meissa/c4k-taiga
6
0
Fork 0
Code Issues Pull requests Projects Releases 2 Packages Wiki Activity

Add ingress and postgres conf

Browse source
This commit is contained in:
erik 2023-08-16 14:31:46 +02:00
parent e7bede080c
commit 9ffadb6422
9 changed files with 162 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
src/main/resources/taiga/ingress/certificate.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: c4k-common-cert
labels:
app.kubernetes.part-of: c4k-common-app
namespace: default
spec:
secretName: c4k-common-cert
commonName: FQDN
duration: 2160h # 90d
renewBefore: 720h # 30d
dnsNames:
- FQDN
issuerRef:
name: staging
kind: ClusterIssuer

10
src/main/resources/taiga/ingress/host-rule.yaml Normal file
View file

@ -0,0 +1,10 @@
host: FQDN
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: SERVICE_NAME
port:
number: SERVICE_PORT

27
src/main/resources/taiga/ingress/ingress.yaml Normal file
View file

@ -0,0 +1,27 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: c4k-common-https-ingress
namespace: default
labels:
app.kubernetes.part-of: c4k-common-app
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: web, websecure
traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
metallb.universe.tf/address-pool: public
spec:
tls:
- hosts:
- FQDN
secretName: c4k-common-cert
rules:
- host: FQDN
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: SERVICE_NAME
port:
number: 80

12
src/main/resources/taiga/postgres/config-8gb.yaml Normal file
View file

@ -0,0 +1,12 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: postgres-config
labels:
app: postgres
data:
postgres-db: postgres
postgresql.conf: |
max_connections = 700
work_mem = 3MB
shared_buffers = 2048MB

51
src/main/resources/taiga/postgres/deployment.yaml Normal file
View file

@ -0,0 +1,51 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgresql
spec:
selector:
matchLabels:
app: postgresql
strategy:
type: Recreate
template:
metadata:
labels:
app: postgresql
spec:
containers:
- image: postgres
name: postgresql
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: postgres-secret
key: postgres-user
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-secret
key: postgres-password
- name: POSTGRES_DB
valueFrom:
configMapKeyRef:
name: postgres-config
key: postgres-db
ports:
- containerPort: 5432
name: postgresql
volumeMounts:
- name: postgres-config-volume
mountPath: /etc/postgresql/postgresql.conf
subPath: postgresql.conf
readOnly: true
- name: postgre-data-volume
mountPath: /var/lib/postgresql/data
volumes:
- name: postgres-config-volume
configMap:
name: postgres-config
- name: postgre-data-volume
persistentVolumeClaim:
claimName: postgres-claim

14
src/main/resources/taiga/postgres/persistent-volume.yaml Normal file
View file

@ -0,0 +1,14 @@
kind: PersistentVolume
apiVersion: v1
metadata:
name: postgres-pv-volume
labels:
type: local
spec:
storageClassName: manual
accessModes:
- ReadWriteOnce
capacity:
storage: 10Gi
hostPath:
path: "/var/postgres"

13
src/main/resources/taiga/postgres/pvc.yaml Normal file
View file

@ -0,0 +1,13 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-claim
labels:
app: postgres
spec:
storageClassName: REPLACEME
accessModes:
- ReadWriteOnce
resources:
requests:
storage: REPLACEME

8
src/main/resources/taiga/postgres/secret.yaml Normal file
View file

@ -0,0 +1,8 @@
apiVersion: v1
kind: Secret
metadata:
name: postgres-secret
type: Opaque
data:
postgres-user: "psql-user"
postgres-password: "psql-pw"

9
src/main/resources/taiga/postgres/service.yaml Normal file
View file

@ -0,0 +1,9 @@
apiVersion: v1
kind: Service
metadata:
name: postgresql-service
spec:
selector:
app: postgresql
ports:
- port: 5432