mirror of https://github.com/sseneca/k8s-server
9 changed files with 225 additions and 0 deletions
@ -0,0 +1,15 @@
|
||||
apiVersion: cert-manager.io/v1 |
||||
kind: Certificate |
||||
metadata: |
||||
name: prosody-tls-cert |
||||
namespace: prosody |
||||
labels: |
||||
"use-dns-solver": "true" |
||||
spec: |
||||
secretName: prosody-tls-cert |
||||
dnsNames: |
||||
- ssene.ca |
||||
issuerRef: |
||||
group: cert-manager.io |
||||
kind: ClusterIssuer |
||||
name: letsencrypt-prod |
@ -0,0 +1,53 @@
|
||||
apiVersion: apps/v1 |
||||
kind: Deployment |
||||
metadata: |
||||
name: prosody |
||||
namespace: prosody |
||||
labels: |
||||
app: prosody |
||||
spec: |
||||
replicas: 1 |
||||
selector: |
||||
matchLabels: |
||||
app: prosody |
||||
strategy: |
||||
type: Recreate |
||||
template: |
||||
metadata: |
||||
labels: |
||||
app: prosody |
||||
spec: |
||||
containers: |
||||
- image: prosody/prosody:0.11.8 |
||||
name: prosody |
||||
ports: |
||||
- containerPort: 5222 |
||||
name: c2s |
||||
- containerPort: 5269 |
||||
name: s2s |
||||
volumeMounts: |
||||
- mountPath: /etc/prosody |
||||
name: configuration |
||||
readOnly: true |
||||
- mountPath: /var/lib/prosody |
||||
name: data |
||||
- mountPath: /etc/prosody/certs |
||||
name: cert |
||||
readOnly: true |
||||
restartPolicy: Always |
||||
volumes: |
||||
- name: configuration |
||||
secret: |
||||
secretName: configuration-secrets |
||||
- name: data |
||||
persistentVolumeClaim: |
||||
claimName: prosody-media |
||||
- name: cert |
||||
secret: |
||||
secretName: prosody-tls-cert |
||||
items: |
||||
- key: tls.crt |
||||
path: ssene.ca.crt |
||||
- key: tls.key |
||||
path: ssene.ca.key |
||||
status: {} |
@ -0,0 +1,5 @@
|
||||
--- |
||||
apiVersion: v1 |
||||
kind: Namespace |
||||
metadata: |
||||
name: prosody |
@ -0,0 +1,15 @@
|
||||
apiVersion: bitnami.com/v1alpha1 |
||||
kind: SealedSecret |
||||
metadata: |
||||
creationTimestamp: null |
||||
name: postgresql-credentials |
||||
namespace: prosody |
||||
spec: |
||||
encryptedData: |
||||
values.yaml: AgCWMO27Lgliw5tMz36KyKZpwQ5nXBqOOBl7oEuiM0+PCHQ14rq4inXntz+MBKA5LtNzOb2xAQgMV/5FMzSjw0eWEk0m8lFD/y6pf+o0YuNMoa1qO8P5OuqeXnENvT+yDQtenD/+JEvhNn/cm1ilRVsLLpPIIy+4zu16aLPCpW3KgykcucxH0n3OMufZDSdgNllOUzzrvs0GVjC8PuPRzvcgjt5ODXAlKV9jck3p7qNmzSBmUkxYIGKK3PWiDeSg33mbmIgUqHu/kHQ1INC6FtpZ51CGoDl1gLxDPnyyGiRg1I/2Vr7J+X5XF5cbxVNSeuLCgvhinzSDklpQv2JNpO0D7Akl61CRmyH68YAJPabQ+w/qRg/Cq1OQ1guJmGm5Sn3hbhKUX1dMJGn6jKSkBQjbMoQBrOzePPUvR/ScVcLV0cdf2HKkKBXS2p7Zj3z3IYigQ3Ne9J0V3zyByRoAHq42NF1kAUrAqrLwB7DGcs/4AVlQUK+H1B4f2MwMC0jeAX/kQ4wTDUvroW9OKVEndd6qLtV5Yh7RPGXuWFRFpqpeXUjS0GUyjRdL47gtKLtejQS0emFBKEGL5ieKPZnlM4egbA+cbpNb0CJm9jzbVOFlFTjbzBy10Qk61VDsx1/V2XJFi0zLiZHHMmzIC/UplysXlNfWdkqVDcAwAmInxBvRojwMMH9G0XJ8NbSQq95QEwyKRlWqh/rG6Fu2G10GGzMm6//DMN9Lnq0OHGzMd9k8f4M60/gyRxTE1yMsfLiiOITY04aBYG0uGpWYMl7wyWJJB3GVxpnGKbNBJmHhyWBxfnsyFawn0b00vNjuvPG1uKCImu6/Bw== |
||||
template: |
||||
metadata: |
||||
creationTimestamp: null |
||||
name: postgresql-credentials |
||||
namespace: prosody |
||||
|
@ -0,0 +1,34 @@
|
||||
--- |
||||
apiVersion: helm.fluxcd.io/v1 |
||||
kind: HelmRelease |
||||
metadata: |
||||
name: postgresql |
||||
namespace: prosody |
||||
annotations: |
||||
fluxcd.io/automated: "true" |
||||
fluxcd.io/tag.chart-image: semver:~13.1 |
||||
spec: |
||||
test: |
||||
enable: true |
||||
rollback: |
||||
enable: true |
||||
retry: true |
||||
chart: |
||||
repository: https://charts.bitnami.com/bitnami |
||||
name: postgresql |
||||
version: 10.3.6 |
||||
valuesFrom: |
||||
- secretKeyRef: |
||||
name: postgresql-credentials |
||||
values: |
||||
image: |
||||
repository: bitnami/postgresql |
||||
tag: 13.1.0 |
||||
persistence: |
||||
existingClaim: database-prosody |
||||
volumePermissions: |
||||
enabled: true |
||||
psp: |
||||
create: true |
||||
rbac: |
||||
create: true |
File diff suppressed because one or more lines are too long
@ -0,0 +1,18 @@
|
||||
apiVersion: v1 |
||||
kind: Service |
||||
metadata: |
||||
name: prosody |
||||
namespace: prosody |
||||
spec: |
||||
ports: |
||||
- name: c2s |
||||
port: 5222 |
||||
targetPort: 5222 |
||||
- name: s2s |
||||
port: 5269 |
||||
targetPort: 5269 |
||||
type: LoadBalancer |
||||
selector: |
||||
app: prosody |
||||
status: |
||||
loadBalancer: {} |
@ -0,0 +1,35 @@
|
||||
--- |
||||
apiVersion: v1 |
||||
kind: PersistentVolume |
||||
metadata: |
||||
name: database-prosody |
||||
spec: |
||||
storageClassName: local-path |
||||
capacity: |
||||
storage: 10Gi |
||||
accessModes: |
||||
- ReadWriteOnce |
||||
local: |
||||
path: /var/lib/databases/prosody |
||||
nodeAffinity: |
||||
required: |
||||
nodeSelectorTerms: |
||||
- matchExpressions: |
||||
- key: kubernetes.io/hostname |
||||
operator: In |
||||
values: |
||||
- sserver |
||||
--- |
||||
apiVersion: v1 |
||||
kind: PersistentVolumeClaim |
||||
metadata: |
||||
name: database-prosody |
||||
namespace: prosody |
||||
spec: |
||||
storageClassName: local-path |
||||
volumeName: database-prosody |
||||
accessModes: |
||||
- ReadWriteOnce |
||||
resources: |
||||
requests: |
||||
storage: 10Gi |
@ -0,0 +1,35 @@
|
||||
--- |
||||
apiVersion: v1 |
||||
kind: PersistentVolume |
||||
metadata: |
||||
name: prosody-media |
||||
spec: |
||||
storageClassName: local-path |
||||
capacity: |
||||
storage: 5Gi |
||||
accessModes: |
||||
- ReadWriteOnce |
||||
local: |
||||
path: /srv/smb/media/prosody-media |
||||
nodeAffinity: |
||||
required: |
||||
nodeSelectorTerms: |
||||
- matchExpressions: |
||||
- key: kubernetes.io/hostname |
||||
operator: In |
||||
values: |
||||
- sserver |
||||
--- |
||||
apiVersion: v1 |
||||
kind: PersistentVolumeClaim |
||||
metadata: |
||||
name: prosody-media |
||||
namespace: prosody |
||||
spec: |
||||
storageClassName: local-path |
||||
volumeName: prosody-media |
||||
accessModes: |
||||
- ReadWriteOnce |
||||
resources: |
||||
requests: |
||||
storage: 5Gi |
Loading…
Reference in new issue