1px black; - height: 200px; -} - -div#cgit table.vgraph th { - background-color: #eee; - font-weight: bold; - border: solid 1px white; - padding: 1px 0.5em; -} - -div#cgit table.vgraph td { - vertical-align: bottom; - padding: 0px 10px; -} - -div#cgit table.vgraph div.bar { - background-color: #eee; -} - -div#cgit table.hgraph { - border: solid 1px black; - width: 800px; -} - -div#cgit table.hgraph th { - background-color: #eee; - font-weight: bold; - border: solid 1px black; - padding: 1px 0.5em; -} - -div#cgit table.hgraph td { - vertical-align: middle; - padding: 2px 2px; -} - -div#cgit table.hgraph div.bar { - background-color: #eee; - height: 1em; -} - -div#cgit table.ssdiff { - width: 100%; -} - -div#cgit table.ssdiff td { - font-size: 75%; - font-family: monospace; - white-space: pre; - padding: 1px 4px 1px 4px; - border-left: solid 1px #aaa; - border-right: solid 1px #aaa; -} - -div#cgit table.ssdiff td.add { - color: black; - background: #cfc; - min-width: 50%; -} - -div#cgit table.ssdiff td.add_dark { - color: black; - background: #aca; - min-width: 50%; -} - -div#cgit table.ssdiff span.add { - background: #cfc; - font-weight: bold; -} - -div#cgit table.ssdiff td.del { - color: black; - background: #fcc; - min-width: 50%; -} - -div#cgit table.ssdiff td.del_dark { - color: black; - background: #caa; - min-width: 50%; -} - -div#cgit table.ssdiff span.del { - background: #fcc; - font-weight: bold; -} - -div#cgit table.ssdiff td.changed { - color: black; - background: #ffc; - min-width: 50%; -} - -div#cgit table.ssdiff td.changed_dark { - color: black; - background: #cca; - min-width: 50%; -} - -div#cgit table.ssdiff td.lineno { - color: black; - background: #eee; - text-align: right; - width: 3em; - min-width: 3em; -} - -div#cgit table.ssdiff td.hunk { - color: black; - background: var(--bg-light); - border-top: solid 1px #aaa; - border-bottom: solid 1px #aaa; -} - -div#cgit table.ssdiff td.head { - border-top: solid 1px #aaa; - border-bottom: solid 1px #aaa; -} - -div#cgit table.ssdiff td.head div.head { - font-weight: bold; - color: black; -} - -div#cgit table.ssdiff td.foot { - border-top: solid 1px #aaa; - border-left: none; - border-right: none; - border-bottom: none; -} - -div#cgit table.ssdiff td.space { - border: none; -} - -div#cgit table.ssdiff td.space div { - min-height: 3em; -} -
D apps/cgit/cgit-ui/readme

@@ -1,4 +0,0 @@

-icy's git forge ---------------- - -Send patches to x@icyphox.sh. Also see: https://github.com/icyphox.
D apps/cgit/cgit.yaml

@@ -1,74 +0,0 @@

-apiVersion: apps/v1 -kind: Deployment -metadata: - name: cgit - labels: - app: cgit -spec: - selector: - matchLabels: - app: cgit - template: - metadata: - labels: - app: cgit - spec: - nodeSelector: - kubernetes.io/hostname: "jade" - imagePullSecrets: - - name: registry-creds - securityContext: - fsGroup: 1002 - containers: - - name: cgit - image: reg.icyphox.sh/cgit - imagePullPolicy: IfNotPresent - volumeMounts: - - name: git - mountPath: "/home/git" - readOnly: false - - name: config - mountPath: "/etc/cgitrc" - subPath: "cgitrc" - readOnly: true - - name: nginx-config - mountPath: "/etc/nginx/conf.d/default.conf" - subPath: "default.conf" - readOnly: true - - name: cgit-ui - mountPath: "/usr/share/webapps/cgit/static" - readOnly: false - command: ["/bin/sh"] - args: - - -c - #- sed -i '/^#.*conf.d/s/^#//' /etc/nginx/nginx.conf && - - /usr/bin/spawn-fcgi -M 666 -s /run/fcgiwrap.socket /usr/bin/fcgiwrap && - /usr/sbin/nginx -g "daemon off;" - ports: - - name: http - containerPort: 80 - volumes: - - name: git - hostPath: - path: /home/git - - name: config - configMap: - name: cgit-config - - name: nginx-config - configMap: - name: cgit-nginx - - name: cgit-ui - persistentVolumeClaim: - claimName: cgit-ui ---- -apiVersion: v1 -kind: Service -metadata: - name: cgit -spec: - selector: - app: cgit - ports: - - name: http - port: 80 - targetPort: 80
D apps/cgit/cgitrc.yaml

@@ -1,64 +0,0 @@

-apiVersion: v1 -data: - cgitrc: | - virtual-root=/ - - ### FILTER - about-filter=/usr/lib/cgit/filters/about-formatting.sh - # source-filter=/usr/lib/cgit/filters/syntax-highlighting.sh - - ### IMAGES - css=/cgit.css - logo=/white.png - favicon=/favicon.png - - - ### SETTINGS - enable-http-clone=1 - enable-index-links=0 - enable-index-owner=0 - clone-url=https://git.icyphox.sh/$CGIT_REPO_URL - snapshots=tar.gz - - local-time=1 - root-title=icy's git forge - root-desc= - root-readme=/usr/share/webapps/cgit/static/readme - - ### MIME - mimetype.gif=image/gif - mimetype.html=text/html - mimetype.jpg=image/jpeg - mimetype.jpeg=image/jpeg - mimetype.pdf=application/pdf - mimetype.png=image/png - mimetype.svg=image/svg+xml - - ### LOG SETTINGS - side-by-side-diffs=1 - #enable-commit-graph=1 - enable-log-filecount=1 - enable-log-linecount=1 - - repository-sort=age - - ### COMMON README PATTERNS - readme=:README.md - readme=:readme.md - readme=:README.rst - readme=:readme.rst - readme=:README.txt - readme=:readme.txt - readme=:README - readme=:readme - - - ### FEATURED REPOS - #section-sort=0 - #include=/var/www/htdocs/cgit/repo-list - - # scan path always goes at the end for some reason - scan-path=/home/git -kind: ConfigMap -metadata: - name: cgit-config
D apps/cgit/default.conf.yaml

@@ -1,25 +0,0 @@

-apiVersion: v1 -data: - default.conf: | - server { - listen 80; - - location ~* ^.+\.(css|png|ico)$ { - root /usr/share/webapps/cgit/static; - add_header Last-Modified $date_gmt; - add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; - if_modified_since off; - expires off; - etag off; - } - - location / { - fastcgi_pass unix:/run/fcgiwrap.socket; - fastcgi_param SCRIPT_FILENAME /usr/share/webapps/cgit/cgit.cgi; - fastcgi_param PATH_INFO $uri; - fastcgi_param QUERY_STRING $args; - } - } -kind: ConfigMap -metadata: - name: cgit-nginx
D apps/cgit/ing.yaml

@@ -1,23 +0,0 @@

-apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - kubernetes.io/tls-acme: 'true' - cert-manager.io/issuer: "letsencrypt-prod" - name: cgit-ingress -spec: - tls: - - hosts: - - git.icyphox.sh - secretName: cgit-certs - rules: - - host: git.icyphox.sh - http: - paths: - - backend: - service: - name: cgit - port: - number: 80 - path: / - pathType: Prefix
D apps/cgit/pvc.yaml

@@ -1,10 +0,0 @@

-apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: cgit-ui -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 100Mi
D apps/fsrv/default.conf.yaml

@@ -1,14 +0,0 @@

-apiVersion: v1 -data: - default.conf: | - server { - listen 80; - root /uploads; - location = / { - default_type application/octet-stream; - try_files $uri =404; - } - } -kind: ConfigMap -metadata: - name: fsrv-nginx
M apps/fsrv/fsrv.yamlapps/fsrv/fsrv.yaml

@@ -13,13 +13,11 @@ metadata:

labels: app: fsrv spec: - imagePullSecrets: - - name: registry-creds nodeSelector: - arch: "amd64" + kubernetes.io/hostname: sini containers: - name: fsrv - image: reg.icyphox.sh/fsrv + image: sini:5000/fsrv:latest imagePullPolicy: IfNotPresent env: - name: FSRV_KEY

@@ -29,7 +27,7 @@ name: fsrv-key

key: key volumeMounts: - name: uploads - mountPath: "/uploads" + mountPath: /uploads readOnly: false ports: - name: http

@@ -37,29 +35,11 @@ containerPort: 9393

command: ["/bin/sh"] args: - -c - - /fsrv/fsrv -url https://x.icyphox.sh -key $FSRV_KEY -index /fsrv/index.html -storepath /uploads - - name: nginx - image: nginx - volumeMounts: - - name: uploads - mountPath: "/uploads" - readOnly: true - - name: nginx-config - mountPath: "/etc/nginx/conf.d/" - readOnly: true - ports: - - name: http - containerPort: 80 + - /fsrv -url https://x.icyphox.sh -key $FSRV_KEY -index /index.html -storepath /uploads volumes: - name: uploads - persistentVolumeClaim: - claimName: fsrv-uploads - - name: nginx-config - configMap: - name: fsrv-nginx - items: - - key: "default.conf" - path: "default.conf" + hostPath: + path: /var/lib/uploads --- apiVersion: v1 kind: Service

@@ -72,6 +52,3 @@ ports:

- name: fsrv-http port: 9393 targetPort: 9393 - - name: nginx-http - port: 80 - targetPort: 80
D apps/fsrv/ing.yaml

@@ -1,30 +0,0 @@

-apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - kubernetes.io/tls-acme: 'true' - cert-manager.io/issuer: "letsencrypt-prod" - name: fsrv-ingress -spec: - tls: - - hosts: - - x.icyphox.sh - secretName: fsrv-certs - rules: - - host: x.icyphox.sh - http: - paths: - - backend: - service: - name: fsrv - port: - number: 9393 - path: / - pathType: Exact - - path: / - pathType: Prefix - backend: - service: - name: fsrv - port: - number: 80
D apps/fsrv/pvc.yaml

@@ -1,10 +0,0 @@

-apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: fsrv-uploads -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 2Gi
A apps/legit/legit.yaml

@@ -0,0 +1,49 @@

+apiVersion: apps/v1 +kind: Deployment +metadata: + name: legit + labels: + app: legit +spec: + nodeSelector: + kubernetes.io/hostname: denna + selector: + matchLabels: + app: legit + replicas: 1 + strategy: + type: RollingUpdate + template: + metadata: + labels: + app: legit + spec: + containers: + - name: legit + image: sini:5000/legit:latest + ports: + - containerPort: 5555 + command: ["/bin/sh"] + args: + - -c + - /legit -config /config.yaml + volumeMounts: + - name: repos + mountPath: /var/www/git + readOnly: true + volumes: + - name: repos + hostPath: + path: /home/git +--- +apiVersion: v1 +kind: Service +metadata: + name: legit +spec: + selector: + app: legit + ports: + - name: legit-http + port: 5555 + targetPort: 5555
D apps/lms/ing.yaml

@@ -1,23 +0,0 @@

-apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - kubernetes.io/tls-acme: 'true' - cert-manager.io/issuer: "letsencrypt-prod" - name: lms-ingress -spec: - tls: - - hosts: - - m.icyphox.sh - secretName: lms-certs - rules: - - host: m.icyphox.sh - http: - paths: - - backend: - service: - name: lms - port: - number: 5082 - path: / - pathType: Prefix
D apps/lms/lms.conf.yaml

@@ -1,70 +0,0 @@

-apiVersion: v1 -data: - lms.conf: | - # LMS Sample configuration file - - # Path to the working directory - # Must have write privileges in order to create and modify this directory - working-dir = "/var/lms/"; - - # ffmpeg location - ffmpeg-file = "/usr/bin/ffmpeg"; - - # Log files, empty means stdout - log-file = ""; - access-log-file = ""; - # Logger configuration, see log-config in https://webtoolkit.eu/wt/doc/reference/html/overview.html#config_general - log-config = "* -debug -info:WebRequest"; - - # Listen port/addr of the web server - listen-port = 5082; - listen-addr = "0.0.0.0"; - behind-reverse-proxy = true; - - # If enabled, these files have to exist and have correct permissions - tls-enable = false; - tls-cert = "/var/lms/cert.pem"; - tls-key = "/var/lms/privkey.pem"; - tls-dh = "/var/lms/dh2048.pem"; - - # Path to the resources used by the web interface. - wt-resources = "/usr/share/Wt/resources"; - docroot = "/etc/lms/docroot/;/resources,/css,/images,/js,/favicon.ico"; - approot = "/usr/share/lms/approot"; - # Location for deployment (See README if you want to deploy on a non root path) - deploy-path = "/"; - - # Number of threads to be used to dispatch http requests (0 means auto detect) - http-server-thread-count = 0; - - # ListenBrainz root API - listenbrainz-api-url = "https://api.listenbrainz.org/1/"; - - # Acousticbrainz root API - acousticbrainz-api-url = "https://acousticbrainz.org/api/v1/"; - - # Authentication - # Available backends: "internal", "PAM", "http-headers" - authentication-backend = "internal"; - http-headers-login-field = "X-Forwarded-User"; - - # Max entries in the login throttler (1 entry per IP address. For IPv6, the whole /64 block is used) - login-throttler-max-entries = 10000; - - # API - api-subsonic = true; - - # Turn on this option to allow the demo account creation/use - demo = false; - - # Max external cover file size in MBytes - cover-max-file-size = 10; - - # Max cover cache size in MBytes - cover-max-cache-size = 30; - - # JPEG quality for covers (range is 1-100) - cover-jpeg-quality = 100; -kind: ConfigMap -metadata: - name: lms-config
D apps/lms/lms.yaml

@@ -1,71 +0,0 @@

-apiVersion: apps/v1 -kind: Deployment -metadata: - name: lms - labels: - app: lms -spec: - selector: - matchLabels: - app: lms - template: - metadata: - labels: - app: lms - spec: - nodeSelector: - kubernetes.io/hostname: "jade" - imagePullSecrets: - - name: registry-creds - securityContext: - fsGroup: 100 - containers: - - name: lms - image: epoupon/lms - imagePullPolicy: IfNotPresent - volumeMounts: - - name: music - mountPath: "/music" - readOnly: false - - name: config - mountPath: "/config" - readOnly: false - - name: lms-persist - mountPath: "/var/lms" - readOnly: false - - name: lms-ui - mountPath: "/etc/lms/docroot" - readOnly: false - command: ["/usr/bin/lms", "/config/lms.conf"] - ports: - - name: http - containerPort: 5082 - volumes: - - name: music - hostPath: - path: /mnt/music - type: Directory - - name: lms-ui - persistentVolumeClaim: - claimName: lms-ui - - name: lms-persist - persistentVolumeClaim: - claimName: lms-persist - - name: config - configMap: - name: lms-config - items: - - key: "lms.conf" - path: "lms.conf" ---- -apiVersion: v1 -kind: Service -metadata: - name: lms -spec: - selector: - app: lms - ports: - - name: http - port: 5082 - targetPort: 5082
D apps/lms/pvc.yaml

@@ -1,21 +0,0 @@

-apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: lms-persist -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: lms-ui -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 50Mi
D apps/pleroma/Dockerfile

@@ -1,31 +0,0 @@

-FROM elixir:1.11.4-alpine - -ENV UID=911 GID=911 \ - MIX_ENV=prod - -ARG PLEROMA_VER=develop - -RUN apk -U upgrade \ - && apk add --no-cache \ - build-base \ - cmake \ - git \ - file-dev - -RUN addgroup -g ${GID} pleroma \ - && adduser -h /pleroma -s /bin/sh -D -G pleroma -u ${UID} pleroma - -USER pleroma -WORKDIR /pleroma - -RUN git clone -b develop https://git.pleroma.social/pleroma/pleroma.git /pleroma \ - && git checkout ${PLEROMA_VER} - -COPY config/secret.exs /pleroma/config/prod.secret.exs - -RUN mix local.rebar --force \ - && mix local.hex --force \ - && mix deps.get \ - && mix compile - -CMD ["mix", "phx.server"]
D apps/registry/auth.yaml

@@ -1,7 +0,0 @@

-apiVersion: v1 -data: - htpasswd: aWN5OiQyeSQwNSRtT28ud2ZnbXhKUFpTek1kL1hYUDhPUm5FSTY2UGdyb05OVTJIUUdEcy43eE9lVXRCVlpXaQoK -kind: Secret -metadata: - creationTimestamp: null - name: registry-auth
D apps/registry/ing.yaml

@@ -1,26 +0,0 @@

-apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/proxy-body-size: "0" - nginx.ingress.kubernetes.io/proxy-read-timeout: "600" - nginx.ingress.kubernetes.io/proxy-send-timeout: "600" - kubernetes.io/tls-acme: 'true' - cert-manager.io/issuer: "letsencrypt-prod" - name: registry-ingress -spec: - tls: - - hosts: - - reg.icyphox.sh - secretName: registry-certs - rules: - - host: reg.icyphox.sh - http: - paths: - - backend: - service: - name: registry - port: - number: 5000 - path: / - pathType: Prefix
D apps/registry/pvc.yaml

@@ -1,10 +0,0 @@

-apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: registry-repo -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi
D apps/registry/readme

@@ -1,6 +0,0 @@

-registry --------- - -Container registry. - -· auth.yaml: secret for htpasswd auth
D apps/registry/registry.yaml

@@ -1,55 +0,0 @@

-apiVersion: apps/v1 -kind: Deployment -metadata: - name: registry - labels: - app: registry -spec: - selector: - matchLabels: - app: registry - template: - metadata: - labels: - app: registry - spec: - nodeSelector: - arch: "amd64" - containers: - - name: registry - image: registry - volumeMounts: - - name: repo - mountPath: "/var/lib/registry" - - name: auth - mountPath: "/auth" - readOnly: true - env: - - name: REGISTRY_AUTH - value: "htpasswd" - - name: REGISTRY_AUTH_HTPASSWD_REALM - value: "Registry Realm" - - name: REGISTRY_AUTH_HTPASSWD_PATH - value: "/auth/htpasswd" - ports: - - name: http - containerPort: 5000 - volumes: - - name: repo - persistentVolumeClaim: - claimName: registry-repo - - name: auth - secret: - secretName: registry-auth ---- -apiVersion: v1 -kind: Service -metadata: - name: registry -spec: - selector: - app: registry - ports: - - name: http - port: 5000 - targetPort: 5000
D apps/znc/pvc.yaml

@@ -1,10 +0,0 @@

-apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: znc-config-dir -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 100Mi
D apps/znc/znc.yaml

@@ -1,47 +0,0 @@

-apiVersion: apps/v1 -kind: Deployment -metadata: - name: znc - labels: - app: znc -spec: - selector: - matchLabels: - app: znc - template: - metadata: - labels: - app: znc - spec: - nodeSelector: - arch: "amd64" - imagePullSecrets: - - name: registry-creds - containers: - - name: znc - image: znc:slim - imagePullPolicy: IfNotPresent - volumeMounts: - - name: config - mountPath: "/znc-data" - readOnly: false - ports: - - name: irc - containerPort: 6666 - volumes: - - name: config - persistentVolumeClaim: - claimName: znc-config-dir ---- -apiVersion: v1 -kind: Service -metadata: - name: znc -spec: - type: LoadBalancer - selector: - app: znc - ports: - - name: irc - port: 6666 - targetPort: 6666
D deck/1-intro.txt

@@ -1,12 +0,0 @@

-${BLD}MY HOMELAB SETUP${RST} - -Running a multi-arch Kubernetes cluster, at home. - - - - )\`.). - )\`\`)\`\`) .~~ - ).-'.-')|) - |-).-).-'_'-/ -${BLU}~~~${RST}\ \`o-o-o' /${BLU}~~~~~~~~~~~~~~~~~${RST} -${BLU} ~~~${RST}'---.____/${BLU}~~~~~~~~~~~~~~~~~${RST}
D deck/2-motivation.txt

@@ -1,9 +0,0 @@

-${BLD}MOTIVATION${RST} - -· I self-host a lot of things -· Terrible process management - - ${GRN}\$${RST} nohup foo --bar & - -· Hard to keep track -· Too manual
D deck/3-nodes.txt

@@ -1,7 +0,0 @@

-${BLD}NODES${RST} - -3 nodes: - -· fern: Raspberry Pi 4B (armhf) -· jade: Oracle VM (amd64) -· leaf: Oracle VM (amd64)
D deck/4-wireguard.txt

@@ -1,17 +0,0 @@

-${BLD}WIREGUARD MESH${RST} - - -+-----------+ +-----------+ -| ${GRN}jade${RST} | <-----------> | ${GRN}leaf${RST} | -|192.168.4.3| |192.168.4.1| -+-----------+ +-----------+ - ^ ^ - \ / - \ / - \ / -------------------------------------------- ${ITA}CG-NAT${RST} - \ / - \ +-----------+ / - -> | ${GRN}fern${RST} | <- - |192.168.4.2| - +-----------+
D flannel/readme

@@ -1,7 +0,0 @@

-flannel -------- - - wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml - -Edit container args; add '--iface=wg0' to use the Wireguard LAN -interface.
D kube-system/readme

@@ -1,20 +0,0 @@

-kube-system ------------ - - -KUBELET - -Set KUBELET_EXTRA_ARGS=--node-ip=192.168.4.X --resolv-conf=/run/systemd/resolve/resolv.conf - [ this part only on Ubuntu hosts] - -Run - sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy - sudo update-alternatives --set iptables /usr/sbin/iptables-legacy - -to switch to iptables. Uses nftables otherwise, which isn't suported. - - -KUBE-CONTROLLER-MANAGER / KUBE-SCHEDULER - -Set '--leader-elect=false' in their manifests at -/etc/kubernetes/manifests.