Browse Source

add prosody deploy files

master
sseneca 2 years ago
parent
commit
889d7299f4
  1. 15
      prosody/certificate.yaml
  2. 53
      prosody/deployment.yaml
  3. 5
      prosody/namespace.yaml
  4. 15
      prosody/postgresql-secrets.yaml
  5. 34
      prosody/postgresql.yaml
  6. 15
      prosody/prosody-secrets.yaml
  7. 18
      prosody/service.yaml
  8. 35
      prosody/storage-db.yaml
  9. 35
      prosody/storage-media.yaml

15
prosody/certificate.yaml

@ -0,0 +1,15 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: prosody-tls-cert
namespace: prosody
labels:
"use-dns-solver": "true"
spec:
secretName: prosody-tls-cert
dnsNames:
- ssene.ca
issuerRef:
group: cert-manager.io
kind: ClusterIssuer
name: letsencrypt-prod

53
prosody/deployment.yaml

@ -0,0 +1,53 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: prosody
namespace: prosody
labels:
app: prosody
spec:
replicas: 1
selector:
matchLabels:
app: prosody
strategy:
type: Recreate
template:
metadata:
labels:
app: prosody
spec:
containers:
- image: prosody/prosody:0.11.8
name: prosody
ports:
- containerPort: 5222
name: c2s
- containerPort: 5269
name: s2s
volumeMounts:
- mountPath: /etc/prosody
name: configuration
readOnly: true
- mountPath: /var/lib/prosody
name: data
- mountPath: /etc/prosody/certs
name: cert
readOnly: true
restartPolicy: Always
volumes:
- name: configuration
secret:
secretName: configuration-secrets
- name: data
persistentVolumeClaim:
claimName: prosody-media
- name: cert
secret:
secretName: prosody-tls-cert
items:
- key: tls.crt
path: ssene.ca.crt
- key: tls.key
path: ssene.ca.key
status: {}

5
prosody/namespace.yaml

@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: prosody

15
prosody/postgresql-secrets.yaml

@ -0,0 +1,15 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: postgresql-credentials
namespace: prosody
spec:
encryptedData:
values.yaml: AgCWMO27Lgliw5tMz36KyKZpwQ5nXBqOOBl7oEuiM0+PCHQ14rq4inXntz+MBKA5LtNzOb2xAQgMV/5FMzSjw0eWEk0m8lFD/y6pf+o0YuNMoa1qO8P5OuqeXnENvT+yDQtenD/+JEvhNn/cm1ilRVsLLpPIIy+4zu16aLPCpW3KgykcucxH0n3OMufZDSdgNllOUzzrvs0GVjC8PuPRzvcgjt5ODXAlKV9jck3p7qNmzSBmUkxYIGKK3PWiDeSg33mbmIgUqHu/kHQ1INC6FtpZ51CGoDl1gLxDPnyyGiRg1I/2Vr7J+X5XF5cbxVNSeuLCgvhinzSDklpQv2JNpO0D7Akl61CRmyH68YAJPabQ+w/qRg/Cq1OQ1guJmGm5Sn3hbhKUX1dMJGn6jKSkBQjbMoQBrOzePPUvR/ScVcLV0cdf2HKkKBXS2p7Zj3z3IYigQ3Ne9J0V3zyByRoAHq42NF1kAUrAqrLwB7DGcs/4AVlQUK+H1B4f2MwMC0jeAX/kQ4wTDUvroW9OKVEndd6qLtV5Yh7RPGXuWFRFpqpeXUjS0GUyjRdL47gtKLtejQS0emFBKEGL5ieKPZnlM4egbA+cbpNb0CJm9jzbVOFlFTjbzBy10Qk61VDsx1/V2XJFi0zLiZHHMmzIC/UplysXlNfWdkqVDcAwAmInxBvRojwMMH9G0XJ8NbSQq95QEwyKRlWqh/rG6Fu2G10GGzMm6//DMN9Lnq0OHGzMd9k8f4M60/gyRxTE1yMsfLiiOITY04aBYG0uGpWYMl7wyWJJB3GVxpnGKbNBJmHhyWBxfnsyFawn0b00vNjuvPG1uKCImu6/Bw==
template:
metadata:
creationTimestamp: null
name: postgresql-credentials
namespace: prosody

34
prosody/postgresql.yaml

@ -0,0 +1,34 @@
---
apiVersion: helm.fluxcd.io/v1
kind: HelmRelease
metadata:
name: postgresql
namespace: prosody
annotations:
fluxcd.io/automated: "true"
fluxcd.io/tag.chart-image: semver:~13.1
spec:
test:
enable: true
rollback:
enable: true
retry: true
chart:
repository: https://charts.bitnami.com/bitnami
name: postgresql
version: 10.3.6
valuesFrom:
- secretKeyRef:
name: postgresql-credentials
values:
image:
repository: bitnami/postgresql
tag: 13.1.0
persistence:
existingClaim: database-prosody
volumePermissions:
enabled: true
psp:
create: true
rbac:
create: true

15
prosody/prosody-secrets.yaml

File diff suppressed because one or more lines are too long

18
prosody/service.yaml

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: prosody
namespace: prosody
spec:
ports:
- name: c2s
port: 5222
targetPort: 5222
- name: s2s
port: 5269
targetPort: 5269
type: LoadBalancer
selector:
app: prosody
status:
loadBalancer: {}

35
prosody/storage-db.yaml

@ -0,0 +1,35 @@
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: database-prosody
spec:
storageClassName: local-path
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
local:
path: /var/lib/databases/prosody
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- sserver
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: database-prosody
namespace: prosody
spec:
storageClassName: local-path
volumeName: database-prosody
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi

35
prosody/storage-media.yaml

@ -0,0 +1,35 @@
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: prosody-media
spec:
storageClassName: local-path
capacity:
storage: 5Gi
accessModes:
- ReadWriteOnce
local:
path: /srv/smb/media/prosody-media
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- sserver
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: prosody-media
namespace: prosody
spec:
storageClassName: local-path
volumeName: prosody-media
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
Loading…
Cancel
Save